syzbot

 sign-in | mailing list | source | docs
🐞 Open [978] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12473] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in virtqueue_disable_cb / vring_interrupt

Status: auto-obsoleted due to no activity on 2023/09/29 09:42
Subsystems: virt
[Documentation on labels]
Reported-by: syzbot+1dc46d73e4c1b726ed95@syzkaller.appspotmail.com
First crash: 1009d, last: 237d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in virtqueue_disable_cb / vring_interrupt (2) virt 12 11d 130d 0/26 moderation: reported on 2023/12/11 00:04

Sample crash report:
==================================================================
BUG: KCSAN: data-race in virtqueue_disable_cb / vring_interrupt

write to 0xffff888103272052 of 1 bytes by interrupt on cpu 0:
 vring_interrupt+0x128/0x170 drivers/virtio/virtio_ring.c:2497
 __handle_irq_event_percpu+0x91/0x490 kernel/irq/handle.c:158
 handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
 handle_irq_event+0x64/0xf0 kernel/irq/handle.c:210
 handle_edge_irq+0x167/0x590 kernel/irq/chip.c:834
 generic_handle_irq_desc include/linux/irqdesc.h:161 [inline]
 handle_irq arch/x86/kernel/irq.c:238 [inline]
 __common_interrupt+0x3c/0xb0 arch/x86/kernel/irq.c:257
 common_interrupt+0x7a/0x90 arch/x86/kernel/irq.c:247
 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:636
 kcsan_setup_watchpoint+0x3fe/0x410 kernel/kcsan/core.c:705
 tlb_flush_rmap_batch mm/mmu_gather.c:54 [inline]
 tlb_flush_rmaps+0x142/0x1e0 mm/mmu_gather.c:79
 zap_pte_range mm/memory.c:1520 [inline]
 zap_pmd_range mm/memory.c:1570 [inline]
 zap_pud_range mm/memory.c:1599 [inline]
 zap_p4d_range mm/memory.c:1620 [inline]
 unmap_page_range+0x19ba/0x1da0 mm/memory.c:1641
 unmap_single_vma+0x142/0x1d0 mm/memory.c:1687
 unmap_vmas+0x157/0x200 mm/memory.c:1726
 exit_mmap+0x15f/0x5f0 mm/mmap.c:3203
 __mmput+0x28/0x1c0 kernel/fork.c:1348
 mmput+0x4c/0x60 kernel/fork.c:1370
 exit_mm+0xe3/0x180 kernel/exit.c:567
 do_exit+0x580/0x1670 kernel/exit.c:861
 do_group_exit+0x101/0x150 kernel/exit.c:1024
 get_signal+0xeb7/0xff0 kernel/signal.c:2881
 arch_do_signal_or_restart+0x89/0x2a0 arch/x86/kernel/signal.c:308
 exit_to_user_mode_loop+0x6f/0xe0 kernel/entry/common.c:168
 exit_to_user_mode_prepare+0x6c/0xb0 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline]
 syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:297
 do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888103272052 of 1 bytes by task 3592 on cpu 1:
 virtqueue_disable_cb_split drivers/virtio/virtio_ring.c:862 [inline]
 virtqueue_disable_cb+0x92/0x180 drivers/virtio/virtio_ring.c:2352
 start_xmit+0xf0/0xae0 drivers/net/virtio_net.c:2149
 __netdev_start_xmit include/linux/netdevice.h:4910 [inline]
 netdev_start_xmit include/linux/netdevice.h:4924 [inline]
 xmit_one net/core/dev.c:3537 [inline]
 dev_hard_start_xmit+0x11b/0x3f0 net/core/dev.c:3553
 sch_direct_xmit+0x1b0/0x570 net/sched/sch_generic.c:342
 __dev_xmit_skb net/core/dev.c:3764 [inline]
 __dev_queue_xmit+0xe5f/0x1d10 net/core/dev.c:4169
 dev_queue_xmit include/linux/netdevice.h:3088 [inline]
 neigh_hh_output include/net/neighbour.h:528 [inline]
 neigh_output include/net/neighbour.h:542 [inline]
 ip_finish_output2+0x700/0x840 net/ipv4/ip_output.c:230
 ip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:318
 NF_HOOK_COND include/linux/netfilter.h:292 [inline]
 ip_output+0xe5/0x1b0 net/ipv4/ip_output.c:432
 dst_output include/net/dst.h:458 [inline]
 ip_local_out net/ipv4/ip_output.c:127 [inline]
 __ip_queue_xmit+0xaaf/0xae0 net/ipv4/ip_output.c:534
 ip_queue_xmit+0x38/0x40 net/ipv4/ip_output.c:548
 __tcp_transmit_skb+0x1231/0x1710 net/ipv4/tcp_output.c:1401
 __tcp_send_ack+0x1de/0x2d0 net/ipv4/tcp_output.c:4072
 tcp_send_ack+0x27/0x30 net/ipv4/tcp_output.c:4078
 __tcp_cleanup_rbuf+0x149/0x260 net/ipv4/tcp.c:1483
 tcp_cleanup_rbuf net/ipv4/tcp.c:1494 [inline]
 tcp_recvmsg_locked+0x109d/0x1540 net/ipv4/tcp.c:2536
 tcp_recvmsg+0x13b/0x490 net/ipv4/tcp.c:2566
 inet_recvmsg+0xa2/0x210 net/ipv4/af_inet.c:862
 sock_recvmsg_nosec net/socket.c:1020 [inline]
 sock_recvmsg net/socket.c:1041 [inline]
 sock_read_iter+0x1a0/0x210 net/socket.c:1107
 call_read_iter include/linux/fs.h:1871 [inline]
 new_sync_read fs/read_write.c:389 [inline]
 vfs_read+0x3da/0x5c0 fs/read_write.c:470
 ksys_read+0xeb/0x1a0 fs/read_write.c:613
 __do_sys_read fs/read_write.c:623 [inline]
 __se_sys_read fs/read_write.c:621 [inline]
 __x64_sys_read+0x42/0x50 fs/read_write.c:621
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3592 Comm: syz-fuzzer Tainted: G        W          6.5.0-rc7-syzkaller-00104-g4f9e7fabf864 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
==================================================================

