syzbot


KCSAN: data-race in __io_cqring_fill_event / io_drain_req (2)

Status: auto-closed as invalid on 2022/02/14 03:39
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 351d, last: 327d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __io_cqring_fill_event / io_drain_req 37 398d 514d 0/24 auto-closed as invalid on 2021/12/04 19:57

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __io_cqring_fill_event / io_drain_req

write to 0xffff88812ee03200 of 4 bytes by task 1505 on cpu 0:
 io_get_cqe fs/io_uring.c:1695 [inline]
 __io_cqring_fill_event+0xf9/0x380 fs/io_uring.c:1873
 io_req_complete_post+0x4b/0x5d0 fs/io_uring.c:1896
 io_issue_sqe+0x3d8c/0x53b0
 io_wq_submit_work+0x1c5/0x370 fs/io_uring.c:6840
 io_worker_handle_work+0x4ca/0xbd0 fs/io-wq.c:576
 io_wqe_worker+0x1bc/0x4f0 fs/io-wq.c:632
 ret_from_fork+0x1f/0x30

read to 0xffff88812ee03200 of 4 bytes by task 1406 on cpu 1:
 req_need_defer fs/io_uring.c:1461 [inline]
 io_drain_req+0x3a9/0x4e6 fs/io_uring.c:6547
 io_queue_sqe_fallback fs/io_uring.c:7049 [inline]
 io_queue_sqe fs/io_uring.c:7066 [inline]
 io_submit_sqe+0x44ca/0x47d3 fs/io_uring.c:7267
 io_submit_sqes+0x25d/0x670 fs/io_uring.c:7373
 __do_sys_io_uring_enter fs/io_uring.c:10076 [inline]
 __se_sys_io_uring_enter+0x212/0xb00 fs/io_uring.c:10018
 __x64_sys_io_uring_enter+0x74/0x80 fs/io_uring.c:10018
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x0000000d -> 0x0000000e

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 1406 Comm: syz-executor.3 Not tainted 5.16.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/01/10 03:37 upstream df0cc57e057f 2ca0d385 .config log report info KCSAN: data-race in __io_cqring_fill_event / io_drain_req
ci2-upstream-kcsan-gce 2022/01/08 15:13 upstream d1587f7bfe9a 2ca0d385 .config log report info KCSAN: data-race in __io_cqring_fill_event / io_drain_req
ci2-upstream-kcsan-gce 2021/12/29 22:11 upstream e7c124bd0463 6cc879d4 .config log report info KCSAN: data-race in __io_cqring_fill_event / io_drain_req
ci2-upstream-kcsan-gce 2021/12/16 11:38 upstream 2b14864acbaa 572bcb40 .config log report info KCSAN: data-race in __io_cqring_fill_event / io_drain_req
* Struck through repros no longer work on HEAD.