syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [987] ≡ Subsystems 🐞 Fixed [5236] 🐞 Invalid [12505] ⬇ Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
================================================================== BUG: KCSAN: data-race in ip_finish_output2 / ip_finish_output2 read to 0xffff888125251218 of 8 bytes by interrupt on cpu 1: sock_confirm_neigh include/net/sock.h:1954 [inline] ip_finish_output2+0x3ab/0xe40 net/ipv4/ip_output.c:226 __ip_finish_output net/ipv4/ip_output.c:308 [inline] __ip_finish_output+0x23a/0x490 net/ipv4/ip_output.c:290 ip_finish_output+0x41/0x160 net/ipv4/ip_output.c:318 NF_HOOK_COND include/linux/netfilter.h:294 [inline] ip_output+0xdf/0x210 net/ipv4/ip_output.c:432 dst_output include/net/dst.h:436 [inline] ip_local_out+0x74/0x90 net/ipv4/ip_output.c:125 __ip_queue_xmit+0x3a8/0xa40 net/ipv4/ip_output.c:532 ip_queue_xmit+0x45/0x60 include/net/ip.h:237 __tcp_transmit_skb+0xe81/0x1d60 net/ipv4/tcp_output.c:1169 __tcp_send_ack+0x246/0x300 net/ipv4/tcp_output.c:3696 tcp_send_ack+0x34/0x40 net/ipv4/tcp_output.c:3702 __tcp_ack_snd_check+0xd9/0x4f0 net/ipv4/tcp_input.c:5243 tcp_rcv_established+0xce9/0xf50 net/ipv4/tcp_input.c:5674 tcp_v4_do_rcv+0x3b5/0x520 net/ipv4/tcp_ipv4.c:1564 tcp_v4_rcv+0x19ec/0x1bd0 net/ipv4/tcp_ipv4.c:1945 ip_protocol_deliver_rcu+0x4d/0x420 net/ipv4/ip_input.c:204 ip_local_deliver_finish+0x110/0x140 net/ipv4/ip_input.c:231 NF_HOOK include/linux/netfilter.h:305 [inline] NF_HOOK include/linux/netfilter.h:299 [inline] ip_local_deliver+0x133/0x210 net/ipv4/ip_input.c:252 dst_input include/net/dst.h:442 [inline] ip_rcv_finish+0x121/0x160 net/ipv4/ip_input.c:413 NF_HOOK include/linux/netfilter.h:305 [inline] NF_HOOK include/linux/netfilter.h:299 [inline] ip_rcv+0x18f/0x1a0 net/ipv4/ip_input.c:523 __netif_receive_skb_one_core+0xa7/0xe0 net/core/dev.c:4929 __netif_receive_skb+0x37/0xf0 net/core/dev.c:5043 netif_receive_skb_internal+0x59/0x190 net/core/dev.c:5133 napi_skb_finish net/core/dev.c:5596 [inline] napi_gro_receive+0x28f/0x330 net/core/dev.c:5629 receive_buf+0x284/0x30b0 drivers/net/virtio_net.c:1061 virtnet_receive drivers/net/virtio_net.c:1323 [inline] virtnet_poll+0x436/0x7d0 drivers/net/virtio_net.c:1428 napi_poll net/core/dev.c:6311 [inline] net_rx_action+0x3ae/0xa90 net/core/dev.c:6379 __do_softirq+0x115/0x33f kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0xbb/0xe0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] do_IRQ+0x81/0x130 arch/x86/kernel/irq.c:263 ret_from_intr+0x0/0x19 arch_local_irq_restore arch/x86/include/asm/paravirt.h:756 [inline] kcsan_setup_watchpoint+0x1d4/0x460 kernel/kcsan/core.c:436 check_access kernel/kcsan/core.c:466 [inline] __tsan_read8 kernel/kcsan/core.c:596 [inline] __tsan_read8+0xc6/0x100 kernel/kcsan/core.c:596 __find_vmap_area mm/vmalloc.c:421 [inline] remove_vm_area+0x74/0x170 mm/vmalloc.c:2153 vm_remove_mappings mm/vmalloc.c:2188 [inline] __vunmap+0xb7/0x580 mm/vmalloc.c:2248 __vfree+0x46/0xb0 mm/vmalloc.c:2305 vfree+0x49/0x80 mm/vmalloc.c:2335 copy_entries_to_user net/ipv4/netfilter/ip_tables.c:867 [inline] get_entries net/ipv4/netfilter/ip_tables.c:1024 [inline] do_ipt_get_ctl+0x50a/0x630 net/ipv4/netfilter/ip_tables.c:1700 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x71/0xb0 net/netfilter/nf_sockopt.c:122 ip_getsockopt net/ipv4/ip_sockglue.c:1576 [inline] ip_getsockopt+0x118/0x160 net/ipv4/ip_sockglue.c:1556 tcp_getsockopt net/ipv4/tcp.c:3688 [inline] tcp_getsockopt+0x7c/0xc0 net/ipv4/tcp.c:3682 sock_common_getsockopt+0x67/0x90 net/core/sock.c:3110 __sys_getsockopt+0xf1/0x210 net/socket.c:2129 __do_sys_getsockopt net/socket.c:2144 [inline] __se_sys_getsockopt net/socket.c:2141 [inline] __x64_sys_getsockopt+0x70/0x90 net/socket.c:2141 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x44/0xa9 write to 0xffff888125251218 of 8 bytes by task 7667 on cpu 0: sock_confirm_neigh include/net/sock.h:1955 [inline] ip_finish_output2+0x3d6/0xe40 net/ipv4/ip_output.c:226 __ip_finish_output net/ipv4/ip_output.c:308 [inline] __ip_finish_output+0x23a/0x490 net/ipv4/ip_output.c:290 ip_finish_output+0x41/0x160 net/ipv4/ip_output.c:318 NF_HOOK_COND include/linux/netfilter.h:294 [inline] ip_output+0xdf/0x210 net/ipv4/ip_output.c:432 dst_output include/net/dst.h:436 [inline] ip_local_out+0x74/0x90 net/ipv4/ip_output.c:125 __ip_queue_xmit+0x3a8/0xa40 net/ipv4/ip_output.c:532 ip_queue_xmit+0x45/0x60 include/net/ip.h:237 __tcp_transmit_skb+0xe81/0x1d60 net/ipv4/tcp_output.c:1169 