syzbot

 sign-in | mailing list | source | docs
🐞 Open [988] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect

Status: auto-obsoleted due to no activity on 2022/10/15 23:56
Subsystems: sctp
[Documentation on labels]
Reported-by: syzbot+b44132eee91ea2c878a6@syzkaller.appspotmail.com
First crash: 593d, last: 593d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect (2) sctp 2 379d 476d 0/26 auto-obsoleted due to no activity on 2023/05/17 20:19

Sample crash report:
==================================================================
BUG: KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect

write to 0xffff88813989b228 of 4 bytes by task 7418 on cpu 0:
 sctp_cmd_new_state net/sctp/sm_sideeffect.c:872 [inline]
 sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1334 [inline]
 sctp_side_effects net/sctp/sm_sideeffect.c:1199 [inline]
 sctp_do_sm+0xcfe/0x2ed0 net/sctp/sm_sideeffect.c:1170
 sctp_primitive_SHUTDOWN+0x71/0x80 net/sctp/primitive.c:89
 sctp_close+0x277/0x550 net/sctp/socket.c:1526
 inet_release+0xc6/0xe0 net/ipv4/af_inet.c:428
 __sock_release net/socket.c:650 [inline]
 sock_close+0x6c/0x150 net/socket.c:1365
 __fput+0x292/0x510 fs/file_table.c:320
 ____fput+0x11/0x20 fs/file_table.c:353
 task_work_run+0x8e/0x110 kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0x124/0x130 kernel/entry/common.c:169
 exit_to_user_mode_prepare kernel/entry/common.c:201 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
 syscall_exit_to_user_mode+0x6a/0x90 kernel/entry/common.c:294
 do_syscall_64+0x37/0x70 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff88813989b228 of 4 bytes by task 7401 on cpu 1:
 sctp_wait_for_connect+0x14f/0x360 net/sctp/socket.c:9298
 sctp_sendmsg_to_asoc+0xb7d/0xb90 net/sctp/socket.c:1879
 sctp_sendmsg+0x1280/0x1840 net/sctp/socket.c:2025
 inet_sendmsg+0x5f/0x80 net/ipv4/af_inet.c:819
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 __sys_sendto+0x22d/0x2d0 net/socket.c:2117
 __do_sys_sendto net/socket.c:2129 [inline]
 __se_sys_sendto net/socket.c:2125 [inline]
 __x64_sys_sendto+0x74/0x90 net/socket.c:2125
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7401 Comm: syz-executor.2 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/09/10 23:55 upstream b96fbd602d35 356d8217 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect
* Struck through repros no longer work on HEAD.