[moderation] [can?] KCSAN: data-race in can_rcv_filter / can_rcv_filter (14)
0 views
Skip to first unread message
syzbot
Dec 14, 2025, 7:20:26 PM (6 hours ago) Dec 14
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 8f0b4cce4481 Linux 6.19-rc1
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=15f84d92580000
kernel config: https://syzkaller.appspot.com/x/.config?x=b319ff1b6a2797ca
dashboard link: https://syzkaller.appspot.com/bug?extid=f12639ce6abace0ad523
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
CC: [linu...@vger.kernel.org linux-...@vger.kernel.org m...@pengutronix.de sock...@hartkopp.net]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/0397a0339bfd/disk-8f0b4cce.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1c266f6e8d6b/vmlinux-8f0b4cce.xz
kernel image: https://storage.googleapis.com/syzbot-assets/a748ab0188b2/bzImage-8f0b4cce.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+f12639...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 1:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:890 [inline]
nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:921
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 0:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
local_bh_enable include/linux/bottom_half.h:33 [inline]
__alloc_skb+0x49b/0x4d0 net/core/skbuff.c:674
alloc_skb include/linux/skbuff.h:1383 [inline]
nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:818 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:875 [inline]
nsim_dev_trap_report_work+0x18a/0x630 drivers/net/netdevsim/dev.c:921
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
value changed: 0x000000000007331b -> 0x000000000007331c
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5529 Comm: kworker/u8:45 Not tainted syzkaller #0 PREEMPT(voluntary)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv
read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 1:
can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
deliver net/can/af_can.c:575 [inline]
can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
run_ksoftirqd+0x1c/0x30 kernel/softirq.c:1063
smpboot_thread_fn+0x32b/0x530 kernel/smpboot.c:160
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 0:
can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
deliver net/can/af_can.c:575 [inline]
can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
local_bh_enable include/linux/bottom_half.h:33 [inline]
update_defense_level+0x589/0x5c0 net/netfilter/ipvs/ip_vs_ctl.c:209
defense_work_handler+0x1f/0x80 net/netfilter/ipvs/ip_vs_ctl.c:234
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
value changed: 0x000772ae -> 0x000772af
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5777 Comm: kworker/0:11 Not tainted syzkaller #0 PREEMPT(voluntary)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_long defense_work_handler
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 1:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:890 [inline]
nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:921
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 0:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
batadv_tt_local_purge+0x1a8/0x1f0 net/batman-adv/translation-table.c:1315
batadv_tt_purge+0x2b/0x610 net/batman-adv/translation-table.c:3509
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
value changed: 0x00000000000a8b69 -> 0x00000000000a8b6a
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 6162 Comm: kworker/u8:50 Not tainted syzkaller #0 PREEMPT(voluntary)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: bat_events batadv_tt_purge
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 8f0b4cce4481 Linux 6.19-rc1
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=15f84d92580000
kernel config: https://syzkaller.appspot.com/x/.config?x=b319ff1b6a2797ca
dashboard link: https://syzkaller.appspot.com/bug?extid=f12639ce6abace0ad523
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
CC: [linu...@vger.kernel.org linux-...@vger.kernel.org m...@pengutronix.de sock...@hartkopp.net]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/0397a0339bfd/disk-8f0b4cce.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1c266f6e8d6b/vmlinux-8f0b4cce.xz
kernel image: https://storage.googleapis.com/syzbot-assets/a748ab0188b2/bzImage-8f0b4cce.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+f12639...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 1:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:890 [inline]
nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:921
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 0:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
local_bh_enable include/linux/bottom_half.h:33 [inline]
__alloc_skb+0x49b/0x4d0 net/core/skbuff.c:674
alloc_skb include/linux/skbuff.h:1383 [inline]
nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:818 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:875 [inline]
nsim_dev_trap_report_work+0x18a/0x630 drivers/net/netdevsim/dev.c:921
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
value changed: 0x000000000007331b -> 0x000000000007331c
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5529 Comm: kworker/u8:45 Not tainted syzkaller #0 PREEMPT(voluntary)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv
read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 1:
can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
deliver net/can/af_can.c:575 [inline]
can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
run_ksoftirqd+0x1c/0x30 kernel/softirq.c:1063
smpboot_thread_fn+0x32b/0x530 kernel/smpboot.c:160
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 0:
can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
deliver net/can/af_can.c:575 [inline]
can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
local_bh_enable include/linux/bottom_half.h:33 [inline]
update_defense_level+0x589/0x5c0 net/netfilter/ipvs/ip_vs_ctl.c:209
defense_work_handler+0x1f/0x80 net/netfilter/ipvs/ip_vs_ctl.c:234
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
value changed: 0x000772ae -> 0x000772af
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5777 Comm: kworker/0:11 Not tainted syzkaller #0 PREEMPT(voluntary)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_long defense_work_handler
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 1:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:890 [inline]
nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:921
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
read-write to 0xffff888104a171a8 of 8 bytes by interrupt on cpu 0:
deliver net/can/af_can.c:576 [inline]
can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
can_receive+0x163/0x1c0 net/can/af_can.c:666
canfd_rcv+0xed/0x190 net/can/af_can.c:705
__netif_receive_skb_one_core net/core/dev.c:6137 [inline]
__netif_receive_skb+0x120/0x270 net/core/dev.c:6250
process_backlog+0x228/0x420 net/core/dev.c:6602
__napi_poll+0x5f/0x300 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x425/0x8c0 net/core/dev.c:7881
handle_softirqs+0xba/0x290 kernel/softirq.c:622
do_softirq+0x5d/0x90 kernel/softirq.c:523
__local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
batadv_tt_local_purge+0x1a8/0x1f0 net/batman-adv/translation-table.c:1315
batadv_tt_purge+0x2b/0x610 net/batman-adv/translation-table.c:3509
process_one_work kernel/workqueue.c:3257 [inline]
process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
worker_thread+0x582/0x770 kernel/workqueue.c:3421
kthread+0x489/0x510 kernel/kthread.c:463
ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
value changed: 0x00000000000a8b69 -> 0x00000000000a8b6a
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 6162 Comm: kworker/u8:50 Not tainted syzkaller #0 PREEMPT(voluntary)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: bat_events batadv_tt_purge
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages