syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in atomic.AddInt64

Status: fixed on 2019/06/29 06:34
Reported-by: syzbot+7dcd2ad4194106b96351@syzkaller.appspotmail.com
Fix commit: 8ab0848c70fc gvisor/fs: don't update file.offset for sockets, pipes, etc
First crash: 2001d, last: 2001d

Sample crash report:
WARNING: DATA RACE
DIAGNOSIS:
I0605 02:47:42.827848   11833 x:0] ***************************
I0605 02:47:42.828583   11833 x:0] Args: [/syzkaller/managers/ptrace-proxy-sandbox-race/current/image -root /syzkaller/managers/ptrace-proxy-sandbox-race/workdir/gvisor_root -watchdog-action=panic -network=none -debug -platform=ptrace -file-access=shared -network=sandbox debug -stacks ci-gvisor-ptrace-proxy-sandbox-race-1]
I0605 02:47:42.828689   11833 x:0] Version release-20190529.1-55-g6f92038ce0d2
I0605 02:47:42.846455   11833 x:0] PID: 11833
I0605 02:47:42.846538   11833 x:0] UID: 0, GID: 0
I0605 02:47:42.846572   11833 x:0] Configuration:
I0605 02:47:42.846591   11833 x:0] 		RootDir: /syzkaller/managers/ptrace-proxy-sandbox-race/workdir/gvisor_root
I0605 02:47:42.846635   11833 x:0] 		Platform: ptrace
I0605 02:47:42.846691   11833 x:0] 		FileAccess: shared, overlay: false
I0605 02:47:42.846786   11833 x:0] 		Network: sandbox, logging: false
I0605 02:47:42.846821   11833 x:0] 		Strace: false, max size: 1024, syscalls: []
I0605 02:47:42.846851   11833 x:0] ***************************
D0605 02:47:42.862922   11833 x:0] Load container "/syzkaller/managers/ptrace-proxy-sandbox-race/workdir/gvisor_root" "ci-gvisor-ptrace-proxy-sandbox-race-1"
D0605 02:47:42.870105   11833 x:0] Signal container "ci-gvisor-ptrace-proxy-sandbox-race-1": signal 0
D0605 02:47:42.870190   11833 x:0] Signal sandbox "ci-gvisor-ptrace-proxy-sandbox-race-1"
D0605 02:47:42.870235   11833 x:0] Connecting to sandbox "ci-gvisor-ptrace-proxy-sandbox-race-1"
D0605 02:47:42.876070   11833 x:0] urpc: successfully marshalled 117 bytes.
D0605 02:47:42.876233   11833 x:0] urpc: unmarshal success.
I0605 02:47:42.876301   11833 x:0] Found sandbox "ci-gvisor-ptrace-proxy-sandbox-race-1", PID: 23895
I0605 02:47:42.876331   11833 x:0] Retrieving sandbox stacks
D0605 02:47:42.876348   11833 x:0] Stacks sandbox "ci-gvisor-ptrace-proxy-sandbox-race-1"
D0605 02:47:42.876370   11833 x:0] Connecting to sandbox "ci-gvisor-ptrace-proxy-sandbox-race-1"
D0605 02:47:42.876983   11833 x:0] urpc: successfully marshalled 36 bytes.
D0605 02:47:43.613269   11833 x:0] urpc: unmarshal success.
I0605 02:47:43.618047   11833 x:0]      *** Stack dump ***
goroutine 733770 [running]:
gvisor.googlesource.com/gvisor/pkg/log.Stacks(0x45e501, 0xc0002b7320, 0xc0024399b0, 0xc001214a80)
	pkg/log/log.go:259 +0xb6
gvisor.googlesource.com/gvisor/runsc/boot.(*debug).Stacks(0x2482f28, 0x2482f28, 0xc0005de780, 0x0, 0x0)
	runsc/boot/debug.go:26 +0x38
reflect.Value.call(0xc0002b7320, 0xc0002b4208, 0x13, 0x118bcf1, 0x4, 0xc00248deb8, 0x3, 0x3, 0x4aa41e, 0x1035220, ...)
	GOROOT/src/reflect/value.go:447 +0x649
reflect.Value.Call(0xc0002b7320, 0xc0002b4208, 0x13, 0xc00248deb8, 0x3, 0x3, 0x0, 0x2482f28, 0x16)
	GOROOT/src/reflect/value.go:308 +0xc1
gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).handleOne(0xc0002ba8d0, 0xc001837860, 0x0, 0x0)
	pkg/urpc/urpc.go:325 +0x63f
gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).handleRegistered(0xc0002ba8d0, 0xc001837860, 0xc0002ba8d0, 0xc001837860)
	pkg/urpc/urpc.go:420 +0x43
gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).StartHandling.func1(0xc0002ba8d0, 0xc001837860)
	pkg/urpc/urpc.go:440 +0x77
created by gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).StartHandling
	pkg/urpc/urpc.go:438 +0x6f

goroutine 1 [semacquire, 11 minutes]:
sync.runtime_Semacquire(0xc0002b8214)
	GOROOT/src/runtime/sema.go:56 +0x39
sync.(*WaitGroup).Wait(0xc0002b8214)
	GOROOT/src/sync/waitgroup.go:130 +0xb2
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Kernel).WaitExited(...)
	pkg/sentry/kernel/kernel.go:897
gvisor.googlesource.com/gvisor/runsc/boot.(*Loader).WaitExit(0xc0002b0140, 0x0, 0x0)
	runsc/boot/loader.go:783 +0x74
gvisor.googlesource.com/gvisor/runsc/cmd.(*Boot).Execute(0xc0002281b0, 0x1328e60, 0xc0000ce008, 0xc000234480, 0xc0001fa7a0, 0x2, 0x2, 0x0)
	runsc/cmd/boot.go:252 +0x131f
github.com/google/subcommands.(*Commander).Execute(0xc000124000, 0x1328e60, 0xc0000ce008, 0xc0001fa7a0, 0x2, 0x2, 0xc0001028c0)
	external/com_github_google_subcommands/subcommands.go:141 +0x522
github.com/google/subcommands.Execute(...)
	external/com_github_google_subcommands/subcommands.go:371
main.main()
	runsc/main.go:245 +0x2547

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/06/05 02:48 https://gvisor.googlesource.com/gvisor master 6f92038ce0d2 bfb4a51e .config console log report ci-gvisor-ptrace-proxy-sandbox-race
* Struck through repros no longer work on HEAD.