syzbot


KCSAN: data-race in __io_import_iovec / io_cqring_overflow_flush

Status: auto-closed as invalid on 2020/12/21 11:58
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+30e9d1352fd743af8606@syzkaller.appspotmail.com
First crash: 1236d, last: 1236d

Sample crash report:
EXT4-fs error (device loop5): ext4_empty_dir:2879: inode #12: comm syz-executor.5: Directory hole found for htree leaf block
EXT4-fs error (device loop5): ext4_free_inode:351: comm syz-executor.5: bit already cleared for inode 12
==================================================================
BUG: KCSAN: data-race in __io_import_iovec / io_cqring_overflow_flush

read-write to 0xffff88801c181c44 of 1 bytes by task 663 on cpu 1:
 io_cqring_overflow_flush+0x90/0x7f0 fs/io_uring.c:1645
 io_uring_cancel_task_requests fs/io_uring.c:8644 [inline]
 __io_uring_files_cancel+0x21a/0xff0 fs/io_uring.c:8742
 io_uring_files_cancel include/linux/io_uring.h:51 [inline]
 exit_files+0x6a/0xc0 fs/file.c:456
 do_exit+0x422/0x15a0 kernel/exit.c:801
 do_group_exit+0xc8/0x170 kernel/exit.c:903
 get_signal+0xf9b/0x1510 kernel/signal.c:2758
 arch_do_signal+0x25/0x260 arch/x86/kernel/signal.c:811
 exit_to_user_mode_loop kernel/entry/common.c:161 [inline]
 exit_to_user_mode_prepare+0xde/0x170 kernel/entry/common.c:191
 syscall_exit_to_user_mode+0x16/0x30 kernel/entry/common.c:266
 do_syscall_64+0x45/0x80 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88801c181c44 of 1 bytes by task 633 on cpu 0:
 __io_import_iovec+0x26c/0x930 fs/io_uring.c:3111
 io_rw_prep_async fs/io_uring.c:3249 [inline]
 io_write_prep fs/io_uring.c:3500 [inline]
 io_req_prep+0xbad/0x21f0 fs/io_uring.c:5709
 io_req_defer_prep fs/io_uring.c:5776 [inline]
 io_submit_sqe+0x24d/0x620 fs/io_uring.c:6324
 io_submit_sqes+0x99a/0x11a0 fs/io_uring.c:6581
 __do_sys_io_uring_enter fs/io_uring.c:8958 [inline]
 __se_sys_io_uring_enter+0x52c/0xac0 fs/io_uring.c:8907
 __x64_sys_io_uring_enter+0x74/0x80 fs/io_uring.c:8907
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 633 Comm: syz-executor.5 Not tainted 5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/11/08 07:33 upstream 4429f14aeea9 cba33199 .config console log report info ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.