syzbot

 sign-in | mailing list | source | docs
🐞 Open [13]
🐞 Fixed [525]
🐞 Invalid [406]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
gvisor build error (25) -1 624 1d12h 8d16h 26/26 23h17m 49a6cc35fab1 kvm: pagetables: Enable 5-level paging
DATA RACE in kernel.(*FSContext).checkAndPreventSharingOutsideTG.func1 -1 syz 3 4d03h 7d12h 26/26 1d10h 1941bc68e20d Fix race between unshare(2) and execve(2).
DATA RACE in kernel.(*Task).Unshare -1 C 6 6d12h 7d13h 26/26 1d10h 1941bc68e20d Fix race between unshare(2) and execve(2).
panic: WARNING: circular locking detected: stack.bridgeRWMutex -> stack.packetEPsRWMutex: 2 1 45d 45d 26/26 35d d48212e236c1 No need to lock packetEPsMu in newNIC.
kvm: panic: Sentry detected stuck tasks (28) -1 C 11 74d 79d 26/26 50d 973b2f23e566 Check for fatal signals and reset watchdog during MM.mapASLocked().
panic: WARNING: circular locking detected: kernfs.ancestryRWMutex -> vfs.inotifyEventMutex: 2 1 75d 68d 26/26 62d a2ad5774b434 Fix lock order inversion between taskMutex and kernfs.ancestryRWMutex.
DATA RACE in packetmmap.(*ringBuffer).internalMappingsForFrame (2) -1 1 111d 111d 26/26 105d a98032f6cc71 Add locking around ringbuffer fields and reserve in packetmmap endpoint.
DATA RACE in packetmmap.(*Endpoint).Init (5) -1 syz 2 108d 109d 26/26 105d a98032f6cc71 Add locking around ringbuffer fields and reserve in packetmmap endpoint.
DATA RACE in packetmmap.(*ringBuffer).init (3) -1 C 9 108d 113d 26/26 106d a98032f6cc71 Add locking around ringbuffer fields and reserve in packetmmap endpoint.
DATA RACE in packetmmap.(*Endpoint).HandlePacket (5) -1 C 19 108d 113d 26/26 106d a98032f6cc71 Add locking around ringbuffer fields and reserve in packetmmap endpoint.
DATA RACE in packetmmap.(*Endpoint).HandlePacket (4) -1 C 4 116d 117d 26/26 114d f56929a6872c Lock around grabbing the version and hdrLen in packetmmap.
DATA RACE in packetmmap.(*Endpoint).marshalFrameHeader (2) -1 C 3 117d 117d 26/26 114d f56929a6872c Lock around grabbing the version and hdrLen in packetmmap.
DATA RACE in packetmmap.(*Endpoint).Init (4) -1 C 9 117d 121d 26/26 114d 5790f690667a lock around getting the current time from the stack.
DATA RACE in packetmmap.(*Endpoint).marshalFrameHeader -1 C 6 121d 121d 26/26 119d 5790f690667a lock around getting the current time from the stack.
kvm: panic: Sentry detected stuck tasks (27) -1 C 5 123d 125d 26/26 119d 1a3d4f6eb7cc Create a separate mutex for packet mmap fields in packet endpoints.
panic: Sentry detected stuck tasks (29) 2 C 51 122d 126d 26/26 121d 1a3d4f6eb7cc Create a separate mutex for packet mmap fields in packet endpoints.
panic: runtime error: index out of range [NUM] with length NUM (6) 2 C 227 134d 135d 26/26 127d cd8fcab3446c Fix range check on socket option counter metric.
kvm: panic: Sentry detected stuck tasks (25) -1 C 3409 135d 231d 26/26 127d bc724d81d2f7 Avoid a deadlock in packet endpoint's Close method.
panic: runtime error: index out of range [-NUM] (2) 2 C 19 129d 129d 26/26 127d 49b9d83fc867 Consolidate helper functions around unimplemented socket option metrics
panic: Sentry detected stuck tasks (28) 2 C 11282 127d 231d 26/26 127d 45adb00f5086 fuse,vfs: don't FUSE_GETATTR for /proc/mountinfo
panic: invalid field value or did not reuse the same FieldValue pointer as passed in NewField 2 C 56 134d 135d 26/26 127d 3f22efe2ac35 Return ENOPROTOOPT from setsockopt syscalls as default.
DATA RACE in packetmmap.(*Endpoint).HandlePacket (3) -1 C 4 141d 141d 26/26 141d 3b4f4acdf32c Don't allow reinit of already mapped packet mmap endpoints.
DATA RACE in packetmmap.(*Endpoint).Init (3) -1 syz 3 141d 141d 26/26 141d 3b4f4acdf32c Don't allow reinit of already mapped packet mmap endpoints.
panic: runtime error: slice bounds out of range [NUM:NUM] (3) 2 C 20 144d 145d 26/26 142d e3ca602624c1 Check for bad values of the packet mmap reserve option.
