KCSAN: data-race in hsr_forward_skb / hsr_forward

KCSAN: data-race in hsr_forward_skb / hsr_forward_skb (2)
Status: closed as invalid on 2020/06/18 14:13
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 487d, last: 487d

similar bugs (4):
Kernel	Title	Count	Last	Reported	Patched	Status
upstream	KCSAN: data-race in hsr_forward_skb / hsr_forward_skb (3)	1	427d	427d	0/22	auto-closed as invalid on 2020/08/24 16:27
upstream	KCSAN: data-race in hsr_forward_skb / hsr_forward_skb (4)	2	356d	378d	0/22	auto-closed as invalid on 2020/11/03 11:23
upstream	KCSAN: data-race in hsr_forward_skb / hsr_forward_skb	1	652d	652d	0/22	auto-closed as invalid on 2020/02/16 12:36
upstream	KCSAN: data-race in hsr_forward_skb / hsr_forward_skb (5)	1	264d	264d	0/22	auto-closed as invalid on 2021/02/03 21:38

Sample crash report:

==================================================================
BUG: KCSAN: data-race in hsr_forward_skb / hsr_forward_skb

write to 0xffff88809e770110 of 8 bytes by task 32241 on cpu 1:
 hsr_forward_skb+0x995/0x1140 net/hsr/hsr_forward.c:366
 hsr_dev_xmit+0x5e/0x90 net/hsr/hsr_device.c:223
 __netdev_start_xmit include/linux/netdevice.h:4533 [inline]
 netdev_start_xmit include/linux/netdevice.h:4547 [inline]
 xmit_one net/core/dev.c:3477 [inline]
 dev_hard_start_xmit+0xeb/0x420 net/core/dev.c:3493
 __dev_queue_xmit+0x11f7/0x1810 net/core/dev.c:4052
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4085
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x4bb/0x710 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x19a/0x1f0 net/core/filter.c:2112
 0xffffffffa004edf4
 bpf_dispatcher_nop_func include/linux/bpf.h:545 [inline]
 bpf_test_run+0x250/0x560 net/bpf/test_run.c:49
 bpf_prog_test_run_skb+0x668/0xad0 net/bpf/test_run.c:438
 bpf_prog_test_run kernel/bpf/syscall.c:2771 [inline]
 __do_sys_bpf+0x1c4d/0x3100 kernel/bpf/syscall.c:3721
 __se_sys_bpf kernel/bpf/syscall.c:3661 [inline]
 __x64_sys_bpf+0x47/0x60 kernel/bpf/syscall.c:3661
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88809e770110 of 8 bytes by task 32226 on cpu 0:
 hsr_forward_skb+0x982/0x1140 net/hsr/hsr_forward.c:366
 hsr_dev_xmit+0x5e/0x90 net/hsr/hsr_device.c:223
 __netdev_start_xmit include/linux/netdevice.h:4533 [inline]
 netdev_start_xmit include/linux/netdevice.h:4547 [inline]
 xmit_one net/core/dev.c:3477 [inline]
 dev_hard_start_xmit+0xeb/0x420 net/core/dev.c:3493
 __dev_queue_xmit+0x11f7/0x1810 net/core/dev.c:4052
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4085
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x4bb/0x710 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x19a/0x1f0 net/core/filter.c:2112
 bpf_prog_15224e9516814752+0x5c/0x1a8
 bpf_dispatcher_nop_func include/linux/bpf.h:545 [inline]
 bpf_test_run+0x250/0x560 net/bpf/test_run.c:49
 bpf_prog_test_run_skb+0x668/0xad0 net/bpf/test_run.c:438
 bpf_prog_test_run kernel/bpf/syscall.c:2771 [inline]
 __do_sys_bpf+0x1c4d/0x3100 kernel/bpf/syscall.c:3721
 __se_sys_bpf kernel/bpf/syscall.c:3661 [inline]
 __x64_sys_bpf+0x47/0x60 kernel/bpf/syscall.c:3661
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 32226 Comm: syz-executor.2 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci2-upstream-kcsan-gce	2020/05/22 03:12	https://github.com/google/ktsan.git kcsan	7c3cd68e5d38	4afdfa20	.config	log	report