syzbot

 sign-in | mailing list | source | docs
🐞 Open [977] Subsystems 🐞 Fixed [5208] 🐞 Invalid [12460] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __percpu_ref_switch_mode / blk_queue_enter

Status: auto-closed as invalid on 2020/02/16 07:46
Subsystems: block
[Documentation on labels]
First crash: 1591d, last: 1591d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __percpu_ref_switch_mode / blk_queue_enter

read to 0xffff888129d41940 of 8 bytes by task 19458 on cpu 1:
 percpu_ref_tryget_live include/linux/percpu-refcount.h:265 [inline]
 blk_queue_enter+0x314/0x610 block/blk-core.c:408
 generic_make_request block/blk-core.c:1058 [inline]
 generic_make_request+0x121/0x740 block/blk-core.c:1006
 submit_bio+0x96/0x3c0 block/blk-core.c:1190
 mpage_bio_submit fs/mpage.c:66 [inline]
 mpage_readpages+0x36c/0x3c0 fs/mpage.c:410
 blkdev_readpages+0x36/0x50 fs/block_dev.c:620
 read_pages+0xa2/0x2d0 mm/readahead.c:126
 __do_page_cache_readahead+0x353/0x390 mm/readahead.c:212
 force_page_cache_readahead+0x13a/0x1f0 mm/readahead.c:243
 page_cache_sync_readahead+0x1cf/0x1e0 mm/readahead.c:522
 generic_file_buffered_read mm/filemap.c:2051 [inline]
 generic_file_read_iter+0xeb6/0x1440 mm/filemap.c:2324
 blkdev_read_iter+0xb2/0xe0 fs/block_dev.c:2010
 call_read_iter include/linux/fs.h:1889 [inline]
 new_sync_read+0x389/0x4f0 fs/read_write.c:414
 __vfs_read+0xb1/0xc0 fs/read_write.c:427
 vfs_read fs/read_write.c:461 [inline]
 vfs_read+0x143/0x2c0 fs/read_write.c:446
 ksys_read+0xd5/0x1b0 fs/read_write.c:587
 __do_sys_read fs/read_write.c:597 [inline]
 __se_sys_read fs/read_write.c:595 [inline]
 __x64_sys_read+0x4c/0x60 fs/read_write.c:595
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff888129d41940 of 8 bytes by task 19456 on cpu 0:
 __percpu_ref_switch_to_atomic lib/percpu-refcount.c:182 [inline]
 __percpu_ref_switch_mode+0x14e/0x3b0 lib/percpu-refcount.c:236
 percpu_ref_kill_and_confirm+0x91/0x210 lib/percpu-refcount.c:349
 percpu_ref_kill include/linux/percpu-refcount.h:136 [inline]
 blk_freeze_queue_start+0x9c/0xd0 block/blk-mq.c:150
 blk_freeze_queue block/blk-mq.c:188 [inline]
 blk_mq_freeze_queue+0x1f/0x30 block/blk-mq.c:198
 loop_set_status+0x241/0xb30 drivers/block/loop.c:1261
 loop_set_status64+0x6d/0xb0 drivers/block/loop.c:1463
 lo_ioctl+0x30b/0xc80 drivers/block/loop.c:1606
 __blkdev_driver_ioctl block/ioctl.c:304 [inline]
 blkdev_ioctl+0x979/0x1160 block/ioctl.c:606
 block_ioctl+0x95/0xc0 fs/block_dev.c:1954
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:509 [inline]
 do_vfs_ioctl+0x991/0xc60 fs/ioctl.c:696
 ksys_ioctl+0xbd/0xe0 fs/ioctl.c:713
 __do_sys_ioctl fs/ioctl.c:720 [inline]
 __se_sys_ioctl fs/ioctl.c:718 [inline]
 __x64_sys_ioctl+0x4c/0x60 fs/ioctl.c:718
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 19456 Comm: syz-executor.4 Not tainted 5.4.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/12/08 07:44 https://github.com/google/ktsan.git kcsan ef798c30ba4e 1508f453 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.