syzbot


KCSAN: data-race in wg_index_hashtable_insert / wg_index_hashtable_lookup (2)

Status: auto-closed as invalid on 2022/02/04 17:58
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 339d, last: 339d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in wg_index_hashtable_insert / wg_index_hashtable_lookup 1 722d 722d 0/24 auto-closed as invalid on 2021/01/17 16:47

Sample crash report:
==================================================================
BUG: KCSAN: data-race in wg_index_hashtable_insert / wg_index_hashtable_lookup

write to 0xffff8881343a798c of 4 bytes by task 16835 on cpu 1:
 wg_index_hashtable_insert+0xd1/0x2b0 drivers/net/wireguard/peerlookup.c:132
 wg_noise_handshake_create_response+0x7c1/0x870 drivers/net/wireguard/noise.c:680
 wg_packet_send_handshake_response+0x6a/0x110 drivers/net/wireguard/send.c:94
 wg_receive_handshake_packet drivers/net/wireguard/receive.c:161 [inline]
 wg_packet_handshake_receive_worker+0x41b/0x6e0 drivers/net/wireguard/receive.c:220
 process_one_work+0x3fc/0x980 kernel/workqueue.c:2298
 worker_thread+0x616/0xa70 kernel/workqueue.c:2445
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

read to 0xffff8881343a798c of 4 bytes by task 7 on cpu 0:
 wg_index_hashtable_lookup+0x59/0x110 drivers/net/wireguard/peerlookup.c:211
 wg_noise_handshake_consume_response+0x143/0xa60 drivers/net/wireguard/noise.c:714
 wg_receive_handshake_packet drivers/net/wireguard/receive.c:173 [inline]
 wg_packet_handshake_receive_worker+0x42a/0x6e0 drivers/net/wireguard/receive.c:220
 process_one_work+0x3fc/0x980 kernel/workqueue.c:2298
 worker_thread+0x616/0xa70 kernel/workqueue.c:2445
 kthread+0x2c7/0x2e0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

value changed: 0x45ae377f -> 0xfced46fa

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.16.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: wg-kex-wg0 wg_packet_handshake_receive_worker
==================================================================
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2021/12/31 17:54 upstream 4f3d93c6eaff 36bd2e48 .config log report info KCSAN: data-race in wg_index_hashtable_insert / wg_index_hashtable_lookup
* Struck through repros no longer work on HEAD.