syzbot |
sign-in | mailing list | source | docs |
RAX: 0000000000000000 RBX: 00007f8dc43f5fa0 RCX: 00007f8dc4230849 RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000007 RBP: 00007f8dc42a3986 R08: 0000000000000000 R09: 0000000000000000 ================================================================== BUG: KCSAN: data-race in data_push_tail / symbol_string write to 0xffffffff88bb45d0 of 1 bytes by task 7063 on cpu 1: string_nocheck lib/vsprintf.c:650 [inline] symbol_string+0x1b6/0x240 lib/vsprintf.c:1006 pointer+0x77a/0xd20 lib/vsprintf.c:2446 vsnprintf+0x861/0xe30 lib/vsprintf.c:2852 vscnprintf+0x42/0x90 lib/vsprintf.c:2954 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2216 vprintk_store+0x589/0x870 kernel/printk/printk.c:2336 vprintk_emit+0x15e/0x680 kernel/printk/printk.c:2408 vprintk_default+0x26/0x30 kernel/printk/printk.c:2447 vprintk+0x75/0x80 kernel/printk/printk_safe.c:86 _printk+0x7a/0xa0 kernel/printk/printk.c:2457 printk_stack_address arch/x86/kernel/dumpstack.c:72 [inline] show_trace_log_lvl+0x380/0x400 arch/x86/kernel/dumpstack.c:285 __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0xf2/0x150 lib/dump_stack.c:120 dump_stack+0x15/0x1a lib/dump_stack.c:129 fail_dump lib/fault-inject.c:53 [inline] should_fail_ex+0x223/0x230 lib/fault-inject.c:154 should_fail+0xb/0x10 lib/fault-inject.c:164 should_fail_usercopy+0x1a/0x20 lib/fault-inject-usercopy.c:37 _inline_copy_to_user include/linux/uaccess.h:193 [inline] _copy_to_user+0x20/0xa0 lib/usercopy.c:26 copy_to_user include/linux/uaccess.h:225 [inline] simple_read_from_buffer+0xa0/0x110 fs/libfs.c:1128 proc_fail_nth_read+0xf9/0x140 fs/proc/base.c:1482 vfs_read+0x1a2/0x700 fs/read_write.c:563 ksys_read+0xe8/0x1b0 fs/read_write.c:708 __do_sys_read fs/read_write.c:717 [inline] __se_sys_read fs/read_write.c:715 [inline] __x64_sys_read+0x42/0x50 fs/read_write.c:715 x64_sys_call+0x2874/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:1 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff88bb45d0 of 8 bytes by task 7047 on cpu 0: data_make_reusable kernel/printk/printk_ringbuffer.c:594 [inline] data_push_tail+0x102/0x430 kernel/printk/printk_ringbuffer.c:679 data_alloc+0xbe/0x2c0 kernel/printk/printk_ringbuffer.c:1054 prb_reserve+0x85e/0xb60 kernel/printk/printk_ringbuffer.c:1669 vprintk_store+0x558/0x870 kernel/printk/printk.c:2326 vprintk_emit+0x15e/0x680 kernel/printk/printk.c:2408 vprintk_default+0x26/0x30 kernel/printk/printk.c:2447 vprintk+0x75/0x80 kernel/printk/printk_safe.c:86 _printk+0x7a/0xa0 kernel/printk/printk.c:2457 __show_regs+0xbc/0x450 arch/x86/kernel/process_64.c:87 show_trace_log_lvl+0x348/0x400 arch/x86/kernel/dumpstack.c:301 __warn+0x141/0x350 kernel/panic.c:746 __report_bug lib/bug.c:199 [inline] report_bug+0x315/0x420 lib/bug.c:219 handle_bug+0x60/0x90 arch/x86/kernel/traps.c:285 exc_invalid_op+0x1a/0x50 arch/x86/kernel/traps.c:309 asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621 refcount_warn_saturate+0x1c6/0x230 lib/refcount.c:28 __refcount_sub_and_test include/linux/refcount.h:275 [inline] __refcount_dec_and_test include/linux/refcount.h:307 [inline] refcount_dec_and_test include/linux/refcount.h:325 [inline] skb_unref include/linux/skbuff.h:1233 [inline] __sk_skb_reason_drop net/core/skbuff.c:1213 [inline] sk_skb_reason_drop+0xe9/0x290 net/core/skbuff.c:1241 kfree_skb_reason include/linux/skbuff.h:1263 [inline] kfree_skb include/linux/skbuff.h:1272 [inline] j1939_session_destroy net/can/j1939/transport.c:282 [inline] __j1939_session_release net/can/j1939/transport.c:294 [inline] kref_put include/linux/kref.h:65 [inline] j1939_session_put+0x157/0x2a0 net/can/j1939/transport.c:299 j1939_sk_queue_drop_all net/can/j1939/socket.c:144 [inline] j1939_sk_release+0x278/0x4f0 net/can/j1939/socket.c:642 __sock_release net/socket.c:640 [inline] sock_close+0x68/0x150 net/socket.c:1408 __fput+0x17a/0x6d0 fs/file_table.c:450 ____fput+0x1c/0x30 fs/file_table.c:478 task_work_run+0x13a/0x1a0 kernel/task_work.c:239 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0xa8/0x120 kernel/entry/common.c:218 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x00000000ffffe7a3 -> 0x00000a3062317830 Reported by Kernel Concurrency Sanitizer on: CPU: 0 UID: 0 PID: 7047 Comm: syz.5.1160 Not tainted 6.12.0-syzkaller-12113-gbcc8eda6d349 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 ================================================================== R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f8dc43f5fa0 R15: 00007ffd6b015418 </TASK> ---[ end trace 0000000000000000 ]---
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/12/01 20:36 | upstream | bcc8eda6d349 | 68914665 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-upstream-kcsan-gce | KCSAN: data-race in data_push_tail / symbol_string |