KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
ee12a410-8059-4965-a91c-3df09e94e9e6	repro		❓	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath	2026/03/10 13:38	2026/03/11 03:47	2026/03/11 03:57	86914af9098a80da53c3c5d46be980c572ee29f8
e2847366-3443-4665-896c-c81e8a820dad	assessment-kcsan	Benign: ✅ Confident: ✅	❓	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath	2026/01/19 04:37	2026/01/19 04:37	2026/01/19 04:41	a9d6a79219801d2130df3b1a792c57f0e5428e9f

================================================================== BUG: KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath write to 0xffffc90002c6f640 of 1 bytes by task 23687 on cpu 0: rwsem_try_write_lock kernel/locking/rwsem.c:653 [inline] rwsem_down_write_slowpath+0x3c9/0xa90 kernel/locking/rwsem.c:1159 __down_write_common kernel/locking/rwsem.c:1317 [inline] __down_write kernel/locking/rwsem.c:1326 [inline] down_write+0xab/0xc0 kernel/locking/rwsem.c:1591 kernfs_add_one+0x5a/0x280 fs/kernfs/dir.c:796 __kernfs_create_file+0x145/0x180 fs/kernfs/file.c:1086 sysfs_add_file_mode_ns+0x132/0x1b0 fs/sysfs/file.c:313 create_files fs/sysfs/group.c:82 [inline] internal_create_group+0x441/0x9e0 fs/sysfs/group.c:189 internal_create_groups fs/sysfs/group.c:229 [inline] sysfs_create_groups+0x3f/0xf0 fs/sysfs/group.c:255 setup_gid_attrs drivers/infiniband/core/sysfs.c:1118 [inline] ib_setup_port_attrs+0xe89/0x1400 drivers/infiniband/core/sysfs.c:1394 add_one_compat_dev+0x297/0x390 drivers/infiniband/core/device.c:977 rdma_dev_init_net+0x1b9/0x240 drivers/infiniband/core/device.c:1193 ops_init+0x22a/0x2e0 net/core/net_namespace.c:137 setup_net+0x9f/0x230 net/core/net_namespace.c:446 copy_net_ns+0x310/0x450 net/core/net_namespace.c:581 create_new_namespaces+0x20e/0x440 kernel/nsproxy.c:130 unshare_nsproxy_namespaces+0xe6/0x120 kernel/nsproxy.c:226 ksys_unshare+0x3f2/0x6f0 kernel/fork.c:3174 __do_sys_unshare kernel/fork.c:3245 [inline] __se_sys_unshare kernel/fork.c:3243 [inline] __x64_sys_unshare+0x1f/0x30 kernel/fork.c:3243 x64_sys_call+0x1cef/0x3020 arch/x86/include/generated/asm/syscalls_64.h:273 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffc90002c6f640 of 1 bytes by task 7874 on cpu 1: rwsem_down_write_slowpath+0x43d/0xa90 kernel/locking/rwsem.c:1177 __down_write_common kernel/locking/rwsem.c:1317 [inline] __down_write kernel/locking/rwsem.c:1326 [inline] down_write+0xab/0xc0 kernel/locking/rwsem.c:1591 kernfs_add_one+0x5a/0x280 fs/kernfs/dir.c:796 __kernfs_create_file+0x145/0x180 fs/kernfs/file.c:1086 sysfs_add_file_mode_ns+0x132/0x1b0 fs/sysfs/file.c:313 create_files fs/sysfs/group.c:82 [inline] internal_create_group+0x441/0x9e0 fs/sysfs/group.c:189 internal_create_groups fs/sysfs/group.c:229 [inline] sysfs_create_groups+0x3f/0xf0 fs/sysfs/group.c:255 netdev_queue_add_kobject net/core/net-sysfs.c:2003 [inline] netdev_queue_update_kobjects+0x1dd/0x4c0 net/core/net-sysfs.c:2056 register_queue_kobjects net/core/net-sysfs.c:2119 [inline] netdev_register_kobject+0x1b7/0x230 net/core/net-sysfs.c:2362 register_netdevice+0x8f3/0x1000 net/core/dev.c:11424 nsim_init_netdevsim drivers/net/netdevsim/netdev.c:1063 [inline] nsim_create+0x5ee/0x8f0 drivers/net/netdevsim/netdev.c:1145 __nsim_dev_port_add+0x4d2/0x670 drivers/net/netdevsim/dev.c:1493 nsim_dev_port_add_all+0x33/0xc0 drivers/net/netdevsim/dev.c:1549 nsim_dev_reload_create drivers/net/netdevsim/dev.c:1601 [inline] nsim_dev_reload_up+0x30c/0x480 drivers/net/netdevsim/dev.c:1058 devlink_reload+0x323/0x590 net/devlink/dev.c:474 devlink_pernet_pre_exit+0xdb/0x230 net/devlink/core.c:507 ops_pre_exit_list net/core/net_namespace.c:161 [inline] ops_undo_list+0xb5/0x420 net/core/net_namespace.c:234 cleanup_net+0x37c/0x5b0 net/core/net_namespace.c:704 process_one_work kernel/workqueue.c:3275 [inline] process_scheduled_works+0x4de/0x9e0 kernel/workqueue.c:3358 worker_thread+0x581/0x770 kernel/workqueue.c:3439 kthread+0x22a/0x280 kernel/kthread.c:436 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 7874 Comm: kworker/u8:41 Tainted: G W syzkaller #0 PREEMPT(full) Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 Workqueue: netns cleanup_net ================================================================== bridge_slave_1: left allmulticast mode bridge_slave_1: left promiscuous