DATA RACE in kernel.(*ThreadGroup).endGroupStopLocked -1 syz 6 156d 156d 26/26 151d 8221e477b5c4 Protect Task.ptraceSeized with TaskSet mutex and Signal mutex.
panic: runtime error: invalid memory address or nil pointer dereference (28) 2 C 21 199d 200d 26/26 197d 95ad423f8c05 Don't return empty translation in ring buffer during bus error.
panic: WARNING: circular locking detected: kernel.taskMutex -> mm.mappingRWMutex: 2 16 202d 244d 26/26 199d d949e7177c2f taskCopyContext should not require holding task.mu.
panic: runtime error: index out of range [NUM] with length NUM (5) 2 C 165 200d 203d 26/26 199d d6454b486f82 Lock around packetmmap cooked field and check for PACKET_RESERVE opt size.
DATA RACE in packetmmap.(*Endpoint).HandlePacket (2) -1 C 1 203d 203d 26/26 199d d6454b486f82 Lock around packetmmap cooked field and check for PACKET_RESERVE opt size.
DATA RACE in packetmmap.(*ringBuffer).init (2) -1 2 203d 203d 26/26 203d 25084ce9ed1e Add locking around packetmmap initialization and mode.
DATA RACE in packetmmap.(*Endpoint).ConfigureMMap -1 C 2 203d 203d 26/26 203d 25084ce9ed1e Add locking around packetmmap initialization and mode.
DATA RACE in packetmmap.(*ringBuffer).internalMappingsForFrame -1 1 203d 203d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packetmmap.(*Endpoint).Init (2) -1 C 9 203d 203d 26/26 203d 25084ce9ed1e Add locking around packetmmap initialization and mode.
DATA RACE in packetmmap.(*ringBuffer).currFrameStatus (2) -1 C 19 203d 203d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packet.(*endpoint).HandlePacket -1 C 3 203d 203d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packet.(*endpoint).GetPacketMMapOpts -1 C 10 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packetmmap.(*Endpoint).Init -1 C 7 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packetmmap.(*Endpoint).HandlePacket -1 syz 3 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packet.(*endpoint).GetPacketMMapEndpoint -1 14 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packetmmap.(*ringBuffer).currFrameStatus -1 C 3 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packet.(*endpoint).SetSockOptInt -1 C 10 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packet.(*endpoint).SetPacketMMapEndpoint -1 C 25 203d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
DATA RACE in packetmmap.(*ringBuffer).init -1 2 204d 204d 26/26 203d da7cd03064d7 Lock around packet mmap fields.
panic: runtime error: integer divide by zero (4) 2 702 203d 204d 26/26 203d 213917f3eaf8 Don't switch to using the packet mmap endpoint for zero length requests.
panic: invalid allocation length: 0x0 (5) 2 32 203d 204d 26/26 203d 213917f3eaf8 Don't switch to using the packet mmap endpoint for zero length requests.
panic: runtime error: slice bounds out of range [NUM:NUM] (2) 2 C 606 204d 205d 26/26 204d d8518f299131 Validate PACKET_RX_RING and PACKET_VERSION socket option value size.
panic: runtime error: index out of range [NUM] with length NUM (4) 2 C 174 204d 205d 26/26 204d d8518f299131 Validate PACKET_RX_RING and PACKET_VERSION socket option value size.
panic: Sentry detected stuck tasks (27) 2 C 14 238d 259d 26/26 234d 679c77e4f05e proc: Allow interrupting generation of /proc/pid/mount{s,info}
panic: running on goroutine NUM (task goroutine for kernel.Task ADDR is NUM) (2) 2 C 9 259d 259d 26/26 256d c27c9a02aef5 kernel: use the kernel context to run task destroy actions
DATA RACE in buffer.(*Buffer).PullUp -1 C 2 281d 275d 26/26 259d afa323bd3070 Replace most instances of IncRef with Clone.
DATA RACE in buffer.(*ViewList).Remove -1 C 4 282d 280d 26/26 259d afa323bd3070 Replace most instances of IncRef with Clone.
panic: PullUp failed (3) 2 C 19 260d 280d 26/26 259d afa323bd3070 Replace most instances of IncRef with Clone.
panic: Sentry detected stuck tasks (26) 2 C 17 262d 263d 26/26 261d c88ffa321eb9 Returns ENOBUFS when writing to a veth device whose buffer is full.
kvm: panic: Sentry detected stuck tasks (24) -1 C 9 262d 305d 26/26 261d c88ffa321eb9 Returns ENOBUFS when writing to a veth device whose buffer is full.
panic: Sentry detected stuck tasks (25) 2 C 78 263d 292d 26/26 263d 54eb79b6e80a Acquire rlock when reading link address from the bridge.
panic: bytes only has space for NUM bytes but need space for NUM bytes (length = NUM) for extension header with id = NUM 2 C 34 266d 268d 26/26 263d ddaa99e5d4d2 Ignore the length field when processing the experiment extension header.
panic: nested locking: tmpfs.filesystemRWMutex: (3) 2 C 88 281d 277d 26/26 277d f66f0e235a0b Fix memmap.MappingIdentity.Device/InodeID() lock ordering.
panic: runtime error: invalid memory address or nil pointer dereference (27) 2 C 1117 279d 281d 26/26 279d 2b55090a5813 Do not crash when creating thread group with already-exceeded soft CPU limit.
