syzbot

 sign-in | mailing list | source | docs
🐞 Open [1656]
Subsystems
🐞 Fixed [6095]
🐞 Invalid [15228]
Missing Backports [163]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in __netdev_update_features / netif_skb_features

Status: auto-obsoleted due to no activity on 2024/10/12 09:40
Subsystems: bridge
[Documentation on labels]
First crash: 192d, last: 192d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __netdev_update_features / netif_skb_features

write to 0xffff888114b4a0b8 of 8 bytes by task 21076 on cpu 1:
 __netdev_update_features+0xd42/0xf60 net/core/dev.c:10109
 netdev_update_features+0x28/0x90 net/core/dev.c:10125
 br_del_if+0x1bf/0x1e0 net/bridge/br_if.c:751
 br_del_slave+0x24/0x30 net/bridge/br_device.c:380
 do_set_master net/core/rtnetlink.c:2687 [inline]
 do_setlink+0x9c6/0x2490 net/core/rtnetlink.c:2907
 rtnl_group_changelink net/core/rtnetlink.c:3447 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3706 [inline]
 rtnl_newlink+0xbc6/0x1690 net/core/rtnetlink.c:3743
 rtnetlink_rcv_msg+0x6aa/0x710 net/core/rtnetlink.c:6647
 netlink_rcv_skb+0x12c/0x230 net/netlink/af_netlink.c:2550
 rtnetlink_rcv+0x1c/0x30 net/core/rtnetlink.c:6665
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x599/0x670 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x5cc/0x6e0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x140/0x180 net/socket.c:745
 ____sys_sendmsg+0x312/0x410 net/socket.c:2597
 ___sys_sendmsg net/socket.c:2651 [inline]
 __sys_sendmsg+0x1e9/0x280 net/socket.c:2680
 __do_sys_sendmsg net/socket.c:2689 [inline]
 __se_sys_sendmsg net/socket.c:2687 [inline]
 __x64_sys_sendmsg+0x46/0x50 net/socket.c:2687
 x64_sys_call+0x2689/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888114b4a0b8 of 8 bytes by task 3467 on cpu 0:
 netif_skb_features+0x39/0x700 net/core/dev.c:3541
 validate_xmit_skb+0x26/0x8d0 net/core/dev.c:3649
 __dev_queue_xmit+0xde9/0x1fe0 net/core/dev.c:4415
 dev_queue_xmit include/linux/netdevice.h:3105 [inline]
 neigh_hh_output include/net/neighbour.h:526 [inline]
 neigh_output include/net/neighbour.h:540 [inline]
 ip6_finish_output2+0xa41/0xd20 net/ipv6/ip6_output.c:141
 ip6_finish_output+0x438/0x540 net/ipv6/ip6_output.c:226
 NF_HOOK_COND include/linux/netfilter.h:303 [inline]
 ip6_output+0xf5/0x230 net/ipv6/ip6_output.c:247
 dst_output include/net/dst.h:450 [inline]
 NF_HOOK include/linux/netfilter.h:314 [inline]
 mld_sendpack+0x421/0x6d0 net/ipv6/mcast.c:1818
 mld_send_cr net/ipv6/mcast.c:2119 [inline]
 mld_ifc_work+0x51a/0x7e0 net/ipv6/mcast.c:2650
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3312
 worker_thread+0x526/0x6e0 kernel/workqueue.c:3389
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x00002007ffdd78e9 -> 0x00002007ffff78e9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 3467 Comm: kworker/0:6 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: mld mld_ifc_work
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/09/07 09:29 upstream b31c44928842 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __netdev_update_features / netif_skb_features
* Struck through repros no longer work on HEAD.