syzbot

 sign-in | mailing list | source | docs
🐞 Open [1431]
Subsystems
🐞 Fixed [6900]
🐞 Invalid [17950]
Missing Backports [224]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (2)

Status: auto-closed as invalid on 2022/03/08 09:06
Subsystems: batman
[Documentation on labels]
First crash: 1463d, last: 1463d
Similar bugs (5)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add batman 6 18 2200d 2279d 0/29 auto-closed as invalid on 2020/04/06 03:45
upstream KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (5) batman 6 2 312d 319d 0/29 auto-obsoleted due to no activity on 2025/05/23 22:11
upstream KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (3) batman 6 1 662d 662d 0/29 auto-obsoleted due to no activity on 2024/05/17 04:58
upstream KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (4) batman 6 2 515d 535d 0/29 auto-obsoleted due to no activity on 2024/10/11 08:22
upstream KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add (6) batman 6 1 197d 197d 0/29 auto-obsoleted due to no activity on 2025/09/15 10:36

Sample crash report:
==================================================================
BUG: KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add

write to 0xffff888115e716c0 of 8 bytes by task 19 on cpu 1:
 batadv_tt_local_add+0x156/0x1790 net/batman-adv/translation-table.c:665
 batadv_interface_tx+0x382/0xc30 net/batman-adv/soft-interface.c:248
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x105/0x2f0 net/core/dev.c:3473
 dev_hard_start_xmit net/core/dev.c:3489 [inline]
 __dev_queue_xmit+0x86d/0xf90 net/core/dev.c:4116
 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149
 neigh_resolve_output+0x3db/0x410 net/core/neighbour.c:1522
 neigh_output include/net/neighbour.h:541 [inline]
 ip6_finish_output2+0x9ce/0xbe0 net/ipv6/ip6_output.c:126
 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline]
 ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224
 dst_output include/net/dst.h:451 [inline]
 NF_HOOK include/linux/netfilter.h:307 [inline]
 ndisc_send_skb+0x488/0x610 net/ipv6/ndisc.c:508
 ndisc_send_ns+0x422/0x450 net/ipv6/ndisc.c:650
 addrconf_dad_work+0xafa/0x1170 net/ipv6/addrconf.c:4153
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

write to 0xffff888115e716c0 of 8 bytes by task 1890 on cpu 0:
 batadv_tt_local_add+0x156/0x1790 net/batman-adv/translation-table.c:665
 batadv_interface_tx+0x382/0xc30 net/batman-adv/soft-interface.c:248
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x105/0x2f0 net/core/dev.c:3473
 dev_hard_start_xmit net/core/dev.c:3489 [inline]
 __dev_queue_xmit+0x86d/0xf90 net/core/dev.c:4116
 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149
 neigh_hh_output include/net/neighbour.h:525 [inline]
 neigh_output include/net/neighbour.h:539 [inline]
 ip6_finish_output2+0x9a5/0xbe0 net/ipv6/ip6_output.c:126
 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline]
 ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224
 dst_output include/net/dst.h:451 [inline]
 NF_HOOK include/linux/netfilter.h:307 [inline]
 mld_sendpack+0x3c7/0x580 net/ipv6/mcast.c:1826
 mld_send_cr net/ipv6/mcast.c:2127 [inline]
 mld_ifc_work+0x586/0x810 net/ipv6/mcast.c:2659
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

value changed: 0x00000001000050b0 -> 0x00000001000050d2

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 1890 Comm: kworker/0:3 Not tainted 5.17.0-rc2-syzkaller-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: mld mld_ifc_work
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/02/01 08:59 upstream 26291c54e111 6b7c57fe .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in batadv_tt_local_add / batadv_tt_local_add
* Struck through repros no longer work on HEAD.