syzbot

 sign-in | mailing list | source | docs
🐞 Open [1645]
Subsystems
🐞 Fixed [6009]
🐞 Invalid [14804]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in packet_do_bind / packet_getname (5)

Status: fixed on 2021/11/10 00:50
Subsystems: net
[Documentation on labels]
Fix commit: e032f7c9c7ce net/packet: annotate accesses to po->ifindex
First crash: 1402d, last: 1323d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in packet_do_bind / packet_getname net 16 1823d 1921d 0/28 auto-closed as invalid on 2020/04/11 02:48
upstream KCSAN: data-race in packet_do_bind / packet_getname (3) net 8 1607d 1645d 0/28 auto-closed as invalid on 2020/10/09 06:50
upstream KCSAN: data-race in packet_do_bind / packet_getname (2) net 2 1716d 1738d 0/28 closed as invalid on 2020/06/18 14:24
upstream KCSAN: data-race in packet_do_bind / packet_getname (4) net 5 1459d 1509d 0/28 auto-closed as invalid on 2021/03/06 13:33

Sample crash report:
==================================================================
BUG: KCSAN: data-race in packet_do_bind / packet_getname

write to 0xffff888143ce3cbc of 4 bytes by task 25573 on cpu 1:
 packet_do_bind+0x420/0x7e0 net/packet/af_packet.c:3191
 packet_bind+0xc3/0xd0 net/packet/af_packet.c:3255
 __sys_bind+0x200/0x290 net/socket.c:1637
 __do_sys_bind net/socket.c:1648 [inline]
 __se_sys_bind net/socket.c:1646 [inline]
 __x64_sys_bind+0x3d/0x50 net/socket.c:1646
 do_syscall_64+0x4a/0x90 arch/x86/entry/common.c:47
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff888143ce3cbc of 4 bytes by task 25578 on cpu 0:
 packet_getname+0x5b/0x1a0 net/packet/af_packet.c:3525
 __sys_getsockname+0x10e/0x1a0 net/socket.c:1887
 __do_sys_getsockname net/socket.c:1902 [inline]
 __se_sys_getsockname net/socket.c:1899 [inline]
 __x64_sys_getsockname+0x3e/0x50 net/socket.c:1899
 do_syscall_64+0x4a/0x90 arch/x86/entry/common.c:47
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 25578 Comm: syz-executor.5 Not tainted 5.13.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/06/15 09:02 upstream 009c9aa5be65 1ba81399 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in packet_do_bind / packet_getname
2021/05/11 23:23 upstream 88b06399c9c7 b3c3bb8e .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in packet_do_bind / packet_getname
2021/04/07 10:53 upstream 2d743660786e 6a81331a .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in packet_do_bind / packet_getname
2021/03/28 02:53 upstream 0f4498cef9f5 a8529b82 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in packet_do_bind / packet_getname
* Struck through repros no longer work on HEAD.