panic: runtime error: invalid memory address or nil pointer dereference (26) 2 C 7905 281d 289d 26/26 281d ae1d4ccf0298 mm: validate vseg before using it
no output from test machine (13) -1 C 86992 284d 303d 26/26 284d 336dc8504327 vfs: use ancestryMu in implementations of DentryImpl.InotifyWithParent
panic: nested locking: tmpfs.filesystemRWMutex: (2) 2 C 33 284d 287d 26/26 284d 336dc8504327 vfs: use ancestryMu in implementations of DentryImpl.InotifyWithParent
DATA RACE in buffer.(*View).Write -1 1 409d 409d 26/26 330d a446b45d4d05 Ensure views returned by PullUp are owned exclusively by their packet.
panic: runtime error: index out of range [ADDR] with length NUM (2) 2 C 23 333d 335d 26/26 333d 9d41ac1ff0b2 Fix unsigned to signed integer conversion in syserr.getHostTranslation().
panic: unknown host errno "errno NUM" (NUM) (2) 2 C 286 335d 360d 26/26 333d 3971ecbc6ccd Remove linuxerr.IsValid and use syserr.IsValid instead.
panic: nested locking: stack.bridgeRWMutex: 2 2 348d 341d 26/26 335d 5e8dd6482cb7 Disallow setting a coordinator for a coordinator device.
lost connection to test machine (10) -1 syz 11752 351d 407d 26/26 351d 2a413db73006 kvm: check CPL to find out if the Sentry is in VM
panic: unknown host errno "memory page has hardware error" (NUM) 2 10 357d 364d 26/26 357d 40bde6c617c7 Add EHWPOISON to host_linux.go
panic: unknown host errno "errno NUM" (NUM) 2 C 397 367d 404d 26/26 367d 9ecb627726cf Fix syzkaller panic for unknown error 58.
panic: No file type specified in 'mode' for InodeAttrs.Init(): mode=NUM (2) 2 C 454 378d 406d 26/26 378d 834bef599679 fuse: Error out in case of unsupported file type instead of panicking.
panic: unknown host errno "operation not possible due to RF-kill" (NUM) 2 1 380d 380d 26/26 378d e6cf09a18c7e Add ERFKILL errno to host_linux file.
panic: running on goroutine NUM (task goroutine for kernel.Task ADDR is NUM) 2 1 390d 390d 26/26 387d e30fa671774b FUSE: Only block with a task if it is the task goroutine.
panic: unknown host errno "errno ADDR" (ADDR) 2 C 88 387d 405d 26/26 387d b1ade52f24be fuse: handle bad response errors
panic: runtime error: invalid memory address or nil pointer dereference (25) 2 1 391d 391d 26/26 388d 2ef09d3bddc7 FUSE: Avoid panic when opening unknown file type.
panic: unknown host errno "no XENIX semaphores available" (NUM) 2 7 392d 392d 26/26 392d 0184ec4aacbc Add ENAVAIL to host_linux.go.
DATA RACE in log.GoogleEmitter.Emit (4) -1 1 392d 392d 26/26 392d 742b914fcb82 Don't log mount.root because it leads to racy access.
panic: unknown host errno "is a named type file" (NUM) 2 7 392d 393d 26/26 392d ef1ca17e5842 Add EISNAM to linuxHostTranslations and fix error message for ENOTNAM.
SYZFAIL: mount(proc) failed -1 54326 422d 423d 26/26 406d e39ed91daaf9 sentry: support NULL mount source
gvisor test error: SYZFAIL: mount(proc) failed -1 58 423d 423d 26/26 406d e39ed91daaf9 sentry: support NULL mount source
lost connection to test machine (9) -1 syz 8441 407d 746d 26/26 407d cd56935ddf77 runsc: pass the GLIBC_TUNABLES env to the sandbox process
DATA RACE in log.GoogleEmitter.Emit (3) -1 1 410d 410d 26/26 408d ddfbb50ecc2d Don't log the task in CgroupPrepareMigrate warning.
DATA RACE in binary.bigEndian.Uint16 -1 1 424d 424d 26/26 413d bd58900fba9e Change veth WritePackets to deep clone its list of packets.
DATA RACE in binary.bigEndian.PutUint16 (2) -1 3 415d 424d 26/26 413d bd58900fba9e Change veth WritePackets to deep clone its list of packets.
no output from test machine (11) -1 C 50911 416d 538d 26/26 416d db9fab290c26 Fix a race condition in TCPDeferAcceptTimeout
panic: send on closed channel 2 1 425d 418d 26/26 417d 9d1849029e8e tcpip/link/veth: don't send any packets if another end has been closed
SYZFAIL: tun: ioctl(TUNSETIFF) failed (2) -1 15 422d 421d 26/26 420d c6d16988a984 Log endpoint type when SOL_IP options are not supported.
panic: WARNING: circular locking detected: stack.bridgeRWMutex -> stack.stackRWMutex: 2 C 27 434d 436d 26/26 429d c4dc0321aa40 Do not hold BridgeEndpoint.mu during dispatcher.DeliverNetworkPacket().
init process did not start -1 2 442d 442d 26/26 437d 80a501d8cc23 Avoid redundant work in `bpf.optimizeJumpsToSmallestSetOfReturns`.
