syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in netlink.(*Socket).SetSockOpt

Status: fixed on 2019/04/01 09:44
Fix commit: 7b33df68450b Fix data race in netlink send buffer size
First crash: 2082d, last: 2082d

Sample crash report:
WARNING: DATA RACE
Write at 0x00c0005524d8 by goroutine 293:
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/netlink.(*Socket).SetSockOpt()
      pkg/sentry/socket/netlink/socket.go:338 +0x117
  gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.SetSockOpt()
      pkg/sentry/syscalls/linux/sys_socket.go:521 +0x339
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:165 +0x178
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:283 +0xb4
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:244 +0x109
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:219 +0x1b6
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:215 +0x1826
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:91 +0x2e5

Previous read at 0x00c0005524d8 by goroutine 351:
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/netlink.(*Socket).sendMsg()
      pkg/sentry/socket/netlink/socket.go:577 +0x128
  gvisor.googlesource.com/gvisor/pkg/sentry/socket/netlink.(*Socket).Write()
      pkg/sentry/socket/netlink/socket.go:602 +0x155
  gvisor.googlesource.com/gvisor/pkg/sentry/fs.(*File).Writev()
      pkg/sentry/fs/file.go:314 +0x1fc
  gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.writev()
      pkg/sentry/syscalls/linux/sys_write.go:261 +0xe0
  gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.Write()
      pkg/sentry/syscalls/linux/sys_write.go:71 +0x293
  gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:165 +0x178
DIAGNOSIS:
I0316 03:21:39.948145   16913 x:0] ***************************
I0316 03:21:39.948281   16913 x:0] Args: [/syzkaller/managers/kvm-direct-overlay-host-race/current/image -root /syzkaller/managers/kvm-direct-overlay-host-race/workdir/gvisor_root -watchdog-action=panic -network=none -debug -platform=ptrace -file-access=exclusive -overlay -network=host debug -stacks ci-gvisor-kvm-direct-overlay-host-race-1]
I0316 03:21:39.948372   16913 x:0] Git Revision: 5496be7c5ddedd6ec03004143501acb225eda357
I0316 03:21:39.948405   16913 x:0] PID: 16913
I0316 03:21:39.948430   16913 x:0] UID: 0, GID: 0
I0316 03:21:39.948492   16913 x:0] Configuration:
I0316 03:21:39.948524   16913 x:0] 		RootDir: /syzkaller/managers/kvm-direct-overlay-host-race/workdir/gvisor_root
I0316 03:21:39.948549   16913 x:0] 		Platform: ptrace
I0316 03:21:39.948568   16913 x:0] 		FileAccess: exclusive, overlay: true
I0316 03:21:39.948596   16913 x:0] 		Network: host, logging: false
I0316 03:21:39.948648   16913 x:0] 		Strace: false, max size: 1024, syscalls: []
I0316 03:21:39.948684   16913 x:0] ***************************
D0316 03:21:39.948779   16913 x:0] Load container "/syzkaller/managers/kvm-direct-overlay-host-race/workdir/gvisor_root" "ci-gvisor-kvm-direct-overlay-host-race-1"
D0316 03:21:39.956422   16913 x:0] Signal container "ci-gvisor-kvm-direct-overlay-host-race-1": signal 0
D0316 03:21:39.956541   16913 x:0] Signal sandbox "ci-gvisor-kvm-direct-overlay-host-race-1"
D0316 03:21:39.956573   16913 x:0] Connecting to sandbox "ci-gvisor-kvm-direct-overlay-host-race-1"
D0316 03:21:39.957067   16913 x:0] urpc: successfully marshalled 120 bytes.
D0316 03:21:39.958061   16913 x:0] urpc: unmarshal success.
I0316 03:21:39.958193   16913 x:0] Found sandbox "ci-gvisor-kvm-direct-overlay-host-race-1", PID: 7259
I0316 03:21:39.958290   16913 x:0] Retrieving sandbox stacks
D0316 03:21:39.958328   16913 x:0] Stacks sandbox "ci-gvisor-kvm-direct-overlay-host-race-1"
D0316 03:21:39.958364   16913 x:0] Connecting to sandbox "ci-gvisor-kvm-direct-overlay-host-race-1"
D0316 03:21:39.958501   16913 x:0] urpc: successfully marshalled 36 bytes.
D0316 03:21:40.056931   16913 x:0] urpc: unmarshal success.
I0316 03:21:40.057073   16913 x:0]      *** Stack dump ***
goroutine 20582 [running]:
gvisor.googlesource.com/gvisor/pkg/log.Stacks(0x45c001, 0xc000296d20, 0xc000646630, 0xc0003d1500)
	pkg/log/log.go:259 +0xb6
gvisor.googlesource.com/gvisor/runsc/boot.(*debug).Stacks(0x2381a78, 0x2381a78, 0xc00065a150, 0x0, 0x0)
	runsc/boot/debug.go:26 +0x38
reflect.Value.call(0xc000296d20, 0xc0002941d0, 0x13, 0x10f5ac8, 0x4, 0xc000827eb8, 0x3, 0x3, 0x4a765e, 0xfab940, ...)
	GOROOT/src/reflect/value.go:447 +0x63f
reflect.Value.Call(0xc000296d20, 0xc0002941d0, 0x13, 0xc000827eb8, 0x3, 0x3, 0x0, 0x2381a78, 0x16)
	GOROOT/src/reflect/value.go:308 +0xc1
gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).handleOne(0xc0002a25a0, 0xc000390f60, 0x0, 0x0)
	pkg/urpc/urpc.go:325 +0x63f
gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).handleRegistered(0xc0002a25a0, 0xc000390f60, 0xc0002a25a0, 0xc000390f60)
	pkg/urpc/urpc.go:420 +0x43
gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).StartHandling.func1(0xc0002a25a0, 0xc000390f60)
	pkg/urpc/urpc.go:440 +0x77
created by gvisor.googlesource.com/gvisor/pkg/urpc.(*Server).StartHandling
	pkg/urpc/urpc.go:438 +0x6f

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/03/16 03:22 https://gvisor.googlesource.com/gvisor master 6ee3d6614b36 bab43553 .config console log report syz ci-gvisor-kvm-direct-overlay-host-race
2019/03/16 02:47 https://gvisor.googlesource.com/gvisor master 6ee3d6614b36 bab43553 .config console log report syz ci-gvisor-ptrace-proxy-sandbox-race
* Struck through repros no longer work on HEAD.