[moderation] [wireguard?] BUG: soft lockup in wg_packet_handshake_receive_worker
0 views
Skip to first unread message
syzbot
Jul 2, 2024, 7:13:27 PM (2 days ago) Jul 2
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: b4a3f9b4863a Merge remote-tracking branch 'tglx/devmsi-arm..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12604081980000
kernel config: https://syzkaller.appspot.com/x/.config?x=206f2aa0d7c61e36
dashboard link: https://syzkaller.appspot.com/bug?extid=deb5d09dfa2baf1ff41d
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
CC: [Ja...@zx2c4.com da...@davemloft.net edum...@google.com ku...@kernel.org linux-...@vger.kernel.org net...@vger.kernel.org pab...@redhat.com wire...@lists.zx2c4.com]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/289aa176a47f/disk-b4a3f9b4.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1f5d0655c58c/vmlinux-b4a3f9b4.xz
kernel image: https://storage.googleapis.com/syzbot-assets/46f5aa22d8c8/Image-b4a3f9b4.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+deb5d0...@syzkaller.appspotmail.com
watchdog: BUG: soft lockup - CPU#0 stuck for 27s! [kworker/0:1:9]
Modules linked in:
irq event stamp: 291789
hardirqs last enabled at (291788): [<ffff800080239cc0>] queue_work_on+0x100/0x1a0 kernel/workqueue.c:2414
hardirqs last disabled at (291789): [<ffff80008b068448>] __el1_irq arch/arm64/kernel/entry-common.c:533 [inline]
hardirqs last disabled at (291789): [<ffff80008b068448>] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:551
softirqs last enabled at (291780): [<ffff800085338f5c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (291784): [<ffff800085338ea4>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.10.0-rc5-syzkaller-gb4a3f9b4863a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
Workqueue: wg-kex-wg1 wg_packet_handshake_receive_worker
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : queue_work_on+0x144/0x1a0 kernel/workqueue.c:2415
lr : queue_work_on+0x140/0x1a0 kernel/workqueue.c:2414
sp : ffff800093fe7610
x29: ffff800093fe7610 x28: dfff800000000000 x27: ffff0000c6a11c20
x26: 0000000000800001 x25: 0000000000000000 x24: 0000000000000000
x23: 0000000000000000 x22: 0000000000000000 x21: ffff0000d46f4000
x20: 0000000000000001 x19: 00000000000000c0 x18: ffff800093fe6f60
x17: 0000000000032841 x16: ffff800080338814 x15: 0000000000000001
x14: 1fffe000367accf0 x13: 0000000000000000 x12: 0000000000000003
x11: 0000000000000200 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c19c8000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000008 x3 : 0000000000000000
x2 : 0000000000000002 x1 : 0000000000000080 x0 : 0000000000000000
Call trace:
__daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline]
arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline]
queue_work_on+0x144/0x1a0 kernel/workqueue.c:2414
wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:176 [inline]
wg_packet_create_data drivers/net/wireguard/send.c:320 [inline]
wg_packet_send_staged_packets+0xe38/0x1460 drivers/net/wireguard/send.c:388
wg_packet_send_keepalive+0x140/0x244 drivers/net/wireguard/send.c:239
wg_receive_handshake_packet drivers/net/wireguard/receive.c:186 [inline]
wg_packet_handshake_receive_worker+0x594/0xc60 drivers/net/wireguard/receive.c:213
process_one_work+0x79c/0x15b8 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x938/0xef4 kernel/workqueue.c:3393
kthread+0x288/0x310 kernel/kthread.c:389
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.10.0-rc5-syzkaller-gb4a3f9b4863a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : handle_softirqs+0x1c4/0xbfc kernel/softirq.c:542
lr : handle_softirqs+0x1c0/0xbfc kernel/softirq.c:538
sp : ffff800080017f00
x29: ffff800080017f80 x28: 0000000000000186 x27: 1fffe0001836e001
x26: ffff80008f19d000 x25: ffff0000c1b70010 x24: ffff0000c1b70008
x23: ffff0000c1b7002c x22: dfff800000000000 x21: ffff80008f0e6cfc
x20: 00000000ffffd494 x19: ffff0001b3d89f00 x18: 1fffe000367ae9de
x17: ffff800124c8e000 x16: ffff800080338814 x15: 0000000000000001
x14: ffff80008f1a0558 x13: dfff800000000000 x12: 0000000000000003
x11: 0000000000000101 x10: 0000000000000003 x9 : 0000000000000000
x8 : 00000000000705ea x7 : ffff80008044d544 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000
x2 : ffff0000c1b70000 x1 : ffff80008b1e04a0 x0 : ffff800124c8e000
Call trace:
__daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline]
arch_local_irq_enable arch/arm64/include/asm/irqflags.h:48 [inline]
handle_softirqs+0x1c4/0xbfc kernel/softirq.c:538
__do_softirq+0x14/0x20 kernel/softirq.c:588
____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:889
do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
invoke_softirq kernel/softirq.c:435 [inline]
__irq_exit_rcu+0x1d8/0x434 kernel/softirq.c:637
irq_exit_rcu+0x14/0x84 kernel/softirq.c:649
__el1_irq arch/arm64/kernel/entry-common.c:537 [inline]
el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:551
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:556
el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:594
__daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline]
arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48
cpuidle_idle_call kernel/sched/idle.c:191 [inline]
do_idle+0x1f0/0x4e4 kernel/sched/idle.c:332
cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:430
secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:276