DATA RACE in futex.(*waiterList).Front -1 C 1 449d 449d 26/26 442d b58e8a129d62 futex: add missing locking in lockBuckets()
DATA RACE in futex.(*waiterEntry).SetNext -1 C 3 449d 449d 26/26 442d b58e8a129d62 futex: add missing locking in lockBuckets()
DATA RACE in futex.(*waiterList).PushBack -1 C 3 449d 449d 26/26 442d b58e8a129d62 futex: add missing locking in lockBuckets()
gvisor test error: SYZFATAL: failed to connect to host: dial tcp: address stdin: missing port in address -1 1077 479d 483d 26/26 476d a5b10b7dd04c Fix some processes_test flakes.
panic: runtime error: invalid memory address or nil pointer dereference (23) 2 C 4239 529d 534d 26/26 528d 5f5e01d186b2 Fix panic while setting TCP_CORK off.
no output from test machine (10) -1 C 19806 554d 1477d 26/26 550d 16dba7fa7677 systrap: handle stub thread crashes
panic: stub thread ADDR failed: err 0x-ADDR line NUM: sysmsg.Msg{msg: ADDR state NUM err -ADDR line NUM debug NUM app st 2 C 5 596d 596d 26/26 570d fe66cae2edc7 Enumerate known systrap stub failures to exit process cleanly.
panic: Decrementing non-positive ref count ADDR, owned by tmpfs.inode (4) 2 C 22 588d 594d 26/26 585d 7b151e25d076 Don't drop the mountpoint reference in already umounted dead mountpoints.
DATA RACE in safemem.Copy (7) -1 C 4 612d 612d 26/26 609d de71aae89aed `seccomp`: Use dedicated input buffer for populating seccomp cache.
kvm: panic: Sentry detected stuck tasks (22) -1 C 8 634d 644d 26/26 626d eaee2b213b2d Add check to pivot_root that ensures the new root is underneath the old root.
fatal error: stack overflow (5) -1 C 23 630d 646d 26/26 626d eaee2b213b2d Add check to pivot_root that ensures the new root is underneath the old root.
panic: runtime error: invalid memory address or nil pointer dereference (22) 2 1 639d 638d 26/26 637d 4733e050ebec Check that handshake.listenEP is non-nil.
panic: attempted to rewrite jump target to a different return instruction: from={pc=NUM: {NUM NUM NUM NUM}}, to={pc=NUM: 2 C 8 645d 645d 26/26 640d 7cf14b7c8b5e Add equality function for BPF instructions.
fatal error: stack overflow (4) -1 C 12 647d 651d 26/26 647d c16916e7d780 Move lockMountpoint to the beginning of pivot_root.
kvm: panic: Sentry detected stuck tasks (21) -1 C 2 649d 650d 26/26 647d c16916e7d780 Move lockMountpoint to the beginning of pivot_root.
fatal error: large allocation -1 C 234 660d 663d 26/26 648d 917bee5b6d91 Add a size limit to `outputQueueTransformer.transform`.
panic: runtime error: slice bounds out of range [12:LINE] 2 C 63 653d 1432d 26/26 651d c96439ecd0b4 devpts: IterDirents has to check offset and return if it is out of range
kvm: panic: Sentry detected stuck tasks (20) -1 C 2 653d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
fatal error: stack overflow (3) -1 2 652d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: Decrementing non-positive ref count ADDR, owned by tmpfs.inode (3) 2 C 16 653d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: Decrementing non-positive ref count ADDR, owned by vfs.Filesystem 2 C 152 652d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: runtime error: invalid memory address or nil pointer dereference (21) 2 1 653d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: Incrementing non-positive count ADDR on tmpfs.inode (4) 2 C 24 652d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: Incrementing non-positive count ADDR on vfs.Filesystem (3) 2 1 653d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: tmpfs.inode.decLinksLocked() called with no existing links 2 1 652d 652d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
panic: tmpfs.inode.incLinksLocked() called with no existing links 2 C 1 653d 653d 26/26 651d 77b137ffd8ec Fix umount not unmounting all the mounts it is supposed to.
kvm: panic: Sentry detected stuck tasks (19) -1 3 655d 653d 26/26 653d 3ab01aedb874 Refactor the umount algorithm.
kvm: panic: Sentry detected stuck tasks (18) -1 C 3 667d 672d 26/26 665d 429f7c439616 Move rootfs check to inside mountMu.
panic: runtime error: invalid memory address or nil pointer dereference (20) 2 C 8 667d 674d 26/26 667d 429f7c439616 Move rootfs check to inside mountMu.
panic: WARNING: circular locking detected: mm.activeRWMutex -> tmpfs.filesystemRWMutex: 2 1 680d 680d 26/26 667d e1e7edcc1b67 Don't release unused RightsControlMessage in Recv.
panic: close of closed channel 2 C 1192 1301d 1309d 26/26 669d 2e3e5b606789 Create a new test dimension that mounts a FUSE fs on /tmp.
