bisecting cause commit starting from 0bf999f9c5e74c7ecf9dafb527146601e5c848b9 building syzkaller on c5ed587f4af5e639f7373d8ebf10ac049cb9c71b testing commit 0bf999f9c5e74c7ecf9dafb527146601e5c848b9 with gcc (GCC) 8.1.0 kernel signature: 969e27546e3f647d42028565801b78e017cbede589cfe7c95a3d4ba529e27c13 all runs: crashed: divide error in encrypt_packet testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 88ecf27f09fe4a1663356eec31011d3140f5ee37f8da3424d72e4aabc177634f all runs: OK # git bisect start 0bf999f9c5e74c7ecf9dafb527146601e5c848b9 d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 Bisecting: 5927 revisions left to test after this (roughly 13 steps) [4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb] Merge tag 'for-v5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply testing commit 4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb with gcc (GCC) 8.1.0 kernel signature: 9a1ccaac1a62b7a10ff6fad59a8705eb2c5d84343e2baa76c26ea570c9abf8b0 all runs: crashed: divide error in encrypt_packet # git bisect bad 4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb Bisecting: 2314 revisions left to test after this (roughly 12 steps) [bd2463ac7d7ec51d432f23bf0e893fb371a908cd] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit bd2463ac7d7ec51d432f23bf0e893fb371a908cd with gcc (GCC) 8.1.0 kernel signature: 191f4fb326bb5844f977da0cb875f7080148ea10174684a02386924b0551548f all runs: crashed: divide error in encrypt_packet # git bisect bad bd2463ac7d7ec51d432f23bf0e893fb371a908cd Bisecting: 1616 revisions left to test after this (roughly 11 steps) [6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41] qed: rt init valid initialization changed testing commit 6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41 with gcc (GCC) 8.1.0 kernel signature: bc0b3ee93ddca3b3cacfdb84c1045597413046a6e1c01198b25aa6d0768f1d83 all runs: crashed: divide error in encrypt_packet # git bisect bad 6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41 Bisecting: 808 revisions left to test after this (roughly 10 steps) [b9ae51273655a72a12fba730843fd72fb132735a] hsr: fix dummy hsr_debugfs_rename() declaration testing commit b9ae51273655a72a12fba730843fd72fb132735a with gcc (GCC) 8.1.0 kernel signature: dd9ced82d6d5a06cf076af3d44ecab65dadb53caae6553815dc8e00168ea1e25 all runs: crashed: divide error in encrypt_packet # git bisect bad b9ae51273655a72a12fba730843fd72fb132735a Bisecting: 403 revisions left to test after this (roughly 9 steps) [dacad7b34b59fb06a242ef2cf64205f04f7c5339] mlxsw: spectrum_router: Start using new IPv6 route notifications testing commit dacad7b34b59fb06a242ef2cf64205f04f7c5339 with gcc (GCC) 8.1.0 kernel signature: 1aaa2fea5e21873a223e7edeca69b35dba38f998c44b43a39a94d71f738c511f all runs: crashed: divide error in encrypt_packet # git bisect bad dacad7b34b59fb06a242ef2cf64205f04f7c5339 Bisecting: 201 revisions left to test after this (roughly 8 steps) [f63db4efdd50a2b67b97336fde67661af8af112b] net: bcmgenet: Refactor bcmgenet_set_features() testing commit f63db4efdd50a2b67b97336fde67661af8af112b with gcc (GCC) 8.1.0 kernel signature: 9b492735edda6d3bebce7481faa2519884de9ad475e233e7203cc77d794300da all runs: crashed: divide error in encrypt_packet # git bisect bad f63db4efdd50a2b67b97336fde67661af8af112b Bisecting: 100 revisions left to test after this (roughly 7 steps) [a8674f753e36f566d6c1d992ab85323d784281d9] ipv4: Notify newly added route if should be offloaded testing commit a8674f753e36f566d6c1d992ab85323d784281d9 with gcc (GCC) 8.1.0 kernel signature: ace0ab6b41a0a3acf1253b214820f368dfac052a6b03ef571fb2c12e12bcf0e0 