syzbot

 sign-in | mailing list | source | docs
🐞 Open [988] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in iptunnel_xmit / iptunnel_xmit

Status: closed as invalid on 2020/06/18 14:24
Subsystems: net
[Documentation on labels]
First crash: 1635d, last: 1410d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in iptunnel_xmit / iptunnel_xmit (2) net 61 1127d 1232d 0/26 auto-closed as invalid on 2021/04/30 07:41
upstream KCSAN: data-race in iptunnel_xmit / iptunnel_xmit (4) net 15 534d 652d 0/26 auto-obsoleted due to no activity on 2022/12/13 21:39
upstream KCSAN: data-race in iptunnel_xmit / iptunnel_xmit (5) net 1 234d 234d 23/26 fixed on 2023/10/12 12:48
upstream KCSAN: data-race in iptunnel_xmit / iptunnel_xmit (3) net 33 691d 864d 0/26 auto-closed as invalid on 2022/07/10 03:55

Sample crash report:
==================================================================
BUG: KCSAN: data-race in iptunnel_xmit / iptunnel_xmit

write to 0xffff8880a13c3140 of 8 bytes by task 18059 on cpu 1:
 iptunnel_xmit_stats include/net/ip_tunnels.h:455 [inline]
 iptunnel_xmit+0x526/0x540 net/ipv4/ip_tunnel_core.c:86
 ip_tunnel_xmit+0x98c/0x13c0 net/ipv4/ip_tunnel.c:814
 __gre_xmit+0x38e/0x4e0 net/ipv4/ip_gre.c:448
 ipgre_xmit+0x337/0x640 net/ipv4/ip_gre.c:632
 __netdev_start_xmit include/linux/netdevice.h:4533 [inline]
 netdev_start_xmit include/linux/netdevice.h:4547 [inline]
 xmit_one net/core/dev.c:3477 [inline]
 dev_hard_start_xmit+0xeb/0x420 net/core/dev.c:3493
 __dev_queue_xmit+0x11f7/0x1810 net/core/dev.c:4052
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4085
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x4bb/0x710 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x19a/0x1f0 net/core/filter.c:2112
 bpf_prog_bebbfe2050753572+0x5c/0x240
 bpf_dispatcher_nop_func include/linux/bpf.h:545 [inline]
 bpf_test_run+0x250/0x560 net/bpf/test_run.c:49
 bpf_prog_test_run_skb+0x668/0xad0 net/bpf/test_run.c:438
 bpf_prog_test_run kernel/bpf/syscall.c:2771 [inline]
 __do_sys_bpf+0x1c4d/0x3100 kernel/bpf/syscall.c:3721
 __se_sys_bpf kernel/bpf/syscall.c:3661 [inline]
 __x64_sys_bpf+0x47/0x60 kernel/bpf/syscall.c:3661
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8880a13c3140 of 8 bytes by task 18058 on cpu 0:
 iptunnel_xmit_stats include/net/ip_tunnels.h:455 [inline]
 iptunnel_xmit+0x513/0x540 net/ipv4/ip_tunnel_core.c:86
 ip_tunnel_xmit+0x98c/0x13c0 net/ipv4/ip_tunnel.c:814
 __gre_xmit+0x38e/0x4e0 net/ipv4/ip_gre.c:448
 ipgre_xmit+0x337/0x640 net/ipv4/ip_gre.c:632
 __netdev_start_xmit include/linux/netdevice.h:4533 [inline]
 netdev_start_xmit include/linux/netdevice.h:4547 [inline]
 xmit_one net/core/dev.c:3477 [inline]
 dev_hard_start_xmit+0xeb/0x420 net/core/dev.c:3493
 __dev_queue_xmit+0x11f7/0x1810 net/core/dev.c:4052
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4085
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x4bb/0x710 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x19a/0x1f0 net/core/filter.c:2112
 bpf_prog_bebbfe2050753572+0x5c/0x8ac
 bpf_dispatcher_nop_func include/linux/bpf.h:545 [inline]
 bpf_test_run+0x250/0x560 net/bpf/test_run.c:49
 bpf_prog_test_run_skb+0x668/0xad0 net/bpf/test_run.c:438
 bpf_prog_test_run kernel/bpf/syscall.c:2771 [inline]
 __do_sys_bpf+0x1c4d/0x3100 kernel/bpf/syscall.c:3721
 __se_sys_bpf kernel/bpf/syscall.c:3661 [inline]
 __x64_sys_bpf+0x47/0x60 kernel/bpf/syscall.c:3661
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 18058 Comm: syz-executor.5 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (28):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/15 22:59 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 baca2611 .config console log report ci2-upstream-kcsan-gce
