syzbot

 sign-in | mailing list | source | docs
🐞 Open [1639]
Subsystems
🐞 Fixed [6105]
🐞 Invalid [15295]
Missing Backports [171]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in bcm_rx_handler / bcm_rx_handler

Status: auto-obsoleted due to no activity on 2024/08/25 09:41
Subsystems: can
[Documentation on labels]
First crash: 248d, last: 248d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in bcm_rx_handler / bcm_rx_handler

read-write to 0xffff888113230a30 of 8 bytes by interrupt on cpu 1:
 bcm_rx_handler+0x19c/0x5e0 net/can/bcm.c:700
 deliver net/can/af_can.c:572 [inline]
 can_rcv_filter+0x397/0x4c0 net/can/af_can.c:633
 can_receive+0x116/0x1f0 net/can/af_can.c:659
 canfd_rcv+0xe7/0x180 net/can/af_can.c:702
 __netif_receive_skb_one_core net/core/dev.c:5660 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5774
 process_backlog+0x22e/0x440 net/core/dev.c:6107
 __napi_poll+0x63/0x3c0 net/core/dev.c:6771
 napi_poll net/core/dev.c:6840 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:6962
 handle_softirqs+0xc3/0x280 kernel/softirq.c:554
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:928
 smpboot_thread_fn+0x31c/0x4c0 kernel/smpboot.c:164
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read-write to 0xffff888113230a30 of 8 bytes by interrupt on cpu 0:
 bcm_rx_handler+0x19c/0x5e0 net/can/bcm.c:700
 deliver net/can/af_can.c:572 [inline]
 can_rcv_filter+0x397/0x4c0 net/can/af_can.c:633
 can_receive+0x116/0x1f0 net/can/af_can.c:659
 canfd_rcv+0xe7/0x180 net/can/af_can.c:702
 __netif_receive_skb_one_core net/core/dev.c:5660 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5774
 process_backlog+0x22e/0x440 net/core/dev.c:6107
 __napi_poll+0x63/0x3c0 net/core/dev.c:6771
 napi_poll net/core/dev.c:6840 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:6962
 handle_softirqs+0xc3/0x280 kernel/softirq.c:554
 __do_softirq kernel/softirq.c:588 [inline]
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:637 [inline]
 irq_exit_rcu+0x3e/0x90 kernel/softirq.c:649
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 is_atomic kernel/kcsan/core.c:249 [inline]
 should_watch kernel/kcsan/core.c:277 [inline]
 check_access kernel/kcsan/core.c:752 [inline]
 __tsan_read8+0xe5/0x180 kernel/kcsan/core.c:1025
 list_replace include/linux/list.h:244 [inline]
 list_replace_init include/linux/list.h:260 [inline]
 netdev_run_todo+0x31/0x7d0 net/core/dev.c:10720
 rtnl_unlock+0xe/0x20 net/core/rtnetlink.c:152
 addrconf_dad_work+0x8d7/0xbd0 net/ipv6/addrconf.c:4286
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3312
 worker_thread+0x526/0x700 kernel/workqueue.c:3390
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x0000000000000343 -> 0x0000000000000344

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 40 Comm: kworker/u8:2 Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Workqueue: ipv6_addrconf addrconf_dad_work
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/21 09:34 upstream 3c3ff7be9729 b88348e9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in bcm_rx_handler / bcm_rx_handler
* Struck through repros no longer work on HEAD.