We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This issue is reproducible only on real interface and not with vcan:
testj1939 -B -r can0: & cansend can0 1823ff40#0123
After this steps we will get following warning:
[242410.368391] can: SAE J1939 [242410.848182] ------------[ cut here ]------------ [242410.853056] WARNING: CPU: 0 PID: 1101 at lib/refcount.c:156 refcount_inc_checked+0x50/0x54 [242410.861515] refcount_t: increment on 0; use-after-free. [242410.866848] Modules linked in: can_j1939 coda_vpu imx_vdoa videobuf2_vmalloc dw_hdmi_ahb_audio vcan [242410.876094] CPU: 0 PID: 1101 Comm: cansend Not tainted 5.4.0-rc4-00015-g723fbf781146 #1 [242410.884207] Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree) [242410.890834] Backtrace: [242410.893410] [<c010f57c>] (dump_backtrace) from [<c010f918>] (show_stack+0x20/0x24) [242410.901092] r7:60000113 r6:c13b6cf8 r5:00000000 r4:c13b6cf8 [242410.906873] [<c010f8f8>] (show_stack) from [<c0c06638>] (dump_stack+0x80/0x94) [242410.914214] [<c0c065b8>] (dump_stack) from [<c0127c14>] (__warn+0xe0/0x108) [242410.921284] r7:0000009c r6:c052526c r5:00000009 r4:c0ff056c [242410.927054] [<c0127b34>] (__warn) from [<c0127ff0>] (warn_slowpath_fmt+0xa8/0xcc) [242410.934644] r7:c052526c r6:0000009c r5:c0ff056c r4:c0ff05a8 [242410.940421] [<c0127f4c>] (warn_slowpath_fmt) from [<c052526c>] (refcount_inc_checked+0x50/0x54) [242410.949229] r8:eccec780 r7:ecd63000 r6:ed76ec00 r5:ed1cee40 r4:ed1ce6c0 [242410.956101] [<c052521c>] (refcount_inc_checked) from [<bf030d50>] (j1939_can_recv+0x48/0x190 [can_j1939]) [242410.965818] [<bf030d08>] (j1939_can_recv [can_j1939]) from [<c0a9d508>] (can_rcv_filter+0xb4/0x268) [242410.974974] r7:ed1cee40 r6:9823ff40 r5:00000001 r4:ec0da000 [242410.980747] [<c0a9d454>] (can_rcv_filter) from [<c0a9dd98>] (can_receive+0xb0/0xe4) [242410.988515] r9:ec19fca4 r8:00000000 r7:eccec000 r6:ed055940 r5:c139d040 r4:ed1cee40 [242410.996370] [<c0a9dce8>] (can_receive) from [<c0a9de14>] (can_rcv+0x48/0x98) [242411.003530] r9:ec19fca4 r8:eccec650 r7:eccec630 r6:0000003d r5:c0a9ddcc r4:ed1cee40 [242411.011392] [<c0a9ddcc>] (can_rcv) from [<c098cdcc>] (__netif_receive_skb_one_core+0x64/0x88) [242411.020021] r5:c0a9ddcc r4:ed1cee40 [242411.023712] [<c098cd68>] (__netif_receive_skb_one_core) from [<c098ce60>] (__netif_receive_skb+0x38/0x94) [242411.033380] r5:c130633c r4:ed1cee40 [242411.037069] [<c098ce28>] (__netif_receive_skb) from [<c098cf20>] (netif_receive_skb_internal+0x64/0xf8) [242411.046563] r5:c130633c r4:ed1cee40 [242411.050250] [<c098cebc>] (netif_receive_skb_internal) from [<c098cfe8>] (netif_receive_skb+0x34/0x19c) [242411.059659] r5:00000001 r4:ed1cee40 [242411.063356] [<c098cfb4>] (netif_receive_skb) from [<c0770a28>] (can_rx_offload_napi_poll+0x58/0xb4) [242411.072506] r5:00000001 r4:eccec000 [242411.076198] [<c07709d0>] (can_rx_offload_napi_poll) from [<c098ea5c>] (net_rx_action+0x144/0x490) [242411.085183] r9:ec19fca4 r8:01716e8d r7:c12df280 r6:0000003d r5:00000001 r4:eccec650 [242411.093043] [<c098e918>] (net_rx_action) from [<c01025e8>] (__do_softirq+0x170/0x464) [242411.100982] r10:ec19e000 r9:00000102 r8:00000001 r7:c13be8e4 r6:00000003 r5:00000001 [242411.108911] r4:c130308c [242411.111562] [<c0102478>] (__do_softirq) from [<c012eb78>] (irq_exit+0xd8/0xf0) [242411.118899] r10:ec19fdc0 r9:ec008c00 r8:00000000 r7:00000001 r6:00000000 r5:00000022 [242411.126829] r4:c12de4c0 [242411.129481] [<c012eaa0>] (irq_exit) from [<c018007c>] (__handle_domain_irq+0x90/0xf8) [242411.137414] r5:00000022 r4:c12de494 [242411.141100] [<c017ffec>] (__handle_domain_irq) from [<c0102354>] (gic_handle_irq+0x5c/0xa0) [242411.149564] r10:00000088 r9:ec19fdc0 r8:f4001100 r7:f4000100 r6:f400010c r5:c135a404 [242411.157495] r4:c1305578 r3:ec19fdc0 [242411.161181] [<c01022f8>] (gic_handle_irq) from [<c0101a8c>] (__irq_svc+0x6c/0xa8) [242411.168766] Exception stack(0xec19fdc0 to 0xec19fe08) [242411.173931] fdc0: eda45000 00000000 00000001 effe96d8 ec19feb4 effe96d8 eda4af20 00000000 [242411.182220] fde0: 00000000 4f98618f 00000088 ec19fe44 ec19fe48 ec19fe10 c02a6cf8 c02a3984 [242411.190498] fe00: 60000113 ffffffff [242411.194097] r9:ec19e000 r8:00000000 r7:ec19fdf4 r6:ffffffff r5:60000113 r4:c02a3984 [242411.201964] [<c02a6c2c>] (alloc_set_pte) from [<c026b760>] (filemap_map_pages+0x390/0x3b8) [242411.210342] r10:00000088 r9:ed880840 r8:ea5f55f8 r7:00000001 r6:ec19feb4 r5:00000406 [242411.218273] r4:effe96d8 [242411.220921] [<c026b3d0>] (filemap_map_pages) from [<c02a7c08>] (handle_mm_fault+0xc28/0x115c) [242411.229557] r10:eda45040 r9:ec19feb4 r8:00000079 r7:00000040 r6:b6f51000 r5:00000088 [242411.237487] r4:c026b3d0 [242411.240137] [<c02a6fe0>] (handle_mm_fault) from [<c0118954>] (do_page_fault+0x12c/0x40c) [242411.248339] r10:eda45040 r9:eda4af20 r8:eda45000 r7:edb1b200 r6:80000007 r5:b6f5174c [242411.256268] r4:ec19ffb0 [242411.258915] [<c0118828>] (do_page_fault) from [<c0118ee4>] (do_PrefetchAbort+0x48/0x9c) [242411.267028] r10:b6fcf620 r9:00000000 r8:c0118828 r7:ec19ffb0 r6:b6f5174c r5:00000007 [242411.274957] r4:c130aa04 [242411.277604] [<c0118e9c>] (do_PrefetchAbort) from [<c010210c>] (ret_from_exception+0x0/0x14) [242411.286056] Exception stack(0xec19ffb0 to 0xec19fff8) [242411.291214] ffa0: 00000000 00000000 00000000 e22dbd00 [242411.299502] ffc0: b6fcd434 b6fcd434 00000000 00000000 00000001 00000000 b6fcf620 b6fcc000 [242411.307787] ffe0: 00429f7c bee1bc50 b6f02981 b6f5174c 60000030 ffffffff [242411.314511] r8:10c5387d r7:10c5387d r6:ffffffff r5:60000030 r4:b6f5174c [242411.321425] ---[ end trace e34de087d9f73e02 ]--- [242411.326180] flexcan 2090000.flexcan can0: j1939_simple_recv: Received already invalidated message [242411.335217] ------------[ cut here ]------------ [242411.339963] WARNING: CPU: 0 PID: 1101 at lib/refcount.c:190 refcount_sub_and_test_checked+0xa8/0xb8 [242411.349158] refcount_t: underflow; use-after-free. [242411.354095] Modules linked in: can_j1939 coda_vpu imx_vdoa videobuf2_vmalloc dw_hdmi_ahb_audio vcan [242411.363333] CPU: 