syzbot

 sign-in | mailing list | source | docs
🐞 Open [1345]
Subsystems
🐞 Fixed [5806]
🐞 Invalid [14154]
Missing Backports [89]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in bcm_can_tx / bcm_tx_setup

Status: auto-closed as invalid on 2022/08/14 14:16
Subsystems: can
[Documentation on labels]
Reported-by: syzbot+2f413a9780513109f6c9@syzkaller.appspotmail.com
First crash: 891d, last: 852d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in bcm_can_tx / bcm_tx_setup (2) can 8 730d 811d 0/28 auto-obsoleted due to no activity on 2022/12/14 13:23
upstream KCSAN: data-race in bcm_can_tx / bcm_tx_setup (4) can 1 158d 158d 0/28 auto-obsoleted due to no activity on 2024/07/08 15:23
upstream KCSAN: data-race in bcm_can_tx / bcm_tx_setup (3) can 10 495d 563d 0/28 auto-obsoleted due to no activity on 2023/08/06 10:49

Sample crash report:
==================================================================
BUG: KCSAN: data-race in bcm_can_tx / bcm_tx_setup

read to 0xffff888139e89310 of 4 bytes by interrupt on cpu 0:
 bcm_can_tx+0x4e/0x3e0 net/can/bcm.c:276
 bcm_tx_timeout_handler+0xce/0x250
 __run_hrtimer+0x132/0x420 kernel/time/hrtimer.c:1685
 __hrtimer_run_queues kernel/time/hrtimer.c:1749 [inline]
 hrtimer_run_softirq+0x1e9/0x480 kernel/time/hrtimer.c:1766
 __do_softirq+0x158/0x2e3 kernel/softirq.c:571
 run_ksoftirqd+0x1f/0x30 kernel/softirq.c:934
 smpboot_thread_fn+0x308/0x4a0 kernel/smpboot.c:164
 kthread+0x1a9/0x1e0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30

write to 0xffff888139e89310 of 4 bytes by task 999 on cpu 1:
 bcm_tx_setup+0x745/0xdf0 net/can/bcm.c:991
 bcm_sendmsg+0x17f/0x400 net/can/bcm.c:1345
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0x38f/0x500 net/socket.c:2488
 ___sys_sendmsg net/socket.c:2542 [inline]
 __sys_sendmsg+0x1f9/0x400 net/socket.c:2571
 __do_sys_sendmsg net/socket.c:2580 [inline]
 __se_sys_sendmsg net/socket.c:2578 [inline]
 __x64_sys_sendmsg+0x42/0x50 net/socket.c:2578
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

value changed: 0x0000001a -> 0x0000001d

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 999 Comm: syz-executor.4 Not tainted 5.19.0-rc5-syzkaller-00233-gb1c428b6c368-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
==================================================================

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/07/10 14:15 upstream b1c428b6c368 b5765a15 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in bcm_can_tx / bcm_tx_setup
2022/07/08 07:53 upstream e8a4e1c1bb69 bff65f44 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in bcm_can_tx / bcm_tx_setup
2022/06/16 13:20 upstream 30306f6194ca 1719ee24 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in bcm_can_tx / bcm_tx_setup
2022/06/01 20:13 upstream 8eca6b0a647a b4bc6a3d .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in bcm_can_tx / bcm_tx_setup
* Struck through repros no longer work on HEAD.