DATA RACE in vfs.(*Mount).setMountOptions -1 C 5 678d 678d 26/26 674d ea4f0073d4a1 Fix data race between getting mount options and updating mount options.
gvisor boot error: init process did not start (5) -1 41 779d 907d 26/26 676d 2e8b96b4fd74 Automated rollback of changelist 514487900
panic: Sentry detected stuck tasks (24) 2 C 13 681d 687d 26/26 680d 1407fdf120ab Fix concurrent pivot_root bug.
panic: expected socket to exist at '!N 2 C 23 683d 683d 26/26 680d 707ac55a05d7 inet: don't reuse names from the abstract socket namespace map
panic: expected socket to exist at '$N 2 C 24 684d 685d 26/26 680d 707ac55a05d7 inet: don't reuse names from the abstract socket namespace map
panic: expected socket to exist at '#N 2 C 23 683d 683d 26/26 680d 707ac55a05d7 inet: don't reuse names from the abstract socket namespace map
panic: expected socket to exist at ' N 2 C 20 684d 685d 26/26 680d 707ac55a05d7 inet: don't reuse names from the abstract socket namespace map
panic: Sentry detected stuck tasks (23) 2 C 23 687d 692d 26/26 687d a8bc2e146626 Fix group id cleanup and tidy up some mount methods.
kvm: panic: Sentry detected stuck tasks (17) -1 14 692d 722d 26/26 690d 44e0d6d07246 Unlock putOldMp before retrying the mount checks in pivot_root.
panic: Sentry detected stuck tasks (22) 2 5 693d 693d 26/26 693d 44e0d6d07246 Unlock putOldMp before retrying the mount checks in pivot_root.
panic: runtime error: invalid memory address or nil pointer dereference (19) 2 C 79 695d 709d 26/26 694d f744f443dd7d Check before attempting to mount an anon mountpoint.
panic: nested locking: tmpfs.filesystemRWMutex: 2 1 710d 703d 26/26 694d c74f5866cb75 Fix circular lock that can happen during unlink.
DATA RACE in kernel.(*Task).MemoryManager (3) -1 C 12 695d 695d 26/26 694d c39ecc4eb47a The local task in process_vm_read|writev is just the calling task.
DATA RACE in kernel.(*runExitMain).execute (2) -1 C 143 1004d 1014d 26/26 694d b66713079526 Clean up and re-enable process_vm_readv/writev
DATA RACE in binary.littleEndian.Uint64 (2) -1 C 48 1004d 1014d 26/26 694d b66713079526 Clean up and re-enable process_vm_readv/writev
panic: Sentry detected stuck tasks (21) 2 64 694d 741d 26/26 694d 677d11f22fbe Chunkify tmpfs Allocate().
DATA RACE in vfs.(*VirtualFilesystem).connectLocked (2) -1 2 707d 707d 26/26 694d de5271b36007 Fix small data race in mount.
DATA RACE in safemem.Copy (6) -1 C 121 1004d 1004d 26/26 694d b66713079526 Clean up and re-enable process_vm_readv/writev
panic: Unknown syscall NUM error: strconv.ParseInt: parsing "./file1": invalid syntax 2 C 19 717d 710d 26/26 702d 1910a4577f01 cgroupfs: do not return errors from strconv.ParseInt() to write()
panic: runtime error: invalid memory address or nil pointer dereference (18) 2 4 720d 721d 26/26 717d bb4410f44e32 Rollback 6ceceae9385c and 206e88db3653.
gvisor test error: panic: interface conversion: vfs.DentryImpl is *tmpfs.dentry, not *kernfs.Dentry -1 38 722d 723d 26/26 721d 206e88db3653 Fix cwd/root update method during namespace cloning.
panic: nested locking: kernfs.filesystemRWMutex: (7) 2 4 736d 737d 26/26 731d c80ab228d85b Make vfs.PopDelayedDecRefs() clear vfs.toDecRef.
panic: nested locking: kernfs.filesystemRWMutex: (6) 2 C 8 738d 754d 26/26 738d 755c1f242cd4 nsfs: mark inodes as anonymous
panic: Sentry detected stuck tasks (20) 2 C 895 742d 745d 26/26 742d 960b564a6840 Fix small mount propagation bug.
kvm: panic: Sentry detected stuck tasks (15) -1 C 186 742d 745d 26/26 742d 960b564a6840 Fix small mount propagation bug.
kvm: panic: Sentry detected stuck tasks (14) -1 syz 4 757d 763d 26/26 753d 118a17d92dcf kernfs: set DenySpliceIn for DynamicBytesFD
panic: runtime error: invalid memory address or nil pointer dereference (17) 2 2 757d 757d 26/26 757d 6f978d71856e kernel: GetMountNamespace has to check that mntns isn't nil
DATA RACE in udp.(*endpoint).Connect.func1 -1 C 3 772d 765d 26/26 757d 5babda534107 Lock around endpoint info access in UDP onICMPError.
