syzbot

 sign-in | mailing list | source | docs
🐞 Open [1032] Subsystems 🐞 Fixed [5263] 🐞 Invalid [12582] Missing Backports [85] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in can_send / can_send (4)

Status: moderation: reported on 2022/04/26 02:08
Subsystems: can
[Documentation on labels]
Reported-by: syzbot+64d2873ba7ba90e1b7e0@syzkaller.appspotmail.com
First crash: 908d, last: 11d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in can_send / can_send (2) can 1 1530d 1530d 0/26 auto-closed as invalid on 2020/05/07 07:35
upstream KCSAN: data-race in can_send / can_send (3) can 1 1276d 1242d 0/26 auto-closed as invalid on 2020/12/25 11:24
upstream KCSAN: data-race in can_send / can_send can 1 1630d 1630d 0/26 auto-closed as invalid on 2020/01/28 10:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in can_send / can_send

read-write to 0xffff888112cdb4f0 of 8 bytes by interrupt on cpu 1:
 can_send+0x570/0x5d0 net/can/af_can.c:290
 bcm_can_tx+0x314/0x420 net/can/bcm.c:314
 bcm_tx_timeout_handler+0xdb/0x260
 __run_hrtimer kernel/time/hrtimer.c:1692 [inline]
 __hrtimer_run_queues+0x214/0x5e0 kernel/time/hrtimer.c:1756
 hrtimer_run_softirq+0xe4/0x2d0 kernel/time/hrtimer.c:1773
 __do_softirq+0xc8/0x285 kernel/softirq.c:554
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:633 [inline]
 irq_exit_rcu+0x3c/0x90 kernel/softirq.c:645
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 __preempt_count_dec_and_test arch/x86/include/asm/preempt.h:94 [inline]
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:160 [inline]
 _raw_spin_unlock_irq+0x2f/0x50 kernel/locking/spinlock.c:202
 process_one_work kernel/workqueue.c:3223 [inline]
 process_scheduled_works+0x41a/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read-write to 0xffff888112cdb4f0 of 8 bytes by interrupt on cpu 0:
 can_send+0x570/0x5d0 net/can/af_can.c:290
 j1939_send_one+0x19c/0x1d0 net/can/j1939/main.c:357
 j1939_tp_tx_dat net/can/j1939/transport.c:646 [inline]
 j1939_session_tx_dat net/can/j1939/transport.c:838 [inline]
 j1939_xtp_txnext_transmiter net/can/j1939/transport.c:900 [inline]
 j1939_tp_txtimer+0xca9/0x1a70 net/can/j1939/transport.c:1160
 __run_hrtimer kernel/time/hrtimer.c:1692 [inline]
 __hrtimer_run_queues+0x214/0x5e0 kernel/time/hrtimer.c:1756
 hrtimer_run_softirq+0xe4/0x2d0 kernel/time/hrtimer.c:1773
 __do_softirq+0xc8/0x285 kernel/softirq.c:554
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:633 [inline]
 irq_exit_rcu+0x3c/0x90 kernel/softirq.c:645
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 slab_free_hook mm/slub.c:2081 [inline]
 slab_free mm/slub.c:4280 [inline]
 kmem_cache_free+0xbc/0x250 mm/slub.c:4344
 io_req_caches_free+0x11d/0x220 io_uring/io_uring.c:2874
 io_ring_exit_work+0x20d/0x500 io_uring/io_uring.c:3084
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x000000000000014a -> 0x000000000000014b

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 49 Comm: kworker/u8:3 Not tainted 6.9.0-rc5-syzkaller-00042-ge88c4cfcb7b8 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Workqueue: iou_exit io_ring_exit_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_receive / can_receive

read-write to 0xffff888112cdb488 of 8 bytes by interrupt on cpu 1:
 can_receive+0x4e/0x1f0 net/can/af_can.c:649
 canfd_rcv+0xe7/0x180 net/can/af_can.c:702
 __netif_receive_skb_one_core net/core/dev.c:5544 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5658
 process_backlog+0x21f/0x380 net/core/dev.c:5987
 __napi_poll+0x63/0x3c0 net/core/dev.c:6638
 napi_poll net/core/dev.c:6707 [inline]
 net_rx_action+0x324/0x720 net/core/dev.c:6822
 __do_softirq+0xc8/0x285 kernel/softirq.c:554
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:633 [inline]
 irq_exit_rcu+0x3c/0x90 kernel/softirq.c:645
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 is_atomic kernel/kcsan/core.c:264 [inline]
 should_watch kernel/kcsan/core.c:277 [inline]
 check_access kernel/kcsan/core.c:752 [inline]
 __tsan_read8+0xfe/0x180 kernel/kcsan/core.c:1025
 batadv_nc_purge_paths+0x6d/0x270 net/batman-adv/network-coding.c:439
 batadv_nc_worker+0x3db/0xac0 net/batman-adv/network-coding.c:720
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read-write to 0xffff888112cdb488 of 8 bytes by interrupt on cpu 0:
 can_receive+0x4e/0x1f0 net/can/af_can.c:649
 can_rcv+0xe7/0x180 net/can/af_can.c:687
 __netif_receive_skb_one_core net/core/dev.c:5544 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5658
 process_backlog+0x21f/0x380 net/core/dev.c:5987
 __napi_poll+0x63/0x3c0 net/core/dev.c:6638
 napi_poll net/core/dev.c:6707 [inline]
 net_rx_action+0x324/0x720 net/core/dev.c:6822
 __do_softirq+0xc8/0x285 kernel/softirq.c:554
 run_ksoftirqd+0x17/0x30 kernel/softirq.c:924
 smpboot_thread_fn+0x31c/0x4c0 kernel/smpboot.c:164
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x0000000000462d0a -> 0x0000000000462d0b

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.9.0-rc5-syzkaller-00042-ge88c4cfcb7b8 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================
vxcan0: j1939_xtp_rx_dat: no tx connection found
vxcan0: j1939_tp_rxtimer: 0xffff888116842400: rx timeout, send abort
vxcan0: j1939_tp_rxtimer: 0xffff888116842400: abort rx timeout. Force session deactivation

Crashes (1279):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/25 09:47 upstream e88c4cfcb7b8 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/04/21 13:12 upstream 977b1ef51866 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/04/07 21:54 upstream 9fe30842a90b ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/04/07 03:49 upstream f2f80ac80987 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/04/05 10:09 upstream c88b9b4cde17 0ee3535e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/03/27 19:59 upstream 498e47cd1d1f 120789fd .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/03/27 07:43 upstream 7033999ecd7b 454571b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/03/16 17:04 upstream 66a27abac311 d615901c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/03/04 04:54 upstream 58c806d867bf 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/02/17 12:53 upstream c1ca10ceffbb 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/02/17 01:47 upstream 0f1dd5e91e2b 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/02/08 02:19 upstream 547ab8fc4cb0 6404acf9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/02/05 11:37 upstream 54be6c6c5ae8 e23e8c20 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/01/21 18:31 upstream 7a396820222d 9bd8dcda .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/01/19 14:06 upstream 9d1694dc91ce 21772ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/01/13 12:09 upstream 052d534373b7 551587c1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/01/05 13:54 upstream 1f874787ed9a 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2024/01/01 20:06 upstream 610a9b8f49fb fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/12/23 08:16 upstream 5254c0cbc92d fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/12/21 23:50 upstream 9a6b294ab496 4f9530a3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/12/12 10:14 upstream 26aff849438c 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/27 03:00 upstream d2da77f431ac 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/24 15:11 upstream f1a09972a45a 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/24 00:29 upstream d3fa86b1a7b4 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/14 10:01 upstream 9bacdd8996c7 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/12 10:51 upstream 1b907d050735 6d6dbf8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/09 20:41 upstream 6bc986ab839c 56230772 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/08 05:25 upstream 13d88ac54ddd 83211397 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/04 02:23 upstream 6bdfe2d88b9f 500bfdc4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/11/03 13:04 upstream 8f6f76a6a29f c4ac074c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/10/25 00:32 upstream d88520ad73b7 17e6d526 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/10/08 05:30 upstream 59f3fd30af35 5e837c76 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/10/06 19:55 upstream 7de25c855b63 ea12a918 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/10/06 01:25 upstream 3006adf3be79 db17ad9f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/09/26 14:26 upstream 6465e260f487 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/09/17 01:00 upstream ad8a69f361b9 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/09/16 05:02 upstream e42bebf6db29 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/09/12 23:24 upstream a747acc0b752 59da8366 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/09/08 03:24 upstream 4a0fc73da97e 72324844 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/09/06 00:17 upstream 7733171926cc 0b6286dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/25 06:11 upstream 4f9e7fabf864 49be837e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/23 09:22 upstream 89bf6209cad6 b81ca3f6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/23 01:05 upstream 53663f4103ff b81ca3f6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/21 18:21 upstream f7757129e3de 6b415825 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/18 12:38 upstream 0e8860d2125f acb1ba71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/18 08:15 upstream 0e8860d2125f 74b106b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/17 16:23 upstream 16931859a650 74b106b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/17 14:31 upstream 4853c74bd7ab 74b106b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/15 23:02 upstream d4f8e13b0614 39990d51 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2023/08/13 23:00 upstream a785fd28d31f 39990d51 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2022/04/25 15:41 upstream af2d861d4cd2 152baedd .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2022/04/24 23:00 upstream 42740a2ff5d3 131df97d .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
2021/11/10 06:34 upstream cb690f5238d7 55fa030c .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_send
* Struck through repros no longer work on HEAD.