all runs: crashed: divide error in encrypt_packet # git bisect bad a8674f753e36f566d6c1d992ab85323d784281d9 Bisecting: 49 revisions left to test after this (roughly 6 steps) [bea0f4a5115aaf6f59c6d2125f52ff149874b6d2] Merge branch 'sfp-slow-to-probe-copper' testing commit bea0f4a5115aaf6f59c6d2125f52ff149874b6d2 with gcc (GCC) 8.1.0 kernel signature: c1ce812b5feb7c1312e646b302724126d083f01121689dfd597e918c4f60373c all runs: crashed: divide error in encrypt_packet # git bisect bad bea0f4a5115aaf6f59c6d2125f52ff149874b6d2 Bisecting: 24 revisions left to test after this (roughly 5 steps) [bb9d8454bb0fed028558d1e66b12d50db5e43e06] Merge branch 'tipc-introduce-variable-window-congestion-control' testing commit bb9d8454bb0fed028558d1e66b12d50db5e43e06 with gcc (GCC) 8.1.0 kernel signature: 6bf3116cf4b806777edb9284fa95c8284274f0eb71aecb6ce309291c34f3c299 all runs: crashed: divide error in encrypt_packet # git bisect bad bb9d8454bb0fed028558d1e66b12d50db5e43e06 Bisecting: 12 revisions left to test after this (roughly 4 steps) [e70ac628289766bc2c81a0db161368b69da774fd] qed: remove redundant assignments to rc testing commit e70ac628289766bc2c81a0db161368b69da774fd with gcc (GCC) 8.1.0 kernel signature: d2701d8d1f9c95821472f981c24c1a3facc12f8bdc5b5a9ccfc4ffab4525536c all runs: crashed: divide error in encrypt_packet # git bisect bad e70ac628289766bc2c81a0db161368b69da774fd Bisecting: 6 revisions left to test after this (roughly 3 steps) [3cd9d35ee5f7a23203443f1a0d3c344f034c0dc7] dt-bindings: net: bluetooth: Minor fix in broadcom-bluetooth testing commit 3cd9d35ee5f7a23203443f1a0d3c344f034c0dc7 with gcc (GCC) 8.1.0 kernel signature: 2a1080552da63c7dc68340805f8bffcd3b1c4baf80f8dbd06817a8f605692f23 all runs: OK # git bisect good 3cd9d35ee5f7a23203443f1a0d3c344f034c0dc7 Bisecting: 3 revisions left to test after this (roughly 2 steps) [7ecacafc240638148567742cca41aa7144b4fe1e] Bluetooth: btusb: Disable runtime suspend on Realtek devices testing commit 7ecacafc240638148567742cca41aa7144b4fe1e with gcc (GCC) 8.1.0 kernel signature: 873c8509ca3f743d4b8efa5b1e832de4a6df60d5251fc7b3101cbab214ab4684 all runs: OK # git bisect good 7ecacafc240638148567742cca41aa7144b4fe1e Bisecting: 1 revision left to test after this (roughly 1 step) [4a63ef710cc3e79ce58b46b122118e415a44b3db] Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next testing commit 4a63ef710cc3e79ce58b46b122118e415a44b3db with gcc (GCC) 8.1.0 kernel signature: 2a44f2794e62a91a5a0d37d57e1f1ff5e0f8b377246ed05080fd84f3c3b277c6 all runs: crashed: divide error in encrypt_packet # git bisect bad 4a63ef710cc3e79ce58b46b122118e415a44b3db Bisecting: 0 revisions left to test after this (roughly 0 steps) [e7096c131e5161fa3b8e52a650d7719d2857adfd] net: WireGuard secure network tunnel testing commit e7096c131e5161fa3b8e52a650d7719d2857adfd with gcc (GCC) 8.1.0 kernel signature: 72631a5545d1ab60c8d856551e567f985852d46577c120e7a4e355568e69977c all runs: crashed: divide error in encrypt_packet # git bisect bad e7096c131e5161fa3b8e52a650d7719d2857adfd e7096c131e5161fa3b8e52a650d7719d2857adfd is the first bad commit commit e7096c131e5161fa3b8e52a650d7719d2857adfd Author: Jason A. Donenfeld Date: Mon Dec 9 00:27:34 2019 +0100 net: WireGuard secure network tunnel WireGuard is a layer 3 secure networking tunnel made specifically for the kernel, that aims to be much simpler and easier to audit than IPsec. Extensive documentation and description of the protocol and considerations, along with formal proofs of the cryptography, are available at: * https://www.wireguard.com/ * https://www.wireguard.com/papers/wireguard.pdf This commit implements WireGuard as a simple network device driver, accessible in the usual RTNL way used by virtual network drivers. It makes use of the udp_tunnel APIs, GRO, GSO, NAPI, and the usual set of networking subsystem APIs. It has a somewhat novel multicore queueing system designed for maximum throughput and minimal latency of encryption operations, but it is implemented modestly using workqueues and NAPI. Configuration is done via generic Netlink, and following a review from the Netlink maintainer a year ago, several high profile userspace tools have already implemented the API. This commit also comes with several different tests, both in-kernel tests and out-of-kernel tests based on network namespaces, taking profit of the fact that sockets used by WireGuard intentionally stay in the namespace the WireGuard interface was originally created, exactly like the semantics of userspace tun devices. See wireguard.com/netns/ for pictures and examples. The source code is fairly short, but rather than combining everything into a single file, WireGuard is developed as cleanly separable files, making auditing and comprehension easier. Things are laid out as follows: * noise.[ch], cookie.[ch], messages.h: These implement the bulk of the cryptographic aspects of the protocol, and are mostly data-only in nature, taking in buffers of bytes and spitting out buffers of bytes. They also handle reference counting for their various shared pieces of data, like keys and key lists. * ratelimiter.[ch]: Used as an integral part of cookie.[ch] for ratelimiting certain types of cryptographic operations in accordance with particular WireGuard semantics. * allowedips.[ch], peerlookup.[ch]: The main lookup structures of WireGuard, the former being trie-like with particular semantics, an integral part of the design of the protocol, and the latter just being nice helper functions around the various hashtables we use. * device.[ch]: Implementation of functions for the netdevice and for rtnl, responsible for maintaining the life of a given interface and wiring it up to the rest of WireGuard. * peer.[ch]: Each interface has a list of peers, with helper functions available here for creation, destruction, and reference counting. * socket.[ch]: Implementation of functions related to udp_socket and the general set of kernel socket APIs, for sending and receiving ciphertext UDP packets, and taking care of WireGuard-specific sticky socket routing semantics for the automatic roaming. * netlink.[ch]: Userspace API entry point for configuring WireGuard peers and devices. The API has been implemented by several userspace tools and network management utility, and the WireGuard project distributes the basic wg(8) tool. * queueing.[ch]: Shared function on the rx and tx path for handling the various queues used in the multicore algorithms. * send.c: Handles encrypting outgoing packets in parallel on multiple cores, before sending them in order on a single core, via workqueues and ring buffers. Also handles sending handshake and cookie messages as part of the protocol, in parallel. * receive.c: Handles decrypting incoming packets in parallel on multiple cores, before passing them off in order to be ingested via the rest of the networking subsystem with GRO via the typical NAPI poll function. Also handles receiving handshake and cookie messages as part of the protocol, in parallel. * timers.