KCSAN: data-race in batadv_bla_tx / batadv_bla

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	KCSAN: data-race in batadv_bla_tx / batadv_bla_tx batman				1	836d	820d	0/26	auto-closed as invalid on 2022/02/05 10:48

================================================================== BUG: KCSAN: data-race in batadv_bla_tx / batadv_bla_tx write to 0xffff888134afc220 of 8 bytes by interrupt on cpu 1: batadv_bla_update_own_backbone_gw net/batman-adv/bridge_loop_avoidance.c:576 [inline] batadv_bla_tx+0xe30/0x1300 net/batman-adv/bridge_loop_avoidance.c:2105 batadv_interface_tx+0x292/0xc30 net/batman-adv/soft-interface.c:239 __netdev_start_xmit include/linux/netdevice.h:4685 [inline] netdev_start_xmit include/linux/netdevice.h:4699 [inline] xmit_one+0x105/0x2f0 net/core/dev.c:3473 dev_hard_start_xmit net/core/dev.c:3489 [inline] __dev_queue_xmit+0x86d/0xfa0 net/core/dev.c:4116 dev_queue_xmit_accel+0x19/0x20 net/core/dev.c:4155 macvlan_queue_xmit drivers/net/macvlan.c:543 [inline] macvlan_start_xmit+0x2b3/0x3d0 drivers/net/macvlan.c:567 __netdev_start_xmit include/linux/netdevice.h:4685 [inline] netdev_start_xmit include/linux/netdevice.h:4699 [inline] xmit_one+0x105/0x2f0 net/core/dev.c:3473 dev_hard_start_xmit net/core/dev.c:3489 [inline] __dev_queue_xmit+0x86d/0xfa0 net/core/dev.c:4116 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149 neigh_hh_output include/net/neighbour.h:533 [inline] neigh_output include/net/neighbour.h:547 [inline] ip6_finish_output2+0x9a5/0xbe0 net/ipv6/ip6_output.c:126 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline] ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224 dst_output include/net/dst.h:451 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ndisc_send_skb+0x488/0x610 net/ipv6/ndisc.c:508 ndisc_send_rs+0x3b0/0x3e0 net/ipv6/ndisc.c:702 addrconf_rs_timer+0x363/0x540 net/ipv6/addrconf.c:3915 call_timer_fn+0x2e/0x240 kernel/time/timer.c:1421 expire_timers+0x116/0x240 kernel/time/timer.c:1466 __run_timers+0x368/0x410 kernel/time/timer.c:1734 run_timer_softirq+0x2e/0x60 kernel/time/timer.c:1747 __do_softirq+0x158/0x2de kernel/softirq.c:558 __irq_exit_rcu kernel/softirq.c:637 [inline] irq_exit_rcu+0x37/0x70 kernel/softirq.c:649 sysvec_apic_timer_interrupt+0x8d/0xb0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 is_atomic kernel/kcsan/core.c:258 [inline] should_watch kernel/kcsan/core.c:275 [inline] check_access kernel/kcsan/core.c:741 [inline] __tsan_read4+0x138/0x180 kernel/kcsan/core.c:1013 crc32_body lib/crc32.c:106 [inline] crc32_le_generic lib/crc32.c:179 [inline] __crc32c_le_base+0x99/0x350 lib/crc32.c:202 chksum_update+0x2e/0x50 crypto/crct10dif_generic.c:56 crypto_shash_update+0x13c/0x1a0 crypto/shash.c:131 ext4_chksum fs/ext4/ext4.h:2452 [inline] ext4_inode_bitmap_csum_set+0xc9/0x190 fs/ext4/bitmap.c:51 __ext4_new_inode+0x17a1/0x24e0 fs/ext4/ialloc.c:1226 ext4_symlink+0x23b/0x5d0 fs/ext4/namei.c:3293 vfs_symlink+0x18a/0x280 fs/namei.c:4299 do_symlinkat+0x104/0x380 fs/namei.c:4328 __do_sys_symlink fs/namei.c:4350 [inline] __se_sys_symlink fs/namei.c:4348 [inline] __x64_sys_symlink+0x52/0x60 fs/namei.c:4348 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae write to 0xffff888134afc220 of 8 bytes by interrupt on cpu 0: batadv_bla_update_own_backbone_gw net/batman-adv/bridge_loop_avoidance.c:576 [inline] batadv_bla_tx+0xe30/0x1300 net/batman-adv/bridge_loop_avoidance.c:2105 batadv_interface_tx+0x292/0xc30 net/batman-adv/soft-interface.c:239 __netdev_start_xmit include/linux/netdevice.h:4685 [inline] netdev_start_xmit include/linux/netdevice.h:4699 [inline] xmit_one+0x105/0x2f0 net/core/dev.c:3473 dev_hard_start_xmit net/core/dev.c:3489 [inline] __dev_queue_xmit+0x86d/0xfa0 net/core/dev.c:4116 dev_queue_xmit_accel+0x19/0x20 net/core/dev.c:4155 macvlan_queue_xmit drivers/net/macvlan.c:543 [inline] macvlan_start_xmit+0x2b3/0x3d0 drivers/net/macvlan.c:567 __netdev_start_xmit include/linux/netdevice.h:4685 [inline] netdev_start_xmit include/linux/netdevice.h:4699 [inline] xmit_one+0x105/0x2f0 net/core/dev.c:3473 dev_hard_start_xmit net/core/dev.c:3489 [inline] __dev_queue_xmit+0x86d/0xfa0 net/core/dev.c:4116 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149 neigh_hh_output include/net/neighbour.h:533 [inline] neigh_output include/net/neighbour.h:547 [inline] ip6_finish_output2+0x9a5/0xbe0 net/ipv6/ip6_output.c:126 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline] ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224 dst_output include/net/dst.h:451 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ndisc_send_skb+0x488/0x610 net/ipv6/ndisc.c:508 ndisc_send_rs+0x3b0/0x3e0 net/ipv6/ndisc.c:702 addrconf_rs_timer+0x363/0x540 net/ipv6/addrconf.c:3915 call_timer_fn+0x2e/0x240 kernel/time/timer.c:1421 expire_timers+0x116/0x240 kernel/time/timer.c:1466 __run_timers+0x368/0x410 kernel/time/timer.c:1734 run_timer_softirq+0x2e/0x60 kernel/time/timer.c:1747 __do_softirq+0x158/0x2de kernel/softirq.c:558 __irq_exit_rcu kernel/softirq.c:637 [inline] irq_exit_rcu+0x37/0x70 kernel/softirq.c:649 sysvec_apic_timer_interrupt+0x8d/0xb0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 kcsan_setup_watchpoint+0x43d/0x460 kernel/kcsan/core.c:694 batadv_check_known_mac_addr+0x59/0x190 net/batman-adv/hard-interface.c:511 batadv_hardif_add_interface net/batman-adv/hard-interface.c:882 [inline] batadv_hard_if_event+0x9b7/0x1010 net/batman-adv/hard-interface.c:946 notifier_call_chain kernel/notifier.c:84 [inline] raw_notifier_call_chain+0x53/0xb0 kernel/notifier.c:392 call_netdevice_notifiers_info net/core/dev.c:1919 [inline] call_netdevice_notifiers_extack net/core/dev.c:1931 [inline] call_netdevice_notifiers net/core/dev.c:1945 [inline] register_netdevice+0xe0b/0x10b0 net/core/dev.c:9698 br_dev_newlink+0x23/0xe0 net/bridge/br_netlink.c:1443 __rtnl_newlink net/core/rtnetlink.c:3483 [inline] rtnl_newlink+0xdd6/0x13e0 net/core/rtnetlink.c:3531 rtnetlink_rcv_msg+0x745/0x7e0 net/core/rtnetlink.c:5596 netlink_rcv_skb+0x14e/0x250 net/netlink/af_netlink.c:2494 rtnetlink_rcv+0x18/0x20 net/core/rtnetlink.c:5614 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline] netlink_unicast+0x602/0x6d0 net/netlink/af_netlink.c:1343 netlink_sendmsg+0x728/0x850 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:705 [inline] sock_sendmsg net/socket.c:725 [inline] ____sys_sendmsg+0x39a/0x510 net/socket.c:2413 ___sys_sendmsg net/socket.c:2467 [inline] __sys_sendmsg+0x195/0x230 net/socket.c:2496 __do_sys_sendmsg net/socket.c:2505 [inline] __se_sys_sendmsg net/socket.c:2503 [inline] __x64_sys_sendmsg+0x42/0x50 net/socket.c:2503 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae value changed: 0x00000001000392b4 -> 0x00000001000392c0 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 22524 Comm: syz-executor.1 Not tainted 5.17.0-rc8-syzkaller-00003-g56e337f2cf13-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================