syzbot

 sign-in | mailing list | source | docs
🐞 Open [1002] Subsystems 🐞 Fixed [5246] 🐞 Invalid [12540] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in can_rcv_filter / can_rcv_filter (8)

Status: auto-obsoleted due to no activity on 2023/08/09 14:18
Subsystems: can
[Documentation on labels]
First crash: 416d, last: 299d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter can 3 1550d 1562d 0/26 auto-closed as invalid on 2020/04/11 00:08
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (2) can 1 1147d 1147d 0/26 auto-closed as invalid on 2021/04/14 07:16
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (5) can 1 722d 722d 0/26 auto-closed as invalid on 2022/06/12 10:04
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (7) can 3 492d 522d 0/26 auto-obsoleted due to no activity on 2023/02/28 05:31
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (4) can 6 758d 824d 0/26 auto-closed as invalid on 2022/05/07 18:40
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (3) can 2 867d 868d 0/26 auto-closed as invalid on 2022/01/19 00:57
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (6) can 7 568d 645d 0/26 auto-obsoleted due to no activity on 2022/11/13 19:42

Sample crash report:
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888101708f68 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:573 [inline]
 can_rcv_filter+0x221/0x490 net/can/af_can.c:606
 can_receive+0x182/0x1f0 net/can/af_can.c:663
 can_rcv+0xe7/0x180 net/can/af_can.c:687
 __netif_receive_skb_one_core net/core/dev.c:5452 [inline]
 __netif_receive_skb+0x90/0x1b0 net/core/dev.c:5566
 process_backlog+0x21f/0x380 net/core/dev.c:5894
 __napi_poll+0x60/0x3b0 net/core/dev.c:6460
 napi_poll net/core/dev.c:6527 [inline]
 net_rx_action+0x32b/0x750 net/core/dev.c:6660
 __do_softirq+0xc1/0x265 kernel/softirq.c:553
 run_ksoftirqd+0x17/0x20 kernel/softirq.c:921
 smpboot_thread_fn+0x30a/0x4a0 kernel/smpboot.c:164
 kthread+0x1d7/0x210 kernel/kthread.c:389
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

read-write to 0xffff888101708f68 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:573 [inline]
 can_rcv_filter+0x221/0x490 net/can/af_can.c:606
 can_receive+0x182/0x1f0 net/can/af_can.c:663
 can_rcv+0xe7/0x180 net/can/af_can.c:687
 __netif_receive_skb_one_core net/core/dev.c:5452 [inline]
 __netif_receive_skb+0x90/0x1b0 net/core/dev.c:5566
 process_backlog+0x21f/0x380 net/core/dev.c:5894
 __napi_poll+0x60/0x3b0 net/core/dev.c:6460
 napi_poll net/core/dev.c:6527 [inline]
 net_rx_action+0x32b/0x750 net/core/dev.c:6660
 __do_softirq+0xc1/0x265 kernel/softirq.c:553
 do_softirq+0x5e/0x90 kernel/softirq.c:454
 __local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 lock_sock_nested+0x10e/0x130 net/core/sock.c:3499
 lock_sock include/net/sock.h:1708 [inline]
 sockopt_lock_sock+0x41/0x50 net/core/sock.c:1061
 do_ip_getsockopt+0x1d9/0x1010 net/ipv4/ip_sockglue.c:1571
 ip_getsockopt+0x5c/0x170 net/ipv4/ip_sockglue.c:1808
 tcp_getsockopt+0xa7/0xd0 net/ipv4/tcp.c:4301
 sock_common_getsockopt+0x57/0x70 net/core/sock.c:3659
 __sys_getsockopt+0x17b/0x1e0 net/socket.c:2307
 __do_sys_getsockopt net/socket.c:2322 [inline]
 __se_sys_getsockopt net/socket.c:2319 [inline]
 __x64_sys_getsockopt+0x66/0x80 net/socket.c:2319
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x000000000000293b -> 0x000000000000293c

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3076 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-11478-gd528014517f2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
vxcan0: j1939_tp_rxtimer: 0xffff888104979800: rx timeout, send abort
vxcan0: j1939_tp_rxtimer: 0xffff888104979400: rx timeout, send abort
vxcan0: j1939_xtp_rx_abort_one: 0xffff888104979800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
vxcan0: j1939_xtp_rx_abort_one: 0xffff888104979400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
vxcan0: j1939_tp_rxtimer: 0xffff888104979000: rx timeout, send abort
vxcan0: j1939_tp_rxtimer: 0xffff888104979c00: rx timeout, send abort
vxcan0: j1939_xtp_rx_abort_one: 0xffff888104979000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
vxcan0: j1939_xtp_rx_abort_one: 0xffff888104979c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.

Crashes (9):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/07/05 14:16 upstream d528014517f2 80298b6f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/07/03 11:27 upstream a901a3568fd2 bfc47836 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/06/25 20:28 upstream 547cc9be86f4 79782afc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/06/01 06:06 upstream 48b1320a674e babc4389 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/05/11 10:02 upstream d295b66a7b66 0fbd49f4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/04/18 23:29 upstream af67688dca57 d931e9f0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/04/08 05:07 upstream aa318c48808c 71147e29 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/04/05 05:26 upstream 76f598ba7d8e 831373d3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2023/03/10 12:56 upstream 44889ba56cbb 5205ef30 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
* Struck through repros no longer work on HEAD.