syzbot

 sign-in | mailing list | source | docs
🐞 Open [1156] 🐞 Fixed [4318] 🐞 Invalid [9656] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KCSAN: data-race in virtqueue_disable_cb / vring_interrupt

Status: moderation: reported on 2022/04/24 17:40
Reported-by: syzbot+1dc46d73e4c1b726ed95@syzkaller.appspotmail.com
First crash: 568d, last: 20d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in virtqueue_disable_cb / vring_interrupt

write to 0xffff8881030e915a of 1 bytes by interrupt on cpu 0:
 vring_interrupt+0x124/0x170 drivers/virtio/virtio_ring.c:2466
 __handle_irq_event_percpu+0x92/0x400 kernel/irq/handle.c:158
 handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
 handle_irq_event+0x60/0xf0 kernel/irq/handle.c:210
 handle_edge_irq+0x17e/0x5a0 kernel/irq/chip.c:819
 generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
 handle_irq arch/x86/kernel/irq.c:231 [inline]
 __common_interrupt+0x60/0x100 arch/x86/kernel/irq.c:250
 common_interrupt+0x9a/0xc0 arch/x86/kernel/irq.c:240
 asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:640
 prefetchw arch/x86/include/asm/processor.h:620 [inline]
 slab_alloc_node mm/slab.c:3257 [inline]
 slab_alloc mm/slab.c:3270 [inline]
 __kmem_cache_alloc_lru mm/slab.c:3447 [inline]
 kmem_cache_alloc+0x1de/0x2f0 mm/slab.c:3456
 vm_area_dup kernel/fork.c:466 [inline]
 dup_mmap+0x4d6/0xaf0 kernel/fork.c:643
 dup_mm kernel/fork.c:1548 [inline]
 copy_mm+0x11c/0x310 kernel/fork.c:1597
 copy_process+0xd7f/0x2090 kernel/fork.c:2266
 kernel_clone+0x166/0x550 kernel/fork.c:2681
 __do_sys_clone kernel/fork.c:2822 [inline]
 __se_sys_clone kernel/fork.c:2806 [inline]
 __x64_sys_clone+0xc3/0xf0 kernel/fork.c:2806
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff8881030e915a of 1 bytes by task 3116 on cpu 1:
 virtqueue_disable_cb+0x17/0x160 drivers/virtio/virtio_ring.c:2315
 start_xmit+0xd1/0xb70 drivers/net/virtio_net.c:1837
 __netdev_start_xmit include/linux/netdevice.h:4865 [inline]
 netdev_start_xmit include/linux/netdevice.h:4879 [inline]
 xmit_one+0xc0/0x2a0 net/core/dev.c:3583
 dev_hard_start_xmit+0x72/0x120 net/core/dev.c:3599
 sch_direct_xmit+0x1ac/0x580 net/sched/sch_generic.c:342
 __dev_xmit_skb+0x806/0xdb0 net/core/dev.c:3810
 __dev_queue_xmit+0x676/0x11c0 net/core/dev.c:4215
 dev_queue_xmit include/linux/netdevice.h:3035 [inline]
 neigh_hh_output include/net/neighbour.h:530 [inline]
 neigh_output include/net/neighbour.h:544 [inline]
 ip_finish_output2+0x70b/0x850 net/ipv4/ip_output.c:228
 ip_finish_output+0xf3/0x250 net/ipv4/ip_output.c:316
 NF_HOOK_COND include/linux/netfilter.h:291 [inline]
 ip_output+0xf3/0x1a0 net/ipv4/ip_output.c:430
 dst_output include/net/dst.h:444 [inline]
 ip_local_out net/ipv4/ip_output.c:126 [inline]
 __ip_queue_xmit+0xa2e/0xa50 net/ipv4/ip_output.c:532
 ip_queue_xmit+0x34/0x40 net/ipv4/ip_output.c:546
 __tcp_transmit_skb+0x1242/0x1730 net/ipv4/tcp_output.c:1399
 __tcp_send_ack+0x1dc/0x2e0 net/ipv4/tcp_output.c:3983
 tcp_send_ack+0x23/0x30 net/ipv4/tcp_output.c:3989
 __tcp_cleanup_rbuf+0x14e/0x260 net/ipv4/tcp.c:1617
 tcp_cleanup_rbuf net/ipv4/tcp.c:1628 [inline]
 tcp_recvmsg_locked+0x10c4/0x1580 net/ipv4/tcp.c:2649
 tcp_recvmsg+0x148/0x4c0 net/ipv4/tcp.c:2679
 inet_recvmsg+0x9e/0x210 net/ipv4/af_inet.c:861
 sock_recvmsg_nosec net/socket.c:995 [inline]
 sock_recvmsg net/socket.c:1013 [inline]
 sock_read_iter+0x1b1/0x1f0 net/socket.c:1086
 call_read_iter include/linux/fs.h:2183 [inline]
 new_sync_read fs/read_write.c:389 [inline]
 vfs_read+0x3a5/0x560 fs/read_write.c:470
 ksys_read+0xe8/0x1a0 fs/read_write.c:613
 __do_sys_read fs/read_write.c:623 [inline]
 __se_sys_read fs/read_write.c:621 [inline]
 __x64_sys_read+0x3e/0x50 fs/read_write.c:621
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3116 Comm: syz-fuzzer Tainted: G        W          6.2.0-rc3-syzkaller-00165-gd9fc1511728c-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
==================================================================

