KCSAN: data-race in data_push

KCSAN: data-race in data_push_tail / string
Status: moderation: reported on 2021/07/22 19:23
Reported-by: syzbot+b3b8d0f2cecce376adeb@syzkaller.appspotmail.com
First crash: 319d, last: 6h00m

Sample crash report:

x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
==================================================================
BUG: KCSAN: data-race in data_push_tail / string

write to 0xffffffff86dd0220 of 1 bytes by task 24 on cpu 1:
 string_nocheck lib/vsprintf.c:642 [inline]
 string+0xa1/0x210 lib/vsprintf.c:720
 vsnprintf+0xab0/0xed0 lib/vsprintf.c:2795
 vscnprintf+0x29/0x80 lib/vsprintf.c:2898
 printk_sprint kernel/printk/printk.c:2076 [inline]
 vprintk_store+0x638/0xbb0 kernel/printk/printk.c:2186
 vprintk_emit+0xac/0x3c0 kernel/printk/printk.c:2229
 vprintk_default+0x22/0x30 kernel/printk/printk.c:2256
 vprintk+0x7f/0x90 kernel/printk/printk_safe.c:50
 _printk+0x76/0x97 kernel/printk/printk.c:2266
 kauditd_printk_skb kernel/audit.c:538 [inline]
 kauditd_hold_skb+0x12f/0x140 kernel/audit.c:571
 kauditd_send_queue+0x2a4/0x2f0 kernel/audit.c:734
 kauditd_thread+0x441/0x720 kernel/audit.c:858
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

read to 0xffffffff86dd0220 of 8 bytes by task 26237 on cpu 0:
 data_make_reusable kernel/printk/printk_ringbuffer.c:587 [inline]
 data_push_tail+0x138/0x470 kernel/printk/printk_ringbuffer.c:672
 data_alloc+0xbc/0x2b0 kernel/printk/printk_ringbuffer.c:1043
 prb_reserve+0x920/0xbf0 kernel/printk/printk_ringbuffer.c:1549
 vprintk_store+0x560/0xbb0 kernel/printk/printk.c:2176
 vprintk_emit+0xac/0x3c0 kernel/printk/printk.c:2229
 vprintk_default+0x22/0x30 kernel/printk/printk.c:2256
 vprintk+0x7f/0x90 kernel/printk/printk_safe.c:50
 _printk+0x76/0x97 kernel/printk/printk.c:2266
 xt_check_match+0x678/0x700
 check_match net/ipv4/netfilter/ip_tables.c:473 [inline]
 find_check_match net/ipv4/netfilter/ip_tables.c:489 [inline]
 find_check_entry net/ipv4/netfilter/ip_tables.c:539 [inline]
 translate_table+0xb06/0xff0 net/ipv4/netfilter/ip_tables.c:718
 do_replace net/ipv4/netfilter/ip_tables.c:1136 [inline]
 do_ipt_set_ctl+0x1419/0x1710 net/ipv4/netfilter/ip_tables.c:1630
 nf_setsockopt+0x1a6/0x1c0 net/netfilter/nf_sockopt.c:101
 ip_setsockopt+0x2815/0x2c80 net/ipv4/ip_sockglue.c:1444
 raw_setsockopt+0x100/0x150 net/ipv4/raw.c:861
 sock_common_setsockopt+0x5d/0x70 net/core/sock.c:3489
 __sys_setsockopt+0x209/0x2a0 net/socket.c:2180
 __do_sys_setsockopt net/socket.c:2191 [inline]
 __se_sys_setsockopt net/socket.c:2188 [inline]
 __x64_sys_setsockopt+0x62/0x70 net/socket.c:2188
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000ffffec08 -> 0x343932343d736573

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 26237 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00339-g169387e2aa29-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (123):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2022/01/29 07:55	upstream	169387e2aa29	495e00c5	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/26 13:45	upstream	0280e3c58f92	2cbffd88	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/22 09:58	upstream	0809edbae347	214351e1	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/17 23:55	upstream	0c947b893d69	731a2d23	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/13 16:39	upstream	455e73a07f6e	b8d780ab	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/13 06:29	upstream	f079ab01b560	44d1319a	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/12 02:18	upstream	6f38be8f2ccd	44d1319a	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/11 17:43	upstream	fe8152b38d3a	1884f55a	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/09 18:48	upstream	4634129ad9fd	2ca0d385	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/09 04:16	upstream	21f35d2ca83e	2ca0d385	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/08 11:16	upstream	d1587f7bfe9a	2ca0d385	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2022/01/02 03:29	upstream	278218f6778b	e1768e9c	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/31 01:50	upstream	9bad743e8d22	36bd2e48	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/28 19:31	upstream	a8ad9a2434dc	76c8cf06	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/28 15:55	upstream	a8ad9a2434dc	6b3c5e64	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/26 02:15	upstream	e2ae0d4a6b0b	6caa12e4	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/24 05:29	upstream	996a18eb796a	6caa12e4	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/23 04:46	upstream	bc491fb12513	6caa12e4	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/22 20:21	upstream	2f47a9a4dfa3	6caa12e4	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/22 09:01	upstream	1c3e979bf3e2	6caa12e4	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/21 07:23	upstream	86085fe79e3c	62bd192b	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/20 11:26	upstream	a7904a538933	021b36cb	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/18 21:23	upstream	9eaa88c7036e	44068e19	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/16 06:52	upstream	2b14864acbaa	572bcb40	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/10 11:34	upstream	ded746bfc943	4d4ce9bc	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/09 16:36	upstream	2a987e65025e	b54aa474	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/09 08:32	upstream	2a987e65025e	a4a2a501	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/08 08:50	upstream	2a987e65025e	0230ba3e	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/07 00:06	upstream	f80ef9e49fdf	0230ba3e	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/05 21:47	upstream	944207047ca4	a617004c	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/12/03 15:48	upstream	5f58da2befa5	c7c20675	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/30 05:39	upstream	d58071a8a76d	d0830353	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/28 07:52	upstream	741392771338	63eeac02	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/26 14:56	upstream	a4849f6000e2	63eeac02	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/23 00:12	upstream	136057256686	545ab074	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/22 05:05	upstream	40c93d7fff6f	4eb20a4e	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/18 19:45	upstream	42eb8fdac2fc	31a30fc0	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/17 02:36	upstream	8ab774587903	cafff8b6	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/15 17:28	upstream	8ab774587903	75b04091	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/15 05:11	upstream	ce49bfc8d037	75b04091	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/11 15:06	upstream	debe436e77c7	75b04091	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/08 23:06	upstream	e851dfae4371	d29682f1	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/05 21:31	upstream	fe91c4725aee	4c1be0be	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/11/05 11:22	upstream	d4439a1189f9	4c1be0be	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/07/20 18:18	upstream	8cae8cd89f05	1b201b48	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/07/19 13:52	upstream	2734d6c1b1a0	e6a17580	.config	log	report	info	KCSAN: data-race in data_push_tail / string
ci2-upstream-kcsan-gce	2021/03/15 21:32	upstream	1e28eed17697	fdb2bb2c	.config	log	report	info	KCSAN: data-race in data_push_tail / string