tcp_transmit_skb net/ipv4/tcp_output.c:1185 [inline] tcp_write_xmit+0xa54/0x3120 net/ipv4/tcp_output.c:2440 __tcp_push_pending_frames+0x7b/0x1d0 net/ipv4/tcp_output.c:2616 tcp_push+0x1e9/0x3d0 net/ipv4/tcp.c:726 tcp_sendmsg_locked+0x1d2b/0x1fb0 net/ipv4/tcp.c:1405 tcp_sendmsg+0x39/0x60 net/ipv4/tcp.c:1436 inet_sendmsg+0x6d/0x90 net/ipv4/af_inet.c:807 sock_sendmsg_nosec net/socket.c:637 [inline] sock_sendmsg+0x9f/0xc0 net/socket.c:657 sock_write_iter+0x16b/0x210 net/socket.c:989 call_write_iter include/linux/fs.h:1895 [inline] new_sync_write+0x388/0x4a0 fs/read_write.c:483 __vfs_write+0xb1/0xc0 fs/read_write.c:496 vfs_write fs/read_write.c:558 [inline] vfs_write+0x18a/0x390 fs/read_write.c:542 ksys_write+0xd5/0x1b0 fs/read_write.c:611 __do_sys_write fs/read_write.c:623 [inline] __se_sys_write fs/read_write.c:620 [inline] __x64_sys_write+0x4c/0x60 fs/read_write.c:620 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 7667 Comm: sshd Not tainted 5.4.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2019/12/09 04:06 | https://github.com/google/ktsan.git kcsan | ef798c30ba4e | 1508f453 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/12/06 06:26 | https://github.com/google/ktsan.git kcsan | ef798c30ba4e | 98b4ef2d | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/12/03 22:07 | https://github.com/google/ktsan.git kcsan | ef798c30ba4e | 0ecb9746 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/12/02 20:50 | https://github.com/google/ktsan.git kcsan | ef798c30ba4e | ab342da3 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/29 21:57 | https://github.com/google/ktsan.git kcsan | ef798c30ba4e | 4f7e1d0f | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/28 22:47 | https://github.com/google/ktsan.git kcsan | ef798c30ba4e | 76357d6f | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/22 15:45 | https://github.com/google/ktsan.git kcsan | 5863cc791e4c | 598ca6c8 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/20 18:16 | https://github.com/google/ktsan.git kcsan | 5863cc791e4c | 432c7650 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/20 17:52 | https://github.com/google/ktsan.git kcsan | 5863cc791e4c | 432c7650 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/18 16:04 | https://github.com/google/ktsan.git kcsan | 5863cc791e4c | d5696d51 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/12 23:37 | https://github.com/google/ktsan.git kcsan | 7f2955e0d056 | 048f2d49 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/12 22:56 | https://github.com/google/ktsan.git kcsan | 7f2955e0d056 | 048f2d49 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/10 03:48 | https://github.com/google/ktsan.git kcsan | 94c006602e13 | dc438b91 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/09 08:40 | https://github.com/google/ktsan.git kcsan | 94c006602e13 | 1e35461e | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/07 09:29 | https://github.com/google/ktsan.git kcsan | 94c006602e13 | d797d201 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/03 23:18 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | b35fad31 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/03 11:52 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | c9610487 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/11/02 04:27 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | 997ccc67 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/31 06:26 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | a41ca8fa | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/29 06:10 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | 5ea87a66 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/28 20:11 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | 439d7b14 | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/26 17:25 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | 25bb509e | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/25 13:34 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | 04ca72cd | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/25 13:28 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | 04ca72cd | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/25 02:52 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | d01bb02a | .config | console log | report | ci2-upstream-kcsan-gce | |||||
| 2019/10/25 02:40 | https://github.com/google/ktsan.git kcsan | 05f2236801fe | d01bb02a | .config | console log | report | ci2-upstream-kcsan-gce |