Crashes (97):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci2-upstream-kcsan-gce 2023/01/13 15:15 upstream d9fc1511728c 529798b0 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2023/01/10 10:56 upstream 5a41237ad1d4 48bc529a .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2023/01/04 10:09 upstream 69b41ac87e4a 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/12/24 11:36 upstream 51094a24b85e 9da18ae8 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/12/21 16:28 upstream b6bb9676f216 4067838e .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/12/16 06:37 upstream 041fae9c105a 6f9c033e .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/11/13 18:10 upstream af7a05689189 7ba4d859 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/11/13 07:11 upstream fef7fd48922d f42ee5d8 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/11/09 13:49 upstream f141df371335 bebca8b7 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/11/05 18:23 upstream b208b9fbbcba 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/11/03 12:19 upstream 8e5423e991e8 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/10/30 18:19 upstream 882ad2a2a8ff 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/10/29 19:10 upstream 91562cf99364 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/10/29 06:33 upstream 576e61cea1e4 899d812a .config console log report info [disk image] [vmlinux] [kernel image] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/10/11 05:23 upstream e2302539dd4f 5bcf0c31 .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/10/07 10:10 upstream 4c86114194e6 79a59635 .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/09/23 07:40 upstream dc164f4fb00a 0042f2b4 .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/09/21 15:18 upstream 60891ec99e14 380f82fb .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/09/15 09:04 upstream 3245cb65fd91 dd9a85ff .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/09/14 15:00 upstream 3245cb65fd91 b884348d .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/09/02 20:20 upstream 0b3acd1cc022 25194605 .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/09/01 20:19 upstream 2880e1a175b9 86c46e46 .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/30 01:19 upstream b90cb1053190 d7593c58 .config console log report info [disk image] [vmlinux] KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/24 14:36 upstream c40e8341e3b3 514514f6 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/16 20:45 upstream 7ebfc85e2cd7 9e4b39c2 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/15 22:42 upstream 7ebfc85e2cd7 8dfcaa3d .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/08 19:33 upstream 3466f49dd0dd da700653 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/08 16:29 upstream 4e23eeebb2e5 da700653 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/03 11:43 upstream e2b542100719 1c9013ac .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/08/03 02:22 upstream 7d0d3fa7339e 1c9013ac .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/30 18:53 upstream 620725263f42 fef302b1 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/21 07:36 upstream 353f7988dd84 6e67af9d .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/17 22:27 upstream ff6992735ade 95cb00d1 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/17 05:55 upstream c658cabbfd32 95cb00d1 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/16 07:55 upstream 9b59ec8d50a1 95cb00d1 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/13 04:05 upstream 72a8e05d4f66 d91dd8ea .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/07/03 18:10 upstream 20855e4cb361 1434eec0 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/06/25 22:25 upstream 0840a7914caa a371c43c .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/06/02 10:33 upstream d1dc87763f40 6e12f05f .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/05/23 11:20 upstream 4b0986a3613c 4c7657cb .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/05/19 16:42 upstream f993aed406ea cb1ac2e7 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/05/14 00:20 upstream f2dd007445b1 107f6434 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/05/13 08:33 upstream f3f19f939c11 9ad6612a .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/05/07 14:48 upstream 4b97bac0756a e60b1103 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/04/28 20:09 upstream 259b897e5a79 e9076525 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/04/25 23:51 upstream af2d861d4cd2 152baedd .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/04/23 20:35 upstream 13bc32bad705 131df97d .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/04/23 08:08 upstream c00c5e1d157b 131df97d .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/04/20 16:05 upstream 559089e0a93d d4befee1 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2022/04/19 04:38 upstream b2d229d4ddb1 8bcc32a6 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2021/08/15 20:25 upstream ecf93431963a 2489ab88 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2021/08/15 06:50 upstream 0aa78d17099b 2489ab88 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2021/08/13 04:17 upstream f8e6dfc64f61 3fd2ea69 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2021/08/07 13:25 upstream c9194f32bfd9 6972b106 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2021/07/20 15:52 upstream 8cae8cd89f05 1b201b48 .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
ci2-upstream-kcsan-gce 2021/07/14 03:55 upstream 40226a3d96ef 484502bd .config console log report info KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
* Struck through repros no longer work on HEAD.