syzbot

 sign-in | mailing list | source | docs
🐞 Open [1166] 🐞 Fixed [4299] 🐞 Invalid [9646] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (3)

Status: auto-closed as invalid on 2022/06/07 04:28
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 271d, last: 271d
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (4) 2 216d 220d 0/24 auto-closed as invalid on 2022/07/31 19:25
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid 2 410d 414d 0/24 auto-closed as invalid on 2022/01/18 18:58
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (2) 1 359d 359d 0/24 auto-closed as invalid on 2022/03/11 07:39
upstream KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid (5) 1 164d 164d 0/24 auto-closed as invalid on 2022/09/21 19:30

Sample crash report:
==================================================================
BUG: KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid

write to 0xffff88813845c908 of 8 bytes by task 21259 on cpu 1:
 xfrm_lookup_with_ifid+0x10ca/0x1880 net/xfrm/xfrm_policy.c:3139
 xfrm_lookup net/xfrm/xfrm_policy.c:3191 [inline]
 xfrm_lookup_route+0x37/0x100 net/xfrm/xfrm_policy.c:3202
 ip6_dst_lookup_flow+0x94/0xc0 net/ipv6/ip6_output.c:1206
 send6+0x23a/0x3b0 drivers/net/wireguard/socket.c:139
 wg_socket_send_skb_to_peer+0xbb/0x120 drivers/net/wireguard/socket.c:178
 wg_socket_send_buffer_to_peer+0xd2/0xf0 drivers/net/wireguard/socket.c:200
 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:40 [inline]
 wg_packet_handshake_send_worker+0x109/0x150 drivers/net/wireguard/send.c:51
 process_one_work+0x3d3/0x720 kernel/workqueue.c:2289
 worker_thread+0x618/0xa70 kernel/workqueue.c:2436
 kthread+0x1a9/0x1e0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30

write to 0xffff88813845c908 of 8 bytes by task 16507 on cpu 0:
 xfrm_lookup_with_ifid+0x10ca/0x1880 net/xfrm/xfrm_policy.c:3139
 xfrm_lookup net/xfrm/xfrm_policy.c:3191 [inline]
 xfrm_lookup_route+0x37/0x100 net/xfrm/xfrm_policy.c:3202
 ip6_dst_lookup_flow+0x94/0xc0 net/ipv6/ip6_output.c:1206
 send6+0x23a/0x3b0 drivers/net/wireguard/socket.c:139
 wg_socket_send_skb_to_peer+0xbb/0x120 drivers/net/wireguard/socket.c:178
 wg_socket_send_buffer_to_peer+0xd2/0xf0 drivers/net/wireguard/socket.c:200
 wg_packet_send_handshake_initiation drivers/net/wireguard/send.c:40 [inline]
 wg_packet_handshake_send_worker+0x109/0x150 drivers/net/wireguard/send.c:51
 process_one_work+0x3d3/0x720 kernel/workqueue.c:2289
 worker_thread+0x618/0xa70 kernel/workqueue.c:2436
 kthread+0x1a9/0x1e0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30

value changed: 0x000000006270adb1 -> 0x000000006270adb6

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 16507 Comm: kworker/u4:0 Not tainted 5.18.0-rc5-syzkaller-00006-g9050ba3a61a4-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
==================================================================

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci2-upstream-kcsan-gce 2022/05/03 04:21 upstream 9050ba3a61a4 2df221f6 .config console log report info KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_lookup_with_ifid
* Struck through repros no longer work on HEAD.