mode bridge0: port 2(bridge_slave_1) entered disabled state bridge_slave_0: left allmulticast mode bridge_slave_0: left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state batman_adv: batadv0: Removing interface: gretap1 bond1 (unregistering): Released all slaves bond2 (unregistering): Released all slaves bond0 (unregistering): Released all slaves bond3 (unregistering): (slave veth3): Releasing active interface bond3 (unregistering): Released all slaves bond4 (unregistering): Released all slaves bond5 (unregistering): Released all slaves bond6 (unregistering): Released all slaves bond7 (unregistering): Released all slaves bond8 (unregistering): (slave veth7): Releasing active interface batadv1: entered promiscuous mode bond8 (unregistering): (slave batadv1): Releasing active interface bond8 (unregistering): Released all slaves tipc: Disabling bearer <udp:syz2> tipc: Left network mode IPVS: stopping master sync thread 15722 ... hsr_slave_0: left promiscuous mode batman_adv: batadv0: Removing interface: batadv_slave_0 batman_adv: batadv0: Removing interface: batadv_slave_1 batman_adv: batadv0: Removing interface: macsec2 team0 (unregistering): Port device team_slave_1 removed IPVS: stop unused estimator thread 0... netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 bridge_slave_1: left allmulticast mode bridge_slave_1: left promiscuous mode bridge0: port 2(bridge_slave_1) entered disabled state bridge_slave_0: left allmulticast mode bridge_slave_0: left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state bridge_slave_1: left allmulticast mode bridge_slave_1: left promiscuous mode bridge0: port 2(bridge_slave_1) entered disabled state bridge_slave_0: left allmulticast mode bridge_slave_0: left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state bond0 (unregistering): Released all slaves bond1 (unregistering): Released all slaves bond2 (unregistering): Released all slaves bond3 (unregistering): (slave gretap1): Releasing active interface bond1 (unregistering): (slave geneve2): Releasing active interface bond0 (unregistering): (slave bond_slave_0): Releasing backup interface bond0 (unregistering): (slave bond_slave_1): Releasing backup interface bond0 (unregistering): Released all slaves bond1 (unregistering): Released all slaves bond2 (unregistering): Released all slaves bond3 (unregistering): Released all slaves bond1 (unregistering): (slave gretap1): Releasing backup interface bond1 (unregistering): (slave gretap1): the permanent HWaddr of slave - 86:9c:28:d4:7c:f8 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts gretap1 (unregistering): left promiscuous mode gretap1 (unregistering): left allmulticast mode bond1 (unregistering): (slave bond2): making interface the new active one bond2 (unregistering): entered promiscuous mode bond2 (unregistering): entered allmulticast mode bond0 (unregistering): (slave bridge1): Releasing active interface bridge1 (unregistering): left promiscuous mode bridge1 (unregistering): left allmulticast mode bond0 (unregistering): Released all slaves bond1 (unregistering): (slave bond2): Releasing backup interface bond2 (unregistering): left promiscuous mode bond2 (unregistering): left allmulticast mode bond1 (unregistering): Released all slaves bond2 (unregistering): Released all slaves bond3 (unregistering): (slave veth3): Releasing active interface bond3 (unregistering): Released all slaves bond4 (unregistering): (slave bond5): Releasing backup interface bond5 (unregistering): left promiscuous mode bond4 (unregistering): Released all slaves bond5 (unregistering): Released all slaves tipc: Left network mode hsr_slave_0: left promiscuous mode hsr_slave_1: left promiscuous mode hsr_slave_0: left promiscuous mode hsr_slave_1: left promiscuous mode batman_adv: batadv0: Removing interface: batadv_slave_0 batman_adv: batadv0: Removing interface: batadv_slave_1 hsr_slave_0: left promiscuous mode hsr_slave_1: left promiscuous mode batman_adv: batadv0: Removing interface: batadv_slave_1 veth1_vlan: left promiscuous mode veth0_vlan: left promiscuous mode team0 (unregistering): Port device team_slave_1 removed team0 (unregistering): Port device team_slave_0 removed IPVS: stop unused estimator thread 0... IPVS: stop unused estimator thread 0...

