syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [987] ≡ Subsystems 🐞 Fixed [5236] 🐞 Invalid [12505] ⬇ Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
================================================================== BUG: KCSAN: data-race in inet_put_port / mptcp_stream_connect write to 0xffff888137d8400e of 2 bytes by interrupt on cpu 1: __inet_put_port net/ipv4/inet_hashtables.c:118 [inline] inet_put_port+0x112/0x1b0 net/ipv4/inet_hashtables.c:126 tcp_set_state net/ipv4/tcp.c:2641 [inline] tcp_done+0x19f/0x360 net/ipv4/tcp.c:4450 tcp_reset+0xc6/0x1b0 net/ipv4/tcp_input.c:4314 tcp_validate_incoming+0xc5b/0xdf0 tcp_rcv_state_process+0x2c0/0x1250 net/ipv4/tcp_input.c:6450 tcp_v6_do_rcv+0x5d5/0xa50 net/ipv6/tcp_ipv6.c:1550 tcp_v6_rcv+0x2048/0x2660 net/ipv6/tcp_ipv6.c:1769 ip6_protocol_deliver_rcu+0x8ca/0xdf0 net/ipv6/ip6_input.c:422 ip6_input_finish net/ipv6/ip6_input.c:463 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ip6_input+0x73/0x120 net/ipv6/ip6_input.c:472 dst_input include/net/dst.h:461 [inline] ip6_rcv_finish+0x1de/0x270 net/ipv6/ip6_input.c:76 ip_sabotage_in+0x11c/0x130 net/bridge/br_netfilter_hooks.c:872 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_slow+0x72/0x170 net/netfilter/core.c:619 nf_hook include/linux/netfilter.h:262 [inline] NF_HOOK include/linux/netfilter.h:305 [inline] ipv6_rcv+0x11c/0x140 net/ipv6/ip6_input.c:297 __netif_receive_skb_one_core net/core/dev.c:5351 [inline] __netif_receive_skb+0x8b/0x1b0 net/core/dev.c:5465 netif_receive_skb_internal+0x37/0x150 net/core/dev.c:5551 netif_receive_skb+0x16/0x170 net/core/dev.c:5610 br_netif_receive_skb net/bridge/br_input.c:30 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] br_pass_frame_up+0x282/0x330 net/bridge/br_input.c:61 br_handle_frame_finish+0xb02/0xbe0 br_nf_hook_thresh+0x194/0x1d0 br_nf_pre_routing_finish_ipv6+0x4e6/0x500 NF_HOOK include/linux/netfilter.h:307 [inline] br_nf_pre_routing_ipv6+0x1ea/0x280 net/bridge/br_netfilter_ipv6.c:236 br_nf_pre_routing+0x4d1/0xb30 net/bridge/br_netfilter_hooks.c:505 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_bridge_pre net/bridge/br_input.c:230 [inline] br_handle_frame+0x483/0xbc0 net/bridge/br_input.c:370 __netif_receive_skb_core+0xa39/0x1e20 net/core/dev.c:5245 __netif_receive_skb_one_core net/core/dev.c:5349 [inline] __netif_receive_skb+0x52/0x1b0 net/core/dev.c:5465 process_backlog+0x23f/0x3e0 net/core/dev.c:5797 __napi_poll+0x65/0x3f0 net/core/dev.c:6365 napi_poll net/core/dev.c:6432 [inline] net_rx_action+0x29e/0x650 net/core/dev.c:6519 __do_softirq+0x158/0x2de kernel/softirq.c:558 do_softirq+0xb1/0xf0 kernel/softirq.c:459 __local_bh_enable_ip+0x68/0x70 kernel/softirq.c:383 local_bh_enable+0x1b/0x20 include/linux/bottom_half.h:33 rcu_read_unlock_bh include/linux/rcupdate.h:764 [inline] ip6_finish_output2+0x9d5/0xbe0 net/ipv6/ip6_output.c:127 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline] ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224 dst_output include/net/dst.h:451 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ip6_xmit+0x877/0xa60 net/ipv6/ip6_output.c:324 inet6_csk_xmit+0x1a4/0x1e0 net/ipv6/inet6_connection_sock.c:135 __tcp_transmit_skb+0x1323/0x1840 net/ipv4/tcp_output.c:1402 tcp_transmit_skb net/ipv4/tcp_output.c:1420 [inline] tcp_send_active_reset+0x26d/0x370 net/ipv4/tcp_output.c:3436 tcp_disconnect+0x2bf/0xef0 net/ipv4/tcp.c:2998 __tcp_close+0xc9e/0x11d0 net/ipv4/tcp.c:2805 tcp_close+0x24/0xa0 net/ipv4/tcp.c:2927 inet_release+0xc6/0xe0 net/ipv4/af_inet.c:428 inet6_release+0x3a/0x50 net/ipv6/af_inet6.c:478 __sock_release net/socket.c:650 [inline] sock_release+0x40/0xd0 net/socket.c:678 rds_tcp_accept_one+0xd0/0x670 net/rds/tcp_listen.c:226 rds_tcp_accept_worker+0x21/0x70 net/rds/tcp.c:515 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307 worker_thread+0x616/0xa70 kernel/workqueue.c:2454 kthread+0x1bf/0x1e0 kernel/kthread.c:377 ret_from_fork+0x1f/0x30 read to 0xffff888137d8400e of 2 bytes by task 13817 on cpu 0: mptcp_copy_inaddrs net/mptcp/protocol.c:2815 [inline] mptcp_stream_connect+0x59e/0x6b0 net/mptcp/protocol.c:3452 __sys_connect_file net/socket.c:1900 [inline] __sys_connect+0x197/0x1b0 net/socket.c:1917 __do_sys_connect net/socket.c:1927 [inline] __se_sys_connect net/socket.c:1924 [inline] __x64_sys_connect+0x3d/0x50 net/socket.c:1924 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae value changed: 0x80b4 -> 0x0000 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 13817 Comm: syz-executor.2 Not tainted 5.17.0-rc4-syzkaller-00054-gf71077a4d84b-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2022/02/17 13:11 | upstream | f71077a4d84b | 2bea8a27 | .config | console log | report | info | ci2-upstream-kcsan-gce | KCSAN: data-race in inet_put_port / mptcp_stream_connect |