syzbot

 sign-in | mailing list | source | docs
🐞 Open [1551]
Subsystems
🐞 Fixed [6435]
🐞 Invalid [16301]
Missing Backports [199]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in sg_ioctl / sg_rq_end_io (2)

Status: auto-closed as invalid on 2022/02/04 08:07
Subsystems: scsi
[Documentation on labels]
First crash: 1308d, last: 1296d
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io scsi 6 1 1400d 1400d 0/29 auto-closed as invalid on 2021/10/23 07:44
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io (4) scsi 6 2 467d 495d 0/29 auto-obsoleted due to no activity on 2024/05/13 03:00
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io (3) scsi 6 1 1061d 1061d 0/29 auto-closed as invalid on 2022/09/27 16:29
upstream KCSAN: data-race in sg_ioctl / sg_rq_end_io (5) scsi 6 1 270d 270d 0/29 auto-obsoleted due to no activity on 2024/12/17 21:07

Sample crash report:
==================================================================
BUG: KCSAN: data-race in sg_ioctl / sg_rq_end_io

write to 0xffff8881478c011c of 4 bytes by interrupt on cpu 1:
 sg_rq_end_io+0x14f/0x760 drivers/scsi/sg.c:1352
 __blk_mq_end_request+0x294/0x2b0 block/blk-mq.c:812
 scsi_end_request+0x285/0x440 drivers/scsi/scsi_lib.c:577
 scsi_io_completion+0x8eb/0x10c0 drivers/scsi/scsi_lib.c:945
 scsi_finish_command+0x1c0/0x1d0 drivers/scsi/scsi.c:199
 scsi_complete+0x1a5/0x1e0 drivers/scsi/scsi_lib.c:1441
 blk_complete_reqs block/blk-mq.c:892 [inline]
 blk_done_softirq+0x92/0xc0 block/blk-mq.c:897
 __do_softirq+0x158/0x2de kernel/softirq.c:558
 __irq_exit_rcu kernel/softirq.c:637 [inline]
 irq_exit_rcu+0x37/0x70 kernel/softirq.c:649
 common_interrupt+0x9f/0xc0 arch/x86/kernel/irq.c:240
 asm_common_interrupt+0x1e/0x40
 arch_clear_bit fs/ext4/xattr.c:2325 [inline]
 clear_bit include/asm-generic/bitops/instrumented-atomic.h:42 [inline]
 ext4_clear_inode_state fs/ext4/ext4.h:1931 [inline]
 ext4_xattr_set_handle+0x3d5/0xe40 fs/ext4/xattr.c:2326
 ext4_initxattrs+0x43/0x90 fs/ext4/xattr_security.c:44
 security_inode_init_security+0x1a9/0x260 security/security.c:1100
 __ext4_new_inode+0x1f77/0x2480 fs/ext4/ialloc.c:1325
 ext4_symlink+0x23b/0x5d0 fs/ext4/namei.c:3293
 vfs_symlink+0x241/0x330 fs/namei.c:4248
 do_symlinkat+0x104/0x380 fs/namei.c:4277
 __do_sys_symlink fs/namei.c:4299 [inline]
 __se_sys_symlink fs/namei.c:4297 [inline]
 __x64_sys_symlink+0x52/0x60 fs/namei.c:4297
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff8881478c011c of 4 bytes by task 16458 on cpu 0:
 sg_fill_request_table drivers/scsi/sg.c:882 [inline]
 sg_ioctl_common drivers/scsi/sg.c:1092 [inline]
 sg_ioctl+0x84f/0x18e0 drivers/scsi/sg.c:1165
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl+0xcb/0x140 fs/ioctl.c:860
 __x64_sys_ioctl+0x3f/0x50 fs/ioctl.c:860
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x000de4f4 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 16458 Comm: syz-executor.2 Not tainted 5.16.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/12/31 08:01 upstream 9bad743e8d22 36bd2e48 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in sg_ioctl / sg_rq_end_io
2021/12/20 00:34 upstream a76c3d035872 44068e19 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in sg_ioctl / sg_rq_end_io
* Struck through repros no longer work on HEAD.