syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: Child "" for parent Dentry &{vfsd:{mu:{Mutex:{state:LINE sema:LINE}} dead:false mounts:LINE impl:ADDR} DentryRefs

Status: fixed on 2020/11/13 09:22
Reported-by: syzbot+e9f117d000301e42361f@syzkaller.appspotmail.com
Fix commit: 1321f837bd9f [vfs2] Refactor kernfs checkCreateLocked.
First crash: 1494d, last: 1479d

Sample crash report:
panic: Child "" for parent Dentry &{vfsd:{mu:{Mutex:{state:0 sema:0}} dead:false mounts:0 impl:0xc000498af0} DentryRefs:{refCount:5} fs:0xc0006ea900 flags:1 parent:<nil> name: dirMu:{Mutex:{state:0 sema:0}} children:map[bus:0xc000498b60] inode:0xc0001d2f00} disappeared inside atomic section?

goroutine 395 [running]:
panic(0x100cc20, 0xc0003babe0)
	GOROOT/src/runtime/panic.go:1064 +0x46d fp=0xc00056f618 sp=0xc00056f560 pc=0x43438d
gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs.(*Filesystem).RenameAt(0xc0006ea900, 0x14045a0, 0xc0004a4000, 0xc000276000, 0xc000536ba0, 0xc000498af0, 0xc00069eb02, 0x3, 0x0, 0x0, ...)
	pkg/sentry/fsimpl/kernfs/filesystem.go:848 +0xf14 fp=0xc00056f928 sp=0xc00056f618 pc=0x808314
gvisor.dev/gvisor/pkg/sentry/vfs.(*VirtualFilesystem).RenameAt(0xc000372188, 0x14045a0, 0xc0004a4000, 0xc0001dd200, 0xc00056fa78, 0xc00056fac8, 0xc00056fa70, 0xc0002c35c0, 0xc0006d8800)
	pkg/sentry/vfs/vfs.go:640 +0x256 fp=0xc00056f9d0 sp=0xc00056f928 pc=0x71bab6
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.renameat(0xc0004a4000, 0xffffff9c, 0x20000000, 0xc0ffffff9c, 0x20000040, 0x0, 0x0, 0x0)
	pkg/sentry/syscalls/linux/vfs2/filesystem.go:297 +0x370 fp=0xc00056fb58 sp=0xc00056f9d0 pc=0xd43110
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.Rename(0xc0004a4000, 0x20000000, 0x20000040, 0x73, 0x0, 0x0, 0x0, 0xc00056fc14, 0xdcf948, 0x65, ...)
	pkg/sentry/syscalls/linux/vfs2/filesystem.go:242 +0x79 fp=0xc00056fba8 sp=0xc00056fb58 pc=0xd42b99
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc0004a4000, 0x52, 0x20000000, 0x20000040, 0x73, 0x0, 0x0, 0x0, 0x0, 0x11f2b20, ...)
	pkg/sentry/kernel/task_syscall.go:117 +0x1b6 fp=0xc00056fc68 sp=0xc00056fba8 pc=0x971a56
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc0004a4000, 0x52, 0x20000000, 0x20000040, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0)
	pkg/sentry/kernel/task_syscall.go:292 +0x70 fp=0xc00056fcf0 sp=0xc00056fc68 pc=0x972d40
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0xc0004a4000, 0x52, 0x20000000, 0x20000040, 0x73, 0x0, 0x0, 0x0, 0x13d2001, 0x100000000000000)
	pkg/sentry/kernel/task_syscall.go:239 +0xb4 fp=0xc00056fd50 sp=0xc00056fcf0 pc=0x9727f4
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc0004a4000, 0x2, 0xc0004a4000)
	pkg/sentry/kernel/task_syscall.go:206 +0x198 fp=0xc00056fe10 sp=0xc00056fd50 pc=0x9720d8
gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute(0x0, 0xc0004a4000, 0x13d2080, 0x0)
	pkg/sentry/kernel/task_run.go:321 +0xd88 fp=0xc00056ff60 sp=0xc00056fe10 pc=0x965068
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc0004a4000, 0xb)
	pkg/sentry/kernel/task_run.go:97 +0x1bd fp=0xc00056ffd0 sp=0xc00056ff60 pc=0x963bad
runtime.goexit()
	src/runtime/asm_amd64.s:1373 +0x1 fp=0xc00056ffd8 sp=0xc00056ffd0 pc=0x467da1
created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start
	pkg/sentry/kernel/task_start.go:371 +0x112

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/10/23 17:37 gvisor c206fcbfc2b9 4e740c00 .config console log report syz C ci-gvisor-main
2020/11/08 01:11 gvisor 78cce3a46b95 64069d48 .config console log report info ci-gvisor-main
2020/10/23 17:27 gvisor c206fcbfc2b9 4e740c00 .config console log report info ci-gvisor-main
* Struck through repros no longer work on HEAD.