syzbot

 sign-in | mailing list | source | docs
🐞 Open [1497]
Subsystems
🐞 Fixed [6528]
🐞 Invalid [16623]
Missing Backports [205]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in ip6_output / rt6_disable_ip

Status: auto-obsoleted due to no activity on 2024/06/09 11:11
Subsystems: net
[Documentation on labels]
First crash: 476d, last: 476d
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in ip6_output / rt6_disable_ip (2) net 6 1 78d 78d 0/29 auto-obsoleted due to no activity on 2025/08/02 10:30

Sample crash report:
==================================================================
BUG: KCSAN: data-race in ip6_output / rt6_disable_ip

write to 0xffff8881173c4000 of 8 bytes by task 18134 on cpu 0:
 rt6_uncached_list_flush_dev net/ipv6/route.c:184 [inline]
 rt6_disable_ip+0x300/0x5f0 net/ipv6/route.c:4909
 addrconf_ifdown+0xa2/0xf20 net/ipv6/addrconf.c:3854
 addrconf_notify+0x2ff/0x950
 notifier_call_chain kernel/notifier.c:93 [inline]
 raw_notifier_call_chain+0x6f/0x1d0 kernel/notifier.c:461
 call_netdevice_notifiers_info+0xae/0x100 net/core/dev.c:1950
 call_netdevice_notifiers_extack net/core/dev.c:1988 [inline]
 call_netdevice_notifiers net/core/dev.c:2002 [inline]
 dev_close_many+0x174/0x240 net/core/dev.c:1543
 unregister_netdevice_many_notify+0x263/0xf20 net/core/dev.c:11080
 unregister_netdevice_many+0x19/0x20 net/core/dev.c:11163
 cleanup_net+0x417/0x830 net/core/net_namespace.c:632
 process_one_work kernel/workqueue.c:3267 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3348
 worker_thread+0x526/0x730 kernel/workqueue.c:3429
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read to 0xffff8881173c4000 of 8 bytes by task 3387 on cpu 1:
 ip6_output+0x48/0x220 net/ipv6/ip6_output.c:231
 dst_output include/net/dst.h:450 [inline]
 NF_HOOK include/linux/netfilter.h:314 [inline]
 mld_sendpack+0x41f/0x6d0 net/ipv6/mcast.c:1818
 mld_send_cr net/ipv6/mcast.c:2119 [inline]
 mld_ifc_work+0x517/0x7e0 net/ipv6/mcast.c:2650
 process_one_work kernel/workqueue.c:3267 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3348
 worker_thread+0x526/0x730 kernel/workqueue.c:3429
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0xffff888115ff4000 -> 0xffff8881020c0000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3387 Comm: kworker/1:15 Not tainted 6.9.0-rc6-syzkaller-00234-g7367539ad4b0 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Workqueue: mld mld_ifc_work
==================================================================
SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/05/05 11:03 upstream 7367539ad4b0 610f2a54 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in ip6_output / rt6_disable_ip
* Struck through repros no longer work on HEAD.