syzbot

 sign-in | mailing list | source | docs
🐞 Open [1557]
Subsystems
🐞 Fixed [6430]
🐞 Invalid [16300]
Missing Backports [199]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in memchr / number

Status: auto-obsoleted due to no activity on 2023/08/13 11:35
Subsystems: kernel
[Documentation on labels]
First crash: 741d, last: 741d
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in memchr / number (4) kernel 6 1 32d 32d 0/29 moderation: reported on 2025/06/17 12:36
upstream KCSAN: data-race in memchr / number (2) block 6 1 450d 450d 0/29 auto-obsoleted due to no activity on 2024/05/30 03:24
upstream KCSAN: data-race in memchr / number (3) ext4 6 1 413d 413d 0/29 auto-obsoleted due to no activity on 2024/07/06 04:52

Sample crash report:
==================================================================
BUG: KCSAN: data-race in memchr / number

write to 0xffffffff86f3c80b of 1 bytes by task 2775 on cpu 0:
 number+0x7d0/0xa90 lib/vsprintf.c:562
 vsnprintf+0xa44/0xe20 lib/vsprintf.c:2883
 va_format lib/vsprintf.c:1681 [inline]
 pointer+0x8a1/0xd10 lib/vsprintf.c:2448
 vsnprintf+0x861/0xe20 lib/vsprintf.c:2821
 vscnprintf+0x42/0x80 lib/vsprintf.c:2923
 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2128
 vprintk_store+0x56f/0x800 kernel/printk/printk.c:2242
 vprintk_emit+0xd0/0x430 kernel/printk/printk.c:2288
 dev_vprintk_emit+0x1df/0x210 drivers/base/core.c:4840
 dev_printk_emit+0x82/0xb0 drivers/base/core.c:4851
 __netdev_printk+0x33a/0x3b0 net/core/dev.c:11231
 netdev_info+0x99/0xc0 net/core/dev.c:11286
 nsim_udp_tunnel_unset_port+0x183/0x1a0 drivers/net/netdevsim/udp_tunnels.c:64
 udp_tunnel_nic_device_sync_by_port net/ipv4/udp_tunnel_nic.c:246 [inline]
 __udp_tunnel_nic_device_sync+0x579/0x9d0 net/ipv4/udp_tunnel_nic.c:289
 udp_tunnel_nic_flush+0x243/0x330 net/ipv4/udp_tunnel_nic.c:670
 udp_tunnel_nic_unregister net/ipv4/udp_tunnel_nic.c:871 [inline]
 udp_tunnel_nic_netdevice_event+0x6c7/0xd00 net/ipv4/udp_tunnel_nic.c:911
 notifier_call_chain kernel/notifier.c:93 [inline]
 raw_notifier_call_chain+0x6b/0x1c0 kernel/notifier.c:461
 call_netdevice_notifiers_info net/core/dev.c:1962 [inline]
 call_netdevice_notifiers_extack net/core/dev.c:2000 [inline]
 call_netdevice_notifiers net/core/dev.c:2014 [inline]
 unregister_netdevice_many_notify+0x873/0x1070 net/core/dev.c:10850
 unregister_netdevice_many net/core/dev.c:10906 [inline]
 unregister_netdevice_queue+0x1cf/0x200 net/core/dev.c:10786
 unregister_netdevice include/linux/netdevice.h:3112 [inline]
 nsim_destroy+0x2c/0xd0 drivers/net/netdevsim/netdev.c:375
 __nsim_dev_port_del+0xcd/0x100 drivers/net/netdevsim/dev.c:1428
 nsim_dev_port_del_all drivers/net/netdevsim/dev.c:1440 [inline]
 nsim_dev_reload_destroy+0x1a6/0x2c0 drivers/net/netdevsim/dev.c:1661
 nsim_dev_reload_down+0x77/0x90 drivers/net/netdevsim/dev.c:968
 devlink_reload+0xad/0x390 net/devlink/dev.c:362
 devlink_pernet_pre_exit+0xbb/0x1e0 net/devlink/core.c:282
 ops_pre_exit_list net/core/net_namespace.c:160 [inline]
 cleanup_net+0x318/0x770 net/core/net_namespace.c:602
 process_one_work+0x434/0x860 kernel/workqueue.c:2597
 worker_thread+0x5f2/0xa10 kernel/workqueue.c:2748
 kthread+0x1d7/0x210 kernel/kthread.c:389
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

read to 0xffffffff86f3c80b of 1 bytes by task 19275 on cpu 1:
 memchr+0x2a/0x50 lib/string.c:807
 count_lines kernel/printk/printk_ringbuffer.c:1686 [inline]
 copy_data kernel/printk/printk_ringbuffer.c:1732 [inline]
 prb_read kernel/printk/printk_ringbuffer.c:1825 [inline]
 _prb_read_valid+0x795/0x910 kernel/printk/printk_ringbuffer.c:1891
 prb_read_valid_info+0x67/0x90 kernel/printk/printk_ringbuffer.c:1974
 find_first_fitting_seq+0x1bc/0x310 kernel/printk/printk.c:1535
 syslog_print_all+0x11d/0x5a0 kernel/printk/printk.c:1667
 do_syslog+0x44f/0x860 kernel/printk/printk.c:1746
 __do_sys_syslog kernel/printk/printk.c:1824 [inline]
 __se_sys_syslog kernel/printk/printk.c:1822 [inline]
 __x64_sys_syslog+0x43/0x50 kernel/printk/printk.c:1822
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x72 -> 0x30

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 19275 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-12454-g1c7873e33645 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/07/09 11:24 upstream 1c7873e33645 668cb1fa .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in memchr / number
* Struck through repros no longer work on HEAD.