syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in safemem.Copy (6)

Status: fixed on 2023/10/05 23:05
Fix commit: b66713079526 Clean up and re-enable process_vm_readv/writev
First crash: 728d, last: 727d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor DATA RACE in safemem.Copy (3) C 3 1160d 1160d 14/26 fixed on 2021/09/28 10:18
gvisor DATA RACE in safemem.Copy C 4 1403d 1403d 14/26 fixed on 2021/01/26 10:37
gvisor DATA RACE in safemem.Copy (7) C 4 336d 336d 26/26 fixed on 2023/12/29 10:22
gvisor DATA RACE in safemem.Copy (2) C 9 1208d 1208d 14/26 fixed on 2021/08/16 21:45
gvisor DATA RACE in safemem.Copy (4) C 1019 837d 840d 14/26 fixed on 2022/11/18 03:22
gvisor DATA RACE in safemem.Copy (5) C 3153 728d 738d 14/26 fixed on 2022/11/29 11:04

Sample crash report:
WARNING: DATA RACE
Write at 0x00c00092f3c4 by goroutine 327:
  runtime.slicecopy()
      GOROOT/src/runtime/slice.go:295 +0x0
  gvisor.dev/gvisor/pkg/safemem.Copy()
      pkg/safemem/block_unsafe.go:199 +0x39e
  gvisor.dev/gvisor/pkg/safemem.CopySeq()
      pkg/safemem/seq_unsafe.go:282 +0x22a
  gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).CopyIn.func1()
      pkg/sentry/mm/io.go:164 +0xb7
  gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).withInternalMappings()
      pkg/sentry/mm/io.go:522 +0x187
  gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).CopyIn()
      pkg/sentry/mm/io.go:163 +0x279
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).CopyInBytes()
      pkg/sentry/kernel/task_usermem.go:57 +0x95
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.copyTimespecIn()
      pkg/sentry/syscalls/linux/timespec.go:32 +0x8a
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Futex()
      pkg/sentry/syscalls/linux/sys_futex.go:192 +0x53a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:142 +0x9b7
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:322 +0x7c
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:282 +0x8e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:257 +0x495
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:253 +0x18f8
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:94 +0x353
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
      pkg/sentry/kernel/task_start.go:378 +0x47

Previous read at 0x00c00092f3c4 by goroutine 210:
  encoding/binary.littleEndian.Uint64()
      GOROOT/src/encoding/binary/binary.go:78 +0xe4
  gvisor.dev/gvisor/pkg/sentry/kernel.makeIovec()
      pkg/sentry/kernel/task_usermem.go:265 +0xad
  gvisor.dev/gvisor/pkg/sentry/kernel.copyInIovecs()
      pkg/sentry/kernel/task_usermem.go:231 +0x27e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*taskCopyContext).CopyInIovecs()
      pkg/sentry/kernel/task_usermem.go:411 +0x115
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.doProcessVMReadWrite.func1()
      pkg/sentry/syscalls/linux/sys_process_vm.go:102 +0xea
  gvisor.dev/gvisor/pkg/sentry/kernel.(*taskCopyContext).WithTaskMutexLocked()
      pkg/sentry/kernel/task_usermem.go:364 +0xc7
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.doProcessVMReadWrite()
      pkg/sentry/syscalls/linux/sys_process_vm.go:176 +0x31c
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.processVMRW()
      pkg/sentry/syscalls/linux/sys_process_vm.go:89 +0x286
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.ProcessVMReadv()
      pkg/sentry/syscalls/linux/sys_process_vm.go:36 +0x55
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:142 +0x9b7
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:322 +0x7c
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:282 +0x8e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:257 +0x495
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:253 +0x18f8
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:94 +0x353
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
      pkg/sentry/kernel/task_start.go:378 +0x47

Crashes (121):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/11/29 17:52 gvisor 445fa6f40c89 05dc7993 .config console log report syz C ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 17:09 gvisor 445fa6f40c89 05dc7993 .config console log report syz C ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 15:47 gvisor 445fa6f40c89 05dc7993 .config console log report syz C ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 15:24 gvisor 445fa6f40c89 05dc7993 .config console log report syz C ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 12:20 gvisor 445fa6f40c89 05dc7993 .config console log report syz C ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 17:01 gvisor 445fa6f40c89 05dc7993 .config console log report syz ci-gvisor-ptrace-3-race-cover DATA RACE in safemem.Copy
2022/11/29 22:18 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 22:16 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 21:10 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 20:10 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 19:36 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 18:36 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 16:09 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 15:49 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in safemem.Copy
2022/11/29 15:48 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 15:48 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 15:27 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 15:18 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 15:05 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:59 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:59 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:58 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:58 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:57 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:57 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 14:56 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 14:46 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:35 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:35 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:34 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:34 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:33 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:33 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:33 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:30 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:24 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 14:22 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in safemem.Copy
2022/11/29 13:49 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 13:45 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 13:35 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 13:09 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in safemem.Copy
2022/11/29 12:59 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 12:34 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race-cover DATA RACE in safemem.Copy
2022/11/29 12:11 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 12:09 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 12:09 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 11:39 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 11:36 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 11:36 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race-cover DATA RACE in safemem.Copy
2022/11/29 11:19 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
2022/11/29 11:14 gvisor 445fa6f40c89 05dc7993 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in safemem.Copy
* Struck through repros no longer work on HEAD.