syzbot


KCSAN: data-race in netlink_recvmsg / netlink_recvmsg

Status: auto-closed as invalid on 2020/03/29 12:33
Reported-by: syzbot+6dedf50d68e5713a1f65@syzkaller.appspotmail.com
First crash: 1006d, last: 932d
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in netlink_recvmsg / netlink_recvmsg (3) 30 356d 512d 0/23 auto-closed as invalid on 2021/09/22 07:53
upstream KCSAN: data-race in netlink_recvmsg / netlink_recvmsg (2) 1 634d 605d 0/23 auto-closed as invalid on 2020/12/25 11:25
upstream KCSAN: data-race in netlink_recvmsg / netlink_recvmsg (4) 13 211d 311d 0/23 auto-closed as invalid on 2022/02/13 19:27
upstream KCSAN: data-race in netlink_recvmsg / netlink_recvmsg (5) 6 21d 95d 21/23 internal: reported on 2022/05/05 11:52

Sample crash report:
==================================================================
BUG: KCSAN: data-race in netlink_recvmsg / netlink_recvmsg

read to 0xffff8880a3f31320 of 8 bytes by task 13703 on cpu 0:
 netlink_recvmsg+0xf3/0x910 net/netlink/af_netlink.c:1964
 sock_recvmsg_nosec net/socket.c:873 [inline]
 sock_recvmsg net/socket.c:891 [inline]
 sock_recvmsg+0x92/0xb0 net/socket.c:887
 __sys_recvfrom+0x1ae/0x2d0 net/socket.c:2042
 __do_sys_recvfrom net/socket.c:2060 [inline]
 __se_sys_recvfrom net/socket.c:2056 [inline]
 __x64_sys_recvfrom+0x89/0xb0 net/socket.c:2056
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff8880a3f31320 of 8 bytes by task 13707 on cpu 1:
 netlink_recvmsg+0x124/0x910 net/netlink/af_netlink.c:1965
 sock_recvmsg_nosec net/socket.c:873 [inline]
 ____sys_recvmsg+0x387/0x3a0 net/socket.c:2551
 ___sys_recvmsg+0xb2/0x100 net/socket.c:2595
 do_recvmmsg+0x19a/0x5c0 net/socket.c:2693
 __sys_recvmmsg+0x1ef/0x200 net/socket.c:2772
 __do_sys_recvmmsg net/socket.c:2795 [inline]
 __se_sys_recvmmsg net/socket.c:2788 [inline]
 __x64_sys_recvmmsg+0x89/0xb0 net/socket.c:2788
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 13707 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2020/01/19 12:32 https://github.com/google/ktsan.git kcsan 245a43005292 bc8bc756 .config log report
ci2-upstream-kcsan-gce 2019/11/29 14:02 https://github.com/google/ktsan.git kcsan ef798c30ba4e 4f7e1d0f .config log report
ci2-upstream-kcsan-gce 2019/11/18 17:03 https://github.com/google/ktsan.git kcsan 5863cc791e4c d5696d51 .config log report
ci2-upstream-kcsan-gce 2019/11/07 04:09 https://github.com/google/ktsan.git kcsan 94c006602e13 d797d201 .config log report