syzbot

 sign-in | mailing list | source | docs
🐞 Open [9]
🐞 Fixed [560]
🐞 Invalid [418]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in pipefs.(*inode).UID

Status: fixed on 2023/07/14 12:07
Fix commit: 02ed5839a762 Add a lock to pipefs's inode to protect a inode's attributes.
First crash: 922d, last: 922d

Sample crash report:
WARNING: DATA RACE
Read at 0x00c0017f4310 by goroutine 11071:
  gvisor.dev/gvisor/pkg/sentry/fsimpl/pipefs.(*inode).UID()
      pkg/sentry/fsimpl/pipefs/pipefs.go:133 +0x6c
  gvisor.dev/gvisor/pkg/sentry/fsimpl/pipefs.(*inode).SetStat()
      pkg/sentry/fsimpl/pipefs/pipefs.go:167 +0xa2
  gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs.(*Filesystem).SetStatAt()
      pkg/sentry/fsimpl/kernfs/filesystem.go:876 +0x219
  gvisor.dev/gvisor/pkg/sentry/fsimpl/pipefs.(*filesystem).SetStatAt()
      <autogenerated>:1 +0xb7
  gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).SetStat()
      pkg/sentry/vfs/file_description.go:555 +0x46c
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Fchown()
      pkg/sentry/syscalls/linux/sys_file.go:1326 +0x272
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:142 +0x9c1
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:322 +0x7c
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:282 +0x8e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:257 +0x4c4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:269 +0x1d4a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:98 +0x41a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
      pkg/sentry/kernel/task_start.go:383 +0x47

Previous write at 0x00c0017f4310 by goroutine 11053:
  gvisor.dev/gvisor/pkg/sentry/fsimpl/pipefs.(*inode).SetStat()
      pkg/sentry/fsimpl/pipefs/pipefs.go:171 +0xfc
  gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs.(*Filesystem).SetStatAt()
      pkg/sentry/fsimpl/kernfs/filesystem.go:876 +0x219
  gvisor.dev/gvisor/pkg/sentry/fsimpl/pipefs.(*filesystem).SetStatAt()
      <autogenerated>:1 +0xb7
  gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).SetStat()
      pkg/sentry/vfs/file_description.go:555 +0x46c
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Fchown()
      pkg/sentry/syscalls/linux/sys_file.go:1326 +0x272
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:142 +0x9c1
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:322 +0x7c
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:282 +0x8e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:257 +0x4c4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:269 +0x1d4a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:98 +0x41a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
      pkg/sentry/kernel/task_start.go:383 +0x47

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/07/13 17:10 gvisor dd3a7a1fb966 bfb20202 .config console log report syz ci-gvisor-ptrace-1-race DATA RACE in pipefs.(*inode).UID
2023/07/13 16:33 gvisor dd3a7a1fb966 bfb20202 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in pipefs.(*inode).UID
* Struck through repros no longer work on HEAD.