syzbot

 sign-in | mailing list | source | docs
🐞 Open [994] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in wg_packet_send_staged_packets / wg_packet_send_staged_packets

Status: closed as invalid on 2020/06/18 14:24
Subsystems: wireguard
[Documentation on labels]
First crash: 1449d, last: 1411d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in wg_packet_send_staged_packets / wg_packet_send_staged_packets (2) wireguard 108 1114d 1281d 0/26 auto-closed as invalid on 2021/05/13 03:09
upstream KCSAN: data-race in wg_packet_send_staged_packets / wg_packet_send_staged_packets (3) wireguard 933 1d00h 808d 0/26 upstream: reported on 2022/02/08 08:32

Sample crash report:
==================================================================
BUG: KCSAN: data-race in wg_packet_send_staged_packets / wg_packet_send_staged_packets

write to 0xffff8880b4398a08 of 4 bytes by interrupt on cpu 1:
 wg_cpumask_next_online drivers/net/wireguard/queueing.h:141 [inline]
 wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:160 [inline]
 wg_packet_create_data drivers/net/wireguard/send.c:321 [inline]
 wg_packet_send_staged_packets+0x8dd/0xd90 drivers/net/wireguard/send.c:393
 wg_packet_send_keepalive+0x3f/0x140 drivers/net/wireguard/send.c:237
 wg_expired_send_persistent_keepalive+0x43/0x50 drivers/net/wireguard/timers.c:141
 call_timer_fn+0x58/0x2e0 kernel/time/timer.c:1405
 expire_timers kernel/time/timer.c:1450 [inline]
 __run_timers kernel/time/timer.c:1774 [inline]
 __run_timers kernel/time/timer.c:1741 [inline]
 run_timer_softirq+0xb14/0xbd0 kernel/time/timer.c:1787
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 smp_apic_timer_interrupt+0xe2/0x270 arch/x86/kernel/apic/apic.c:1140
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829

read to 0xffff8880b4398a08 of 4 bytes by interrupt on cpu 0:
 wg_cpumask_next_online drivers/net/wireguard/queueing.h:137 [inline]
 wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:160 [inline]
 wg_packet_create_data drivers/net/wireguard/send.c:321 [inline]
 wg_packet_send_staged_packets+0x88c/0xd90 drivers/net/wireguard/send.c:393
 wg_packet_send_keepalive+0x3f/0x140 drivers/net/wireguard/send.c:237
 wg_expired_send_persistent_keepalive+0x43/0x50 drivers/net/wireguard/timers.c:141
 call_timer_fn+0x58/0x2e0 kernel/time/timer.c:1405
 expire_timers kernel/time/timer.c:1450 [inline]
 __run_timers kernel/time/timer.c:1774 [inline]
 __run_timers kernel/time/timer.c:1741 [inline]
 run_timer_softirq+0xb14/0xbd0 kernel/time/timer.c:1787
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 smp_apic_timer_interrupt+0xe2/0x270 arch/x86/kernel/apic/apic.c:1140
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 8908 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (15):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/15 03:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2a22c77a .config console log report ci2-upstream-kcsan-gce
2020/06/10 18:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 5caaad3a .config console log report ci2-upstream-kcsan-gce
2020/06/04 14:10 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6720fdef .config console log report ci2-upstream-kcsan-gce
2020/05/30 22:39 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6f3e1c7c .config console log report ci2-upstream-kcsan-gce
2020/05/29 21:38 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 bed08304 .config console log report ci2-upstream-kcsan-gce
2020/05/28 20:20 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 c7192a2f .config console log report ci2-upstream-kcsan-gce
2020/05/27 10:13 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/05/24 18:25 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 ce7ca010 .config console log report ci2-upstream-kcsan-gce
2020/05/24 06:51 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 96c92ad3 .config console log report ci2-upstream-kcsan-gce
2020/05/16 22:26 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 37bccd4e .config console log report ci2-upstream-kcsan-gce
2020/05/13 15:07 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9a6d42fb .config console log report ci2-upstream-kcsan-gce
2020/05/12 07:00 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a497a5b4 .config console log report ci2-upstream-kcsan-gce
2020/05/10 09:25 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 8742a2b9 .config console log report ci2-upstream-kcsan-gce
2020/05/08 17:50 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 fe4122c3 .config console log report ci2-upstream-kcsan-gce
2020/05/07 23:58 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6c70a1c2 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.