syzbot

 sign-in | mailing list | source | docs
🐞 Open [1597]
Subsystems
🐞 Fixed [6144]
🐞 Invalid [15377]
Missing Backports [172]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in blk_stat_add / blk_stat_timer_fn (2)

Status: auto-closed as invalid on 2020/06/16 18:43
Subsystems: block
[Documentation on labels]
First crash: 1960d, last: 1820d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in blk_stat_add / blk_stat_timer_fn (5) block 12 1525d 1516d 0/28 auto-closed as invalid on 2021/03/03 15:50
upstream KCSAN: data-race in blk_stat_add / blk_stat_timer_fn (3) block 2 1733d 1734d 0/28 auto-closed as invalid on 2020/08/07 01:06
upstream KCSAN: data-race in blk_stat_add / blk_stat_timer_fn (4) block 5 1644d 1670d 0/28 auto-closed as invalid on 2020/11/04 06:43
upstream KCSAN: data-race in blk_stat_add / blk_stat_timer_fn (6) block 2 1468d 1478d 0/28 auto-closed as invalid on 2021/05/17 11:06
upstream KCSAN: data-race in blk_stat_add / blk_stat_timer_fn block 10 1969d 1985d 0/28 closed as invalid on 2019/11/19 14:44

Sample crash report:
==================================================================
BUG: KCSAN: data-race in blk_stat_add / blk_stat_timer_fn

