syzbot

 sign-in | mailing list | source | docs
🐞 Open [9]
🐞 Fixed [560]
🐞 Invalid [416]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in stack.(*PacketBuffer).reset (2)

Status: fixed on 2022/02/01 22:27
Fix commit: 6d15b0ee64f1 Fix packet buffer reference counting in IP fragmentation/reassembly.
First crash: 1463d, last: 1463d
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor DATA RACE in stack.(*PacketBuffer).reset -1 9 1521d 1521d 14/26 fixed on 2021/11/11 02:22

Sample crash report:
WARNING: DATA RACE
Write at 0x00c006d12298 by goroutine 1107:
  gvisor.dev/gvisor/pkg/tcpip/stack.(*PacketBuffer).reset()
      pkg/tcpip/stack/packet_buffer.go:205 +0x78
  gvisor.dev/gvisor/pkg/tcpip/stack.NewPacketBuffer()
      pkg/tcpip/stack/packet_buffer.go:171 +0x66
  gvisor.dev/gvisor/pkg/tcpip/transport/raw.(*endpoint).write()
      pkg/tcpip/transport/raw/endpoint.go:323 +0x575
  gvisor.dev/gvisor/pkg/tcpip/transport/raw.(*endpoint).Write()
      pkg/tcpip/transport/raw/endpoint.go:276 +0xd4
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*socketOpsCommon).SendMsg()
      pkg/sentry/socket/netstack/netstack.go:3051 +0x2d3
  gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketVFS2).SendMsg()
      <autogenerated>:1 +0x19d
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.sendSingleMsg()
      pkg/sentry/syscalls/linux/vfs2/socket.go:1112 +0x594
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.SendMMsg()
      pkg/sentry/syscalls/linux/vfs2/socket.go:1036 +0x324
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:103 +0x194
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:238 +0xb3
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:198 +0x10e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:173 +0x213
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:282 +0x1346
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:97 +0x352

Previous read at 0x00c006d12298 by goroutine 1010:
  [failed to restore the stack]

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/01/08 01:42 gvisor f2a57c9dac27 2ca0d385 .config console log report syz ci-gvisor-ptrace-1-race DATA RACE in stack.(*PacketBuffer).reset
2022/01/08 01:03 gvisor f2a57c9dac27 2ca0d385 .config console log report syz ci-gvisor-ptrace-2-race DATA RACE in stack.(*PacketBuffer).reset
* Struck through repros no longer work on HEAD.