KCSAN: data-race in __hci_req_sync / hci_req_sync

KCSAN: data-race in __hci_req_sync / hci_req_sync_complete
Status: moderation: reported on 2020/12/11 10:23
Reported-by: syzbot+33e805418eaf7cfaa0fd@syzkaller.appspotmail.com
First crash: 166d, last: 13d

Sample crash report:

==================================================================
BUG: KCSAN: data-race in __hci_req_sync / hci_req_sync_complete

write to 0xffff88802959aa78 of 4 bytes by task 8461 on cpu 1:
 hci_req_sync_complete+0x5c/0x110 net/bluetooth/hci_request.c:109
 hci_event_packet+0x3a87/0xffb0 net/bluetooth/hci_event.c:6336
 hci_rx_work+0x334/0x490 net/bluetooth/hci_core.c:4971
 process_one_work+0x3e1/0x950 kernel/workqueue.c:2275
 worker_thread+0x635/0xb90 kernel/workqueue.c:2421
 kthread+0x1fd/0x220 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

read to 0xffff88802959aa78 of 4 bytes by task 8452 on cpu 0:
 __hci_req_sync+0x159/0x420 net/bluetooth/hci_request.c:233
 hci_req_sync+0x71/0x90 net/bluetooth/hci_request.c:279
 hci_dev_cmd+0x244/0x590 net/bluetooth/hci_core.c:2049
 hci_sock_ioctl+0x2e3/0x630 net/bluetooth/hci_sock.c:1052
 sock_do_ioctl+0x4d/0x210 net/socket.c:1037
 sock_ioctl+0x321/0x510 net/socket.c:1177
 vfs_ioctl fs/ioctl.c:48 [inline]
 __do_sys_ioctl fs/ioctl.c:753 [inline]
 __se_sys_ioctl+0xcb/0x140 fs/ioctl.c:739
 __x64_sys_ioctl+0x3f/0x50 fs/ioctl.c:739
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 8452 Comm: syz-executor.3 Not tainted 5.11.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (15):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Maintainers
ci2-upstream-kcsan-gce	2021/01/11 23:16	upstream	7c53f6b6	2c1f2513	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, luiz.dentz@gmail.com, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2021/01/10 02:43	upstream	2ff90100	2c1f2513	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, luiz.dentz@gmail.com, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/12/27 13:35	upstream	f838f8d2	2242f77f	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, luiz.dentz@gmail.com, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/12/12 14:05	upstream	7f376f19	bca53db9	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/11/18 11:13	upstream	0fa8ee0d	09323409	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/11/14 17:04	upstream	f01c30de	1bf9a662	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/10/29 07:02	upstream	23859ae4	f24824d3	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/10/21 09:53	upstream	c4d6fe73	e761439e	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/10/15 04:08	upstream	3e4fb434	fc7735a2	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/10/09 00:04	upstream	3d006ee4	92390980	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/09/28 18:56	upstream	a1b8638b	6bfdbe89	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/09/26 11:07	upstream	7c7ec322	2d5ea0cb	.config	log	report	info	davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/09/03 06:55	upstream	fc3abb53	abf9ba4f	.config	log	report		davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/08/21 06:52	upstream	da2968ff	1d75fe45	.config	log	report		davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci2-upstream-kcsan-gce	2020/08/11 19:27	upstream	00e4db51	5d3ebca9	.config	log	report		davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org