write to 0xffffe8ffffd2e660 of 8 bytes by interrupt on cpu 0:
 blk_rq_stat_init block/blk-stat.c:25 [inline]
 blk_stat_timer_fn+0x311/0x3d0 block/blk-stat.c:95
 call_timer_fn+0x58/0x2e0 kernel/time/timer.c:1405
 expire_timers kernel/time/timer.c:1450 [inline]
 __run_timers kernel/time/timer.c:1774 [inline]
 __run_timers kernel/time/timer.c:1741 [inline]
 run_timer_softirq+0xb14/0xbd0 kernel/time/timer.c:1787
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 smp_apic_timer_interrupt+0xe2/0x270 arch/x86/kernel/apic/apic.c:1146
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 kvm_cpu_has_pending_timer+0x0/0x60
 vcpu_run arch/x86/kvm/x86.c:8507 [inline]
 kvm_arch_vcpu_ioctl_run+0x2c9/0xdc0 arch/x86/kvm/x86.c:8720
 kvm_vcpu_ioctl+0x70b/0x9d0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2932
 vfs_ioctl fs/ioctl.c:47 [inline]
 ksys_ioctl+0x101/0x150 fs/ioctl.c:763
 __do_sys_ioctl fs/ioctl.c:772 [inline]
 __se_sys_ioctl fs/ioctl.c:770 [inline]
 __x64_sys_ioctl+0x47/0x60 fs/ioctl.c:770
 do_syscall_64+0xc7/0x390 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffffe8ffffd2e660 of 8 bytes by interrupt on cpu 1:
 blk_rq_stat_add block/blk-stat.c:47 [inline]
 blk_stat_add+0x1e4/0x2c0 block/blk-stat.c:74
 __blk_mq_end_request+0x224/0x2c0 block/blk-mq.c:527
 scsi_end_request+0x1d4/0x350 drivers/scsi/scsi_lib.c:610
 scsi_io_completion+0x11e/0xcc0 drivers/scsi/scsi_lib.c:960
 scsi_finish_command+0x283/0x390 drivers/scsi/scsi.c:228
 scsi_softirq_done+0x249/0x270 drivers/scsi/scsi_lib.c:1476
 blk_done_softirq+0x1e6/0x250 block/blk-softirq.c:37
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 do_IRQ+0x7b/0x120 arch/x86/kernel/irq.c:263
 ret_from_intr+0x0/0x21
 arch_local_irq_enable arch/x86/include/asm/paravirt.h:762 [inline]
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline]
 _raw_spin_unlock_irq+0x4b/0x80 kernel/locking/spinlock.c:199
 finish_lock_switch kernel/sched/core.c:3173 [inline]
 finish_task_switch+0x7b/0x260 kernel/sched/core.c:3273
 context_switch kernel/sched/core.c:3437 [inline]
 __schedule+0x30e/0x690 kernel/sched/core.c:4130
 schedule+0x41/0xe0 kernel/sched/core.c:4204
 freezable_schedule include/linux/freezer.h:172 [inline]
 do_nanosleep+0x138/0x320 kernel/time/hrtimer.c:1874
 hrtimer_nanosleep+0x136/0x230 kernel/time/hrtimer.c:1927
 __do_sys_nanosleep kernel/time/hrtimer.c:1961 [inline]
 __se_sys_nanosleep kernel/time/hrtimer.c:1948 [inline]
 __x64_sys_nanosleep+0x14b/0x190 kernel/time/hrtimer.c:1948
 do_syscall_64+0xc7/0x390 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7814 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (22):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/04/07 18:35 https://github.com/google/ktsan.git kcsan 40959e34d670 db9bcd4b .config console log report ci2-upstream-kcsan-gce
2020/02/22 11:04 https://github.com/google/ktsan.git kcsan 766d004d1b85 2ffa6679 .config console log report ci2-upstream-kcsan-gce
2020/02/15 19:29 https://github.com/google/ktsan.git kcsan b12d66a6c34f 5d7b90f1 .config console log report ci2-upstream-kcsan-gce
2020/02/10 12:24 https://github.com/google/ktsan.git kcsan f60f0f543333 35f5e45e .config console log report ci2-upstream-kcsan-gce
2020/02/05 17:25 https://github.com/google/ktsan.git kcsan 245a43005292 662cf49a .config console log report ci2-upstream-kcsan-gce
2020/02/01 00:06 https://github.com/google/ktsan.git kcsan 245a43005292 0eb59c27 .config console log report ci2-upstream-kcsan-gce
2020/01/27 11:27 https://github.com/google/ktsan.git kcsan 245a43005292 dd56146d .config console log report ci2-upstream-kcsan-gce
2020/01/21 12:31 https://github.com/google/ktsan.git kcsan 245a43005292 8eda0b95 .config console log report ci2-upstream-kcsan-gce
2020/01/15 05:16 https://github.com/google/ktsan.git kcsan 245a43005292 fa12bd3c .config console log report ci2-upstream-kcsan-gce
2020/01/13 13:41 https://github.com/google/ktsan.git kcsan 245a43005292 99565c1a .config console log report ci2-upstream-kcsan-gce
2020/01/11 05:09 https://github.com/google/ktsan.git kcsan 245a43005292 4c04afaa .config console log report ci2-upstream-kcsan-gce
2020/01/10 17:51 https://github.com/google/ktsan.git kcsan 245a43005292 532ec44e .config console log report ci2-upstream-kcsan-gce
2020/01/08 08:19 https://github.com/google/ktsan.git kcsan 245a43005292 6738e0b3 .config console log report ci2-upstream-kcsan-gce
2020/01/01 08:12 https://github.com/google/ktsan.git kcsan 245a43005292 25a0186e .config console log report ci2-upstream-kcsan-gce
2019/12/20 01:49 https://github.com/google/ktsan.git kcsan 245a43005292 36650b4b .config console log report ci2-upstream-kcsan-gce
2019/12/15 03:16 https://github.com/google/ktsan.git kcsan 245a43005292 eef6e580 .config console log report ci2-upstream-kcsan-gce
2019/12/05 08:17 https://github.com/google/ktsan.git kcsan ef798c30ba4e b2088328 .config console log report ci2-upstream-kcsan-gce
2019/12/04 05:21 https://github.com/google/ktsan.git kcsan ef798c30ba4e 0ecb9746 .config console log report ci2-upstream-kcsan-gce
2019/12/03 01:24 https://github.com/google/ktsan.git kcsan ef798c30ba4e ab342da3 .config console log report ci2-upstream-kcsan-gce
2019/11/28 13:06 https://github.com/google/ktsan.git kcsan ef798c30ba4e 97264cb1 .config console log report ci2-upstream-kcsan-gce
2019/11/25 10:14 https://github.com/google/ktsan.git kcsan 5863cc791e4c 598ca6c8 .config console log report ci2-upstream-kcsan-gce
2019/11/19 17:41 https://github.com/google/ktsan.git kcsan 5863cc791e4c 432c7650 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.