vcan0: j1939_xtp_rx_abort_one: 0x00000000e7ac22bd: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. vcan0: j1939_tp_rxtimer: 0x00000000957d0322: rx timeout, send abort vcan0: j1939_xtp_rx_abort_one: 0x00000000957d0322: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 113 at net/can/j1939/socket.c:180 j1939_sk_queue_activate_next_locked net/can/j1939/socket.c:180 [inline] WARNING: CPU: 0 PID: 113 at net/can/j1939/socket.c:180 j1939_sk_queue_activate_next+0x34d/0x460 net/can/j1939/socket.c:204 Modules linked in: CPU: 0 PID: 113 Comm: kworker/u4:3 Not tainted 5.11.0-rc3-next-20210115-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet RIP: 0010:j1939_sk_queue_activate_next_locked net/can/j1939/socket.c:180 [inline] RIP: 0010:j1939_sk_queue_activate_next+0x34d/0x460 net/can/j1939/socket.c:204 Code: 1c 83 c0 0a 89 44 24 04 eb 9d 48 c7 c7 dc 1b 04 8d e8 57 e8 d1 f9 e9 73 fd ff ff e8 4d e8 d1 f9 e9 19 fe ff ff e8 43 00 8f f9 <0f> 0b 49 8d bf b8 00 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 RSP: 0018:ffffc90000007b30 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff8880700d0000 RCX: 0000000000000100 RDX: ffff8880113e3800 RSI: ffffffff87e408cd RDI: 0000000000000003 RBP: ffff8880700d0558 R08: 0000000000000000 R09: ffffffff8ed3d9a7 R10: ffffffff87e40828 R11: 0000000000000001 R12: ffff8880250f8800 R13: ffff8880700d0598 R14: dffffc0000000000 R15: ffff8880250f8818 FS: 0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffae3d8d000 CR3: 000000001505a000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: j1939_session_deactivate_activate_next+0x8a/0x91 net/can/j1939/transport.c:1068 j1939_xtp_rx_abort_one.cold+0x205/0x321 net/can/j1939/transport.c:1300 j1939_xtp_rx_abort net/can/j1939/transport.c:1311 [inline] j1939_tp_cmd_recv net/can/j1939/transport.c:2034 [inline] j1939_tp_recv+0x8f4/0xb40 net/can/j1939/transport.c:2067 j1939_can_recv+0x5bc/0x7d0 net/can/j1939/main.c:101 deliver net/can/af_can.c:574 [inline] can_rcv_filter+0x5d4/0x8d0 net/can/af_can.c:608 can_receive+0x2e3/0x520 net/can/af_can.c:665 can_rcv+0x129/0x1d0 net/can/af_can.c:696 __netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:5319 __netif_receive_skb+0x27/0x1c0 net/core/dev.c:5433 process_backlog+0x232/0x6c0 net/core/dev.c:6312 napi_poll net/core/dev.c:6790 [inline] net_rx_action+0x461/0xe10 net/core/dev.c:6873 __do_softirq+0x2bc/0xa29 kernel/softirq.c:343 asm_call_irq_on_stack+0xf/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0xaa/0xd0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:226 [inline] __irq_exit_rcu kernel/softirq.c:420 [inline] irq_exit_rcu+0x134/0x200 kernel/softirq.c:432 sysvec_apic_timer_interrupt+0x4d/0x100 arch/x86/kernel/apic/apic.c:1096 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:628 RIP: 0010:lock_acquire+0x1d2/0x720 kernel/locking/lockdep.c:5410 Code: 48 c7 c7 a0 96 4b 89 48 83 c4 20 e8 48 7f a2 07 b8 ff ff ff ff 65 0f c1 05 5b 2f a9 7e 83 f8 01 0f 85 da 03 00 00 ff 34 24 9d <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7 RSP: 0018:ffffc9000128faa8 EFLAGS: 00000246 RAX: 0000000000000001 RBX: 1ffff92000251f57 RCX: 0000000000000001 RDX: 1ffff1100227c831 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8ed3d867 R10: fffffbfff1da7b0c R11: 0000000000000000 R12: 0000000000000002 R13: ffffffff8b370ee0 R14: 0000000000000000 R15: 0000000000000000 rcu_lock_acquire include/linux/rcupdate.h:267 [inline] rcu_read_lock include/linux/rcupdate.h:656 [inline] batadv_iv_ogm_slide_own_bcast_window net/batman-adv/bat_iv_ogm.c:754 [inline] batadv_iv_ogm_schedule_buff+0x5d0/0x1410 net/batman-adv/bat_iv_ogm.c:825 batadv_iv_ogm_schedule net/batman-adv/bat_iv_ogm.c:869 [inline] batadv_iv_ogm_schedule net/batman-adv/bat_iv_ogm.c:862 [inline] batadv_iv_send_outstanding_bat_ogm_packet+0x675/0x920 net/batman-adv/bat_iv_ogm.c:1723 process_one_work+0x98d/0x15f0 kernel/workqueue.c:2275 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421 kthread+0x3b1/0x4a0 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296