SYZFATAL: executor NUM failed NUM times: executor NUM: exit status NUM -1 syz 48074 758d 1177d 26/26 758d 41bb04c14901 Implement mount namespaces
panic: runtime error: invalid memory address or nil pointer dereference (16) 2 C 48 759d 766d 26/26 758d ef95be6e1c10 kernel: check that a task has a network namespace
panic: kcov task work is registered, but no coverage data was found 2 6120 773d 778d 26/26 770d f43a5fc63ac7 Remove panic in ConsumeCoverageData() when no coverage is observed.
panic: Sentry detected stuck tasks (18) 2 C 625 774d 833d 26/26 773d e54e3668b07c Impose default tmpfs size limits correctly.
gvisor test error: FATAL ERROR: waiting on pid X: waiting on pid X in sandbox NAME failed: EOF (3) -1 124 778d 779d 26/26 777d ffcbc70b9a4a systrap: don't change an fpu state from the stub code
DATA RACE in pipefs.(*inode).UID -1 syz 2 778d 778d 26/26 777d 02ed5839a762 Add a lock to pipefs's inode to protect a inode's attributes.
lost connection to test machine (8) -1 1964 777d 1110d 26/26 777d 8b57c2e7402f runsc/seccomp: allow sched_getaffinity if race is on
panic: runtime error: invalid memory address or nil pointer dereference (15) 2 1 806d 806d 26/26 779d bb5ada8caffd Defer dec refing mounts in InvalidateDentry.
panic: WARNING: circular locking detected: stack.packetEndpointListRWMutex -> fasync.fileMutex: (2) 2 2 802d 802d 26/26 795d fedbf08401fe kernel: unshare a network namespace without taking Task.mu
panic: WARNING: circular locking detected: fasync.fileMutex -> kernel.taskSetRWMutex: (2) 2 C 1 802d 802d 26/26 795d fedbf08401fe kernel: unshare a network namespace without taking Task.mu
panic: WARNING: circular locking detected: stack.packetEndpointListRWMutex -> kernel.taskSetRWMutex: (2) 2 C 3 802d 802d 26/26 795d fedbf08401fe kernel: unshare a network namespace without taking Task.mu
kvm: lost connection to test machine (3) -1 8 812d 834d 26/26 806d 52692c3647ea fdtable: avoid large arrays
panic: nested locking: kernfs.filesystemRWMutex: (5) 2 5 806d 808d 26/26 806d bb5ada8caffd Defer dec refing mounts in InvalidateDentry.
panic: nested locking: kernfs.filesystemRWMutex: (4) 2 C 31 809d 903d 26/26 808d 084a5022563f Change InvalidateDentry to return a list of vds with an extra reference.
kvm: panic: Sentry detected stuck tasks (12) -1 193 812d 974d 26/26 812d 52692c3647ea fdtable: avoid large arrays
panic: WARNING: circular locking detected: mm.activeRWMutex -> kernfs.filesystemRWMutex: 2 C 4 844d 844d 26/26 813d 8c975e6e6e68 Mark some kernfs inode as Anonymous.
DATA RACE in fasync.(*FileAsync).SetOwnerTask -1 C 11 813d 815d 26/26 813d 5fed8c81b89a Fix data race by acquiring lock before accessing fields of FileAsync.
panic: WARNING: circular locking detected: fasync.fileMutex -> kernel.taskSetRWMutex: 2 C 1 816d 816d 26/26 813d f3d87d3be121 fasync: release the FileAsync mutex before sending the signal
panic: WARNING: circular locking detected: stack.packetEndpointListRWMutex -> fasync.fileMutex: 2 1 816d 816d 26/26 813d f3d87d3be121 fasync: release the FileAsync mutex before sending the signal
panic: WARNING: circular locking detected: stack.packetEndpointListRWMutex -> kernel.taskSetRWMutex: 2 C 3 816d 816d 26/26 813d f3d87d3be121 fasync: release the FileAsync mutex before sending the signal
panic: WARNING: circular locking detected: vfs.virtualFilesystemMutex -> kernfs.filesystemRWMutex: (2) 2 1 835d 835d 26/26 813d ed528835f753 Small circular lock fix.
gvisor test error: SYZFATAL: BUG: got no fallback coverage: -1 132 834d 911d 26/26 822d 83f4f485b4ad systrap: don't call Goyield() if the race detector is enabled
panic: Incrementing non-positive count ADDR on tmpfs.inode (3) 2 6 842d 864d 26/26 827d 283b80a456aa Fix logic bug in attaching mounts.
DATA RACE in log.GoogleEmitter.Emit (2) -1 3 831d 833d 26/26 827d 158636229e87 Avoid serializing the sharedContext struct in formatting directives.
DATA RACE in kernel.(*TaskImage).Fork -1 C 8 923d 923d 26/26 830d 028cf757bbef Clarify comment about copying Task.image in Task.Clone().
panic: WARNING: circular locking detected: vfs.virtualFilesystemMutex -> tmpfs.filesystemRWMutex: (2) 2 C 17 834d 835d 26/26 833d ed528835f753 Small circular lock fix.
panic: Sentry detected stuck tasks (17) 2 C 822 833d 1099d 26/26 833d ed528835f753 Small circular lock fix.
gvisor build error (19) -1 110 835d 836d 26/26 835d 74e63e9e296a Update packages
panic: Decrementing non-positive ref count ADDR, owned by tmpfs.inode (2) 2 C 47 842d 847d 26/26 835d 283b80a456aa Fix logic bug in attaching mounts.
