syzbot

 sign-in | mailing list | source | docs
🐞 Open [1479]
Subsystems
🐞 Fixed [6786]
🐞 Invalid [17531]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in ip6_finish_output2 / rt6_disable_ip

Status: auto-obsoleted due to no activity on 2024/10/24 02:33
Subsystems: net
[Documentation on labels]
First crash: 450d, last: 450d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in ip6_finish_output2 / rt6_disable_ip

write to 0xffff8881159ef400 of 8 bytes by task 12046 on cpu 0:
 rt6_uncached_list_flush_dev net/ipv6/route.c:184 [inline]
 rt6_disable_ip+0x349/0x5f0 net/ipv6/route.c:4914
 addrconf_ifdown+0xa2/0xf20 net/ipv6/addrconf.c:3858
 addrconf_notify+0x2ff/0x950
 notifier_call_chain kernel/notifier.c:93 [inline]
 raw_notifier_call_chain+0x6f/0x1d0 kernel/notifier.c:461
 call_netdevice_notifiers_info+0xae/0x100 net/core/dev.c:1996
 call_netdevice_notifiers_extack net/core/dev.c:2034 [inline]
 call_netdevice_notifiers net/core/dev.c:2048 [inline]
 dev_close_many+0x174/0x240 net/core/dev.c:1589
 unregister_netdevice_many_notify+0x263/0x11b0 net/core/dev.c:11373
 unregister_netdevice_many net/core/dev.c:11461 [inline]
 unregister_netdevice_queue+0x1f4/0x220 net/core/dev.c:11335
 unregister_netdevice include/linux/netdevice.h:3118 [inline]
 __tun_detach+0x79e/0xaa0 drivers/net/tun.c:685
 tun_detach drivers/net/tun.c:701 [inline]
 tun_chr_close+0x58/0xf0 drivers/net/tun.c:3517
 __fput+0x17a/0x6d0 fs/file_table.c:431
 ____fput+0x1c/0x30 fs/file_table.c:459
 task_work_run+0x13a/0x1a0 kernel/task_work.c:228
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xbe/0x130 kernel/entry/common.c:218
 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff8881159ef400 of 8 bytes by task 3482 on cpu 1:
 ip6_finish_output2+0x49/0xd20 net/ipv6/ip6_output.c:63
 ip6_finish_output+0x438/0x540 net/ipv6/ip6_output.c:226
 NF_HOOK_COND include/linux/netfilter.h:303 [inline]
 ip6_output+0xf5/0x230 net/ipv6/ip6_output.c:247
 dst_output include/net/dst.h:450 [inline]
 NF_HOOK include/linux/netfilter.h:314 [inline]
 mld_sendpack+0x421/0x6d0 net/ipv6/mcast.c:1819
 mld_send_cr net/ipv6/mcast.c:2120 [inline]
 mld_ifc_work+0x51a/0x7e0 net/ipv6/mcast.c:2651
 process_one_work kernel/workqueue.c:3229 [inline]
 process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3310
 worker_thread+0x51d/0x6f0 kernel/workqueue.c:3391
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0xffff888107478000 -> 0xffff8881021fd000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 3482 Comm: kworker/1:6 Not tainted 6.11.0-syzkaller-05319-g4a39ac5b7d62 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: mld mld_ifc_work
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/09/19 02:23 upstream 4a39ac5b7d62 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in ip6_finish_output2 / rt6_disable_ip
* Struck through repros no longer work on HEAD.