[ch]: Uses the timer wheel to implement protocol particular event timeouts, and gives a set of very simple event-driven entry point functions for callers. * main.c, version.h: Initialization and deinitialization of the module. * selftest/*.h: Runtime unit tests for some of the most security sensitive functions. * tools/testing/selftests/wireguard/netns.sh: Aforementioned testing script using network namespaces. This commit aims to be as self-contained as possible, implementing WireGuard as a standalone module not needing much special handling or coordination from the network subsystem. I expect for future optimizations to the network stack to positively improve WireGuard, and vice-versa, but for the time being, this exists as intentionally standalone. We introduce a menu option for CONFIG_WIREGUARD, as well as providing a verbose debug log and self-tests via CONFIG_WIREGUARD_DEBUG. Signed-off-by: Jason A. Donenfeld Cc: David Miller Cc: Greg KH Cc: Linus Torvalds Cc: Herbert Xu Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Signed-off-by: David S. Miller MAINTAINERS | 8 + drivers/net/Kconfig | 41 ++ drivers/net/Makefile | 1 + drivers/net/wireguard/Makefile | 18 + drivers/net/wireguard/allowedips.c | 381 ++++++++++++ drivers/net/wireguard/allowedips.h | 59 ++ drivers/net/wireguard/cookie.c | 236 ++++++++ drivers/net/wireguard/cookie.h | 59 ++ drivers/net/wireguard/device.c | 458 +++++++++++++++ drivers/net/wireguard/device.h | 73 +++ drivers/net/wireguard/main.c | 64 +++ drivers/net/wireguard/messages.h | 128 +++++ drivers/net/wireguard/netlink.c | 642 +++++++++++++++++++++ drivers/net/wireguard/netlink.h | 12 + drivers/net/wireguard/noise.c | 828 +++++++++++++++++++++++++++ drivers/net/wireguard/noise.h | 137 +++++ drivers/net/wireguard/peer.c | 240 ++++++++ drivers/net/wireguard/peer.h | 83 +++ drivers/net/wireguard/peerlookup.c | 221 +++++++ drivers/net/wireguard/peerlookup.h | 64 +++ drivers/net/wireguard/queueing.c | 53 ++ drivers/net/wireguard/queueing.h | 197 +++++++ drivers/net/wireguard/ratelimiter.c | 223 ++++++++ drivers/net/wireguard/ratelimiter.h | 19 + drivers/net/wireguard/receive.c | 595 +++++++++++++++++++ drivers/net/wireguard/selftest/allowedips.c | 683 ++++++++++++++++++++++ drivers/net/wireguard/selftest/counter.c | 104 ++++ drivers/net/wireguard/selftest/ratelimiter.c | 226 ++++++++ drivers/net/wireguard/send.c | 413 +++++++++++++ drivers/net/wireguard/socket.c | 437 ++++++++++++++ drivers/net/wireguard/socket.h | 44 ++ drivers/net/wireguard/timers.c | 243 ++++++++ drivers/net/wireguard/timers.h | 31 + drivers/net/wireguard/version.h | 1 + include/uapi/linux/wireguard.h | 196 +++++++ tools/testing/selftests/wireguard/netns.sh | 537 +++++++++++++++++ 36 files changed, 7755 insertions(+) create mode 100644 drivers/net/wireguard/Makefile create mode 100644 drivers/net/wireguard/allowedips.c create mode 100644 drivers/net/wireguard/allowedips.h create mode 100644 drivers/net/wireguard/cookie.c create mode 100644 drivers/net/wireguard/cookie.h create mode 100644 drivers/net/wireguard/device.c create mode 100644 drivers/net/wireguard/device.h create mode 100644 drivers/net/wireguard/main.c create mode 100644 drivers/net/wireguard/messages.h create mode 100644 drivers/net/wireguard/netlink.c create mode 100644 drivers/net/wireguard/netlink.h create mode 100644 drivers/net/wireguard/noise.c create mode 100644 drivers/net/wireguard/noise.h create mode 100644 drivers/net/wireguard/peer.c create mode 100644 drivers/net/wireguard/peer.h create mode 100644 drivers/net/wireguard/peerlookup.c create mode 100644 drivers/net/wireguard/peerlookup.h create mode 100644 drivers/net/wireguard/queueing.c create mode 100644 drivers/net/wireguard/queueing.h create mode 100644 