syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in binary.littleEndian.Uint64

Status: fixed on 2022/11/18 03:22
Fix commit: 106f6ea96746 Re-enable process_vm_(read|write)v
First crash: 840d, last: 837d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor DATA RACE in binary.littleEndian.Uint64 (2) C 48 727d 737d 26/26 fixed on 2023/10/05 23:05

Sample crash report:
WARNING: DATA RACE
Read at 0x00c00196694b by goroutine 170:
  encoding/binary.littleEndian.Uint64()
      GOROOT/src/encoding/binary/binary.go:77 +0x104
  gvisor.dev/gvisor/pkg/sentry/kernel.makeIovec()
      pkg/sentry/kernel/task_usermem.go:265 +0xbe
  gvisor.dev/gvisor/pkg/sentry/kernel.copyInIovecs()
      pkg/sentry/kernel/task_usermem.go:231 +0x3a9
  gvisor.dev/gvisor/pkg/sentry/kernel.(*taskCopyContext).CopyInIovecs()
      pkg/sentry/kernel/task_usermem.go:387 +0x73
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.doProcessVMReadWrite()
      pkg/sentry/syscalls/linux/vfs2/mmap.go:162 +0x2ef
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.processVMRW()
      pkg/sentry/syscalls/linux/vfs2/mmap.go:155 +0x37b
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.ProcessVMReadv()
      pkg/sentry/syscalls/linux/vfs2/mmap.go:109 +0x66
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:142 +0xab7
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:322 +0x8d
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:282 +0xc4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:257 +0x53a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:253 +0x1e2a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:94 +0x2c1
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
      pkg/sentry/kernel/task_start.go:370 +0x47

Previous write at 0x00c001966948 by goroutine 181:
  runtime.slicecopy()
      GOROOT/src/runtime/slice.go:295 +0x0
  gvisor.dev/gvisor/pkg/safemem.Copy()
      pkg/safemem/block_unsafe.go:199 +0x4b9
  gvisor.dev/gvisor/pkg/safemem.CopySeq()
      pkg/safemem/seq_unsafe.go:282 +0x277
  gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).CopyIn.func1()
      pkg/sentry/mm/io.go:164 +0xca
  gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).withInternalMappings()
      pkg/sentry/mm/io.go:522 +0x812
  gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).CopyIn()
      pkg/sentry/mm/io.go:163 +0x2c4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).CopyInBytes()
      pkg/sentry/kernel/task_usermem.go:57 +0xb7
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.copyTimespecIn()
      pkg/sentry/syscalls/linux/timespec.go:32 +0xe6
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Futex()
      pkg/sentry/syscalls/linux/sys_futex.go:192 +0x712
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:142 +0xab7
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:322 +0x8d
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:282 +0xc4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:257 +0x53a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:253 +0x1e2a
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:94 +0x2c1
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
      pkg/sentry/kernel/task_start.go:370 +0x47

Crashes (29):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/08/09 09:35 gvisor a963196f43de da700653 .config console log report syz C ci-gvisor-ptrace-3-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/12 07:57 gvisor 5852220509c8 21724cb2 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in binary.littleEndian.Uint64
2022/08/12 07:51 gvisor 5852220509c8 21724cb2 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/12 04:39 gvisor 5852220509c8 21724cb2 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/11 18:37 gvisor e06df74a657e 787ed7e0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/11 18:26 gvisor e06df74a657e 787ed7e0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/11 12:22 gvisor e06df74a657e 787ed7e0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/11 10:19 gvisor e06df74a657e 787ed7e0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 23:31 gvisor 778db1d8bc5b a6201f11 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in binary.littleEndian.Uint64
2022/08/10 18:42 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 18:42 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 15:32 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 15:15 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 14:06 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 13:36 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 12:54 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 11:39 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-1-race DATA RACE in binary.littleEndian.Uint64
2022/08/10 11:34 gvisor 241fd5344fa8 aaa9eaa0 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 08:12 gvisor 241fd5344fa8 c2a623d6 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 05:47 gvisor 241fd5344fa8 c2a623d6 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 05:44 gvisor 241fd5344fa8 c2a623d6 .config console log report info ci-gvisor-ptrace-3-race DATA RACE in binary.littleEndian.Uint64
2022/08/10 04:16 gvisor 241fd5344fa8 c2a623d6 .config console log report info ci-gvisor-ptrace-2-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/10 00:26 gvisor 241fd5344fa8 c2a623d6 .config console log report info ci-gvisor-ptrace-3-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/09 19:29 gvisor a963196f43de c2a623d6 .config console log report info ci-gvisor-ptrace-2-race DATA RACE in binary.littleEndian.Uint64
2022/08/09 13:08 gvisor a963196f43de da700653 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/09 13:08 gvisor a963196f43de da700653 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/09 12:57 gvisor a963196f43de da700653 .config console log report info ci-gvisor-ptrace-3-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/09 12:45 gvisor a963196f43de da700653 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
2022/08/09 05:41 gvisor a963196f43de da700653 .config console log report info ci-gvisor-ptrace-1-race-cover DATA RACE in binary.littleEndian.Uint64
* Struck through repros no longer work on HEAD.