2020/06/12 20:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 3036d6fd .config console log report ci2-upstream-kcsan-gce
2020/06/12 00:42 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 1beaee21 .config console log report ci2-upstream-kcsan-gce
2020/06/03 10:36 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f3ba1b5b .config console log report ci2-upstream-kcsan-gce
2020/05/24 03:27 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 96c92ad3 .config console log report ci2-upstream-kcsan-gce
2020/05/06 14:00 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4618eb2d .config console log report ci2-upstream-kcsan-gce
2020/05/06 01:36 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 35b8eb30 .config console log report ci2-upstream-kcsan-gce
2020/05/01 22:35 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 bc734e7a .config console log report ci2-upstream-kcsan-gce
2020/04/30 07:26 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2dd552a5 .config console log report ci2-upstream-kcsan-gce
2020/04/19 15:25 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6dfd45e1 .config console log report ci2-upstream-kcsan-gce
2020/04/14 02:48 https://github.com/google/ktsan.git kcsan 40959e34d670 7c54686a .config console log report ci2-upstream-kcsan-gce
2020/03/31 05:55 https://github.com/google/ktsan.git kcsan 40959e34d670 c8d1cc20 .config console log report ci2-upstream-kcsan-gce
2020/03/29 05:53 https://github.com/google/ktsan.git kcsan 40959e34d670 05736b29 .config console log report ci2-upstream-kcsan-gce
2020/03/01 11:22 https://github.com/google/ktsan.git kcsan 766d004d1b85 c88c7b75 .config console log report ci2-upstream-kcsan-gce
2020/02/13 05:27 https://github.com/google/ktsan.git kcsan f60f0f543333 84f4fc8a .config console log report ci2-upstream-kcsan-gce
2020/02/11 16:00 https://github.com/google/ktsan.git kcsan f60f0f543333 084454ae .config console log report ci2-upstream-kcsan-gce
2020/02/03 01:07 https://github.com/google/ktsan.git kcsan 245a43005292 93e5e335 .config console log report ci2-upstream-kcsan-gce
2020/01/26 03:26 https://github.com/google/ktsan.git kcsan 245a43005292 f4e7270e .config console log report ci2-upstream-kcsan-gce
2020/01/17 14:58 https://github.com/google/ktsan.git kcsan 245a43005292 3de7aabb .config console log report ci2-upstream-kcsan-gce
2020/01/14 08:03 https://github.com/google/ktsan.git kcsan 245a43005292 32881205 .config console log report ci2-upstream-kcsan-gce
2020/01/12 15:11 https://github.com/google/ktsan.git kcsan 245a43005292 31290a45 .config console log report ci2-upstream-kcsan-gce
2020/01/11 12:46 https://github.com/google/ktsan.git kcsan 245a43005292 4c04afaa .config console log report ci2-upstream-kcsan-gce
2020/01/08 20:56 https://github.com/google/ktsan.git kcsan 245a43005292 ddc3e859 .config console log report ci2-upstream-kcsan-gce
2019/12/22 04:25 https://github.com/google/ktsan.git kcsan 245a43005292 bc586918 .config console log report ci2-upstream-kcsan-gce
2019/11/30 20:49 https://github.com/google/ktsan.git kcsan ef798c30ba4e 3a75be00 .config console log report ci2-upstream-kcsan-gce
2019/11/14 22:09 https://github.com/google/ktsan.git kcsan 7f2955e0d056 048f2d49 .config console log report ci2-upstream-kcsan-gce
2019/11/05 11:25 https://github.com/google/ktsan.git kcsan 94c006602e13 76630fc9 .config console log report ci2-upstream-kcsan-gce
2019/11/03 15:23 https://github.com/google/ktsan.git kcsan 05f2236801fe c9610487 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.