syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in binary.bigEndian.Uint16

Status: fixed on 2024/07/12 23:43
Fix commit: bd58900fba9e Change veth WritePackets to deep clone its list of packets.
First crash: 147d, last: 147d

Sample crash report:
WARNING: DATA RACE
Read at 0x00c042065139 by goroutine 25833:
  encoding/binary.bigEndian.Uint16()
      GOROOT/src/encoding/binary/binary.go:143 +0xe4
  gvisor.dev/gvisor/pkg/tcpip/header.IPv4.TotalLength()
      pkg/tcpip/header/ipv4.go:333 +0x8e
  gvisor.dev/gvisor/pkg/tcpip/header/parse.IPv4()
      pkg/tcpip/header/parse/parse.go:62 +0x125
  gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*protocol).Parse()
      pkg/tcpip/network/ipv4/ipv4.go:1822 +0x2e
  gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*protocol).parseAndValidate()
      pkg/tcpip/network/ipv4/ipv4.go:1780 +0x4b
  gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).HandlePacket()
      pkg/tcpip/network/ipv4/ipv4.go:834 +0xfd
  gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).DeliverNetworkPacket()
      pkg/tcpip/stack/nic.go:758 +0x216
  gvisor.dev/gvisor/pkg/tcpip/link/nested.(*Endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/nested/nested.go:61 +0x98
  gvisor.dev/gvisor/pkg/tcpip/link/packetsocket.(*endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/packetsocket/packetsocket.go:47 +0x4d
  gvisor.dev/gvisor/pkg/tcpip/link/nested.(*Endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/nested/nested.go:61 +0x98
  gvisor.dev/gvisor/pkg/tcpip/link/ethernet.(*Endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/ethernet/ethernet.go:82 +0x284
  gvisor.dev/gvisor/pkg/tcpip/link/veth.(*Endpoint).InjectInbound()
      pkg/tcpip/link/veth/veth.go:128 +0x98
  gvisor.dev/gvisor/pkg/tcpip/link/veth.NewPair.func1()
      pkg/tcpip/link/veth/veth.go:78 +0x89

Previous write at 0x00c042065139 by goroutine 25834:
  encoding/binary.bigEndian.PutUint16()
      GOROOT/src/encoding/binary/binary.go:150 +0xab0
  gvisor.dev/gvisor/pkg/tcpip/header.IPv4.SetTotalLength()
      pkg/tcpip/header/ipv4.go:426 +0xa0d
  gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).deliverPacketLocally()
      pkg/tcpip/network/ipv4/ipv4.go:1287 +0xa02
  gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).handleValidatedPacket()
      pkg/tcpip/network/ipv4/ipv4.go:1147 +0x95b
  gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).HandlePacket()
      pkg/tcpip/network/ipv4/ipv4.go:875 +0x6e9
  gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).DeliverNetworkPacket()
      pkg/tcpip/stack/nic.go:758 +0x216
  gvisor.dev/gvisor/pkg/tcpip/link/nested.(*Endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/nested/nested.go:61 +0x98
  gvisor.dev/gvisor/pkg/tcpip/link/packetsocket.(*endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/packetsocket/packetsocket.go:47 +0x4d
  gvisor.dev/gvisor/pkg/tcpip/link/nested.(*Endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/nested/nested.go:61 +0x98
  gvisor.dev/gvisor/pkg/tcpip/link/ethernet.(*Endpoint).DeliverNetworkPacket()
      pkg/tcpip/link/ethernet/ethernet.go:82 +0x284
  gvisor.dev/gvisor/pkg/tcpip/link/veth.(*Endpoint).InjectInbound()
      pkg/tcpip/link/veth/veth.go:128 +0x98
  gvisor.dev/gvisor/pkg/tcpip/link/veth.NewPair.func1()
      pkg/tcpip/link/veth/veth.go:78 +0x89

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/01 18:57 gvisor d59375d82e63 b294e901 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in binary.bigEndian.Uint16
* Struck through repros no longer work on HEAD.