syzbot

 sign-in | mailing list | source | docs
🐞 Open [1032] Subsystems 🐞 Fixed [5263] 🐞 Invalid [12582] Missing Backports [85] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect (2)

Status: auto-obsoleted due to no activity on 2023/05/17 20:19
Subsystems: sctp
[Documentation on labels]
First crash: 486d, last: 390d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect sctp 1 604d 594d 0/26 auto-obsoleted due to no activity on 2022/10/15 23:56

Sample crash report:
==================================================================
BUG: KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect

write to 0xffff88812f867228 of 4 bytes by task 6598 on cpu 0:
 sctp_cmd_new_state net/sctp/sm_sideeffect.c:872 [inline]
 sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1334 [inline]
 sctp_side_effects net/sctp/sm_sideeffect.c:1199 [inline]
 sctp_do_sm+0x9aa/0x3160 net/sctp/sm_sideeffect.c:1170
 sctp_primitive_SHUTDOWN+0x75/0x90 net/sctp/primitive.c:89
 sctp_close+0x26e/0x540 net/sctp/socket.c:1527
 inet_release+0xc9/0xf0 net/ipv4/af_inet.c:426
 __sock_release net/socket.c:653 [inline]
 sock_close+0x70/0x150 net/socket.c:1395
 __fput+0x245/0x570 fs/file_table.c:321
 ____fput+0x15/0x20 fs/file_table.c:349
 task_work_run+0x123/0x160 kernel/task_work.c:179
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xd1/0xe0 kernel/entry/common.c:171
 exit_to_user_mode_prepare+0x6c/0xb0 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline]
 syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:297
 do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff88812f867228 of 4 bytes by task 6593 on cpu 1:
 sctp_wait_for_connect+0x150/0x350 net/sctp/socket.c:9312
 sctp_sendmsg_to_asoc+0xbf6/0xc00 net/sctp/socket.c:1884
 sctp_sendmsg+0x134e/0x1900 net/sctp/socket.c:2030
 inet_sendmsg+0x63/0x80 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg net/socket.c:747 [inline]
 __sys_sendto+0x246/0x300 net/socket.c:2142
 __do_sys_sendto net/socket.c:2154 [inline]
 __se_sys_sendto net/socket.c:2150 [inline]
 __x64_sys_sendto+0x78/0x90 net/socket.c:2150
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 6593 Comm: syz-executor.0 Not tainted 6.3.0-rc6-syzkaller-00035-g0bcc40255504 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/04/12 20:13 upstream 0bcc40255504 82d5e53e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect
2023/01/06 00:52 upstream 41c03ba9beea 1dac8c7a .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in sctp_do_sm / sctp_wait_for_connect
* Struck through repros no longer work on HEAD.