Crashes (27):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/03/11 12:39	upstream	b4f0dd314b39	86914af9	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/09 23:45	upstream	1f318b96cc84	176bead5	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/09 11:59	upstream	1f318b96cc84	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/09 02:48	upstream	014441d1e4b2	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/08 04:36	upstream	c23719abc330	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/07 16:48	upstream	4ae12d8bd9a8	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/06 19:05	upstream	5ee8dbf54602	41d8037d	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/05 18:14	upstream	c107785c7e8d	d20b04c8	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/05 18:14	upstream	c107785c7e8d	d20b04c8	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/05 04:47	upstream	ecc64d2dc9ff	a9fe5c9e	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/04 09:04	upstream	0031c06807cf	4180d919	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/02 18:35	upstream	11439c4635ed	b9dd6534	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/03/01 21:53	upstream	39c633261414	43249bac	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/24 01:06	upstream	7dff99b35460	41d2fa6a	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/22 22:03	upstream	32a92f8c8932	6e7b5511	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/16 21:40	upstream	0f2acd3148e0	5d52cba5	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/16 03:36	upstream	26a4cfaff82a	1e62d198	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/15 07:51	upstream	3e48a11675c5	1e62d198	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/12 03:56	upstream	c22e26bd0906	76a109e2	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/02/09 11:15	upstream	05f7e89ab973	df949cd9	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/31 23:12	upstream	ad9a728a3388	afc0c4d4	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/30 01:56	upstream	4d310797262f	bfa73b7b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/29 12:45	upstream	8dfce8991b95	aeb6fdd5	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/28 02:29	upstream	1f97d9dcf536	3029c699	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/27 11:30	upstream	fcb70a56f4d8	9a514c2f	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/27 04:30	upstream	fcb70a56f4d8	efb3e894	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
2026/01/19 04:37	upstream	e84d960149e7	20d37d28	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath

Crashes (27):

Assets (help?)

2026/03/11 12:39

upstream