KCSAN: data-race in kcm_rfree / unreserve_rx

KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
Status: moderation: reported on 2020/09/28 07:58
Reported-by: syzbot+f4c071abb34935866f72@syzkaller.appspotmail.com
First crash: 563d, last: 32d

Sample crash report:

==================================================================
BUG: KCSAN: data-race in kcm_rfree / unreserve_rx_kcm

write to 0xffff888106af6f20 of 8 bytes by task 281 on cpu 0:
 unreserve_rx_kcm+0x72/0x1e0 net/kcm/kcmsock.c:312
 kcm_rcv_strparser+0x2d3/0x3d0 net/kcm/kcmsock.c:372
 __strp_recv+0x699/0xf00 net/strparser/strparser.c:309
 strp_recv+0x6d/0x80 net/strparser/strparser.c:343
 tcp_read_sock+0x290/0xb10 net/ipv4/tcp.c:1660
 strp_read_sock net/strparser/strparser.c:366 [inline]
 do_strp_work net/strparser/strparser.c:414 [inline]
 strp_work+0xd9/0x170 net/strparser/strparser.c:423
 process_one_work+0x3e1/0x950 kernel/workqueue.c:2275
 worker_thread+0x616/0xa70 kernel/workqueue.c:2421
 kthread+0x20b/0x230 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

read to 0xffff888106af6f20 of 8 bytes by task 12273 on cpu 1:
 kcm_rfree+0xee/0x180 net/kcm/kcmsock.c:180
 skb_release_head_state+0xb3/0x170 net/core/skbuff.c:712
 skb_release_all net/core/skbuff.c:723 [inline]
 __kfree_skb+0x14/0x150 net/core/skbuff.c:739
 kfree_skb+0x50/0x170 net/core/skbuff.c:757
 kcm_recvmsg+0x3f1/0x470 net/kcm/kcmsock.c:1160
 ____sys_recvmsg+0x15d/0x310 include/linux/uio.h:234
 ___sys_recvmsg net/socket.c:2611 [inline]
 do_recvmmsg+0x34c/0x9e0 net/socket.c:2705
 __sys_recvmmsg net/socket.c:2784 [inline]
 __do_sys_recvmmsg net/socket.c:2807 [inline]
 __se_sys_recvmmsg net/socket.c:2800 [inline]
 __x64_sys_recvmmsg+0xcf/0x150 net/socket.c:2800
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 12273 Comm: syz-executor.5 Not tainted 5.12.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (236):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2021/04/07 22:24	upstream	3a229812	6a81331a	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/04/07 09:59	upstream	2d743660	6a81331a	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/03/24 16:37	upstream	7acac4b3	607e3baf	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/03/23 11:04	upstream	84196390	8092f30d	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/03/20 14:47	upstream	1c273e10	e45f5621	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/03/18 22:19	upstream	bf152b0b	380dcc3e	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/02/21 09:22	upstream	e767b353	3e5ed8b4	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/02/13 23:22	upstream	ac30d8ce	98682e5e	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/02/12 12:49	upstream	dcc0b490	a5f86b15	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/02/08 00:30	upstream	b75dba7f	2ce644fc	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/02/06 04:43	upstream	1e0d27fc	23a562df	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/02/01 04:20	upstream	1048ba83	fc9fd31e	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/29 14:03	upstream	bec4c296	6593fd32	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/28 18:59	upstream	76c057c8	7df34f59	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/27 20:03	upstream	76c057c8	a57db36f	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/25 14:00	upstream	6ee1d745	52e37319	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/24 06:27	upstream	e1ae4b0b	52e37319	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/21 14:43	upstream	9791581c	d4f4eca5	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/20 13:46	upstream	45dfb8a5	d4f4eca5	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/20 06:39	upstream	45dfb8a5	63631df1	.config	log	report	info	KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
ci2-upstream-kcsan-gce	2021/01/15 03:14	upstream	14662050	468dbb55	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/14 16:35	upstream	65f0d241	468dbb55	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/12 22:08	upstream	e609571b	0cdd6185	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/11 23:58	upstream	a0d54b4f	2c1f2513	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/10 21:17	upstream	0653161f	2c1f2513	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/09 11:01	upstream	996e435f	a6c52263	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/09 02:02	upstream	6279d812	c104d4a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/08 03:31	upstream	f5e6c330	c104d4a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/06 23:38	upstream	71c061d2	c104d4a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/05 18:10	upstream	36bbbd0e	a0234d98	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/02 22:59	upstream	3516bd72	79264ae3	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/31 02:20	upstream	f6e1ea19	5cc121d6	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/30 15:35	upstream	139711f0	ecb8c012	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/30 03:41	upstream	139711f0	0fa352f2	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/26 00:03	upstream	5814bc2d	821e0b09	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/24 04:06	upstream	58cf05f5	c2c1d1dd	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/23 11:36	upstream	614cb589	c2c1d1dd	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/22 03:27	upstream	8653b778	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/19 22:56	upstream	467f8165	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/12 22:48	upstream	7b1b868e	bca53db9	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/09 10:08	upstream	a68a0262	99917735	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/06 21:27	upstream	8100a580	c521566d	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/06 12:05	upstream	7059c2c0	f12ba0c5	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/05 07:39	upstream	b3298500	0ef84591	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/02 14:18	upstream	509a1542	eff43e99	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/01 23:42	upstream	b6505459	c42a35e9	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/29 16:28	upstream	aae5ab85	a0092f9d	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/29 00:58	upstream	67f34fa8	a0092f9d	.config	log	report	info
ci2-upstream-kcsan-gce	2020/09/27 00:25	upstream	eeddbe68	5dd8aee8	.config	log	report	info
ci2-upstream-kcsan-gce	2020/02/10 19:56	https://github.com/google/ktsan.git kcsan	f60f0f54	d9e55b05	.config	log	report
ci2-upstream-kcsan-gce	2019/10/25 04:57	https://github.com/google/ktsan.git kcsan	05f22368	d01bb02a	.config	log	report