| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <184ced70-f3ec-49c0-9b18-96f0ad044a78@amazon.com> Date: Tue, 27 Jan 2026 17:30:17 +0100 From: Alexander Graf <graf@...zon.com> To: Johannes Thumshirn <johannes.thumshirn@....com>, <virtualization@...ts.linux.dev> CC: "Michael S . Tsirkin" <mst@...hat.com>, Jason Wang <jasowang@...hat.com>, Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, Eugenio PĂ©rez <eperezma@...hat.com>, <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v2 1/2] virtio: silence KCSAN warning in virtqueue_get_buf_ctx_split On 27.01.26 16:25, Johannes Thumshirn wrote: > When booting a Qemu VM with virtio-blk and KCSAN enabled, KCSAN emits > the following warning about a data-race in virtqueue_get_buf_ctx_split(). > > ================================================================== > BUG: KCSAN: data-race in virtqueue_get_buf_ctx_split+0x6e/0x260 > > race at unknown origin, with read to 0xffff8881020f1942 of 2 bytes by task 1 on cpu 7: > virtqueue_get_buf_ctx_split+0x6e/0x260 > virtqueue_get_buf+0x4b/0x60 > __send_to_port+0x156/0x170 > put_chars+0xcb/0x110 > hvc_console_print+0x1d6/0x2a0 > console_flush_one_record+0x3dd/0x510 > console_unlock+0x8c/0x160 > vprintk_emit+0x2fe/0x380 > vprintk_default+0x1d/0x30 > vprintk+0xe/0x20 > _printk+0x4c/0x60 > btrfs_test_raid_stripe_tree+0x25/0x90 > btrfs_run_sanity_tests.cold+0xf1/0x13b > init_btrfs_fs+0x73/0x110 > do_one_initcall+0x5b/0x2d0 > kernel_init_freeable+0x2a2/0x340 > kernel_init+0x1e/0x1b0 > ret_from_fork+0x137/0x1b0 > ret_from_fork_asm+0x1a/0x30 > > value changed: 0x0160 -> 0x0161 > > Reported by Kernel Concurrency Sanitizer on: > CPU: 7 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.19.0-rc7+ #219 PREEMPT(none) > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-9.fc43 06/10/2025 > ================================================================== > > This warning is likely a false positive as the change happens on the > virtio vring. > > Annotate the return of more_used_split() with data_race() to silence > the warning. > > Signed-off-by: Johannes Thumshirn <johannes.thumshirn@....com> > --- > drivers/virtio/virtio_ring.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c > index ddab68959671..1db27ee2d89f 100644 > --- a/drivers/virtio/virtio_ring.c > +++ b/drivers/virtio/virtio_ring.c > @@ -808,8 +808,8 @@ static void detach_buf_split(struct vring_virtqueue *vq, unsigned int head, > > static bool more_used_split(const struct vring_virtqueue *vq) This patches the split vring format, but does not touch the packed one. What happens if you run the same test with the packed format? You can do so by passing "packed=on" as argument to your -device parameter. Alex Amazon Web Services Development Center Germany GmbH Tamara-Danz-Str. 13 10243 Berlin Geschaeftsfuehrung: Christof Hellmis, Andreas Stieger Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B Sitz: Berlin Ust-ID: DE 365 538 597
Powered by blists - more mailing lists