Crashes (130):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/08/25 09:41 upstream 4f9e7fabf864 03d9c195 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/08/24 23:53 upstream 93f5de5f648d 49be837e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/08/15 07:58 upstream 91aa6c412d7f 39990d51 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/08/14 14:38 upstream 2ccdd1b13c59 39990d51 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/08/04 16:52 upstream c1a515d3c027 cdae481e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/07/27 10:02 upstream 0a8db05b571a 41fe1bae .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/07/22 21:57 upstream 295e1388de2d 27cbe77f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/07/13 18:12 upstream eb26cbb1a754 55eda22f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/07/07 16:16 upstream 5133c9e51de4 668cb1fa .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/07/04 22:19 upstream 24be4d0b46bb f99c2404 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/06/30 22:22 upstream e55e5df193d2 af3053d2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/06/12 20:26 upstream fd37b884003c aaed0183 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/06/09 14:48 upstream 33f2b5785a2b 9018a337 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/06/03 23:43 upstream 51f269a6ecc7 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/06/03 07:33 upstream 4ecd704a4c51 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/05/30 23:55 upstream afead42fdfca df37c7f1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/05/24 14:00 upstream 9d646009f65d 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/05/13 07:39 upstream 9a48d6046722 2b9ba477 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/05/05 18:56 upstream 78b421b6a7c6 de870ca5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/05/04 16:21 upstream 1a5304fecee5 518a39a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/05/01 02:58 upstream 58390c8ce1bd 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/04/26 23:21 upstream 5c7ecada25d2 19a3dabe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/04/26 03:57 upstream 0cfd8703e7da 65320f8e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/04/23 03:51 upstream 2caeeb9d4a1b 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/04/07 10:37 upstream f2afccfefe7b f7ba566d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/03/29 12:34 upstream fcd476ea6a88 f325deb0 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/03/23 18:48 upstream fff5a5e7f528 f94b4a29 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/03/15 22:25 upstream 9c1bec9c0b08 18b58603 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/03/07 01:15 upstream 8ca09d5fa354 f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/03/05 22:55 upstream f915322fe014 f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/02/21 10:27 upstream 89f5349e0673 f949448d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/02/18 14:59 upstream 38f8ccde04a3 d02e9a70 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/02/13 20:55 upstream b408817d4884 957959cb .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/01/13 15:15 upstream d9fc1511728c 529798b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/01/10 10:56 upstream 5a41237ad1d4 48bc529a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2023/01/04 10:09 upstream 69b41ac87e4a 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/12/24 11:36 upstream 51094a24b85e 9da18ae8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/12/21 16:28 upstream b6bb9676f216 4067838e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/12/16 06:37 upstream 041fae9c105a 6f9c033e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/11/13 18:10 upstream af7a05689189 7ba4d859 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/11/13 07:11 upstream fef7fd48922d f42ee5d8 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/11/09 13:49 upstream f141df371335 bebca8b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/11/05 18:23 upstream b208b9fbbcba 6d752409 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/11/03 12:19 upstream 8e5423e991e8 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/10/30 18:19 upstream 882ad2a2a8ff 2a71366b .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/10/29 19:10 upstream 91562cf99364 2a71366b .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/10/29 06:33 upstream 576e61cea1e4 899d812a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/10/11 05:23 upstream e2302539dd4f 5bcf0c31 .config console log report info [disk image] [vmlinux] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/10/07 10:10 upstream 4c86114194e6 79a59635 .config console log report info [disk image] [vmlinux] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/09/23 07:40 upstream dc164f4fb00a 0042f2b4 .config console log report info [disk image] [vmlinux] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/09/21 15:18 upstream 60891ec99e14 380f82fb .config console log report info [disk image] [vmlinux] ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/04/23 20:35 upstream 13bc32bad705 131df97d .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2022/04/23 08:08 upstream c00c5e1d157b 131df97d .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
2021/07/14 03:55 upstream 40226a3d96ef 484502bd .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in virtqueue_disable_cb / vring_interrupt
* Struck through repros no longer work on HEAD.