syzbot


KCSAN: data-race in can_receive / can_stat_update (10)

Status: auto-obsoleted due to no activity on 2024/08/17 04:05
Subsystems: can
[Documentation on labels]
First crash: 397d, last: 367d
Similar bugs (11)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in can_receive / can_stat_update (4) can 6 2 1093d 1106d 0/29 auto-closed as invalid on 2022/08/22 20:20
upstream KCSAN: data-race in can_receive / can_stat_update (2) can 6 1 1568d 1568d 0/29 auto-closed as invalid on 2021/05/04 12:50
upstream KCSAN: data-race in can_receive / can_stat_update (3) can 6 5 1147d 1221d 0/29 auto-closed as invalid on 2022/06/29 13:32
upstream KCSAN: data-race in can_receive / can_stat_update (11) can 6 1 314d 314d 0/29 auto-obsoleted due to no activity on 2024/10/09 05:23
upstream KCSAN: data-race in can_receive / can_stat_update (9) can 6 2 467d 475d 0/29 auto-obsoleted due to no activity on 2024/05/09 16:43
upstream KCSAN: data-race in can_receive / can_stat_update (7) can 6 2 827d 846d 0/29 auto-obsoleted due to no activity on 2023/05/15 22:30
upstream KCSAN: data-race in can_receive / can_stat_update can 6 3 1993d 2016d 0/29 auto-closed as invalid on 2020/04/09 06:18
upstream KCSAN: data-race in can_receive / can_stat_update (6) can 6 1 897d 897d 0/29 auto-obsoleted due to no activity on 2023/03/13 11:08
upstream KCSAN: data-race in can_receive / can_stat_update (8) can 6 2 776d 789d 0/29 auto-obsoleted due to no activity on 2023/07/05 18:24
upstream KCSAN: data-race in can_receive / can_stat_update (5) can 6 1 1048d 1048d 0/29 auto-closed as invalid on 2022/10/06 14:19
upstream KCSAN: data-race in can_receive / can_stat_update (12) can 6 11 125d 128d 0/29 auto-obsoleted due to no activity on 2025/05/07 13:47

Sample crash report:
==================================================================
BUG: KCSAN: data-race in can_receive / can_stat_update

read-write to 0xffff88811312e488 of 8 bytes by interrupt on cpu 0:
 can_receive+0x4e/0x1f0 net/can/af_can.c:649
 can_rcv+0xe7/0x180 net/can/af_can.c:687
 __netif_receive_skb_one_core net/core/dev.c:5625 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5739
 process_backlog+0x21d/0x3c0 net/core/dev.c:6068
 __napi_poll+0x63/0x3c0 net/core/dev.c:6722
 napi_poll net/core/dev.c:6791 [inline]
 net_rx_action+0x324/0x740 net/core/dev.c:6907
 handle_softirqs+0xc3/0x280 kernel/softirq.c:554
 do_softirq+0x5e/0x90 kernel/softirq.c:455
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:382
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 rt6_uncached_list_add net/ipv6/route.c:147 [inline]
 icmp6_dst_alloc+0x2c4/0x320 net/ipv6/route.c:3295
 mld_sendpack+0x2f6/0x6d0 net/ipv6/mcast.c:1807
 mld_send_cr net/ipv6/mcast.c:2119 [inline]
 mld_ifc_work+0x517/0x7e0 net/ipv6/mcast.c:2650
 process_one_work kernel/workqueue.c:3248 [inline]
 process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3329
 worker_thread+0x526/0x720 kernel/workqueue.c:3409
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read to 0xffff88811312e488 of 8 bytes by interrupt on cpu 1:
 can_stat_update+0x31b/0x6b0 net/can/proc.c:142
 call_timer_fn+0x3a/0x300 kernel/time/timer.c:1792
 expire_timers kernel/time/timer.c:1843 [inline]
 __run_timers kernel/time/timer.c:2417 [inline]
 __run_timer_base+0x417/0x640 kernel/time/timer.c:2428
 run_timer_base kernel/time/timer.c:2437 [inline]
 run_timer_softirq+0x31/0x70 kernel/time/timer.c:2447
 handle_softirqs+0xc3/0x280 kernel/softirq.c:554
 do_softirq+0x5e/0x90 kernel/softirq.c:455
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:382
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 __fib6_clean_all net/ipv6/ip6_fib.c:2277 [inline]
 fib6_flush_trees+0x124/0x1f0 net/ipv6/ip6_fib.c:2300
 rt_genid_bump_ipv6 include/net/net_namespace.h:524 [inline]
 addrconf_dad_completed+0x46b/0x8a0 net/ipv6/addrconf.c:4373
 addrconf_dad_work+0x891/0xbd0
 process_one_work kernel/workqueue.c:3248 [inline]
 process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3329
 worker_thread+0x526/0x720 kernel/workqueue.c:3409
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x000000000000684b -> 0x000000000000684c

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 36 Comm: kworker/u8:2 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Workqueue: ipv6_addrconf addrconf_dad_work
==================================================================

Crashes (6):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/13 04:02 upstream 528dd46d0fc3 eaeb5c15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_receive / can_stat_update
2024/07/05 19:25 upstream 661e504db04c 2a40360c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_receive / can_stat_update
2024/07/04 02:09 upstream 8a9c6c40432e f76a75f3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_receive / can_stat_update
2024/06/22 21:23 upstream 563a50672d8a edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_receive / can_stat_update
2024/06/13 07:08 upstream 2ccbdf43d5e7 2aa5052f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_receive / can_stat_update
2024/06/13 00:57 upstream cea2a26553ac f815599d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_receive / can_stat_update
* Struck through repros no longer work on HEAD.