syzbot

 sign-in | mailing list | source | docs
🐞 Open [1651]
Subsystems
🐞 Fixed [6000]
🐞 Invalid [14793]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in wb_timer_fn / wbt_wait

Status: auto-closed as invalid on 2020/08/03 14:15
Subsystems: block
[Documentation on labels]
First crash: 1673d, last: 1673d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in wb_timer_fn / wbt_wait (5) block 1 1400d 1400d 0/28 auto-closed as invalid on 2021/05/17 09:11
upstream KCSAN: data-race in wb_timer_fn / wbt_wait (2) block 8 1529d 1512d 0/28 auto-closed as invalid on 2020/12/25 09:31
upstream KCSAN: data-race in wb_timer_fn / wbt_wait (3) block 2 1475d 1489d 0/28 auto-closed as invalid on 2021/02/18 01:51
upstream KCSAN: data-race in wb_timer_fn / wbt_wait (4) block 1 1436d 1436d 0/28 auto-closed as invalid on 2021/03/28 18:43

Sample crash report:
==================================================================
BUG: KCSAN: data-race in wb_timer_fn / wbt_wait

write to 0xffff888128f54704 of 4 bytes by interrupt on cpu 0:
 calc_wb_limits block/blk-wbt.c:304 [inline]
 scale_up block/blk-wbt.c:313 [inline]
 wb_timer_fn+0x42d/0xa30 block/blk-wbt.c:382
 blk_stat_timer_fn+0x3f4/0x410 block/blk-stat.c:99
 call_timer_fn+0x30/0x2a0 kernel/time/timer.c:1404
 expire_timers+0x116/0x290 kernel/time/timer.c:1449
 __run_timers+0x443/0x500 kernel/time/timer.c:1773
 run_timer_softirq+0x2e/0x60 kernel/time/timer.c:1786
 __do_softirq+0x198/0x360 kernel/softirq.c:292
 asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:711
 __run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline]
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline]
 do_softirq_own_stack+0x5d/0x80 arch/x86/kernel/irq_64.c:77
 invoke_softirq kernel/softirq.c:387 [inline]
 __irq_exit_rcu+0x115/0x120 kernel/softirq.c:417
 sysvec_apic_timer_interrupt+0xba/0xd0 arch/x86/kernel/apic/apic.c:1091
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:596
 arch_local_irq_restore arch/x86/include/asm/paravirt.h:765 [inline]
 kcsan_setup_watchpoint+0x47c/0x4d0 kernel/kcsan/core.c:542
 blk_bio_segment_split block/blk-merge.c:255 [inline]
 __blk_queue_split+0x5dd/0xc70 block/blk-merge.c:331
 blk_mq_make_request+0xbb/0x1070 block/blk-mq.c:2038
 do_make_request block/blk-core.c:1084 [inline]
 generic_make_request+0x240/0x5d0 block/blk-core.c:1156
 submit_bio+0x200/0x370 block/blk-core.c:1275
 iomap_dio_submit_bio fs/iomap/direct-io.c:75 [inline]
 iomap_dio_bio_actor+0x89d/0xad0 fs/iomap/direct-io.c:310
 iomap_dio_actor+0x1ec/0x340 fs/iomap/direct-io.c:385
 iomap_apply+0x1da/0x520 fs/iomap/apply.c:80
 iomap_dio_rw+0x501/0x8c0 fs/iomap/direct-io.c:501
 ext4_dio_write_iter fs/ext4/file.c:545 [inline]
 ext4_file_write_iter+0xda4/0x1010 fs/ext4/file.c:653
 call_write_iter include/linux/fs.h:1907 [inline]
 new_sync_write fs/read_write.c:484 [inline]
 __vfs_write+0x2d8/0x340 fs/read_write.c:497
 vfs_write+0x19b/0x350 fs/read_write.c:559
 ksys_write+0xce/0x180 fs/read_write.c:612
 __do_sys_write fs/read_write.c:624 [inline]
 __se_sys_write fs/read_write.c:621 [inline]
 __x64_sys_write+0x3e/0x50 fs/read_write.c:621
 do_syscall_64+0x51/0xb0 arch/x86/entry/common.c:359
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff888128f54704 of 4 bytes by task 349 on cpu 1:
 rwb_enabled block/blk-wbt.c:80 [inline]
 bio_to_wbt_flags block/blk-wbt.c:543 [inline]
 wbt_wait+0x36/0x2b0 block/blk-wbt.c:576
 __rq_qos_throttle+0x39/0x70 block/blk-rq-qos.c:72
 rq_qos_throttle block/blk-rq-qos.h:182 [inline]
 blk_mq_make_request+0x234/0x1070 block/blk-mq.c:2050
 do_make_request block/blk-core.c:1084 [inline]
 generic_make_request+0x240/0x5d0 block/blk-core.c:1156
 submit_bio+0x200/0x370 block/blk-core.c:1275
 ext4_io_submit+0xcd/0xf0 fs/ext4/page-io.c:382
 ext4_writepages+0x69c/0x1ef0 fs/ext4/inode.c:2740
 do_writepages+0x7b/0x150 mm/page-writeback.c:2354
 __writeback_single_inode+0x81/0x610 fs/fs-writeback.c:1452
 writeback_sb_inodes+0x5ac/0xe40 fs/fs-writeback.c:1716
 wb_writeback+0x2b8/0x730 fs/fs-writeback.c:1892
 wb_do_writeback+0x108/0x610 fs/fs-writeback.c:2037
 wb_workfn+0xc8/0x460 fs/fs-writeback.c:2078
 process_one_work+0x3e1/0x9a0 kernel/workqueue.c:2269
 worker_thread+0x665/0xbe0 kernel/workqueue.c:2415
 kthread+0x20d/0x230 kernel/kthread.c:291
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 349 Comm: kworker/u4:4 Not tainted 5.8.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: writeback wb_workfn (flush-8:0)
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/29 14:08 upstream 9ebcfadb0610 df01f6fc .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.