syzbot

 sign-in | mailing list | source | docs
🐞 Open [1593]
Subsystems
🐞 Fixed [6148]
🐞 Invalid [15385]
Missing Backports [172]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in wg_packet_receive / wg_packet_receive (8)

Status: auto-obsoleted due to no activity on 2024/04/28 08:23
Subsystems: wireguard
[Documentation on labels]
First crash: 374d, last: 374d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive (5) wireguard 1 865d 865d 0/28 auto-obsoleted due to no activity on 2023/01/02 14:24
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive wireguard 2 1218d 1235d 0/28 auto-closed as invalid on 2022/01/05 08:53
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive (4) wireguard 2 937d 940d 0/28 auto-obsoleted due to no activity on 2022/10/12 22:27
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive (7) wireguard 1 416d 414d 0/28 auto-obsoleted due to no activity on 2024/03/16 22:23
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive (3) wireguard 2 1031d 1035d 0/28 auto-closed as invalid on 2022/07/11 09:31
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive (6) wireguard 2 772d 810d 0/28 auto-obsoleted due to no activity on 2023/04/07 02:56
upstream KCSAN: data-race in wg_packet_receive / wg_packet_receive (2) wireguard 1 1087d 1087d 0/28 auto-closed as invalid on 2022/05/15 18:55

Sample crash report:
==================================================================
BUG: KCSAN: data-race in wg_packet_receive / wg_packet_receive

read to 0xffff88815ab67c28 of 4 bytes by interrupt on cpu 0:
 wg_cpumask_next_online drivers/net/wireguard/queueing.h:127 [inline]
 wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:173 [inline]
 wg_packet_consume_data drivers/net/wireguard/receive.c:526 [inline]
 wg_packet_receive+0xc9d/0x1360 drivers/net/wireguard/receive.c:576
 wg_receive+0x4e/0x80 drivers/net/wireguard/socket.c:326
 udpv6_queue_rcv_one_skb+0xb3f/0xbd0 net/ipv6/udp.c:713
 udpv6_queue_rcv_skb+0x1e7/0x200 net/ipv6/udp.c:775
 udp6_unicast_rcv_skb+0x195/0x1b0 net/ipv6/udp.c:918
 __udp6_lib_rcv+0x96a/0xcf0 net/ipv6/udp.c:1007
 udpv6_rcv+0x4f/0x60 net/ipv6/udp.c:1122
 ip6_protocol_deliver_rcu+0xa3e/0x1050 net/ipv6/ip6_input.c:438
 ip6_input_finish net/ipv6/ip6_input.c:483 [inline]
 NF_HOOK include/linux/netfilter.h:314 [inline]
 ip6_input+0xbd/0x1b0 net/ipv6/ip6_input.c:492
 dst_input include/net/dst.h:460 [inline]
 ip6_rcv_finish+0x1fa/0x330 net/ipv6/ip6_input.c:79
 NF_HOOK include/linux/netfilter.h:314 [inline]
 ipv6_rcv+0x74/0x150 net/ipv6/ip6_input.c:310
 __netif_receive_skb_one_core net/core/dev.c:5538 [inline]
 __netif_receive_skb+0xa2/0x280 net/core/dev.c:5652
 process_backlog+0x21f/0x380 net/core/dev.c:5981
 __napi_poll+0x63/0x3c0 net/core/dev.c:6632
 napi_poll net/core/dev.c:6701 [inline]
 net_rx_action+0x324/0x720 net/core/dev.c:6816
 __do_softirq+0xc8/0x285 kernel/softirq.c:554
 do_softirq+0x5e/0x90 kernel/softirq.c:455
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:382
 __raw_read_unlock_bh include/linux/rwlock_api_smp.h:257 [inline]
 _raw_read_unlock_bh+0x1b/0x20 kernel/locking/spinlock.c:284
 wg_socket_send_skb_to_peer+0x109/0x130 drivers/net/wireguard/socket.c:184
 wg_packet_create_data_done drivers/net/wireguard/send.c:251 [inline]
 wg_packet_tx_worker+0x127/0x360 drivers/net/wireguard/send.c:276
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243

write to 0xffff88815ab67c28 of 4 bytes by interrupt on cpu 1:
 wg_cpumask_next_online drivers/net/wireguard/queueing.h:130 [inline]
 wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:173 [inline]
 wg_packet_consume_data drivers/net/wireguard/receive.c:526 [inline]
 wg_packet_receive+0xd86/0x1360 drivers/net/wireguard/receive.c:576
 wg_receive+0x4e/0x80 drivers/net/wireguard/socket.c:326
 udp_queue_rcv_one_skb+0xad7/0xb70 net/ipv4/udp.c:2107
 udp_queue_rcv_skb+0x1e2/0x200 net/ipv4/udp.c:2185
 udp_unicast_rcv_skb+0x1c2/0x1f0 net/ipv4/udp.c:2345
 __udp4_lib_rcv+0xbb4/0x11b0 net/ipv4/udp.c:2421
 udp_rcv+0x4f/0x60 net/ipv4/udp.c:2604
 ip_protocol_deliver_rcu+0x3ce/0x710 net/ipv4/ip_input.c:205
 ip_local_deliver_finish+0x17c/0x210 net/ipv4/ip_input.c:233
 NF_HOOK include/linux/netfilter.h:314 [inline]
 ip_local_deliver+0xec/0x1d0 net/ipv4/ip_input.c:254
 dst_input include/net/dst.h:460 [inline]
 ip_rcv_finish+0x193/0x1b0 net/ipv4/ip_input.c:449
 NF_HOOK include/linux/netfilter.h:314 [inline]
 ip_rcv+0x64/0x140 net/ipv4/ip_input.c:569
 __netif_receive_skb_one_core net/core/dev.c:5538 [inline]
 __netif_receive_skb+0x10a/0x280 net/core/dev.c:5652
 process_backlog+0x21f/0x380 net/core/dev.c:5981
 __napi_poll+0x63/0x3c0 net/core/dev.c:6632
 napi_poll net/core/dev.c:6701 [inline]
 net_rx_action+0x324/0x720 net/core/dev.c:6816
 __do_softirq+0xc8/0x285 kernel/softirq.c:554
 do_softirq+0x5e/0x90 kernel/softirq.c:455
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:382
 __raw_read_unlock_bh include/linux/rwlock_api_smp.h:257 [inline]
 _raw_read_unlock_bh+0x1b/0x20 kernel/locking/spinlock.c:284
 wg_socket_send_skb_to_peer+0x109/0x130 drivers/net/wireguard/socket.c:184
 wg_packet_create_data_done drivers/net/wireguard/send.c:251 [inline]
 wg_packet_tx_worker+0x127/0x360 drivers/net/wireguard/send.c:276
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 16114 Comm: kworker/1:9 Not tainted 6.8.0-syzkaller-13213-g70293240c5ce #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
Workqueue: wg-crypt-wg2 wg_packet_tx_worker
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/03/24 08:15 upstream 70293240c5ce 0ea90952 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in wg_packet_receive / wg_packet_receive
* Struck through repros no longer work on HEAD.