KCSAN: data-race in kauditd_thread / skb_queue

KCSAN: data-race in kauditd_thread / skb_queue_tail
Status: moderation: reported on 2020/09/28 07:58
Reported-by: syzbot+a9a394e8954976475007@syzkaller.appspotmail.com
First crash: 643d, last: 14h02m

Sample crash report:

==================================================================
BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail

write to 0xffffffff8417fd10 of 4 bytes by task 2755 on cpu 0:
 __skb_insert include/linux/skbuff.h:1938 [inline]
 __skb_queue_before include/linux/skbuff.h:2043 [inline]
 __skb_queue_tail include/linux/skbuff.h:2076 [inline]
 skb_queue_tail+0x80/0xa0 net/core/skbuff.c:3264
 audit_log_end+0x171/0x1e0 kernel/audit.c:2389
 audit_seccomp+0xd9/0xf0 kernel/auditsc.c:2684
 seccomp_log kernel/seccomp.c:1009 [inline]
 __seccomp_filter+0x54b/0xf20 kernel/seccomp.c:1274
 __secure_computing+0xfb/0x140 kernel/seccomp.c:1339
 syscall_trace_enter+0x120/0x290 kernel/entry/common.c:68
 __syscall_enter_from_user_work kernel/entry/common.c:90 [inline]
 syscall_enter_from_user_mode+0x1c/0x20 kernel/entry/common.c:108
 do_syscall_64+0x1e/0x90 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffffffff8417fd10 of 4 bytes by task 25 on cpu 1:
 skb_queue_len include/linux/skbuff.h:1869 [inline]
 kauditd_thread+0x48a/0x6c0 kernel/audit.c:881
 kthread+0x262/0x280 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 25 Comm: kauditd Not tainted 5.14.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
kauditd_printk_skb: 1255 callbacks suppressed
audit: type=1326 audit(1627426310.159:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2927 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.159:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2927 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.159:4420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2927 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.159:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2927 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.169:4422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2935 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.169:4423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2935 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=41 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.169:4424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2935 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.169:4425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2935 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=46 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.169:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2935 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000
audit: type=1326 audit(1627426310.169:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=2935 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x4665e9 code=0x7ffc0000
kauditd_printk_skb: 255 callbacks suppressed
audit: type=1326 audit(1627426316.219:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=3057 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665e9 code=0x7ffc0000

Crashes (1282):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2021/07/27 22:51	upstream	7d549995d4e0	17d6ab15	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/27 16:40	upstream	ff1176468d36	17d6ab15	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/27 16:31	upstream	ff1176468d36	17d6ab15	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/26 06:32	upstream	ff1176468d36	fd511809	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/26 02:43	upstream	ff1176468d36	4d1b57d4	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/25 13:36	upstream	d8079fac1681	4d1b57d4	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/25 00:18	upstream	7ffca2bb9d8b	4d1b57d4	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/24 09:43	upstream	f0fddcec6b62	4d1b57d4	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/24 03:48	upstream	f0fddcec6b62	bc5f1d88	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/23 13:50	upstream	8baef6386baa	bc5f1d88	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/23 00:14	upstream	9bead1b58c4c	bc5f1d88	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/22 11:32	upstream	3d5895cd3517	241790bb	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/22 10:03	upstream	3d5895cd3517	29c3f20f	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/21 20:25	upstream	7b6ae471e541	29c3f20f	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/21 13:26	upstream	8cae8cd89f05	29c3f20f	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/20 13:06	upstream	8cae8cd89f05	1b201b48	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/20 12:00	upstream	2734d6c1b1a0	1b201b48	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/19 22:35	upstream	2734d6c1b1a0	bc48c9ab	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/19 10:31	upstream	2734d6c1b1a0	e6a17580	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/19 08:38	upstream	2734d6c1b1a0	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/18 19:17	upstream	f0eb870a8422	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/18 00:44	upstream	1d67c8d993ba	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/17 11:45	upstream	d980cc0620ae	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/16 22:54	upstream	0d18c12b288a	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/16 09:10	upstream	d936eb238744	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/15 20:15	upstream	dd9c7df94c1b	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/15 15:39	upstream	8096acd7442e	f115ae98	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/15 00:13	upstream	8096acd7442e	b9a2f64e	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/14 16:58	upstream	8096acd7442e	94e0b707	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/14 12:12	upstream	40226a3d96ef	94e0b707	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/14 00:13	upstream	40226a3d96ef	484502bd	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/13 19:51	upstream	40226a3d96ef	70168d5c	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/13 12:12	upstream	7fef2edf7cc7	70168d5c	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/12 19:59	upstream	7fef2edf7cc7	f415556d	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/12 17:22	upstream	e73f0f0ee754	f415556d	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/12 05:26	upstream	e73f0f0ee754	a4869c92	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/11 18:47	upstream	98f7fdced2e0	8f5a7b8c	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/09 20:53	upstream	3dbdb38e2869	8f5a7b8c	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/09 08:45	upstream	3dbdb38e2869	281e815f	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/08 18:51	upstream	3dbdb38e2869	1b20171a	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/08 07:08	upstream	3dbdb38e2869	1aade754	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/07 19:01	upstream	3dbdb38e2869	95793bce	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/07/07 06:37	upstream	3dbdb38e2869	4846d5c1	.config	log	report	info	KCSAN: data-race in kauditd_thread / skb_queue_tail
ci2-upstream-kcsan-gce	2021/01/17 10:04	upstream	0da0a8a0a0e1	813be542	.config	log	report	info
ci2-upstream-kcsan-gce	2020/09/28 02:19	upstream	a1b8638ba132	5dd8aee8	.config	log	report	info
ci2-upstream-kcsan-gce	2019/10/23 15:40	https://github.com/google/ktsan.git kcsan	05f2236801fe	b602d64b	.config	log	report