syzbot


KCSAN: data-race in data_push_tail / symbol_string (5)

Status: auto-obsoleted due to no activity on 2023/11/17 08:46
Subsystems: kernel
[Documentation on labels]
First crash: 494d, last: 419d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in data_push_tail / symbol_string (3) kernel 1 1009d 1009d 0/28 auto-closed as invalid on 2022/04/05 16:28
upstream KCSAN: data-race in data_push_tail / symbol_string (7) kernel 2 280d 282d 0/28 auto-obsoleted due to no activity on 2024/04/04 01:53
upstream KCSAN: data-race in data_push_tail / symbol_string kernel 1 1268d 1268d 0/28 auto-closed as invalid on 2021/07/21 00:16
upstream KCSAN: data-race in data_push_tail / symbol_string (6) kernel 1 376d 365d 0/28 auto-obsoleted due to no activity on 2023/12/29 16:49
upstream KCSAN: data-race in data_push_tail / symbol_string (4) kernel 2 587d 614d 0/28 auto-obsoleted due to no activity on 2023/06/01 14:03
upstream KCSAN: data-race in data_push_tail / symbol_string (8) kernel 1 3d13h 3d13h 0/28 moderation: reported on 2024/12/01 20:37
upstream KCSAN: data-race in data_push_tail / symbol_string (2) kernel 1 1088d 1088d 0/28 auto-closed as invalid on 2022/01/16 12:11

Sample crash report:
==================================================================
BUG: KCSAN: data-race in data_push_tail / symbol_string

write to 0xffffffff86ebf8a0 of 1 bytes by task 25644 on cpu 0:
 string_nocheck lib/vsprintf.c:649 [inline]
 symbol_string+0x1b6/0x240 lib/vsprintf.c:1005
 pointer+0x77a/0xd10 lib/vsprintf.c:2416
 vsnprintf+0x861/0xe20 lib/vsprintf.c:2822
 vscnprintf+0x42/0x80 lib/vsprintf.c:2924
 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2128
 vprintk_store+0x56f/0x800 kernel/printk/printk.c:2242
 vprintk_emit+0xd0/0x5d0 kernel/printk/printk.c:2288
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2322
 vprintk+0x71/0x80 kernel/printk/printk_safe.c:45
 _printk+0x7a/0xa0 kernel/printk/printk.c:2332
 printk_stack_address arch/x86/kernel/dumpstack.c:72 [inline]
 show_trace_log_lvl+0x42e/0x510 arch/x86/kernel/dumpstack.c:285
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xda/0x130 lib/dump_stack.c:106
 dump_stack+0x15/0x20 lib/dump_stack.c:113
 fail_dump lib/fault-inject.c:52 [inline]
 should_fail_ex+0x21f/0x230 lib/fault-inject.c:153
 __should_failslab+0x92/0xa0 mm/failslab.c:44
 should_failslab+0x9/0x20 mm/slab_common.c:1509
 slab_pre_alloc_hook+0x38/0x180 mm/slab.h:711
 slab_alloc_node mm/slub.c:3460 [inline]
 kmem_cache_alloc_node+0x54/0x240 mm/slub.c:3523
 __alloc_skb+0x109/0x2e0 net/core/skbuff.c:640
 alloc_skb include/linux/skbuff.h:1286 [inline]
 netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]
 netlink_sendmsg+0x483/0x770 net/netlink/af_netlink.c:1885
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x37c/0x4d0 net/socket.c:2558
 ___sys_sendmsg net/socket.c:2612 [inline]
 __sys_sendmsg+0x1e9/0x270 net/socket.c:2641
 __do_sys_sendmsg net/socket.c:2650 [inline]
 __se_sys_sendmsg net/socket.c:2648 [inline]
 __x64_sys_sendmsg+0x46/0x50 net/socket.c:2648
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffffffff86ebf8a0 of 8 bytes by task 25575 on cpu 1:
 data_make_reusable kernel/printk/printk_ringbuffer.c:590 [inline]
 data_push_tail+0x102/0x430 kernel/printk/printk_ringbuffer.c:675
 data_alloc+0xbe/0x2c0 kernel/printk/printk_ringbuffer.c:1046
 prb_reserve+0x893/0xbc0 kernel/printk/printk_ringbuffer.c:1555
 vprintk_store+0x53e/0x800 kernel/printk/printk.c:2232
 vprintk_emit+0xd0/0x5d0 kernel/printk/printk.c:2288
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2322
 vprintk+0x71/0x80 kernel/printk/printk_safe.c:45
 _printk+0x7a/0xa0 kernel/printk/printk.c:2332
 vlan_device_event+0x106a/0x1120 net/8021q/vlan.c:383
 notifier_call_chain kernel/notifier.c:93 [inline]
 raw_notifier_call_chain+0x6b/0x1c0 kernel/notifier.c:461
 __dev_notify_flags+0x205/0x3d0
 rtnl_newlink_create net/core/rtnetlink.c:3493 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3705 [inline]
 rtnl_newlink+0x12cc/0x1670 net/core/rtnetlink.c:3718
 rtnetlink_rcv_msg+0x807/0x8c0 net/core/rtnetlink.c:6444
 netlink_rcv_skb+0x126/0x220 net/netlink/af_netlink.c:2545
 rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:6462
 netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]
 netlink_unicast+0x589/0x650 net/netlink/af_netlink.c:1368
 netlink_sendmsg+0x66e/0x770 net/netlink/af_netlink.c:1910
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x37c/0x4d0 net/socket.c:2558
 ___sys_sendmsg net/socket.c:2612 [inline]
 __sys_sendmsg+0x1e9/0x270 net/socket.c:2641
 __do_sys_sendmsg net/socket.c:2650 [inline]
 __se_sys_sendmsg net/socket.c:2648 [inline]
 __x64_sys_sendmsg+0x46/0x50 net/socket.c:2648
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x000000010000b868 -> 0x3178302b626b735f

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 25575 Comm: syz-executor.4 Not tainted 6.6.0-rc5-syzkaller-00157-ge8c127b05766 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
==================================================================
syz-executor.4 (25575) used greatest stack depth: 9144 bytes left

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/10/13 08:41 upstream e8c127b05766 6388bc36 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / symbol_string
2023/09/17 19:41 upstream f0b0d403eabb 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / symbol_string
2023/08/17 17:05 upstream 16931859a650 74b106b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / symbol_string
2023/07/30 07:46 upstream 12214540ad87 92476829 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / symbol_string
* Struck through repros no longer work on HEAD.