syzbot

 sign-in | mailing list | source | docs
🐞 Open [684]
🐞 Fixed [72]
🐞 Invalid [863]
Missing Backports [106]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: soft lockup in wg_expired_retransmit_handshake

Status: upstream: reported syz repro on 2025/05/03 05:57
Reported-by: syzbot+3fa304599ba6504719c1@syzkaller.appspotmail.com
First crash: 6d21h, last: 6d21h

Sample crash report:
watchdog: BUG: soft lockup - CPU#1 stuck for 23s! [swapper/1:0]
Modules linked in:
irq event stamp: 156889
hardirqs last  enabled at (156888): [<ffff8000111a214c>] exit_el1_irq_or_nmi+0x10/0x1c arch/arm64/kernel/entry-common.c:235
hardirqs last disabled at (156889): [<ffff8000111a2130>] enter_el1_irq_or_nmi+0x10/0x1c arch/arm64/kernel/entry-common.c:227
softirqs last  enabled at (152514): [<ffff80000819d0d8>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last  enabled at (152514): [<ffff80000819d0d8>] handle_softirqs+0xa4c/0xbf0 kernel/softirq.c:586
softirqs last disabled at (152551): [<ffff80000819d6dc>] __do_softirq kernel/softirq.c:592 [inline]
softirqs last disabled at (152551): [<ffff80000819d6dc>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (152551): [<ffff80000819d6dc>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (152551): [<ffff80000819d6dc>] __irq_exit_rcu+0x240/0x440 kernel/softirq.c:641
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.181-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : queued_write_lock_slowpath+0x148/0x32c kernel/locking/qrwlock.c:78
lr : instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
lr : atomic_or include/linux/atomic/atomic-instrumented.h:377 [inline]
lr : queued_write_lock_slowpath+0xf0/0x32c kernel/locking/qrwlock.c:74
sp : ffff800008017900
x29: ffff800008017960 x28: ffff8000140a1008 x27: 00000000000000ff
x26: 0000000000000100 x25: 0000000000000003 x24: 1fffe0001825d02c
x23: ffff800008017900 x22: 1ffff00001002f20 x21: dfff800000000000
x20: ffff0000c12e8164 x19: ffff0000c12e8160 x18: 0000000000010001
x17: 0000000000010001 x16: ffff8000082d50e8 x15: 0000000000000003
x14: 00000000ffff8000 x13: 1ffff0000282a06b x12: 0000000000000001
x11: 1fffe0001825d02c x10: 0000000000000000 x9 : 0000000000000000
x8 : 0000000000000300 x7 : ffff80000c4289b4 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000082d5b1c
x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
Call trace:
 __cmpwait_case_32 arch/arm64/include/asm/cmpxchg.h:252 [inline]
 __cmpwait arch/arm64/include/asm/cmpxchg.h:278 [inline]
 queued_write_lock_slowpath+0x148/0x32c kernel/locking/qrwlock.c:78
 queued_write_lock include/asm-generic/qrwlock.h:97 [inline]
 do_raw_write_lock+0x2d0/0x2d4 kernel/locking/spinlock_debug.c:210
 __raw_write_lock_bh include/linux/rwlock_api_smp.h:204 [inline]
 _raw_write_lock_bh+0x11c/0x1b4 kernel/locking/spinlock.c:324
 wg_socket_clear_peer_endpoint_src+0x20/0x50 drivers/net/wireguard/socket.c:310
 wg_expired_retransmit_handshake+0xc4/0x270 drivers/net/wireguard/timers.c:73
 call_timer_fn+0x19c/0x858 kernel/time/timer.c:1451
 expire_timers kernel/time/timer.c:1496 [inline]
 __run_timers+0x46c/0x6c4 kernel/time/timer.c:1767
 run_timer_softirq+0x7c/0x114 kernel/time/timer.c:1780
 handle_softirqs+0x344/0xbf0 kernel/softirq.c:558
 __do_softirq kernel/softirq.c:592 [inline]
 do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
 invoke_softirq kernel/softirq.c:439 [inline]
 __irq_exit_rcu+0x240/0x440 kernel/softirq.c:641
 irq_exit+0x14/0x88 kernel/softirq.c:665
 handle_domain_irq+0x14c/0x1fc kernel/irq/irqdesc.c:711
 gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:765
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:899
 do_interrupt_handler+0x6c/0x88 arch/arm64/kernel/entry-common.c:267
 el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:454
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:470
 el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:522
 arch_local_irq_enable+0xc/0x18 arch/arm64/include/asm/irqflags.h:35
 default_idle_call+0xcc/0x418 kernel/sched/idle.c:112
 cpuidle_idle_call kernel/sched/idle.c:194 [inline]
 do_idle+0x1c8/0x480 kernel/sched/idle.c:306
 cpu_startup_entry+0x24/0x28 kernel/sched/idle.c:403
 secondary_start_kernel+0x23c/0x294 arch/arm64/kernel/smp.c:265
 __secondary_switched+0x94/0x98 arch/arm64/kernel/head.S:661

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/03 05:57 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: soft lockup in wg_expired_retransmit_handshake
* Struck through repros no longer work on HEAD.