drivers/net/wireguard/ratelimiter.c create mode 100644 drivers/net/wireguard/ratelimiter.h create mode 100644 drivers/net/wireguard/receive.c create mode 100644 drivers/net/wireguard/selftest/allowedips.c create mode 100644 drivers/net/wireguard/selftest/counter.c create mode 100644 drivers/net/wireguard/selftest/ratelimiter.c create mode 100644 drivers/net/wireguard/send.c create mode 100644 drivers/net/wireguard/socket.c create mode 100644 drivers/net/wireguard/socket.h create mode 100644 drivers/net/wireguard/timers.c create mode 100644 drivers/net/wireguard/timers.h create mode 100644 drivers/net/wireguard/version.h create mode 100644 include/uapi/linux/wireguard.h create mode 100755 tools/testing/selftests/wireguard/netns.sh parent commit e42617b825f8073569da76dc4510bfa019b1c35a wasn't tested testing commit e42617b825f8073569da76dc4510bfa019b1c35a with gcc (GCC) 8.1.0 kernel signature: aa874b7b2a93b922eb4236732d6a66b855af25bc93b4217541ed038b6125576f culprit signature: 72631a5545d1ab60c8d856551e567f985852d46577c120e7a4e355568e69977c parent signature: aa874b7b2a93b922eb4236732d6a66b855af25bc93b4217541ed038b6125576f revisions tested: 16, total time: 3h15m11.789810426s (build: 1h50m2.46688269s, test: 1h21m58.07049873s) first bad commit: e7096c131e5161fa3b8e52a650d7719d2857adfd net: WireGuard secure network tunnel cc: ["davem@davemloft.net" "jason@zx2c4.com"] crash: divide error in encrypt_packet divide error: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 8183 Comm: kworker/0:4 Not tainted 5.5.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: wg-crypt-wg0 wg_packet_encrypt_worker RIP: 0010:calculate_skb_padding drivers/net/wireguard/send.c:151 [inline] RIP: 0010:encrypt_packet+0xdb/0x920 drivers/net/wireguard/send.c:168 Code: fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 72 05 00 00 41 8b 4f 3c 44 89 f0 31 d2 4c 89 ff f1 8d 42 0f 83 e0 f0 39 c1 0f 47 c8 29 d1 41 8d 04 0e 89 8d 08 RSP: 0018:ffffc90002e07840 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff920005c0f0d RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff888092e71800 RDI: ffff88809fab0a40 RBP: ffffc90002e07c50 R08: 0000000000000006 R09: fffffbfff14b758a R10: fffffbfff14b7589 R11: ffffffff8a5bac4f R12: ffffc90002e07c28 R13: ffff888092e71800 R14: 0000000000000000 R15: ffff88809fab0a40 FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000076c000 CR3: 00000000a9068000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: wg_packet_encrypt_worker+0x2a0/0xed0 drivers/net/wireguard/send.c:291 process_one_work+0x856/0x1630 kernel/workqueue.c:2264 worker_thread+0x85/0xb60 kernel/workqueue.c:2410 kthread+0x331/0x3f0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Modules linked in: ---[ end trace 3c9d704e018b510e ]--- RIP: 0010:calculate_skb_padding drivers/net/wireguard/send.c:151 [inline] RIP: 0010:encrypt_packet+0xdb/0x920 drivers/net/wireguard/send.c:168 Code: fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 72 05 00 00 41 8b 4f 3c 44 89 f0 31 d2 4c 89 ff f1 8d 42 0f 83 e0 f0 39 c1 0f 47 c8 29 d1 41 8d 04 0e 89 8d 08 RSP: 0018:ffffc90002e07840 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff920005c0f0d RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff888092e71800 RDI: ffff88809fab0a40 RBP: ffffc90002e07c50 R08: 0000000000000006 R09: fffffbfff14b758a R10: fffffbfff14b7589 R11: ffffffff8a5bac4f R12: ffffc90002e07c28 R13: ffff888092e71800 R14: 0000000000000000 R15: ffff88809fab0a40 FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000076c000 CR3: 00000000a9068000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400