syzbot

 sign-in | mailing list | source | docs
🐞 Open [1672]
Subsystems
🐞 Fixed [6088]
🐞 Invalid [15143]
Missing Backports [162]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in can_send / can_stat_update (8)

Status: moderation: reported on 2025/03/09 10:42
Subsystems: can
[Documentation on labels]
Reported-by: syzbot+057eb4175bedeb91fdda@syzkaller.appspotmail.com
First crash: 164d, last: 38d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in can_send / can_stat_update (6) can 1 348d 348d 0/28 auto-obsoleted due to no activity on 2024/05/02 11:39
upstream KCSAN: data-race in can_send / can_stat_update (2) can 10 988d 1072d 0/28 auto-closed as invalid on 2022/08/01 07:44
upstream KCSAN: data-race in can_send / can_stat_update (3) can 5 898d 939d 0/28 auto-obsoleted due to no activity on 2022/10/31 01:22
upstream KCSAN: data-race in can_send / can_stat_update (4) can 1 858d 858d 0/28 auto-obsoleted due to no activity on 2022/12/10 01:25
upstream KCSAN: data-race in can_send / can_stat_update can 5 1841d 1902d 0/28 auto-closed as invalid on 2020/05/06 02:35
upstream KCSAN: data-race in can_send / can_stat_update (5) can 2 649d 654d 0/28 auto-obsoleted due to no activity on 2023/07/06 21:19
upstream KCSAN: data-race in can_send / can_stat_update (7) can 3 225d 258d 0/28 auto-obsoleted due to no activity on 2024/09/02 17:29

Sample crash report:
==================================================================
BUG: KCSAN: data-race in can_send / can_stat_update

read-write to 0xffff888115dca990 of 8 bytes by interrupt on cpu 0:
 can_send+0x5a2/0x6d0 net/can/af_can.c:290
 j1939_send_one+0x1a9/0x1e0 net/can/j1939/main.c:353
 j1939_tp_tx_dat net/can/j1939/transport.c:646 [inline]
 j1939_session_tx_dat net/can/j1939/transport.c:838 [inline]
 j1939_xtp_txnext_transmiter net/can/j1939/transport.c:900 [inline]
 j1939_tp_txtimer+0xcab/0x1a70 net/can/j1939/transport.c:1160
 __run_hrtimer kernel/time/hrtimer.c:1738 [inline]
 __hrtimer_run_queues+0x20d/0x5e0 kernel/time/hrtimer.c:1802
 hrtimer_run_softirq+0xe4/0x2c0 kernel/time/hrtimer.c:1819
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:950
 smpboot_thread_fn+0x31c/0x4c0 kernel/smpboot.c:164
 kthread+0x4ae/0x520 kernel/kthread.c:464
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read to 0xffff888115dca990 of 8 bytes by interrupt on cpu 1:
 can_stat_update+0x1f3/0x6b0 net/can/proc.c:134
 call_timer_fn+0x3a/0x300 kernel/time/timer.c:1789
 expire_timers kernel/time/timer.c:1840 [inline]
 __run_timers kernel/time/timer.c:2414 [inline]
 __run_timer_base+0x417/0x640 kernel/time/timer.c:2426
 run_timer_base kernel/time/timer.c:2435 [inline]
 run_timer_softirq+0x31/0x70 kernel/time/timer.c:2445
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:950
 smpboot_thread_fn+0x31c/0x4c0 kernel/smpboot.c:164
 kthread+0x4ae/0x520 kernel/kthread.c:464
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x00000000000165b9 -> 0x00000000000165ba

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted 6.13.0-syzkaller-09998-gcabb4685d57e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
==================================================================

Crashes (8):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/01 23:09 upstream cabb4685d57e 568559e4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2025/01/10 18:43 upstream 2144da25584e 6dbc6a9b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2025/01/09 20:59 upstream eea6e4b4dfb8 9220929f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2024/12/31 11:25 upstream ccb98ccef0e5 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2024/12/22 18:22 upstream bcde95ce32b6 b4fbdbd4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2024/11/09 04:55 upstream f1dce1f09380 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2024/10/11 04:00 upstream eb952c47d154 8fbfc0c8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
2024/09/29 00:04 upstream 3efc57369a0c ba29ff75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_send / can_stat_update
* Struck through repros no longer work on HEAD.