syzbot

 sign-in | mailing list | source | docs
🐞 Open [1646]
Subsystems
🐞 Fixed [6010]
🐞 Invalid [14806]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in kcm_rcv_ready / kcm_rfree (3)

Status: auto-closed as invalid on 2022/07/05 19:59
Subsystems: net
[Documentation on labels]
First crash: 973d, last: 973d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in kcm_rcv_ready / kcm_rfree (2) net 1 1713d 1713d 0/28 closed as invalid on 2020/06/18 14:13
upstream KCSAN: data-race in kcm_rcv_ready / kcm_rfree net 1 1811d 1765d 0/28 auto-closed as invalid on 2020/04/24 00:37

Sample crash report:
==================================================================
BUG: KCSAN: data-race in kcm_rcv_ready / kcm_rfree

write to 0xffff88816c5c8fd0 of 1 bytes by task 22947 on cpu 0:
 kcm_rcv_ready+0x39d/0x3e0 net/kcm/kcmsock.c:165
 unreserve_rx_kcm+0xe7/0x1f0 net/kcm/kcmsock.c:337
 kcm_read_sock_done+0x1d/0x30 net/kcm/kcmsock.c:392
 strp_read_sock net/strparser/strparser.c:360 [inline]
 do_strp_work net/strparser/strparser.c:406 [inline]
 strp_work+0xfb/0x180 net/strparser/strparser.c:415
 process_one_work+0x3d3/0x720 kernel/workqueue.c:2289
 worker_thread+0x618/0xa70 kernel/workqueue.c:2436
 kthread+0x1a9/0x1e0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30

read to 0xffff88816c5c8fd0 of 1 bytes by task 13313 on cpu 1:
 kcm_rfree+0xed/0x200 net/kcm/kcmsock.c:181
 skb_release_head_state+0xb3/0x1a0 net/core/skbuff.c:729
 skb_release_all net/core/skbuff.c:740 [inline]
 __kfree_skb+0x14/0x150 net/core/skbuff.c:756
 kfree_skb_reason+0x52/0x170 net/core/skbuff.c:778
 kfree_skb include/linux/skbuff.h:1375 [inline]
 kcm_recvmsg+0x226/0x2b0 net/kcm/kcmsock.c:1161
 ____sys_recvmsg+0x162/0x2f0
 ___sys_recvmsg net/socket.c:2753 [inline]
 do_recvmmsg+0x53a/0xa30 net/socket.c:2847
 __sys_recvmmsg net/socket.c:2926 [inline]
 __do_sys_recvmmsg net/socket.c:2949 [inline]
 __se_sys_recvmmsg net/socket.c:2942 [inline]
 __x64_sys_recvmmsg+0xde/0x160 net/socket.c:2942
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 13313 Comm: syz-executor.1 Not tainted 5.18.0-syzkaller-11439-g8ab2afa23bd1-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/05/31 19:52 upstream 8ab2afa23bd1 af70c3a9 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in kcm_rcv_ready / kcm_rfree
* Struck through repros no longer work on HEAD.