gvisor test error: timed out (4) -1 548 837d 1201d 26/26 836d 83f4f485b4ad systrap: don't call Goyield() if the race detector is enabled
panic: WARNING: circular locking detected: stack.neighborEntryRWMutex -> stack.nicRWMutex: 2 1 869d 869d 26/26 837d 38823be81914 Don't lock before accessing nic.networkEndpoints
panic: WARNING: circular locking detected: transport.streamQueueReceiverMutex -> kernfs.filesystemRWMutex: 2 C 1 844d 844d 26/26 837d 2044c3449153 Don't hold streamQueueReceiver.mu while calling RightsControlMessage.Release().
panic: WARNING: circular locking detected: transport.endpointMutex -> kernfs.filesystemRWMutex: 2 C 1 844d 844d 26/26 837d a7e1fe92f588 Don't hold baseEndpoint.mu when calling receiver.Recv.
panic: WARNING: circular locking detected: vfs.virtualFilesystemMutex -> tmpfs.filesystemRWMutex: 2 C 18 957d 1033d 26/26 837d e0b1585586c6 Remove stale `vdDentry` variable from VirtualFilesystem.connectMountAt().
panic: nested locking: transport.endpointMutex: 2 C 1 844d 844d 26/26 837d a7e1fe92f588 Don't hold baseEndpoint.mu when calling receiver.Recv.
fatal error: unexpected signal during runtime execution (3) -1 9 882d 885d 26/26 882d 96aa115516c8 systrap: simplify interrupt handling in syshandler
gvisor boot error: panic: prctl(PR_SET_NO_NEW_PRIVS) failed: invalid argument -1 12 885d 885d 26/26 885d 6890e539c700 systrap: set all arguments of prctl(PR_SET_NO_NEW_PRIVS)
panic: interface conversion: *kernel.Kernel is not unimpl.Events: missing method EmitUnimplementedEvent 2 C 5857 890d 891d 26/26 889d f8b98248139c Update `unimpl.EmitUnimplementedEvent` interface to add the syscall number.
gvisor test error: SYZFATAL: BUG: program execution failed: executor NUM: not serving -1 137 891d 898d 26/26 891d 08920d098b30 Fix systrap TLS handling on ARM.
gvisor build error (18) -1 313 898d 920d 26/26 891d fedadb093205 Fix syzkaller systrap builds.
DATA RACE in systrap.(*subprocessPool).fetchAvailable -1 25 901d 912d 26/26 891d f01bf248c19f Fix data race in subprocess pool.
panic: WARNING: circular locking detected: tmpfs.filesystemRWMutex -> kernel.taskSetRWMutex: 2 syz 14 897d 1172d 26/26 891d 758da469f7ed kernel: release kernel.taskSetRWMutex before calling TaskImage.Release
panic: runtime error: index out of range [ADDR] with length NUM 2 C 17 902d 902d 26/26 891d fc94225c333d Fix crash with large FD value
gvisor boot error: FATAL ERROR: overlay flag is incompatible with shared file access for rootfs -1 148 905d 906d 26/26 896d 1b7a4e2a055c Prepare to make root overlay the default.
gvisor boot error: FATAL ERROR: overlay flag has been replaced with overlay2 flag -1 66 903d 905d 26/26 896d 1b7a4e2a055c Prepare to make root overlay the default.
DATA RACE in vfs.(*VirtualFilesystem).PivotRoot -1 C 1 914d 914d 26/26 905d 807fd0fd27d0 Lock around accessing the mount namespace in pivot_root.
panic: runtime error: invalid memory address or nil pointer dereference (14) 2 C 753 913d 914d 18/26 913d 8a1845f8b850 Don't send a signal to a controlling thread group if one has not been set.
fatal error: stack overflow -1 1 989d 989d 18/26 914d 426deb60fd25 lockdep: fix the TOCTTOU issue
panic: runtime error: invalid memory address or nil pointer dereference (13) 2 C 2752 914d 918d 18/26 914d 8184fa1db0fa Clean up devpts code, and deduplicate the foreground process state.
panic: runtime error: slice bounds out of range [:NUM] with capacity NUM (2) 2 C 7 919d 921d 18/26 918d 5817f4cc64e4 Fix FUSE how handles malformed INIT requests.
panic: nested locking: kernfs.filesystemRWMutex: (3) 2 syz 19 926d 951d 18/26 924d 28472cc03fe1 don't take an unnecessary reference in proc.fdSymlink.Valid()
panic: interface conversion: vfs.DentryImpl is *vfs.anonDentry, not *kernfs.Dentry (2) 2 C 13 931d 931d 18/26 930d 1beb3e2b251d Check hard link target's mount compatibility before kernfs.Dentry cast. Again.
panic: interface conversion: vfs.DentryImpl is *tmpfs.dentry, not *kernfs.Dentry (2) 2 C 65 930d 932d 18/26 930d 1beb3e2b251d Check hard link target's mount compatibility before kernfs.Dentry cast. Again.
panic: interface conversion: vfs.DentryImpl is *vfs.anonDentry, not *kernfs.Dentry 2 C 14 933d 936d 18/26 932d 8373fb5db8c8 Check hard link target's mount compatibility before kernfs.Dentry cast.
