syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in tty.(*queue).readableSize

Status: fixed on 2020/01/18 20:38
Fix commit: 80d0f9304484 Fix data race in tty.queue.readableSize.
First crash: 1776d, last: 1775d

Sample crash report:
WARNING: DATA RACE
Read at 0x00c00053ab50 by goroutine 241:
  gvisor.dev/gvisor/pkg/sentry/fs/tty.(*queue).readableSize()
      pkg/sentry/fs/tty/queue.go:90 +0xac
  gvisor.dev/gvisor/pkg/sentry/fs/tty.(*slaveFileOperations).Ioctl()
      pkg/sentry/fs/tty/line_discipline.go:182 +0xf73
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Ioctl()
      pkg/sentry/syscalls/linux/sys_file.go:644 +0x24a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:170 +0x455
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:291 +0xb4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:252 +0x109
DIAGNOSIS:
I0116 15:26:47.958143   13547 x:0] ***************************
I0116 15:26:47.958247   13547 x:0] Args: [/syzkaller/managers/ptrace-direct-overlay-host-race/current/image -root /syzkaller/managers/ptrace-direct-overlay-host-race/workdir/gvisor_root -watchdog-action=panic -network=none -debug -alsologtostderr -platform=ptrace -file-access=exclusive -overlay -network=host -TESTONLY-unsafe-nonroot debug -stacks --ps ci-gvisor-ptrace-direct-overlay-host-race-1]
I0116 15:26:47.958376   13547 x:0] Version release-20200115.0-4-ga7a1f00425c6
I0116 15:26:47.958423   13547 x:0] PID: 13547
I0116 15:26:47.958484   13547 x:0] UID: 0, GID: 0
I0116 15:26:47.958722   13547 x:0] Configuration:
I0116 15:26:47.958804   13547 x:0] 		RootDir: /syzkaller/managers/ptrace-direct-overlay-host-race/workdir/gvisor_root
I0116 15:26:47.958850   13547 x:0] 		Platform: ptrace
I0116 15:26:47.958912   13547 x:0] 		FileAccess: exclusive, overlay: true
I0116 15:26:47.958991   13547 x:0] 		Network: host, logging: false
I0116 15:26:47.959042   13547 x:0] 		Strace: false, max size: 1024, syscalls: []
I0116 15:26:47.959091   13547 x:0] ***************************
W0116 15:26:47.959134   13547 x:0] Block the TERM signal. This is only safe in tests!
D0116 15:26:47.959293   13547 x:0] Load container "/syzkaller/managers/ptrace-direct-overlay-host-race/workdir/gvisor_root" "ci-gvisor-ptrace-direct-overlay-host-race-1"
D0116 15:26:47.966537   13547 x:0] Signal container "ci-gvisor-ptrace-direct-overlay-host-race-1": signal 0
D0116 15:26:47.966673   13547 x:0] Signal sandbox "ci-gvisor-ptrace-direct-overlay-host-race-1"
D0116 15:26:47.966750   13547 x:0] Connecting to sandbox "ci-gvisor-ptrace-direct-overlay-host-race-1"
D0116 15:26:47.967494   13547 x:0] urpc: successfully marshalled 123 bytes.
D0116 15:26:47.968439   13547 x:0] urpc: unmarshal success.
I0116 15:26:47.968552   13547 x:0] Found sandbox "ci-gvisor-ptrace-direct-overlay-host-race-1", PID: 7761
I0116 15:26:47.968658   13547 x:0] Retrieving sandbox stacks
D0116 15:26:47.968693   13547 x:0] Stacks sandbox "ci-gvisor-ptrace-direct-overlay-host-race-1"
D0116 15:26:47.968766   13547 x:0] Connecting to sandbox "ci-gvisor-ptrace-direct-overlay-host-race-1"
D0116 15:26:47.968953   13547 x:0] urpc: successfully marshalled 36 bytes.
D0116 15:26:48.026537   13547 x:0] urpc: unmarshal success.
I0116 15:26:48.026646   13547 x:0]      *** Stack dump ***
goroutine 1096 [running]:
gvisor.dev/gvisor/pkg/log.Stacks(0x461301, 0xc0002bd8c0, 0xc000189a70, 0xc000475880)
	pkg/log/log.go:272 +0xb6
gvisor.dev/gvisor/runsc/boot.(*debug).Stacks(0x248f7a8, 0x248f7a8, 0xc000544410, 0x0, 0x0)
	runsc/boot/debug.go:26 +0x38
reflect.Value.call(0xc0002bd8c0, 0xc0002d8a48, 0x13, 0x127f4ea, 0x4, 0xc0007c5e78, 0x3, 0x3, 0x10e2101, 0xc000544410, ...)
	GOROOT/src/reflect/value.go:460 +0x62b
reflect.Value.Call(0xc0002bd8c0, 0xc0002d8a48, 0x13, 0xc0007c5e78, 0x3, 0x3, 0x0, 0x248f7a8, 0x16)
	GOROOT/src/reflect/value.go:321 +0xd4
gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne(0xc000333260, 0xc000519620, 0x0, 0x0)
	pkg/urpc/urpc.go:325 +0x688
gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered(0xc000333260, 0xc000519620, 0xc0005627d0, 0xc00028fce0)
	pkg/urpc/urpc.go:420 +0x43
gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1(0xc000333260, 0xc000519620)
	pkg/urpc/urpc.go:440 +0x81
created by gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling
	pkg/urpc/urpc.go:438 +0x6f

goroutine 1 [semacquire, 1 minutes]:
sync.runtime_Semacquire(0xc0002c0124)
	GOROOT/src/runtime/sema.go:56 +0x42
sync.(*WaitGroup).Wait(0xc0002c0124)
	GOROOT/src/sync/waitgroup.go:130 +0xb1
gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).WaitExited(...)
	pkg/sentry/kernel/kernel.go:1061
gvisor.dev/gvisor/runsc/boot.(*Loader).WaitExit(0xc0003b0000, 0x0, 0x0)
	runsc/boot/loader.go:894 +0x73
gvisor.dev/gvisor/runsc/cmd.(*Boot).Execute(0xc0002ce090, 0x13f9f60, 0xc0000d0008, 0xc0002bc420, 0xc0002b6260, 0x2, 0x2, 0x0)
	runsc/cmd/boot.go:254 +0x149e
github.com/google/subcommands.(*Commander).Execute(0xc00012e000, 0x13f9f60, 0xc0000d0008, 0xc0002b6260, 0x2, 0x2, 0x0)
	external/com_github_google_subcommands/subcommands.go:200 +0x51d
github.com/google/subcommands.Execute(...)
	external/com_github_google_subcommands/subcommands.go:481
main.main()
	runsc/main.go:318 +0x2ce3

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/01/16 15:28 https://gvisor.googlesource.com/gvisor master a7a1f00425c6 3de7aabb .config console log report syz ci-gvisor-ptrace-direct-overlay-host-race
2020/01/16 15:12 https://gvisor.googlesource.com/gvisor master a7a1f00425c6 3de7aabb .config console log report ci-gvisor-ptrace-direct-overlay-host-race
* Struck through repros no longer work on HEAD.