__secondary_switched+0xb8/0xbc arch/arm64/kernel/head.S:417
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: b4a3f9b4863a Merge remote-tracking branch 'tglx/devmsi-arm..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12604081980000
kernel config: https://syzkaller.appspot.com/x/.config?x=206f2aa0d7c61e36
dashboard link: https://syzkaller.appspot.com/bug?extid=deb5d09dfa2baf1ff41d
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
CC: [Ja...@zx2c4.com da...@davemloft.net edum...@google.com ku...@kernel.org linux-...@vger.kernel.org net...@vger.kernel.org pab...@redhat.com wire...@lists.zx2c4.com]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/289aa176a47f/disk-b4a3f9b4.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1f5d0655c58c/vmlinux-b4a3f9b4.xz
kernel image: https://storage.googleapis.com/syzbot-assets/46f5aa22d8c8/Image-b4a3f9b4.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+deb5d0...@syzkaller.appspotmail.com
watchdog: BUG: soft lockup - CPU#0 stuck for 27s! [kworker/0:1:9]
Modules linked in:
irq event stamp: 291789
hardirqs last enabled at (291788): [<ffff800080239cc0>] queue_work_on+0x100/0x1a0 kernel/workqueue.c:2414
hardirqs last disabled at (291789): [<ffff80008b068448>] __el1_irq arch/arm64/kernel/entry-common.c:533 [inline]
hardirqs last disabled at (291789): [<ffff80008b068448>] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:551
softirqs last enabled at (291780): [<ffff800085338f5c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (291784): [<ffff800085338ea4>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.10.0-rc5-syzkaller-gb4a3f9b4863a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
Workqueue: wg-kex-wg1 wg_packet_handshake_receive_worker
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : queue_work_on+0x144/0x1a0 kernel/workqueue.c:2415
lr : queue_work_on+0x140/0x1a0 kernel/workqueue.c:2414
sp : ffff800093fe7610
x29: ffff800093fe7610 x28: dfff800000000000 x27: ffff0000c6a11c20
x26: 0000000000800001 x25: 0000000000000000 x24: 0000000000000000
x23: 0000000000000000 x22: 0000000000000000 x21: ffff0000d46f4000
x20: 0000000000000001 x19: 00000000000000c0 x18: ffff800093fe6f60
x17: 0000000000032841 x16: ffff800080338814 x15: 0000000000000001
x14: 1fffe000367accf0 x13: 0000000000000000 x12: 0000000000000003
x11: 0000000000000200 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c19c8000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000008 x3 : 0000000000000000
x2 : 0000000000000002 x1 : 0000000000000080 x0 : 0000000000000000
Call trace:
__daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline]
arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline]
queue_work_on+0x144/0x1a0 kernel/workqueue.c:2414
wg_queue_enqueue_per_device_and_peer drivers/net/wireguard/queueing.h:176 [inline]
wg_packet_create_data drivers/net/wireguard/send.c:320 [inline]
wg_packet_send_staged_packets+0xe38/0x1460 drivers/net/wireguard/send.c:388
wg_packet_send_keepalive+0x140/0x244 drivers/net/wireguard/send.c:239
wg_receive_handshake_packet drivers/net/wireguard/receive.c:186 [inline]
wg_packet_handshake_receive_worker+0x594/0xc60 drivers/net/wireguard/receive.c:213
process_one_work+0x79c/0x15b8 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x938/0xef4 kernel/workqueue.c:3393
kthread+0x288/0x310 kernel/kthread.c:389
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.10.0-rc5-syzkaller-gb4a3f9b4863a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : handle_softirqs+0x1c4/0xbfc kernel/softirq.c:542
lr : handle_softirqs+0x1c0/0xbfc kernel/softirq.c:538
sp : ffff800080017f00
x29: ffff800080017f80 x28: 0000000000000186 x27: 1fffe0001836e001
x26: ffff80008f19d000 x25: ffff0000c1b70010 x24: ffff0000c1b70008
x23: ffff0000c1b7002c x22: dfff800000000000 x21: ffff80008f0e6cfc
x20: 00000000ffffd494 x19: ffff0001b3d89f00 x18: 1fffe000367ae9de
x17: ffff800124c8e000 x16: ffff800080338814 x15: 0000000000000001
x14: ffff80008f1a0558 x13: dfff800000000000 x12: 0000000000000003
x11: 0000000000000101 x10: 0000000000000003 x9 : 0000000000000000
x8 : 00000000000705ea x7 : ffff80008044d544 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000
x2 : ffff0000c1b70000 x1 : ffff80008b1e04a0 x0 : ffff800124c8e000
Call trace:
__daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline]
arch_local_irq_enable arch/arm64/include/asm/irqflags.h:48 [inline]
handle_softirqs+0x1c4/0xbfc kernel/softirq.c:538
__do_softirq+0x14/0x20 kernel/softirq.c:588
____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:889
do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
invoke_softirq kernel/softirq.c:435 [inline]
__irq_exit_rcu+0x1d8/0x434 kernel/softirq.c:637
irq_exit_rcu+0x14/0x84 kernel/softirq.c:649
__el1_irq arch/arm64/kernel/entry-common.c:537 [inline]
el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:551
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:556
el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:594
__daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline]
arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48
cpuidle_idle_call kernel/sched/idle.c:191 [inline]
do_idle+0x1f0/0x4e4 kernel/sched/idle.c:332
cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:430
secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:276
__secondary_switched+0xb8/0xbc arch/arm64/kernel/head.S:417
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages