syzbot

 sign-in | mailing list | source | docs
🐞 Open [980] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12473] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in padata_reorder / padata_reorder (3)

Status: auto-closed as invalid on 2020/12/21 11:57
Subsystems: crypto
[Documentation on labels]
Reported-by: syzbot+6595d96e1174d685c6fe@syzkaller.appspotmail.com
First crash: 1260d, last: 1260d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in padata_reorder / padata_reorder (2) crypto 1 1318d 1318d 0/26 auto-closed as invalid on 2020/10/13 07:01
upstream KCSAN: data-race in padata_reorder / padata_reorder crypto 26 1355d 1394d 0/26 auto-closed as invalid on 2020/09/06 13:08

Sample crash report:
==================================================================
BUG: KCSAN: data-race in padata_reorder / padata_reorder

write to 0xffff888027eb5c24 of 4 bytes by task 3188 on cpu 0:
 padata_find_next kernel/padata.c:280 [inline]
 padata_reorder+0x1d8/0x480 kernel/padata.c:309
 padata_do_serial+0x1e8/0x200 kernel/padata.c:420
 pcrypt_aead_enc+0x46/0x50 crypto/pcrypt.c:87
 padata_parallel_worker+0x38/0xd0 kernel/padata.c:157
 process_one_work+0x3e1/0x950 kernel/workqueue.c:2272
 worker_thread+0x635/0xb90 kernel/workqueue.c:2418
 kthread+0x1fa/0x220 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

read to 0xffff888027eb5c24 of 4 bytes by task 25145 on cpu 1:
 padata_reorder+0x390/0x480 kernel/padata.c:341
 padata_do_serial+0x1e8/0x200 kernel/padata.c:420
 pcrypt_aead_enc+0x46/0x50 crypto/pcrypt.c:87
 padata_do_parallel+0x337/0x350 kernel/padata.c:230
 pcrypt_aead_encrypt+0x1b1/0x1e0 crypto/pcrypt.c:115
 crypto_aead_encrypt+0x59/0x70 crypto/aead.c:94
 tls_do_encryption net/tls/tls_sw.c:528 [inline]
 tls_push_record+0x10c6/0x14e0 net/tls/tls_sw.c:762
 bpf_exec_tx_verdict+0x674/0xae0 net/tls/tls_sw.c:802
 tls_sw_do_sendpage+0x658/0x8f0 net/tls/tls_sw.c:1214
 tls_sw_sendpage+0x84/0xb0 net/tls/tls_sw.c:1278
 inet_sendpage+0x7f/0xc0 net/ipv4/af_inet.c:831
 kernel_sendpage+0x187/0x200 net/socket.c:3646
 sock_sendpage+0x5a/0x70 net/socket.c:944
 pipe_to_sendpage+0x128/0x160 fs/splice.c:364
 splice_from_pipe_feed fs/splice.c:418 [inline]
 __splice_from_pipe+0x222/0x4d0 fs/splice.c:562
 splice_from_pipe fs/splice.c:597 [inline]
 generic_splice_sendpage+0x80/0xb0 fs/splice.c:743
 do_splice_from fs/splice.c:764 [inline]
 direct_splice_actor+0x80/0xa0 fs/splice.c:933
 splice_direct_to_actor+0x345/0x650 fs/splice.c:888
 do_splice_direct+0xf5/0x170 fs/splice.c:976
 do_sendfile+0x574/0xb70 fs/read_write.c:1257
 __do_sys_sendfile64 fs/read_write.c:1318 [inline]
 __se_sys_sendfile64 fs/read_write.c:1304 [inline]
 __x64_sys_sendfile64+0xf2/0x130 fs/read_write.c:1304
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 25145 Comm: syz-executor.5 Not tainted 5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/11/05 08:49 upstream 4ef8451b3326 cba33199 .config console log report info ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.