syzbot

 sign-in | mailing list | source | docs
🐞 Open [1500]
Subsystems
🐞 Fixed [6510]
🐞 Invalid [16547]
Missing Backports [204]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in sg_ioctl / sg_rq_end_io (3)

Status: auto-closed as invalid on 2022/09/27 16:29
Subsystems: scsi
[Documentation on labels]
First crash: 1087d, last: 1087d
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io scsi 6 1 1426d 1426d 0/29 auto-closed as invalid on 2021/10/23 07:44
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io (4) scsi 6 2 494d 522d 0/29 auto-obsoleted due to no activity on 2024/05/13 03:00
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io (5) scsi 6 1 296d 296d 0/29 auto-obsoleted due to no activity on 2024/12/17 21:07
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io (2) scsi 6 2 1322d 1334d 0/29 auto-closed as invalid on 2022/02/04 08:07

Sample crash report:
==================================================================
BUG: KCSAN: data-race in sg_ioctl / sg_rq_end_io

write to 0xffff888103898111 of 1 bytes by interrupt on cpu 1:
 sg_rq_end_io+0x1a6/0x720 drivers/scsi/sg.c:1352
 __blk_mq_end_request+0x205/0x210 block/blk-mq.c:942
 scsi_end_request+0x2ab/0x470 drivers/scsi/scsi_lib.c:571
 scsi_io_completion+0x95/0x1f0 drivers/scsi/scsi_lib.c:965
 scsi_finish_command+0x1b7/0x1c0 drivers/scsi/scsi.c:198
 scsi_complete+0x19e/0x1d0 drivers/scsi/scsi_lib.c:1432
 blk_complete_reqs block/blk-mq.c:1022 [inline]
 blk_done_softirq+0x92/0xc0 block/blk-mq.c:1027
 __do_softirq+0x158/0x2e3 kernel/softirq.c:571
 __irq_exit_rcu kernel/softirq.c:650 [inline]
 irq_exit_rcu+0x41/0x70 kernel/softirq.c:662
 common_interrupt+0x9f/0xc0 arch/x86/kernel/irq.c:240
 asm_common_interrupt+0x22/0x40
 kcsan_setup_watchpoint+0x3e9/0x3f0 kernel/kcsan/core.c:694
 map_id_range_down_base kernel/user_namespace.c:299 [inline]
 map_id_range_down kernel/user_namespace.c:314 [inline]
 map_id_down kernel/user_namespace.c:329 [inline]
 make_kprojid+0x82/0x330 kernel/user_namespace.c:541
 __ext4_new_inode+0x407/0x2700 fs/ext4/ialloc.c:985
 ext4_symlink+0x248/0x590 fs/ext4/namei.c:3356
 vfs_symlink+0x18a/0x280 fs/namei.c:4378
 do_symlinkat+0xe2/0x330 fs/namei.c:4407
 __do_sys_symlinkat fs/namei.c:4424 [inline]
 __se_sys_symlinkat fs/namei.c:4421 [inline]
 __x64_sys_symlinkat+0x5e/0x70 fs/namei.c:4421
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888103898111 of 1 bytes by task 14005 on cpu 0:
 sg_fill_request_table drivers/scsi/sg.c:869 [inline]
 sg_ioctl_common drivers/scsi/sg.c:1086 [inline]
 sg_ioctl+0x7d4/0x1860 drivers/scsi/sg.c:1159
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0xcb/0x140 fs/ioctl.c:856
 __x64_sys_ioctl+0x3f/0x50 fs/ioctl.c:856
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 14005 Comm: syz-executor.0 Not tainted 6.0.0-rc2-syzkaller-00016-g072e51356cd5-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/08/23 16:25 upstream 072e51356cd5 cea8b0f7 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in sg_ioctl / sg_rq_end_io
* Struck through repros no longer work on HEAD.