syzbot

 sign-in | mailing list | source | docs
🐞 Open [979] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12498] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid

Status: auto-closed as invalid on 2022/01/18 18:58
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+6e43136abeebea55cf90@syzkaller.appspotmail.com
First crash: 871d, last: 861d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (4) net 2 667d 671d 0/26 auto-closed as invalid on 2022/07/31 19:25
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (2) net 1 810d 810d 0/26 auto-closed as invalid on 2022/03/11 07:39
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (7) net 1 203d 203d 25/26 fixed on 2023/12/21 01:43
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (6) net 12 354d 351d 0/26 auto-obsoleted due to no activity on 2023/06/09 19:15
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (5) net 1 615d 615d 0/26 auto-closed as invalid on 2022/09/21 19:30
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (3) net 1 722d 722d 0/26 auto-closed as invalid on 2022/06/07 04:28

Sample crash report:
==================================================================
BUG: KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid

write to 0xffff88813683a908 of 8 bytes by task 1849 on cpu 1:
 xfrm_lookup_with_ifid+0x1029/0x1820 net/xfrm/xfrm_policy.c:3135
 xfrm_lookup net/xfrm/xfrm_policy.c:3187 [inline]
 xfrm_lookup_route+0x37/0x100 net/xfrm/xfrm_policy.c:3198
 ip6_dst_lookup_flow+0x94/0xc0 net/ipv6/ip6_output.c:1206
 send6+0x238/0x3b0 drivers/net/wireguard/socket.c:139
 wg_socket_send_skb_to_peer+0xbb/0x130 drivers/net/wireguard/socket.c:177
 wg_socket_send_buffer_to_peer+0xf7/0x120 drivers/net/wireguard/socket.c:199
 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:40 [inline]
 wg_packet_handshake_send_worker+0x109/0x150 drivers/net/wireguard/send.c:51
 process_one_work+0x3fc/0x980 kernel/workqueue.c:2298
 worker_thread+0x616/0xa70 kernel/workqueue.c:2445
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

write to 0xffff88813683a908 of 8 bytes by task 25460 on cpu 0:
 xfrm_lookup_with_ifid+0x1029/0x1820 net/xfrm/xfrm_policy.c:3135
 xfrm_lookup net/xfrm/xfrm_policy.c:3187 [inline]
 xfrm_lookup_route+0x37/0x100 net/xfrm/xfrm_policy.c:3198
 ip6_dst_lookup_flow+0x94/0xc0 net/ipv6/ip6_output.c:1206
 send6+0x238/0x3b0 drivers/net/wireguard/socket.c:139
 wg_socket_send_skb_to_peer+0xbb/0x130 drivers/net/wireguard/socket.c:177
 wg_socket_send_buffer_to_peer+0xf7/0x120 drivers/net/wireguard/socket.c:199
 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:40 [inline]
 wg_packet_handshake_send_worker+0x109/0x150 drivers/net/wireguard/send.c:51
 process_one_work+0x3fc/0x980 kernel/workqueue.c:2298
 worker_thread+0x616/0xa70 kernel/workqueue.c:2445
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

value changed: 0x0000000061b8e939 -> 0x0000000061b8e93a

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 25460 Comm: kworker/u4:3 Not tainted 5.16.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/12/14 18:58 upstream 5472f14a3742 d018dd31 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid
2021/12/04 18:17 upstream bbef3c7a63d2 a617004c .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid
* Struck through repros no longer work on HEAD.