syzbot

 sign-in | mailing list | source | docs
🐞 Open [1633]
Subsystems
🐞 Fixed [6115]
🐞 Invalid [15342]
Missing Backports [170]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in bcm_can_tx / bcm_tx_setup (4)

Status: auto-obsoleted due to no activity on 2024/07/08 15:23
Subsystems: can
[Documentation on labels]
First crash: 300d, last: 300d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in bcm_can_tx / bcm_tx_setup (2) can 8 872d 953d 0/28 auto-obsoleted due to no activity on 2022/12/14 13:23
upstream KCSAN: data-race in bcm_can_tx / bcm_tx_setup (3) can 10 637d 705d 0/28 auto-obsoleted due to no activity on 2023/08/06 10:49
upstream KCSAN: data-race in bcm_can_tx / bcm_tx_setup can 4 994d 1023d 0/28 auto-closed as invalid on 2022/08/14 14:16

Sample crash report:
==================================================================
BUG: KCSAN: data-race in bcm_can_tx / bcm_tx_setup

read to 0xffff8881186c9b10 of 4 bytes by interrupt on cpu 1:
 bcm_can_tx+0x4e/0x420 net/can/bcm.c:288
 bcm_tx_timeout_handler+0xdb/0x260
 __run_hrtimer kernel/time/hrtimer.c:1687 [inline]
 __hrtimer_run_queues+0x20d/0x5e0 kernel/time/hrtimer.c:1751
 hrtimer_run_softirq+0xe4/0x2c0 kernel/time/hrtimer.c:1768
 handle_softirqs+0xc3/0x280 kernel/softirq.c:554
 __do_softirq kernel/softirq.c:588 [inline]
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:637 [inline]
 irq_exit_rcu+0x3e/0x90 kernel/softirq.c:649
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 tty_buffer_cancel_work+0x0/0x20 drivers/tty/tty_buffer.c:617
 release_tty+0x290/0x4f0 drivers/tty/tty_io.c:1603
 tty_release_struct+0x97/0xb0 drivers/tty/tty_io.c:1707
 tty_release+0x8f0/0x940 drivers/tty/tty_io.c:1867
 __fput+0x2c2/0x660 fs/file_table.c:422
 __fput_sync+0x44/0x60 fs/file_table.c:507
 __do_sys_close fs/open.c:1555 [inline]
 __se_sys_close+0x101/0x1b0 fs/open.c:1540
 __x64_sys_close+0x1f/0x30 fs/open.c:1540
 x64_sys_call+0x25f1/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:4
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffff8881186c9b10 of 4 bytes by task 8534 on cpu 0:
 bcm_tx_setup+0x69e/0xd30 net/can/bcm.c:1037
 bcm_sendmsg+0x38b/0x470 net/can/bcm.c:1397
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x140/0x180 net/socket.c:745
 ____sys_sendmsg+0x312/0x410 net/socket.c:2585
 ___sys_sendmsg net/socket.c:2639 [inline]
 __sys_sendmsg+0x1e9/0x280 net/socket.c:2668
 __do_sys_sendmsg net/socket.c:2677 [inline]
 __se_sys_sendmsg net/socket.c:2675 [inline]
 __x64_sys_sendmsg+0x46/0x50 net/socket.c:2675
 x64_sys_call+0xb25/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000020 -> 0x00000022

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 8534 Comm: syz-executor.3 Tainted: G        W          6.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/06/03 15:16 upstream c3f38fa61af7 0aba2352 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in bcm_can_tx / bcm_tx_setup
* Struck through repros no longer work on HEAD.