syzbot


KCSAN: data-race in tcp_disconnect / tcp_poll

Status: auto-closed as invalid on 2021/01/25 19:57
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+2326116798df66b56cd5@syzkaller.appspotmail.com
First crash: 1217d, last: 1183d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (5) net 1 644d 644d 0/26 auto-closed as invalid on 2022/07/18 21:08
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (4) net 8 742d 777d 0/26 auto-closed as invalid on 2022/04/12 08:00
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (6) net 1 538d 538d 0/26 auto-obsoleted due to no activity on 2022/11/01 19:29
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (7) net 2 337d 315d 22/26 fixed on 2023/07/01 16:05
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (2) net 1 893d 893d 0/26 auto-closed as invalid on 2021/11/12 06:31
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (3) net 4 825d 854d 0/26 auto-closed as invalid on 2022/01/18 12:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in tcp_disconnect / tcp_poll

write to 0xffff88810e1896ea of 1 bytes by task 18252 on cpu 1:
 tcp_disconnect+0x4a4/0xd40 net/ipv4/tcp.c:2927
 __inet_stream_connect+0x543/0x710 net/ipv4/af_inet.c:713
 tcp_sendmsg_fastopen net/ipv4/tcp.c:1191 [inline]
 tcp_sendmsg_locked+0x2036/0x2130 net/ipv4/tcp.c:1233
 tcp_sendmsg+0x2c/0x40 net/ipv4/tcp.c:1459
 inet_sendmsg+0x5f/0x80 net/ipv4/af_inet.c:817
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg net/socket.c:672 [inline]
 __sys_sendto+0x2a8/0x370 net/socket.c:1975
 __do_sys_sendto net/socket.c:1987 [inline]
 __se_sys_sendto net/socket.c:1983 [inline]
 __x64_sys_sendto+0x74/0x90 net/socket.c:1983
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88810e1896ea of 1 bytes by task 18202 on cpu 0:
 tcp_poll+0x355/0x690 net/ipv4/tcp.c:568
 sock_poll+0x23e/0x260 net/socket.c:1244
 vfs_poll include/linux/poll.h:90 [inline]
 do_select+0x8b1/0xfc0 fs/select.c:534
 core_sys_select+0x408/0x690 fs/select.c:677
 kern_select fs/select.c:718 [inline]
 __do_sys_select fs/select.c:725 [inline]
 __se_sys_select+0x180/0x1c0 fs/select.c:722
 __x64_sys_select+0x63/0x70 fs/select.c:722
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 18202 Comm: syz-executor.2 Not tainted 5.10.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/12/21 19:56 upstream e37b12e4bb21 04201c06 .config console log report info ci2-upstream-kcsan-gce
2020/11/17 21:55 upstream 111e91a6df50 09323409 .config console log report info ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.