syzbot

 sign-in | mailing list | source | docs
🐞 Open [991] Subsystems 🐞 Fixed [5238] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in can_rcv_filter / can_rcv_filter (3)

Status: auto-closed as invalid on 2022/01/19 00:57
Subsystems: can
[Documentation on labels]
First crash: 863d, last: 863d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter can 3 1546d 1558d 0/26 auto-closed as invalid on 2020/04/11 00:08
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (2) can 1 1143d 1143d 0/26 auto-closed as invalid on 2021/04/14 07:16
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (8) can 9 295d 412d 0/26 auto-obsoleted due to no activity on 2023/08/09 14:18
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (5) can 1 718d 718d 0/26 auto-closed as invalid on 2022/06/12 10:04
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (7) can 3 488d 518d 0/26 auto-obsoleted due to no activity on 2023/02/28 05:31
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (4) can 6 754d 820d 0/26 auto-closed as invalid on 2022/05/07 18:40
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (6) can 7 564d 641d 0/26 auto-obsoleted due to no activity on 2022/11/13 19:42

Sample crash report:
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

write to 0xffff88813360d9c8 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0x402/0x520 net/can/af_can.c:635
 can_receive+0x1a2/0x220 net/can/af_can.c:665
 can_rcv+0x9e/0x170 net/can/af_can.c:696
 __netif_receive_skb_one_core net/core/dev.c:5465 [inline]
 __netif_receive_skb+0x8b/0x1b0 net/core/dev.c:5579
 process_backlog+0x23f/0x3e0 net/core/dev.c:6455
 __napi_poll+0x65/0x3f0 net/core/dev.c:7023
 napi_poll net/core/dev.c:7090 [inline]
 net_rx_action+0x29e/0x650 net/core/dev.c:7177
 __do_softirq+0x158/0x2de kernel/softirq.c:558
 run_ksoftirqd+0x1f/0x30 kernel/softirq.c:921
 smpboot_thread_fn+0x308/0x4a0 kernel/smpboot.c:164
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

read to 0xffff88813360d9c8 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0x3f3/0x520 net/can/af_can.c:635
 can_receive+0x1a2/0x220 net/can/af_can.c:665
 can_rcv+0x9e/0x170 net/can/af_can.c:696
 __netif_receive_skb_one_core net/core/dev.c:5465 [inline]
 __netif_receive_skb+0x8b/0x1b0 net/core/dev.c:5579
 process_backlog+0x23f/0x3e0 net/core/dev.c:6455
 __napi_poll+0x65/0x3f0 net/core/dev.c:7023
 napi_poll net/core/dev.c:7090 [inline]
 net_rx_action+0x29e/0x650 net/core/dev.c:7177
 __do_softirq+0x158/0x2de kernel/softirq.c:558
 run_ksoftirqd+0x1f/0x30 kernel/softirq.c:921
 smpboot_thread_fn+0x308/0x4a0 kernel/smpboot.c:164
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

value changed: 0x000000000000014c -> 0x0000000000000150

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 12 Comm: ksoftirqd/0 Not tainted 5.16.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
sd 0:0:1:0: tag#8020 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
sd 0:0:1:0: tag#8020 CDB: opcode=0xe5 (vendor)
sd 0:0:1:0: tag#8020 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
sd 0:0:1:0: tag#8020 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
sd 0:0:1:0: tag#8020 CDB[20]: ba
sd 0:0:1:0: tag#8062 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
sd 0:0:1:0: tag#8062 CDB: opcode=0xe5 (vendor)
sd 0:0:1:0: tag#8062 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
sd 0:0:1:0: tag#8062 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
sd 0:0:1:0: tag#8062 CDB[20]: ba
sd 0:0:1:0: tag#8059 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
sd 0:0:1:0: tag#8059 CDB: opcode=0xe5 (vendor)
sd 0:0:1:0: tag#8059 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
sd 0:0:1:0: tag#8059 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
sd 0:0:1:0: tag#8059 CDB[20]: ba
sd 0:0:1:0: tag#8004 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
sd 0:0:1:0: tag#8004 CDB: opcode=0xe5 (vendor)
sd 0:0:1:0: tag#8004 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
sd 0:0:1:0: tag#8004 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
sd 0:0:1:0: tag#8004 CDB[20]: ba

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/12/15 00:51 upstream 5472f14a3742 f752fb53 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2021/12/14 09:31 upstream 5472f14a3742 5d14b1ea .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
* Struck through repros no longer work on HEAD.