syzbot


KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit (2)
Status: closed as invalid on 2020/06/18 14:24
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 878d, last: 704d
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit (5) 1 180d 178d 22/22 fixed on 2022/03/08 16:11
upstream KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit (4) 2 476d 487d 0/22 auto-closed as invalid on 2021/03/05 12:45
upstream KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit (3) 1 645d 645d 0/22 auto-closed as invalid on 2020/09/17 17:51
upstream KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit 40 890d 940d 16/22 fixed on 2019/12/13 00:31

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit

write to 0xffff8880b4dfdc84 of 4 bytes by task 14706 on cpu 0:
 __netif_tx_lock include/linux/netdevice.h:4015 [inline]
 __dev_queue_xmit+0x1396/0x1810 net/core/dev.c:4048
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4085
 neigh_direct_output+0x1c/0x30 net/core/neighbour.c:1529
 neigh_output include/net/neighbour.h:510 [inline]
 ip6_finish_output2+0x717/0xf60 net/ipv6/ip6_output.c:117
 __ip6_finish_output net/ipv6/ip6_output.c:143 [inline]
 __ip6_finish_output+0x2cb/0x320 net/ipv6/ip6_output.c:128
 ip6_finish_output+0x3e/0x160 net/ipv6/ip6_output.c:153
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip6_output+0x104/0x2a0 net/ipv6/ip6_output.c:176
 dst_output include/net/dst.h:435 [inline]
 ip6_local_out+0x70/0x90 net/ipv6/output_core.c:179
 ip6_send_skb+0x4f/0x110 net/ipv6/ip6_output.c:1865
 udp_v6_send_skb.isra.0+0x3f9/0xa80 net/ipv6/udp.c:1175
 udpv6_sendmsg+0x19e1/0x1d40 net/ipv6/udp.c:1473
 inet6_sendmsg+0x69/0x90 net/ipv6/af_inet6.c:577
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg+0x98/0xc0 net/socket.c:672
 ____sys_sendmsg+0x207/0x4c0 net/socket.c:2362
 ___sys_sendmsg+0xb5/0x100 net/socket.c:2416
 __sys_sendmmsg+0x10e/0x310 net/socket.c:2506
 __do_sys_sendmmsg net/socket.c:2535 [inline]
 __se_sys_sendmmsg net/socket.c:2532 [inline]
 __x64_sys_sendmmsg+0x60/0x80 net/socket.c:2532
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8880b4dfdc84 of 4 bytes by task 14707 on cpu 1:
 __dev_queue_xmit+0xb23/0x1810 net/core/dev.c:4040
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4085
 neigh_direct_output+0x1c/0x30 net/core/neighbour.c:1529
 neigh_output include/net/neighbour.h:510 [inline]
 ip6_finish_output2+0x717/0xf60 net/ipv6/ip6_output.c:117
 __ip6_finish_output net/ipv6/ip6_output.c:143 [inline]
 __ip6_finish_output+0x2cb/0x320 net/ipv6/ip6_output.c:128
 ip6_finish_output+0x3e/0x160 net/ipv6/ip6_output.c:153
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip6_output+0x104/0x2a0 net/ipv6/ip6_output.c:176
 dst_output include/net/dst.h:435 [inline]
 ip6_local_out+0x70/0x90 net/ipv6/output_core.c:179
 ip6_send_skb+0x4f/0x110 net/ipv6/ip6_output.c:1865
 udp_v6_send_skb.isra.0+0x3f9/0xa80 net/ipv6/udp.c:1175
 udpv6_sendmsg+0x19e1/0x1d40 net/ipv6/udp.c:1473
 inet6_sendmsg+0x69/0x90 net/ipv6/af_inet6.c:577
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg+0x98/0xc0 net/socket.c:672
 ____sys_sendmsg+0x207/0x4c0 net/socket.c:2362
 ___sys_sendmsg+0xb5/0x100 net/socket.c:2416
 __sys_sendmmsg+0x10e/0x310 net/socket.c:2506
 __do_sys_sendmmsg net/socket.c:2535 [inline]
 __se_sys_sendmmsg net/socket.c:2532 [inline]
 __x64_sys_sendmmsg+0x60/0x80 net/socket.c:2532
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 14707 Comm: syz-executor.1 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (37):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2020/06/15 22:16 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 baca2611 .config log report
ci2-upstream-kcsan-gce 2020/05/21 19:26 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4afdfa20 .config log report
ci2-upstream-kcsan-gce 2020/05/13 13:36 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9a6d42fb .config log report
ci2-upstream-kcsan-gce 2020/05/12 20:11 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a44eb8f7 .config log report
