KCSAN: data-race in batadv_tt_local_add / batadv_tt_local

Kernel	Title	Rank 🛈	Count	Last	Reported	Patched	Status
upstream	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add batman	6	18	2263d	2343d	0/29	auto-closed as invalid on 2020/04/06 03:45
upstream	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (3) batman	6	1	726d	726d	0/29	auto-obsoleted due to no activity on 2024/05/17 04:58
upstream	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (4) batman	6	2	579d	599d	0/29	auto-obsoleted due to no activity on 2024/10/11 08:22
upstream	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (6) batman	6	1	261d	261d	0/29	auto-obsoleted due to no activity on 2025/09/15 10:36
upstream	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (7) batman	6	1	74d	49d	0/29	auto-obsoleted due to no activity on 2026/03/21 18:00
upstream	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (2) batman	6	1	1527d	1527d	0/29	auto-closed as invalid on 2022/03/08 09:06

================================================================== BUG: KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add write to 0xffff88811f01e140 of 8 bytes by interrupt on cpu 1: batadv_tt_local_add+0x164/0x1020 net/batman-adv/translation-table.c:619 batadv_interface_tx+0x42b/0xb60 net/batman-adv/mesh-interface.c:249 __netdev_start_xmit include/linux/netdevice.h:5201 [inline] netdev_start_xmit include/linux/netdevice.h:5210 [inline] xmit_one net/core/dev.c:3780 [inline] dev_hard_start_xmit+0x12e/0x400 net/core/dev.c:3796 __dev_queue_xmit+0x101a/0x20b0 net/core/dev.c:4633 dev_queue_xmit include/linux/netdevice.h:3350 [inline] br_dev_queue_push_xmit+0x437/0x500 net/bridge/br_forward.c:53 NF_HOOK include/linux/netfilter.h:314 [inline] br_forward_finish+0x93/0x160 net/bridge/br_forward.c:66 br_nf_hook_thresh net/bridge/br_netfilter_hooks.c:-1 [inline] br_nf_forward_finish+0x6bb/0x730 net/bridge/br_netfilter_hooks.c:665 NF_HOOK include/linux/netfilter.h:314 [inline] br_nf_forward_arp net/bridge/br_netfilter_hooks.c:755 [inline] br_nf_forward+0xb1e/0xec0 net/bridge/br_netfilter_hooks.c:778 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0x89/0x1b0 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] __br_forward+0x283/0x370 net/bridge/br_forward.c:115 deliver_clone net/bridge/br_forward.c:131 [inline] maybe_deliver+0x1c0/0x260 net/bridge/br_forward.c:190 br_flood+0x246/0x490 net/bridge/br_forward.c:237 br_handle_frame_finish+0xdd9/0xf70 net/bridge/br_input.c:220 nf_hook_bridge_pre net/bridge/br_input.c:304 [inline] br_handle_frame+0x5b6/0x9b0 net/bridge/br_input.c:433 __netif_receive_skb_core+0xaf6/0x2580 net/core/dev.c:5777 __netif_receive_skb_one_core net/core/dev.c:5889 [inline] __netif_receive_skb+0x5d/0x290 net/core/dev.c:6004 process_backlog+0x22e/0x440 net/core/dev.c:6356 __napi_poll+0x63/0x3c0 net/core/dev.c:7328 napi_poll net/core/dev.c:7392 [inline] net_rx_action+0x3a3/0x800 net/core/dev.c:7514 handle_softirqs+0xbf/0x280 kernel/softirq.c:561 do_softirq+0x62/0xa0 kernel/softirq.c:462 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:389 local_bh_enable include/linux/bottom_half.h:33 [inline] fpregs_unlock arch/x86/include/asm/fpu/api.h:77 [inline] kernel_fpu_end+0x9f/0xd0 arch/x86/kernel/fpu/core.c:460 blake2s_compress+0x5f/0xd0 arch/x86/crypto/blake2s-glue.c:49 blake2s_final+0x6a/0xa0 lib/crypto/blake2s.c:54 hmac+0x151/0x280 drivers/net/wireguard/noise.c:325 kdf+0x77/0x220 drivers/net/wireguard/noise.c:360 mix_precomputed_dh drivers/net/wireguard/noise.c:426 [inline] wg_noise_handshake_create_initiation+0x384/0x5e0 drivers/net/wireguard/noise.c:560 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:34 [inline] wg_packet_handshake_send_worker+0xb7/0x160 drivers/net/wireguard/send.c:51 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0x4de/0xa20 kernel/workqueue.c:3319 worker_thread+0x52c/0x710 kernel/workqueue.c:3400 kthread+0x4b7/0x540 kernel/kthread.c:464 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:153 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 write to 0xffff88811f01e140 of 8 bytes by interrupt on cpu 0: batadv_tt_local_add+0x164/0x1020 net/batman-adv/translation-table.c:619 batadv_interface_tx+0x42b/0xb60 net/batman-adv/mesh-interface.c:249 __netdev_start_xmit include/linux/netdevice.h:5201 [inline] netdev_start_xmit include/linux/netdevice.h:5210 [inline] xmit_one net/core/dev.c:3780 [inline] dev_hard_start_xmit+0x12e/0x400 net/core/dev.c:3796 __dev_queue_xmit+0x101a/0x20b0 net/core/dev.c:4633 dev_queue_xmit include/linux/netdevice.h:3350 [inline] br_dev_queue_push_xmit+0x437/0x500 net/bridge/br_forward.c:53 NF_HOOK include/linux/netfilter.h:314 [inline] br_forward_finish+0x93/0x160 net/bridge/br_forward.c:66 br_nf_hook_thresh net/bridge/br_netfilter_hooks.c:-1 [inline] br_nf_forward_finish+0x6bb/0x730 net/bridge/br_netfilter_hooks.c:665 NF_HOOK include/linux/netfilter.h:314 [inline] br_nf_forward_arp net/bridge/br_netfilter_hooks.c:755 [inline] br_nf_forward+0xb1e/0xec0 net/bridge/br_netfilter_hooks.c:778 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0x89/0x1b0 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] __br_forward+0x283/0x370 net/bridge/br_forward.c:115 deliver_clone net/bridge/br_forward.c:131 [inline] maybe_deliver+0x1c0/0x260 net/bridge/br_forward.c:190 br_flood+0x246/0x490 net/bridge/br_forward.c:237 br_handle_frame_finish+0xdd9/0xf70 net/bridge/br_input.c:220 nf_hook_bridge_pre net/bridge/br_input.c:304 [inline] br_handle_frame+0x5b6/0x9b0 net/bridge/br_input.c:433 __netif_receive_skb_core+0xaf6/0x2580 net/core/dev.c:5777 __netif_receive_skb_one_core net/core/dev.c:5889 [inline] __netif_receive_skb+0x5d/0x290 net/core/dev.c:6004 process_backlog+0x22e/0x440 net/core/dev.c:6356 __napi_poll+0x63/0x3c0 net/core/dev.c:7328 napi_poll net/core/dev.c:7392 [inline] net_rx_action+0x3a3/0x800 net/core/dev.c:7514 handle_softirqs+0xbf/0x280 kernel/softirq.c:561 do_softirq+0x62/0xa0 kernel/softirq.c:462 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:389 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline] _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210 spin_unlock_bh include/linux/spinlock.h:396 [inline] __batadv_dat_purge net/batman-adv/distributed-arp-table.c:185 [inline] batadv_dat_purge+0x1e6/0x270 net/batman-adv/distributed-arp-table.c:204 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0x4de/0xa20 kernel/workqueue.c:3319 worker_thread+0x52c/0x710 kernel/workqueue.c:3400 kthread+0x4b7/0x540 kernel/kthread.c:464 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:153 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 value changed: 0x00000000ffffe848 -> 0x00000000ffffe849 Reported by Kernel Concurrency Sanitizer on: CPU: 0 UID: 0 PID: 1064 Comm: kworker/u8:6 Not tainted 6.14.0-syzkaller-07486-g15cb9a2b66fc #0 PREEMPT(voluntary) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Workqueue: bat_events batadv_dat_purge ==================================================================

Crashes (2):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2025/03/28 22:09	upstream	15cb9a2b66fc	9a1a9e31	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add
2025/03/21 14:41	upstream	b3ee1e460951	62330552	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add

Crashes (2):

Assets (help?)