syzbot

 sign-in | mailing list | source | docs
🐞 Open [985] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in fib6_clean_node / ip6_dst_check (5)

Status: auto-closed as invalid on 2022/03/01 22:33
Subsystems: net
[Documentation on labels]
First crash: 814d, last: 814d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (4) net 2 1115d 1138d 0/26 auto-closed as invalid on 2021/05/04 21:50
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (2) net 1 1348d 1348d 0/26 auto-closed as invalid on 2020/09/13 19:08
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (3) net 1 1230d 1225d 0/26 auto-closed as invalid on 2021/01/10 01:07
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check net 1 1609d 1609d 0/26 auto-closed as invalid on 2020/02/01 07:07

Sample crash report:
==================================================================
BUG: KCSAN: data-race in fib6_clean_node / ip6_dst_check

write to 0xffff888135a280ac of 4 bytes by task 26009 on cpu 1:
 fib6_clean_node+0xc2/0x260 net/ipv6/ip6_fib.c:2178
 fib6_walk_continue+0x38e/0x430 net/ipv6/ip6_fib.c:2112
 fib6_walk net/ipv6/ip6_fib.c:2160 [inline]
 fib6_clean_tree net/ipv6/ip6_fib.c:2240 [inline]
 __fib6_clean_all+0x1a9/0x2e0 net/ipv6/ip6_fib.c:2256
 fib6_flush_trees+0x6c/0x80 net/ipv6/ip6_fib.c:2281
 rt_genid_bump_ipv6 include/net/net_namespace.h:488 [inline]
 addrconf_dad_completed+0x57f/0x870 net/ipv6/addrconf.c:4230
 addrconf_dad_work+0x908/0x1170
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

read to 0xffff888135a280ac of 4 bytes by task 1916 on cpu 0:
 fib6_get_cookie_safe include/net/ip6_fib.h:285 [inline]
 fib6_check net/ipv6/route.c:2696 [inline]
 rt6_dst_from_check net/ipv6/route.c:2727 [inline]
 ip6_dst_check+0x270/0x400 net/ipv6/route.c:2756
 dst_cache_per_cpu_get+0x103/0x1b0 net/core/dst_cache.c:50
 dst_cache_get_ip6+0x4a/0x90 net/core/dst_cache.c:130
 send6+0x16e/0x3b0 drivers/net/wireguard/socket.c:129
 wg_socket_send_skb_to_peer+0xbb/0x130 drivers/net/wireguard/socket.c:177
 wg_packet_create_data_done drivers/net/wireguard/send.c:251 [inline]
 wg_packet_tx_worker+0x142/0x360 drivers/net/wireguard/send.c:276
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

value changed: 0x000001ab -> 0x000001b1

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 1916 Comm: kworker/0:6 Not tainted 5.17.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: wg-crypt-wg0 wg_packet_tx_worker
==================================================================
IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/01/25 22:27 upstream 49d766f3a0e4 2cbffd88 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in fib6_clean_node / ip6_dst_check
* Struck through repros no longer work on HEAD.