syzbot


KCSAN: data-race in rq_depth_scale_up / rwb_arm_timer (2)

Status: closed as invalid on 2020/06/18 14:24
Subsystems: block
[Documentation on labels]
First crash: 1439d, last: 1439d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in rq_depth_scale_up / rwb_arm_timer block 2 1598d 1602d 0/26 auto-closed as invalid on 2020/01/21 10:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in rq_depth_scale_up / rwb_arm_timer

write to 0xffff88812a1118e4 of 4 bytes by interrupt on cpu 0:
 rq_depth_scale_up+0x5e/0x90 block/blk-rq-qos.c:172
 scale_up+0x3f/0x250 block/blk-wbt.c:311
 wb_timer_fn+0x2d6/0xad0 block/blk-wbt.c:382
 blk_stat_timer_fn+0x3af/0x3d0 block/blk-stat.c:99
 call_timer_fn+0x58/0x2e0 kernel/time/timer.c:1405
 expire_timers kernel/time/timer.c:1450 [inline]
 __run_timers kernel/time/timer.c:1774 [inline]
 __run_timers kernel/time/timer.c:1741 [inline]
 run_timer_softirq+0xb14/0xbd0 kernel/time/timer.c:1787
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 smp_apic_timer_interrupt+0xe2/0x270 arch/x86/kernel/apic/apic.c:1140
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 arch_local_irq_enable arch/x86/include/asm/paravirt.h:769 [inline]
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline]
 _raw_spin_unlock_irq+0x4b/0x80 kernel/locking/spinlock.c:199
 spin_unlock_irq include/linux/spinlock.h:403 [inline]
 shmem_add_to_page_cache+0x534/0x6c0 mm/shmem.c:647
 shmem_getpage_gfp+0x43f/0x1520 mm/shmem.c:1871
 shmem_getpage mm/shmem.c:154 [inline]
 shmem_write_begin+0x98/0x130 mm/shmem.c:2483
 generic_perform_write+0x13a/0x320 mm/filemap.c:3302
 __generic_file_write_iter+0x240/0x370 mm/filemap.c:3431
 generic_file_write_iter+0x294/0x38e mm/filemap.c:3463
 call_write_iter include/linux/fs.h:1907 [inline]
 do_iter_readv_writev+0x4a7/0x5d0 fs/read_write.c:694
 do_iter_write fs/read_write.c:999 [inline]
 do_iter_write+0x137/0x3a0 fs/read_write.c:980
 vfs_iter_write+0x56/0x80 fs/read_write.c:1040
 lo_write_bvec+0xb3/0x1e0 drivers/block/loop.c:277
 lo_write_simple drivers/block/loop.c:299 [inline]
 do_req_filebacked drivers/block/loop.c:621 [inline]
 loop_handle_cmd drivers/block/loop.c:1974 [inline]
 loop_queue_work+0x43b/0x14b9 drivers/block/loop.c:1991
 kthread_worker_fn+0x1d0/0x3c0 kernel/kthread.c:684
 loop_kthread_worker_fn+0x49/0x60 drivers/block/loop.c:923
 kthread+0x203/0x230 kernel/kthread.c:268
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

read to 0xffff88812a1118e4 of 4 bytes by task 11230 on cpu 1:
 rwb_arm_timer+0x22/0xe0 block/blk-wbt.c:332
 wbt_wait+0x1a2/0x260 block/blk-wbt.c:594
 __rq_qos_throttle+0x42/0x70 block/blk-rq-qos.c:72
 rq_qos_throttle block/blk-rq-qos.h:182 [inline]
 blk_mq_make_request+0x297/0xf60 block/blk-mq.c:1998
 generic_make_request block/blk-core.c:1075 [inline]
 generic_make_request+0x196/0x700 block/blk-core.c:1017
 submit_bio+0x8f/0x3a0 block/blk-core.c:1200
 mpage_bio_submit fs/mpage.c:66 [inline]
 __mpage_writepage+0xb84/0xdc0 fs/mpage.c:627
 write_cache_pages+0x400/0xa10 mm/page-writeback.c:2238
 mpage_writepages+0xab/0x180 fs/mpage.c:730
 fat_writepages+0x2a/0x40 fs/fat/inode.c:205
 do_writepages+0x6b/0x170 mm/page-writeback.c:2344
 __filemap_fdatawrite_range+0x1bb/0x220 mm/filemap.c:421
 file_write_and_wait_range+0xfb/0x160 mm/filemap.c:760
 __generic_file_fsync+0x55/0x180 fs/libfs.c:1072
 fat_file_fsync+0x54/0x120 fs/fat/file.c:190
 vfs_fsync_range+0x7c/0x150 fs/sync.c:197
 generic_write_sync include/linux/fs.h:2872 [inline]
 generic_file_write_iter+0x31c/0x38e mm/filemap.c:3467
 call_write_iter include/linux/fs.h:1907 [inline]
 new_sync_write+0x303/0x400 fs/read_write.c:484
 __vfs_write+0x9e/0xb0 fs/read_write.c:497
 vfs_write fs/read_write.c:559 [inline]
 vfs_write+0x189/0x380 fs/read_write.c:543
 ksys_write+0xc5/0x1a0 fs/read_write.c:612
 __do_sys_write fs/read_write.c:624 [inline]
 __se_sys_write fs/read_write.c:621 [inline]
 __x64_sys_write+0x49/0x60 fs/read_write.c:621
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 11230 Comm: syz-executor.0 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/04/19 14:22 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6dfd45e1 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.