syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in transport.(*connectionedEndpoint).Connect.func1 (2)

Status: fixed on 2022/03/05 04:04
Reported-by: syzbot+3ee57917033a3a23c8e0@syzkaller.appspotmail.com
Fix commit: b1ceabc884c0 Hold baseEndpoint.mu when calling baseEndpoint.Connected()
First crash: 1008d, last: 1008d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor DATA RACE in transport.(*connectionedEndpoint).Connect.func1 syz 21 1622d 1628d 0/26 fixed on 2020/06/19 10:30

Sample crash report:
WARNING: DATA RACE
Write at 0x00c00246b7d0 by goroutine 224:
  gvisor.dev/gvisor/pkg/sentry/socket/unix/transport.(*connectionedEndpoint).Connect.func1()
      pkg/sentry/socket/unix/transport/connectioned.go:371 +0x5b
  gvisor.dev/gvisor/pkg/sentry/socket/unix/transport.(*connectionedEndpoint).BidirectionalConnect()
      pkg/sentry/socket/unix/transport/connectioned.go:339 +0xcf9
  gvisor.dev/gvisor/pkg/sentry/socket/unix/transport.(*connectionedEndpoint).Connect()
      pkg/sentry/socket/unix/transport/connectioned.go:381 +0xbb
  gvisor.dev/gvisor/pkg/sentry/socket/unix.(*socketOpsCommon).Connect()
      pkg/sentry/socket/unix/unix.go:431 +0x17c
  gvisor.dev/gvisor/pkg/sentry/socket/unix.(*SocketVFS2).Connect()
      <autogenerated>:1 +0x7a
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.Connect()
      pkg/sentry/syscalls/linux/vfs2/socket.go:280 +0x210
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:103 +0x4db
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:238 +0x69
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:198 +0x8e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:173 +0x3c4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:254 +0x1697
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:95 +0x35a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start·dwrap·230()
      pkg/sentry/kernel/task_start.go:339 +0x47

Previous read at 0x00c00246b7d0 by goroutine 187:
  gvisor.dev/gvisor/pkg/sentry/socket/unix/transport.(*baseEndpoint).Connected()
      pkg/sentry/socket/unix/transport/unix.go:817 +0x3b
  gvisor.dev/gvisor/pkg/sentry/socket/unix/transport.(*connectionedEndpoint).OnSetSendBufferSize()
      pkg/sentry/socket/unix/transport/connectioned.go:522 +0x2c
  gvisor.dev/gvisor/pkg/tcpip.(*SocketOptions).SetSendBufferSize()
      pkg/tcpip/socketops.go:676 +0x64
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.setSockOptSocket()
      pkg/sentry/socket/netstack/netstack.go:1844 +0x484
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.SetSockOpt()
      pkg/sentry/socket/netstack/netstack.go:1783 +0xca
  gvisor.dev/gvisor/pkg/sentry/socket/unix.(*SocketVFS2).SetSockOpt()
      pkg/sentry/socket/unix/unix_vfs2.go:335 +0xda
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.SetSockOpt()
      pkg/sentry/syscalls/linux/vfs2/socket.go:552 +0x272
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:103 +0x4db
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:238 +0x69
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:198 +0x8e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:173 +0x3c4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:254 +0x1697
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:95 +0x35a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start·dwrap·230()
      pkg/sentry/kernel/task_start.go:339 +0x47

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/02/21 17:31 gvisor 6e5b602ee1a1 3cd800e4 .config console log report syz C ci-gvisor-ptrace-3-race DATA RACE in transport.(*connectionedEndpoint).Connect.func1
2022/02/21 17:21 gvisor 6e5b602ee1a1 3cd800e4 .config console log report syz C ci-gvisor-ptrace-1-race DATA RACE in transport.(*connectionedEndpoint).Connect.func1
2022/02/21 17:06 gvisor 6e5b602ee1a1 3cd800e4 .config console log report syz C ci-gvisor-ptrace-2-race DATA RACE in transport.(*connectionedEndpoint).Connect.func1
2022/02/21 16:53 gvisor 6e5b602ee1a1 3cd800e4 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in transport.(*connectionedEndpoint).Connect.func1
* Struck through repros no longer work on HEAD.