syzbot

 sign-in | mailing list | source | docs
🐞 Open [1413]
Subsystems
🐞 Fixed [5827]
🐞 Invalid [14217]
Missing Backports [92]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in audit_log_start / audit_receive (2)

Status: moderation: reported on 2024/10/29 00:09
Subsystems: audit
[Documentation on labels]
Reported-by: syzbot+e751e63da0e5582b4021@syzkaller.appspotmail.com
First crash: 23d, last: 22d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in audit_log_start / audit_receive kernel 1 1080d 1080d 0/28 auto-closed as invalid on 2022/01/10 10:36

Sample crash report:
BUG: KCSAN: data-race in audit_log_start / audit_receive

write to 0xffffffff88bcd270 of 8 bytes by task 17375 on cpu 0:
 audit_ctl_lock kernel/audit.c:235 [inline]
 audit_receive+0x72/0x2a20 kernel/audit.c:1568
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x599/0x670 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x5cc/0x6e0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:729 [inline]
 __sock_sendmsg+0x140/0x180 net/socket.c:744
 ____sys_sendmsg+0x312/0x410 net/socket.c:2607
 ___sys_sendmsg net/socket.c:2661 [inline]
 __sys_sendmsg+0x1d9/0x270 net/socket.c:2690
 __do_sys_sendmsg net/socket.c:2699 [inline]
 __se_sys_sendmsg net/socket.c:2697 [inline]
 __x64_sys_sendmsg+0x46/0x50 net/socket.c:2697
 x64_sys_call+0x2689/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff88bcd270 of 8 bytes by task 3054 on cpu 1:
 audit_ctl_owner_current kernel/audit.c:256 [inline]
 audit_log_start+0x129/0x6b0 kernel/audit.c:1880
 common_lsm_audit+0x65/0xfc0 security/lsm_audit.c:449
 slow_avc_audit+0xf9/0x140 security/selinux/avc.c:773
 avc_audit security/selinux/include/avc.h:127 [inline]
 avc_has_perm+0x129/0x160 security/selinux/avc.c:1191
 sock_has_perm security/selinux/hooks.c:4619 [inline]
 selinux_socket_recvmsg+0x19c/0x1d0 security/selinux/hooks.c:4974
 security_socket_recvmsg+0x51/0x90 security/security.c:4660
 sock_recvmsg+0x39/0x170 net/socket.c:1071
 ____sys_recvmsg+0xf9/0x280 net/socket.c:2826
 ___sys_recvmsg net/socket.c:2868 [inline]
 __sys_recvmsg+0x1da/0x270 net/socket.c:2898
 __do_sys_recvmsg net/socket.c:2908 [inline]
 __se_sys_recvmsg net/socket.c:2905 [inline]
 __x64_sys_recvmsg+0x46/0x50 net/socket.c:2905
 x64_sys_call+0xb84/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:48
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000000000 -> 0xffff8881017ab180

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 3054 Comm: dhcpcd Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/29 23:19 upstream e42b1a9a2557 66aeb999 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in audit_log_start / audit_receive
2024/10/29 00:08 upstream 819837584309 9efb3cc7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in audit_log_start / audit_receive
* Struck through repros no longer work on HEAD.