syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [1050] ≡ Subsystems 🐞 Fixed [5296] 🐞 Invalid [12638] ⬇ Missing Backports [92] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
================================================================== BUG: KCSAN: data-race in __neigh_update / neigh_resolve_output write to 0xffff888150049884 of 1 bytes by interrupt on cpu 0: __neigh_update+0x778/0x1590 net/core/neighbour.c:1435 neigh_update+0x37/0x40 net/core/neighbour.c:1508 ndisc_update+0x37/0xa0 net/ipv6/ndisc.c:781 ndisc_recv_na+0x66d/0x930 net/ipv6/ndisc.c:1108 ndisc_rcv+0x2df/0x3b0 net/ipv6/ndisc.c:1842 icmpv6_rcv+0xdac/0x11e0 net/ipv6/icmp.c:975 ip6_protocol_deliver_rcu+0x93c/0xf50 net/ipv6/ip6_input.c:439 ip6_input_finish net/ipv6/ip6_input.c:484 [inline] NF_HOOK include/linux/netfilter.h:302 [inline] ip6_input+0xbf/0x1b0 net/ipv6/ip6_input.c:493 dst_input include/net/dst.h:454 [inline] ip6_rcv_finish+0x1e2/0x2e0 net/ipv6/ip6_input.c:79 ip_sabotage_in+0x12e/0x140 net/bridge/br_netfilter_hooks.c:875 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_slow+0x6b/0x150 net/netfilter/core.c:614 nf_hook include/linux/netfilter.h:257 [inline] NF_HOOK include/linux/netfilter.h:300 [inline] ipv6_rcv+0x10f/0x150 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5479 [inline] __netif_receive_skb+0x90/0x1b0 net/core/dev.c:5593 netif_receive_skb_internal net/core/dev.c:5679 [inline] netif_receive_skb+0x4a/0x310 net/core/dev.c:5738 br_netif_receive_skb net/bridge/br_input.c:30 [inline] NF_HOOK include/linux/netfilter.h:302 [inline] br_pass_frame_up+0x209/0x2e0 net/bridge/br_input.c:68 br_handle_frame_finish+0xda3/0xee0 br_nf_hook_thresh+0x1ed/0x220 br_nf_pre_routing_finish_ipv6+0x511/0x540 NF_HOOK include/linux/netfilter.h:302 [inline] br_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:237 br_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:507 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_bridge_pre net/bridge/br_input.c:272 [inline] br_handle_frame+0x4ca/0x8e0 net/bridge/br_input.c:416 __netif_receive_skb_core+0x9e8/0x1e90 net/core/dev.c:5373 __netif_receive_skb_one_core net/core/dev.c:5477 [inline] __netif_receive_skb+0x57/0x1b0 net/core/dev.c:5593 process_backlog+0x21f/0x380 net/core/dev.c:5921 __napi_poll+0x60/0x3b0 net/core/dev.c:6482 napi_poll net/core/dev.c:6549 [inline] net_rx_action+0x31a/0x6c0 net/core/dev.c:6659 __do_softirq+0xc1/0x265 kernel/softirq.c:571 invoke_softirq kernel/softirq.c:445 [inline] __irq_exit_rcu+0x57/0xa0 kernel/softirq.c:650 sysvec_apic_timer_interrupt+0x6d/0x80 arch/x86/kernel/apic/apic.c:1107 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:86 [inline] acpi_safe_halt+0x20/0x30 drivers/acpi/processor_idle.c:112 acpi_idle_do_entry+0x19/0x30 drivers/acpi/processor_idle.c:573 acpi_idle_enter+0x96/0xb0 drivers/acpi/processor_idle.c:711 cpuidle_enter_state+0xc6/0x260 drivers/cpuidle/cpuidle.c:267 cpuidle_enter+0x40/0x60 drivers/cpuidle/cpuidle.c:388 call_cpuidle kernel/sched/idle.c:134 [inline] cpuidle_idle_call kernel/sched/idle.c:215 [inline] do_idle+0x194/0x240 kernel/sched/idle.c:282 cpu_startup_entry+0x18/0x20 kernel/sched/idle.c:379 rest_init+0xf1/0x100 init/main.c:736 arch_call_rest_init+0x9/0x10 init/main.c:898 start_kernel+0x58a/0x610 init/main.c:1152 secondary_startup_64_no_verify+0xcf/0xdb read to 0xffff888150049884 of 1 bytes by interrupt on cpu 1: neigh_event_send_probe include/net/neighbour.h:469 [inline] neigh_event_send include/net/neighbour.h:476 [inline] neigh_resolve_output+0x73/0x430 net/core/neighbour.c:1567 neigh_output include/net/neighbour.h:546 [inline] ip6_finish_output2+0x9bd/0xc50 net/ipv6/ip6_output.c:134 __ip6_finish_output net/ipv6/ip6_output.c:195 [inline] ip6_finish_output+0x39a/0x4e0 net/ipv6/ip6_output.c:206 NF_HOOK_COND include/linux/netfilter.h:291 [inline] ip6_output+0xeb/0x220 net/ipv6/ip6_output.c:227 dst_output include/net/dst.h:444 [inline] NF_HOOK include/linux/netfilter.h:302 [inline] ip6_xmit+0x8df/0xb70 net/ipv6/ip6_output.c:343 inet6_csk_xmit+0x1cf/0x210 net/ipv6/inet6_connection_sock.c:135 __tcp_transmit_skb+0x1165/0x16c0 net/ipv4/tcp_output.c:1399 __tcp_send_ack+0x1e0/0x2d0 net/ipv4/tcp_output.c:3983 tcp_send_ack+0x27/0x30 net/ipv4/tcp_output.c:3989 tcp_send_dupack+0x7d/0x400 net/ipv4/tcp_input.c:4501 tcp_validate_incoming+0x9f7/0xeb0 net/ipv4/tcp_input.c:5742 tcp_rcv_established+0x49e/0xe50 net/ipv4/tcp_input.c:6002 tcp_v6_do_rcv+0x51b/0xb60 net/ipv6/tcp_ipv6.c:1487 tcp_v6_rcv+0x181d/0x1ab0 net/ipv6/tcp_ipv6.c:1746 ip6_protocol_deliver_rcu+0x93c/0xf50 net/ipv6/ip6_input.c:439 ip6_input_finish net/ipv6/ip6_input.c:484 [inline] NF_HOOK include/linux/netfilter.h:302 [inline] ip6_input+0xbf/0x1b0 net/ipv6/ip6_input.c:493 dst_input include/net/dst.h:454 [inline] ip6_rcv_finish+0x1e2/0x2e0 net/ipv6/ip6_input.c:79 ip_sabotage_in+0x12e/0x140 net/bridge/br_netfilter_hooks.c:875 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_slow+0x6b/0x150 net/netfilter/core.c:614 nf_hook include/linux/netfilter.h:257 [inline] NF_HOOK include/linux/netfilter.h:300 [inline] ipv6_rcv+0x10f/0x150 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5479 [inline] __netif_receive_skb+0x90/0x1b0 net/core/dev.c:5593 netif_receive_skb_internal net/core/dev.c:5679 [inline] netif_receive_skb+0x4a/0x310 net/core/dev.c:5738 br_netif_receive_skb net/bridge/br_input.c:30 [inline] NF_HOOK include/linux/netfilter.h:302 [inline] br_pass_frame_up+0x209/0x2e0 net/bridge/br_input.c:68 br_handle_frame_finish+0xda3/0xee0 br_nf_hook_thresh+0x1ed/0x220 br_nf_pre_routing_finish_ipv6+0x511/0x540 NF_HOOK include/linux/netfilter.h:302 [inline] br_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:237 br_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:507 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_bridge_pre net/bridge/br_input.c:272 [inline] br_handle_frame+0x4ca/0x8e0 net/bridge/br_input.c:416 __netif_receive_skb_core+0x9e8/0x1e90 net/core/dev.c:5373 __netif_receive_skb_one_core net/core/dev.c:5477 [inline] __netif_receive_skb+0x57/0x1b0 net/core/dev.c:5593 process_backlog+0x21f/0x380 net/core/dev.c:5921 __napi_poll+0x60/0x3b0 net/core/dev.c:6482 napi_poll net/core/dev.c:6549 [inline] net_rx_action+0x31a/0x6c0 net/core/dev.c:6659 __do_softirq+0xc1/0x265 kernel/softirq.c:571 run_ksoftirqd+0x17/0x20 kernel/softirq.c:934 smpboot_thread_fn+0x30a/0x4a0 kernel/smpboot.c:164 kthread+0x1a6/0x1e0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 value changed: 0x10 -> 0x02 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 18 Comm: ksoftirqd/1 Not tainted 6.3.0-rc5-syzkaller-00022-g76f598ba7d8e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2023/04/05 13:53 | upstream | 76f598ba7d8e | 831373d3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-upstream-kcsan-gce | KCSAN: data-race in __neigh_update / neigh_resolve_output |