syzbot

 sign-in | mailing list | source | docs
🐞 Open [9]
🐞 Fixed [560]
🐞 Invalid [417]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in unix.(*streamQueueReceiver).RecvQueuedSize

Status: fixed on 2018/06/27 08:03
Fix commit: 5f7f78c1d7ee Fix data races in Unix sockets
First crash: 2759d, last: 2758d

Sample crash report:
WARNING: DATA RACE
Read at 0x00c420402160 by goroutine 126:
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/unix.(*streamQueueReceiver).RecvQueuedSize()
      pkg/tcpip/transport/queue/queue.go:160 +0x71
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/unix.(*baseEndpoint).GetSockOpt()
      pkg/tcpip/transport/unix/unix.go:808 +0x6b6
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/unix.(*connectionedEndpoint).GetSockOpt()
      <autogenerated>:1 +0x57
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/epsocket.Ioctl()
      pkg/sentry/socket/epsocket/epsocket.go:1100 +0x3e1
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/unix.(*SocketOperations).Ioctl()
      pkg/sentry/socket/unix/unix.go:136 +0xea
  gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.Ioctl()
      pkg/sentry/syscalls/linux/sys_file.go:560 +0x1e4
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:162 +0x14e
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:278 +0x7d
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:241 +0xc3
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:216 +0x19c
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:217 +0x157c
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:95 +0x264

Previous write at 0x00c420402160 by goroutine 124:
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/queue.(*Queue).Enqueue()
      pkg/tcpip/transport/queue/queue.go:103 +0x164
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/unix.(*connectedEndpoint).Send()
      pkg/tcpip/transport/unix/unix.go:611 +0x402
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/unix.(*baseEndpoint).SendMsg()
      pkg/tcpip/transport/unix/unix.go:761 +0x183
  gvisor.googlesource.com/gvisor/pkg/tcpip/transport/unix.(*connectionedEndpoint).SendMsg()
      pkg/tcpip/transport/unix/connectioned.go:405 +0xe6
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/unix.(*EndpointWriter).WriteFromBlocks.func1()
      pkg/sentry/socket/unix/io.go:41 +0xfe
  gvisor.googlesource.com/gvisor/pkg/sentry/safemem.FromVecWriterFunc.WriteFromBlocks()
      pkg/sentry/safemem/io.go:334 +0x3b5
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/unix.(*EndpointWriter).WriteFromBlocks()
      pkg/sentry/socket/unix/io.go:46 +0xcb
  gvisor.googlesource.com/gvisor/pkg/sentry/safemem.(Writer).WriteFromBlocks-fm()
      pkg/sentry/mm/io.go:309 +0x75
  gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).withInternalMappings()
      pkg/sentry/mm/io.go:464 +0x88e
  gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).withVecInternalMappings()
      pkg/sentry/mm/io.go:533 +0x973
  gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).CopyInTo()
      pkg/sentry/mm/io.go:309 +0x210
  gvisor.googlesource.com/gvisor/pkg/sentry/usermem.IOSequence.CopyInTo()
      pkg/sentry/usermem/usermem.go:528 +0xce
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/unix.(*SocketOperations).Write()
      pkg/sentry/socket/unix/unix.go:353 +0x29a
  gvisor.googlesource.com/gvisor/pkg/sentry/fs.(*File).Writev()
      pkg/sentry/fs/file.go:271 +0x1ba
  gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.writev()
      pkg/sentry/syscalls/linux/sys_write.go:191 +0xa1
  gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.Writev()
      pkg/sentry/syscalls/linux/sys_write.go:144 +0x28c
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:162 +0x14e
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:278 +0x7d
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:241 +0xc3
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:216 +0x19c
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:217 +0x157c
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:95 +0x264

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/06/24 20:45 https://github.com/dvyukov/gvisor.git race 60dbbdc2d54b 2064fc5c .config console log report syz C ci-gvisor-ptrace-proxy-sandbox-race
2018/06/26 01:27 https://github.com/dvyukov/gvisor.git race 60dbbdc2d54b 2064fc5c .config console log report ci-gvisor-ptrace-proxy-sandbox-race
2018/06/24 20:38 https://github.com/dvyukov/gvisor.git race 60dbbdc2d54b 2064fc5c .config console log report ci-gvisor-ptrace-proxy-sandbox-race
* Struck through repros no longer work on HEAD.