syzbot

 sign-in | mailing list | source | docs
🐞 Open [9]
🐞 Fixed [560]
🐞 Invalid [416]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in refs.(*AtomicRefCount).DecRefWithDestructor

Status: fixed on 2020/02/07 00:17
Reported-by: syzbot+a951d242644d78973a87@syzkaller.appspotmail.com
Fix commit: 3db317390b5c Remove epoll entry from map when dropping it.
First crash: 2185d, last: 2185d

Sample crash report:
WARNING: DATA RACE
Read at 0x00c002513650 by goroutine 401:
  gvisor.dev/gvisor/pkg/refs.(*AtomicRefCount).DecRefWithDestructor()
      bazel-out/k8-fastbuild/bin/pkg/refs/weak_ref_list.go:157 +0xf1
  gvisor.dev/gvisor/pkg/sentry/fs.(*File).DecRef()
      pkg/sentry/fs/file.go:146 +0x5d
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Readv()
      pkg/sentry/syscalls/linux/sys_read.go:182 +0x3a0
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:170 +0x455
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:291 +0xb4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:252 +0x109
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:227 +0x1b3
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:232 +0x1aaf
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:92 +0x308

Previous write at 0x00c002513650 by goroutine 389:
  gvisor.dev/gvisor/pkg/refs.(*AtomicRefCount).DecRefWithDestructor()
      bazel-out/k8-fastbuild/bin/pkg/refs/weak_ref_list.go:167 +0x116
  gvisor.dev/gvisor/pkg/sentry/fs.(*File).DecRef()
      pkg/sentry/fs/file.go:146 +0x5d
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Close()
      pkg/sentry/syscalls/linux/sys_file.go:777 +0x1e0
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:170 +0x455
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:291 +0xb4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:252 +0x109
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:227 +0x1b3
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:232 +0x1aaf
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:92 +0x308

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/01/18 10:52 https://gvisor.googlesource.com/gvisor master 47d85257d3d0 3de7aabb .config console log report ci-gvisor-ptrace-direct-overlay-host-race
* Struck through repros no longer work on HEAD.