syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in fib6_clean_node / ip6_dst_check

Status: auto-closed as invalid on 2020/02/01 07:07
Subsystems: net
[Documentation on labels]
First crash: 1616d, last: 1616d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (5) net 1 822d 822d 0/26 auto-closed as invalid on 2022/03/01 22:33
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (4) net 2 1123d 1145d 0/26 auto-closed as invalid on 2021/05/04 21:50
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (2) net 1 1356d 1356d 0/26 auto-closed as invalid on 2020/09/13 19:08
upstream KCSAN: data-race in fib6_clean_node / ip6_dst_check (3) net 1 1238d 1232d 0/26 auto-closed as invalid on 2021/01/10 01:07

Sample crash report:
==================================================================
BUG: KCSAN: data-race in fib6_clean_node / ip6_dst_check

read to 0xffff88809ee18a2c of 4 bytes by task 7924 on cpu 0:
 fib6_get_cookie_safe include/net/ip6_fib.h:249 [inline]
 fib6_check net/ipv6/route.c:2555 [inline]
 rt6_dst_from_check net/ipv6/route.c:2586 [inline]
 ip6_dst_check+0x240/0x2d0 net/ipv6/route.c:2611
 sk_dst_check+0x147/0x1c0 net/core/sock.c:562
 ip6_sk_dst_lookup_flow+0xa0/0x530 net/ipv6/ip6_output.c:1185
 udpv6_sendmsg+0x11bb/0x1c20 net/ipv6/udp.c:1446
 inet6_sendmsg+0x6d/0x90 net/ipv6/af_inet6.c:576
 sock_sendmsg_nosec net/socket.c:637 [inline]
 sock_sendmsg+0x9f/0xc0 net/socket.c:657
 ___sys_sendmsg+0x2b7/0x5d0 net/socket.c:2311
 __sys_sendmmsg+0x123/0x350 net/socket.c:2413
 __do_sys_sendmmsg net/socket.c:2442 [inline]
 __se_sys_sendmmsg net/socket.c:2439 [inline]
 __x64_sys_sendmmsg+0x64/0x80 net/socket.c:2439
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff88809ee18a2c of 4 bytes by task 17 on cpu 1:
 fib6_clean_node+0xfc/0x310 net/ipv6/ip6_fib.c:2068
 fib6_walk_continue+0x2e3/0x440 net/ipv6/ip6_fib.c:2002
 fib6_walk+0x10d/0x160 net/ipv6/ip6_fib.c:2050
 fib6_clean_tree+0xef/0x120 net/ipv6/ip6_fib.c:2130
 __fib6_clean_all+0xbd/0x150 net/ipv6/ip6_fib.c:2146
 fib6_flush_trees+0x30/0x40 net/ipv6/ip6_fib.c:2171
 rt_genid_bump_ipv6 include/net/net_namespace.h:440 [inline]
 addrconf_dad_completed+0x3de/0x660 net/ipv6/addrconf.c:4210
 addrconf_dad_work+0x4e8/0xae0 net/ipv6/addrconf.c:4107
 process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
 worker_thread+0xa0/0x800 kernel/workqueue.c:2415
 kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 17 Comm: kworker/1:0 Not tainted 5.4.0-rc7+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: ipv6_addrconf addrconf_dad_work
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/11/23 07:05 https://github.com/google/ktsan.git kcsan 5863cc791e4c 598ca6c8 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.