syzbot


KCSAN: data-race in __neigh_event_send / neigh_resolve_output (6)

Status: auto-closed as invalid on 2022/02/20 22:06
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 354d, last: 320d
similar bugs (5):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __neigh_event_send / neigh_resolve_output (4) 1 769d 769d 0/24 auto-closed as invalid on 2020/11/28 17:46
upstream KCSAN: data-race in __neigh_event_send / neigh_resolve_output 5 1112d 1135d 0/24 auto-closed as invalid on 2020/01/25 19:36
upstream KCSAN: data-race in __neigh_event_send / neigh_resolve_output (2) 1 1038d 1038d 0/24 auto-closed as invalid on 2020/04/08 18:47
upstream KCSAN: data-race in __neigh_event_send / neigh_resolve_output (3) 1 897d 897d 0/24 auto-closed as invalid on 2020/07/24 05:33
upstream KCSAN: data-race in __neigh_event_send / neigh_resolve_output (5) 2 667d 694d 0/24 auto-closed as invalid on 2021/03/11 01:25

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __neigh_event_send / neigh_resolve_output

write to 0xffff888131c71484 of 1 bytes by task 1847 on cpu 0:
 __neigh_event_send+0x40d/0xb20 net/core/neighbour.c:1157
 neigh_event_send include/net/neighbour.h:470 [inline]
 neigh_resolve_output+0x104/0x410 net/core/neighbour.c:1506
 neigh_output include/net/neighbour.h:541 [inline]
 ip6_finish_output2+0x9be/0xbd0 net/ipv6/ip6_output.c:126
 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline]
 ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224
 dst_output include/net/dst.h:451 [inline]
 ip6_local_out+0x60/0x80 net/ipv6/output_core.c:161
 ip6tunnel_xmit include/net/ip6_tunnel.h:161 [inline]
 udp_tunnel6_xmit_skb+0x31a/0x4d0 net/ipv6/ip6_udp_tunnel.c:109
 send6+0x2f1/0x3b0 drivers/net/wireguard/socket.c:152
 wg_socket_send_skb_to_peer+0xbb/0x130 drivers/net/wireguard/socket.c:177
 wg_socket_send_buffer_to_peer+0xf7/0x120 drivers/net/wireguard/socket.c:199
 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:40 [inline]
 wg_packet_handshake_send_worker+0x109/0x150 drivers/net/wireguard/send.c:51
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

read to 0xffff888131c71484 of 1 bytes by task 33 on cpu 1:
 neigh_event_send include/net/neighbour.h:469 [inline]
 neigh_resolve_output+0x6f/0x410 net/core/neighbour.c:1506
 neigh_output include/net/neighbour.h:541 [inline]
 ip6_finish_output2+0x9be/0xbd0 net/ipv6/ip6_output.c:126
 __ip6_finish_output net/ipv6/ip6_output.c:191 [inline]
 ip6_finish_output+0x446/0x4c0 net/ipv6/ip6_output.c:201
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip6_output+0x10e/0x210 net/ipv6/ip6_output.c:224
 dst_output include/net/dst.h:451 [inline]
 ip6_local_out+0x60/0x80 net/ipv6/output_core.c:161
 ip6tunnel_xmit include/net/ip6_tunnel.h:161 [inline]
 udp_tunnel6_xmit_skb+0x31a/0x4d0 net/ipv6/ip6_udp_tunnel.c:109
 send6+0x2f1/0x3b0 drivers/net/wireguard/socket.c:152
 wg_socket_send_skb_to_peer+0xbb/0x130 drivers/net/wireguard/socket.c:177
 wg_socket_send_buffer_to_peer+0xf7/0x120 drivers/net/wireguard/socket.c:199
 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:40 [inline]
 wg_packet_handshake_send_worker+0x109/0x150 drivers/net/wireguard/send.c:51
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

value changed: 0x20 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 33 Comm: kworker/u4:1 Not tainted 5.16.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
==================================================================

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/01/16 22:06 upstream 79e06c4c4950 723cfaf0 .config log report info KCSAN: data-race in __neigh_event_send / neigh_resolve_output
ci2-upstream-kcsan-gce 2021/12/13 15:14 upstream 2585cf9dfaad 0304899b .config log report info KCSAN: data-race in __neigh_event_send / neigh_resolve_output
* Struck through repros no longer work on HEAD.