0 PID: 1101 Comm: cansend Tainted: G W 5.4.0-rc4-00015-g723fbf781146 #1 [242411.372829] Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree) [242411.379456] Backtrace: [242411.382024] [<c010f57c>] (dump_backtrace) from [<c010f918>] (show_stack+0x20/0x24) [242411.389705] r7:60000113 r6:c13b6cf8 r5:00000000 r4:c13b6cf8 [242411.395486] [<c010f8f8>] (show_stack) from [<c0c06638>] (dump_stack+0x80/0x94) [242411.402825] [<c0c065b8>] (dump_stack) from [<c0127c14>] (__warn+0xe0/0x108) [242411.409895] r7:000000be r6:c0525318 r5:00000009 r4:c0ff056c [242411.415664] [<c0127b34>] (__warn) from [<c0127ff0>] (warn_slowpath_fmt+0xa8/0xcc) [242411.423255] r7:c0525318 r6:000000be r5:c0ff056c r4:c0ff05d8 [242411.429033] [<c0127f4c>] (warn_slowpath_fmt) from [<c0525318>] (refcount_sub_and_test_checked+0xa8/0xb8) [242411.438622] r8:eccec780 r7:ecd63000 r6:ed983a08 r5:bf030e78 r4:00000000 [242411.445439] [<c0525270>] (refcount_sub_and_test_checked) from [<c0525340>] (refcount_dec_and_test_checked+0x18/0x1c) [242411.456064] r5:bf030e78 r4:ed76ec00 [242411.459758] [<c0525328>] (refcount_dec_and_test_checked) from [<c096bbac>] (sock_efree+0x20/0x34) [242411.468748] [<c096bb8c>] (sock_efree) from [<c0972628>] (skb_release_head_state+0x60/0x90) [242411.477116] r5:bf030e78 r4:ed1ce6c0 [242411.480808] [<c09725c8>] (skb_release_head_state) from [<c0972674>] (skb_release_all+0x1c/0x34) [242411.489608] r5:bf030e78 r4:ed1ce6c0 [242411.493298] [<c0972658>] (skb_release_all) from [<c0972700>] (kfree_skb+0x4c/0x114) [242411.501057] r5:bf030e78 r4:ed1ce6c0 [242411.504796] [<c09726b4>] (kfree_skb) from [<bf030e78>] (j1939_can_recv+0x170/0x190 [can_j1939]) [242411.513604] r7:ecd63000 r6:ed983a08 r5:ecd63008 r4:ed1ce6c0 [242411.519410] [<bf030d08>] (j1939_can_recv [can_j1939]) from [<c0a9d508>] (can_rcv_filter+0xb4/0x268) [242411.528562] r7:ed1cee40 r6:9823ff40 r5:00000001 r4:ec0da000 [242411.534333] [<c0a9d454>] (can_rcv_filter) from [<c0a9dd98>] (can_receive+0xb0/0xe4) [242411.542099] r9:ec19fca4 r8:00000000 r7:eccec000 r6:ed055940 r5:c139d040 r4:ed1cee40 [242411.549954] [<c0a9dce8>] (can_receive) from [<c0a9de14>] (can_rcv+0x48/0x98) [242411.557113] r9:ec19fca4 r8:eccec650 r7:eccec630 r6:0000003d r5:c0a9ddcc r4:ed1cee40 [242411.564971] [<c0a9ddcc>] (can_rcv) from [<c098cdcc>] (__netif_receive_skb_one_core+0x64/0x88) [242411.573598] r5:c0a9ddcc r4:ed1cee40 [242411.577286] [<c098cd68>] (__netif_receive_skb_one_core) from [<c098ce60>] (__netif_receive_skb+0x38/0x94) [242411.586954] r5:c130633c r4:ed1cee40 [242411.590644] [<c098ce28>] (__netif_receive_skb) from [<c098cf20>] (netif_receive_skb_internal+0x64/0xf8) [242411.600138] r5:c130633c r4:ed1cee40 [242411.603826] [<c098cebc>] (netif_receive_skb_internal) from [<c098cfe8>] (netif_receive_skb+0x34/0x19c) [242411.613233] r5:00000001 r4:ed1cee40 [242411.616928] [<c098cfb4>] (netif_receive_skb) from [<c0770a28>] (can_rx_offload_napi_poll+0x58/0xb4) [242411.626076] r5:00000001 r4:eccec000 [242411.629767] [<c07709d0>] (can_rx_offload_napi_poll) from [<c098ea5c>] (net_rx_action+0x144/0x490) [242411.638750] r9:ec19fca4 r8:01716e8d r7:c12df280 r6:0000003d r5:00000001 r4:eccec650 [242411.646609] [<c098e918>] (net_rx_action) from [<c01025e8>] (__do_softirq+0x170/0x464) [242411.654550] r10:ec19e000 r9:00000102 r8:00000001 r7:c13be8e4 r6:00000003 r5:00000001 [242411.662480] r4:c130308c [242411.665128] [<c0102478>] (__do_softirq) from [<c012eb78>] (irq_exit+0xd8/0xf0) [242411.672462] r10:ec19fdc0 r9:ec008c00 r8:00000000 r7:00000001 r6:00000000 r5:00000022 [242411.680391] r4:c12de4c0 [242411.683040] [<c012eaa0>] (irq_exit) from [<c018007c>] (__handle_domain_irq+0x90/0xf8) [242411.690972] r5:00000022 r4:c12de494 [242411.694659] [<c017ffec>] (__handle_domain_irq) from [<c0102354>] (gic_handle_irq+0x5c/0xa0) [242411.703121] r10:00000088 r9:ec19fdc0 r8:f4001100 r7:f4000100 r6:f400010c r5:c135a404 [242411.711053] r4:c1305578 r3:ec19fdc0 [242411.714740] [<c01022f8>] (gic_handle_irq) from [<c0101a8c>] (__irq_svc+0x6c/0xa8) [242411.722326] Exception stack(0xec19fdc0 to 0xec19fe08) [242411.727490] fdc0: eda45000 00000000 00000001 effe96d8 ec19feb4 effe96d8 eda4af20 00000000 [242411.735779] fde0: 00000000 4f98618f 00000088 ec19fe44 ec19fe48 ec19fe10 c02a6cf8 c02a3984 [242411.744058] fe00: 60000113 ffffffff [242411.747657] r9:ec19e000 r8:00000000 r7:ec19fdf4 r6:ffffffff r5:60000113 r4:c02a3984 [242411.755519] [<c02a6c2c>] (alloc_set_pte) from [<c026b760>] (filemap_map_pages+0x390/0x3b8) [242411.763894] r10:00000088 r9:ed880840 r8:ea5f55f8 r7:00000001 r6:ec19feb4 r5:00000406 [242411.771824] r4:effe96d8 [242411.774471] [<c026b3d0>] (filemap_map_pages) from [<c02a7c08>] (handle_mm_fault+0xc28/0x115c) [242411.783105] r10:eda45040 r9:ec19feb4 r8:00000079 r7:00000040 r6:b6f51000 r5:00000088 [242411.791034] r4:c026b3d0 [242411.793681] [<c02a6fe0>] (handle_mm_fault) from [<c0118954>] (do_page_fault+0x12c/0x40c) [242411.801881] r10:eda45040 r9:eda4af20 r8:eda45000 r7:edb1b200 r6:80000007 r5:b6f5174c [242411.809810] r4:ec19ffb0 [242411.812455] [<c0118828>] (do_page_fault) from [<c0118ee4>] (do_PrefetchAbort+0x48/0x9c) [242411.820568] r10:b6fcf620 r9:00000000 r8:c0118828 r7:ec19ffb0 r6:b6f5174c r5:00000007 [242411.828497] r4:c130aa04 [242411.831143] [<c0118e9c>] (do_PrefetchAbort) from [<c010210c>] (ret_from_exception+0x0/0x14) [242411.839594] Exception stack(0xec19ffb0 to 0xec19fff8) [242411.844751] ffa0: 00000000 00000000 00000000 e22dbd00 [242411.853038] ffc0: b6fcd434 b6fcd434 00000000 00000000 00000001 00000000 b6fcf620 b6fcc000 [242411.861323] ffe0: 00429f7c bee1bc50 b6f02981 b6f5174c 60000030 ffffffff [242411.868046] r8:10c5387d r7:10c5387d r6:ffffffff r5:60000030 r4:b6f5174c [242411.874911] ---[ end trace e34de087d9f73e03 ]---
The text was updated successfully, but these errors were encountered:
No branches or pull requests
This issue is reproducible only on real interface and not with vcan:
After this steps we will get following warning:
The text was updated successfully, but these errors were encountered: