syzbot

 sign-in | mailing list | source | docs
🐞 Open [982] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __tcp_close / inet_diag_msg_attrs_fill

Status: auto-closed as invalid on 2021/04/22 07:13
Subsystems: net
[Documentation on labels]
First crash: 1128d, last: 1128d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __tcp_close / inet_diag_msg_attrs_fill

write to 0xffff88805fc598aa of 1 bytes by task 1863 on cpu 0:
 __tcp_close+0x25/0x870 net/ipv4/tcp.c:2699
 tcp_close+0x24/0xa0 net/ipv4/tcp.c:2867
 inet_release+0xed/0x130 net/ipv4/af_inet.c:431
 inet6_release+0x3a/0x50 net/ipv6/af_inet6.c:478
 __sock_release net/socket.c:599 [inline]
 sock_close+0x6c/0x150 net/socket.c:1258
 __fput+0x263/0x4f0 fs/file_table.c:280
 ____fput+0x11/0x20 fs/file_table.c:313
 task_work_run+0x8e/0x110 kernel/task_work.c:140
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:174 [inline]
 exit_to_user_mode_prepare+0x17c/0x1b0 kernel/entry/common.c:208
 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:301
 do_syscall_64+0x45/0x80 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff88805fc598aa of 1 bytes by task 1869 on cpu 1:
 inet_diag_msg_attrs_fill+0x43/0x540 net/ipv4/inet_diag.c:130
 inet_sk_diag_fill+0x3db/0xc30 net/ipv4/inet_diag.c:265
 inet_diag_dump_icsk+0x314/0xb00 net/ipv4/inet_diag.c:1057
 tcp_diag_dump+0x28/0x30 net/ipv4/tcp_diag.c:184
 __inet_diag_dump+0x17d/0x220 net/ipv4/inet_diag.c:1175
 inet_diag_dump+0x2a/0x30 net/ipv4/inet_diag.c:1194
 netlink_dump+0x364/0x6b0 net/netlink/af_netlink.c:2276
 __netlink_dump_start+0x3eb/0x4e0 net/netlink/af_netlink.c:2381
 netlink_dump_start include/linux/netlink.h:262 [inline]
 inet_diag_handler_cmd+0x12a/0x150 net/ipv4/inet_diag.c:1338
 __sock_diag_cmd net/core/sock_diag.c:234 [inline]
 sock_diag_rcv_msg+0x237/0x250 net/core/sock_diag.c:265
 netlink_rcv_skb+0x13e/0x240 net/netlink/af_netlink.c:2502
 sock_diag_rcv+0x24/0x40 net/core/sock_diag.c:276
 netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]
 netlink_unicast+0x5fc/0x6c0 net/netlink/af_netlink.c:1338
 netlink_sendmsg+0x6f8/0x7c0 net/netlink/af_netlink.c:1927
 sock_sendmsg_nosec net/socket.c:654 [inline]
 sock_sendmsg net/socket.c:674 [inline]
 sock_write_iter+0x1a4/0x200 net/socket.c:1001
 call_write_iter include/linux/fs.h:1977 [inline]
 do_iter_readv_writev+0x2cb/0x360 fs/read_write.c:740
 do_iter_write+0x112/0x4c0 fs/read_write.c:866
 vfs_writev fs/read_write.c:939 [inline]
 do_writev+0x209/0x480 fs/read_write.c:982
 __do_sys_writev fs/read_write.c:1055 [inline]
 __se_sys_writev fs/read_write.c:1052 [inline]
 __x64_sys_writev+0x41/0x50 fs/read_write.c:1052
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 1869 Comm: syz-executor.4 Not tainted 5.12.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/03/18 07:11 upstream 6417f03132a6 fdb2bb2c .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in __tcp_close / inet_diag_msg_attrs_fill
* Struck through repros no longer work on HEAD.