syzbot

 sign-in | mailing list | source | docs
🐞 Open [987] Subsystems 🐞 Fixed [5238] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in packet_do_bind / packet_getname

Status: auto-closed as invalid on 2020/04/11 02:48
Subsystems: net
[Documentation on labels]
First crash: 1644d, last: 1546d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in packet_do_bind / packet_getname (5) net 4 1045d 1045d 20/26 fixed on 2021/11/10 00:50
upstream KCSAN: data-race in packet_do_bind / packet_getname (3) net 8 1329d 1367d 0/26 auto-closed as invalid on 2020/10/09 06:50
upstream KCSAN: data-race in packet_do_bind / packet_getname (2) net 2 1438d 1460d 0/26 closed as invalid on 2020/06/18 14:24
upstream KCSAN: data-race in packet_do_bind / packet_getname (4) net 5 1181d 1231d 0/26 auto-closed as invalid on 2021/03/06 13:33

Sample crash report:
==================================================================
BUG: KCSAN: data-race in packet_do_bind / packet_getname

write to 0xffff88809926b4c4 of 4 bytes by task 9649 on cpu 1:
 packet_do_bind+0x1da/0x630 net/packet/af_packet.c:3141
 packet_bind+0xab/0xf0 net/packet/af_packet.c:3205
 __sys_bind+0x1df/0x220 net/socket.c:1649
 __do_sys_bind net/socket.c:1660 [inline]
 __se_sys_bind net/socket.c:1658 [inline]
 __x64_sys_bind+0x4c/0x60 net/socket.c:1658
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88809926b4c4 of 4 bytes by task 9650 on cpu 0:
 packet_getname+0x66/0x1b0 net/packet/af_packet.c:3475
 __sys_getsockname+0xbd/0x1a0 net/socket.c:1895
 __do_sys_getsockname net/socket.c:1910 [inline]
 __se_sys_getsockname net/socket.c:1907 [inline]
 __x64_sys_getsockname+0x4c/0x60 net/socket.c:1907
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 9650 Comm: syz-executor.2 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 9650 Comm: syz-executor.2 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x11d/0x181 lib/dump_stack.c:118
 panic+0x210/0x640 kernel/panic.c:221
 kcsan_report.cold+0xc/0xd kernel/kcsan/report.c:313
 kcsan_setup_watchpoint+0x3fe/0x460 kernel/kcsan/core.c:416
 check_access kernel/kcsan/core.c:459 [inline]
 __tsan_read4+0xc6/0x100 kernel/kcsan/core.c:588
 packet_getname+0x66/0x1b0 net/packet/af_packet.c:3475
 __sys_getsockname+0xbd/0x1a0 net/socket.c:1895
 __do_sys_getsockname net/socket.c:1910 [inline]
 __se_sys_getsockname net/socket.c:1907 [inline]
 __x64_sys_getsockname+0x4c/0x60 net/socket.c:1907
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45b399
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb243252c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000033
RAX: ffffffffffffffda RBX: 00007fb2432536d4 RCX: 000000000045b399
RDX: 0000000020000140 RSI: 0000000020000040 RDI: 0000000000000004
RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000111 R14: 00000000004c2473 R15: 000000000075bfd4
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (16):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/01 02:48 https://github.com/google/ktsan.git kcsan 245a43005292 0eb59c27 .config console log report ci2-upstream-kcsan-gce
2020/01/30 15:09 https://github.com/google/ktsan.git kcsan 245a43005292 5ed23f9a .config console log report ci2-upstream-kcsan-gce
2020/01/22 17:09 https://github.com/google/ktsan.git kcsan 245a43005292 8eda0b95 .config console log report ci2-upstream-kcsan-gce
2020/01/12 18:54 https://github.com/google/ktsan.git kcsan 245a43005292 31290a45 .config console log report ci2-upstream-kcsan-gce
2020/01/09 09:02 https://github.com/google/ktsan.git kcsan 245a43005292 ddc3e859 .config console log report ci2-upstream-kcsan-gce
2019/12/07 18:13 https://github.com/google/ktsan.git kcsan ef798c30ba4e 85f26751 .config console log report ci2-upstream-kcsan-gce
2019/12/03 08:55 https://github.com/google/ktsan.git kcsan ef798c30ba4e ab342da3 .config console log report ci2-upstream-kcsan-gce
2019/11/29 15:36 https://github.com/google/ktsan.git kcsan ef798c30ba4e 4f7e1d0f .config console log report ci2-upstream-kcsan-gce
2019/11/23 13:28 https://github.com/google/ktsan.git kcsan 5863cc791e4c 598ca6c8 .config console log report ci2-upstream-kcsan-gce
2019/11/13 09:17 https://github.com/google/ktsan.git kcsan 7f2955e0d056 048f2d49 .config console log report ci2-upstream-kcsan-gce
2019/11/08 04:19 https://github.com/google/ktsan.git kcsan 94c006602e13 f39aff9e .config console log report ci2-upstream-kcsan-gce
2019/11/05 09:21 https://github.com/google/ktsan.git kcsan 94c006602e13 76630fc9 .config console log report ci2-upstream-kcsan-gce
2019/11/04 04:19 https://github.com/google/ktsan.git kcsan 05f2236801fe b35fad31 .config console log report ci2-upstream-kcsan-gce
2019/11/03 06:27 https://github.com/google/ktsan.git kcsan 05f2236801fe d603afc9 .config console log report ci2-upstream-kcsan-gce
2019/10/28 11:54 https://github.com/google/ktsan.git kcsan 05f2236801fe 25bb509e .config console log report ci2-upstream-kcsan-gce
2019/10/25 17:52 https://github.com/google/ktsan.git kcsan 05f2236801fe 04ca72cd .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.