syzbot

 sign-in | mailing list | source | docs
🐞 Open [7]
🐞 Fixed [500]
🐞 Invalid [396]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in packet.(*endpoint).GetPacketMMapOpts

Status: fixed on 2025/02/08 00:18
Fix commit: da7cd03064d7 Lock around packet mmap fields.
First crash: 14d, last: 14d

Sample crash report:
WARNING: DATA RACE
Read at 0x00c000e3e1d0 by goroutine 274:
  gvisor.dev/gvisor/pkg/tcpip/transport/packet.(*endpoint).GetPacketMMapOpts()
      pkg/tcpip/transport/packet/endpoint.go:571 +0x230
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.setSockOptPacket()
      pkg/sentry/socket/netstack/netstack.go:2747 +0x5ce
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.SetSockOpt()
      pkg/sentry/socket/netstack/netstack.go:1873 +0x365
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*sock).SetSockOpt()
      pkg/sentry/socket/netstack/netstack.go:634 +0x6a9
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.SetSockOpt()
      pkg/sentry/syscalls/linux/sys_socket.go:551 +0x46b
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:143 +0xb9e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:323 +0x84
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:283 +0xc6
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:258 +0x549
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:269 +0x2294
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:97 +0x41a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.gowrap1()
      pkg/sentry/kernel/task_start.go:412 +0x44

Previous write at 0x00c000e3e1d0 by goroutine 272:
  gvisor.dev/gvisor/pkg/tcpip/transport/packet.(*endpoint).SetSockOptInt()
      pkg/tcpip/transport/packet/endpoint.go:412 +0xf0
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.setSockOptPacket()
      pkg/sentry/socket/netstack/netstack.go:2763 +0x1f0
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.SetSockOpt()
      pkg/sentry/socket/netstack/netstack.go:1873 +0x365
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*sock).SetSockOpt()
      pkg/sentry/socket/netstack/netstack.go:634 +0x6a9
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.SetSockOpt()
      pkg/sentry/syscalls/linux/sys_socket.go:551 +0x46b
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:143 +0xb9e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:323 +0x84
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:283 +0xc6
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:258 +0x549
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:269 +0x2294
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:97 +0x41a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.gowrap1()
      pkg/sentry/kernel/task_start.go:412 +0x44

Crashes (10):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/06 23:30 gvisor a4a0e84b5cd5 53657d1b .config console log report syz / log C ci-gvisor-ptrace-2-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/06 23:26 gvisor a4a0e84b5cd5 53657d1b .config console log report syz / log C ci-gvisor-ptrace-1-race DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/06 23:26 gvisor a4a0e84b5cd5 53657d1b .config console log report syz / log C ci-gvisor-ptrace-1-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/06 23:02 gvisor a4a0e84b5cd5 53657d1b .config console log report syz / log C ci-gvisor-systrap-1-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/06 23:18 gvisor a4a0e84b5cd5 53657d1b .config console log report syz / log ci-gvisor-systrap-1-race DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/07 07:24 gvisor a4a0e84b5cd5 53657d1b .config console log report info ci-gvisor-systrap-1-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/07 06:24 gvisor a4a0e84b5cd5 53657d1b .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/07 05:28 gvisor a4a0e84b5cd5 53657d1b .config console log report info ci-gvisor-systrap-1-race DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/07 00:21 gvisor a4a0e84b5cd5 53657d1b .config console log report info ci-gvisor-systrap-1-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
2025/02/06 22:30 gvisor a4a0e84b5cd5 53657d1b .config console log report info ci-gvisor-systrap-1-race-cover DATA RACE in packet.(*endpoint).GetPacketMMapOpts
* Struck through repros no longer work on HEAD.