ci2-upstream-kcsan-gce 2020/05/10 02:58 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 8742a2b9 .config log report
ci2-upstream-kcsan-gce 2020/05/08 13:04 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 fe4122c3 .config log report
ci2-upstream-kcsan-gce 2020/04/25 19:53 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 b8bb8e5f .config log report
ci2-upstream-kcsan-gce 2020/04/24 01:38 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 b9233cab .config log report
ci2-upstream-kcsan-gce 2020/04/16 07:24 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 c743fcb3 .config log report
ci2-upstream-kcsan-gce 2020/04/16 00:21 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 3f3c5574 .config log report
ci2-upstream-kcsan-gce 2020/04/10 00:51 https://github.com/google/ktsan.git kcsan 40959e34d670 a8c6a3f8 .config log report
ci2-upstream-kcsan-gce 2020/04/08 16:38 https://github.com/google/ktsan.git kcsan 40959e34d670 db9bcd4b .config log report
ci2-upstream-kcsan-gce 2020/04/03 08:33 https://github.com/google/ktsan.git kcsan 40959e34d670 a34e2c33 .config log report
ci2-upstream-kcsan-gce 2020/03/24 17:39 https://github.com/google/ktsan.git kcsan 40959e34d670 68660b21 .config log report
ci2-upstream-kcsan-gce 2020/03/19 00:14 https://github.com/google/ktsan.git kcsan 40959e34d670 2c31c529 .config log report
ci2-upstream-kcsan-gce 2020/02/29 00:50 https://github.com/google/ktsan.git kcsan 766d004d1b85 c88c7b75 .config log report
ci2-upstream-kcsan-gce 2020/02/16 08:37 https://github.com/google/ktsan.git kcsan b12d66a6c34f 5d7b90f1 .config log report
ci2-upstream-kcsan-gce 2020/02/16 08:33 https://github.com/google/ktsan.git kcsan b12d66a6c34f 5d7b90f1 .config log report
ci2-upstream-kcsan-gce 2020/02/09 21:16 https://github.com/google/ktsan.git kcsan f60f0f543333 6ece2ea5 .config log report
ci2-upstream-kcsan-gce 2020/02/06 21:21 https://github.com/google/ktsan.git kcsan 245a43005292 5be3a391 .config log report
ci2-upstream-kcsan-gce 2020/02/01 02:23 https://github.com/google/ktsan.git kcsan 245a43005292 0eb59c27 .config log report
ci2-upstream-kcsan-gce 2020/01/31 04:53 https://github.com/google/ktsan.git kcsan 245a43005292 5ed23f9a .config log report
ci2-upstream-kcsan-gce 2020/01/25 10:55 https://github.com/google/ktsan.git kcsan 245a43005292 2e95ab33 .config log report
ci2-upstream-kcsan-gce 2020/01/23 05:04 https://github.com/google/ktsan.git kcsan 245a43005292 3334d684 .config log report
ci2-upstream-kcsan-gce 2020/01/16 03:18 https://github.com/google/ktsan.git kcsan 245a43005292 f9b69507 .config log report
ci2-upstream-kcsan-gce 2020/01/11 05:59 https://github.com/google/ktsan.git kcsan 245a43005292 4c04afaa .config log report
ci2-upstream-kcsan-gce 2020/01/10 22:32 https://github.com/google/ktsan.git kcsan 245a43005292 532ec44e .config log report
ci2-upstream-kcsan-gce 2020/01/08 14:19 https://github.com/google/ktsan.git kcsan 245a43005292 ddc3e859 .config log report
ci2-upstream-kcsan-gce 2020/01/07 18:28 https://github.com/google/ktsan.git kcsan 245a43005292 1bcd407e .config log report
ci2-upstream-kcsan-gce 2020/01/06 23:46 https://github.com/google/ktsan.git kcsan 245a43005292 53430d97 .config log report
ci2-upstream-kcsan-gce 2020/01/06 04:44 https://github.com/google/ktsan.git kcsan 245a43005292 438e1227 .config log report
ci2-upstream-kcsan-gce 2020/01/05 16:34 https://github.com/google/ktsan.git kcsan 245a43005292 d646e21f .config log report
ci2-upstream-kcsan-gce 2020/01/04 11:00 https://github.com/google/ktsan.git kcsan 245a43005292 68256974 .config log report
ci2-upstream-kcsan-gce 2020/01/04 11:00 https://github.com/google/ktsan.git kcsan 245a43005292 68256974 .config log report
ci2-upstream-kcsan-gce 2020/01/03 09:27 https://github.com/google/ktsan.git kcsan 245a43005292 25a0186e .config log report
ci2-upstream-kcsan-gce 2019/12/30 06:43 https://github.com/google/ktsan.git kcsan 245a43005292 af6b8ef8 .config log report
ci2-upstream-kcsan-gce 2019/12/24 12:44 https://github.com/google/ktsan.git kcsan 245a43005292 be5c2c81 .config log report