syzbot


KCSAN: data-race in unix_dgram_poll / unix_release_sock (4)

Status: auto-closed as invalid on 2022/04/27 04:20
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 248d, last: 248d
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in unix_dgram_poll / unix_release_sock (3) 6 376d 432d 0/24 auto-closed as invalid on 2021/12/20 20:13
upstream KCSAN: data-race in unix_dgram_poll / unix_release_sock (5) 1 203d 203d 0/24 auto-closed as invalid on 2022/06/11 02:26
upstream KCSAN: data-race in unix_dgram_poll / unix_release_sock (2) 14 471d 511d 0/24 auto-closed as invalid on 2021/09/16 16:01
upstream KCSAN: data-race in unix_dgram_poll / unix_release_sock 6 555d 578d 0/24 auto-closed as invalid on 2021/06/23 23:39

Sample crash report:
==================================================================
BUG: KCSAN: data-race in unix_dgram_poll / unix_release_sock

write to 0xffff888131067868 of 4 bytes by task 8604 on cpu 1:
 unix_release_sock+0x30a/0x6a0 net/unix/af_unix.c:609
 unix_release+0x4e/0x70 net/unix/af_unix.c:990
 __sock_release net/socket.c:650 [inline]
 sock_close+0x6c/0x150 net/socket.c:1318
 __fput+0x295/0x520 fs/file_table.c:317
 ____fput+0x11/0x20 fs/file_table.c:350
 task_work_run+0x8e/0x110 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:190 [inline]
 exit_to_user_mode_prepare+0x15b/0x180 kernel/entry/common.c:222
 __syscall_exit_to_user_mode_work kernel/entry/common.c:304 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:315
 do_syscall_64+0x37/0x70 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff888131067868 of 4 bytes by task 8612 on cpu 0:
 unix_dgram_poll+0x6e/0x3e0 net/unix/af_unix.c:3169
 sock_poll+0x23e/0x260 net/socket.c:1306
 vfs_poll include/linux/poll.h:88 [inline]
 io_poll_check_events+0x212/0x450 fs/io_uring.c:5931
 io_apoll_task_func+0x31/0x460 fs/io_uring.c:5991
 handle_tw_list fs/io_uring.c:2480 [inline]
 tctx_task_work+0x7d3/0xab0 fs/io_uring.c:2514
 task_work_run+0x8e/0x110 kernel/task_work.c:164
 tracehook_notify_signal include/linux/tracehook.h:213 [inline]
 handle_signal_work kernel/entry/common.c:147 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:187 [inline]
 exit_to_user_mode_prepare+0xfd/0x180 kernel/entry/common.c:222
 __syscall_exit_to_user_mode_work kernel/entry/common.c:304 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:315
 do_syscall_64+0x37/0x70 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000 -> 0x00000068

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 8612 Comm: syz-executor.1 Tainted: G S                5.17.0-syzkaller-02003-g3bf03b9a0839-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/03/23 04:10 upstream 3bf03b9a0839 5ff41e94 .config log report info KCSAN: data-race in unix_dgram_poll / unix_release_sock
* Struck through repros no longer work on HEAD.