panic: interface conversion: vfs.DentryImpl is *tmpfs.dentry, not *kernfs.Dentry 2 C 390 932d 937d 18/26 932d 8373fb5db8c8 Check hard link target's mount compatibility before kernfs.Dentry cast.
panic: interface conversion: vfs.DentryImpl is *gofer.dentry, not *kernfs.Dentry 2 C 13 934d 934d 18/26 934d 8373fb5db8c8 Check hard link target's mount compatibility before kernfs.Dentry cast.
panic: runtime error: index out of range [NUM] with length NUM (3) 2 C 372 950d 953d 18/26 949d fe562179fea1 Handle absolute symlink target '/' correctly in VFS layer.
panic: runtime error: invalid memory address or nil pointer dereference (12) 2 C 31 953d 1014d 18/26 949d e08f204299df inet: each socket has to hold a reference to its network namespace
panic: WARNING: circular locking detected: vfs.virtualFilesystemMutex -> kernfs.filesystemRWMutex: 2 1 968d 968d 18/26 951d 492d7a98116b Decref target VirtualDentry outside the vfs mount lock during mount ops.
gvisor test error: panic: ptrace set regs (&{PtraceRegs:{Regs:[ADDR NUM ADDR NUM NUM NUM NUM ADDR ADDR NUM NUM ADDR ADDR NUM ADDR ADDR NUM -1 10 956d 956d 15/26 954d 194029b95444 arm64: validate registers that come from user-space
panic: WARNING: circular locking detected: stack.nicRWMutex -> stack.packetsPendingLinkResolutionMutex: (2) 2 C 53 988d 989d 14/26 987d bc440b67fce0 Don't hold nic.mu when calling n.linkResQueue.cancel.
panic: WARNING: circular locking detected: stack.nicRWMutex -> stack.neighborCacheRWMutex: 2 C 356 990d 995d 14/26 989d 70be2fc8a772 Remove unsetting route's cached neighbor entry in link res callback.
gvisor build error (16) -1 12 1002d 1002d 14/26 990d 20b2ec04d94d Update bazel packages
panic: WARNING: circular locking detected: stack.packetsPendingLinkResolutionMutex -> stack.routeRWMutex: 2 C 2602 990d 995d 14/26 990d 4f326de47636 Make nic.spoofing and nic.promiscuous atomic Bools to avoid lock contention.
panic: WARNING: circular locking detected: stack.nicRWMutex -> stack.packetsPendingLinkResolutionMutex: 2 C 1246 990d 995d 14/26 990d 4f326de47636 Make nic.spoofing and nic.promiscuous atomic Bools to avoid lock contention.
gvisor boot error: FATAL ERROR: running container: creating container: failed to create an unnamed temporary file inside "/tmp" -1 24 994d 994d 14/26 993d 368e85414697 overlay2: Do not use O_TMPFILE to create unnamed temporary file.
panic: WARNING: circular locking detected: kernel.signalHandlersMutex -> kernfs.filesystemRWMutex: 2 C 351 1001d 1003d 14/26 1000d d0ae59368d8a cgroupfs: Fix lock ordering between kernfs.Filesystem.mu and TaskSet.mu.
panic: WARNING: circular locking detected: kernel.taskSetRWMutex -> kernfs.filesystemRWMutex: 2 C 2320 1000d 1003d 14/26 1000d d0ae59368d8a cgroupfs: Fix lock ordering between kernfs.Filesystem.mu and TaskSet.mu.
panic: cgroupfs: pids controller attempted to remove pending charge for Task ADDR, but task didn't have pending charges, (2) 2 1 1033d 1033d 14/26 1002d 62ddad611979 cgroupfs: Fix several races with task migration.
panic: Decrementing non-positive ref count ADDR, owned by tmpfs.inode 2 C 27 1002d 1003d 14/26 1002d 1823b16fccf7 Clean up DecRefs in mount methods.
panic: Incrementing non-positive count ADDR on tmpfs.inode (2) 2 C 56 1002d 1003d 14/26 1002d 1823b16fccf7 Clean up DecRefs in mount methods.
panic: kernfs.Dentry.DecRef() called without holding a reference (2) 2 C 61 1003d 1003d 14/26 1002d 1823b16fccf7 Clean up DecRefs in mount methods.
kvm: panic: Sentry detected stuck tasks (10) -1 3 1019d 1037d 14/26 1003d ece02b45b5b4 Add a maximum to the total number of mounts allowed in a namespace.
panic: Lock not held: transport.endpointMutex[e]: 2 C 1191 1004d 1004d 14/26 1004d 1ceee8c31071 connectioned: Change nested lock name to only have a single nested lock.
DATA RACE in safemem.Copy (5) -1 C 3153 1004d 1014d 14/26 1004d ae731e0394f5 Don't use other process's scratch buffer.
panic: unbalance unlock: mm.activeRWMutex:LINE: 2 2 1006d 1017d 14/26 1004d 445fa6f40c89 Lockdep: Print more info in the "unbalanced unlock" case.
panic: WARNING: circular locking detected: kernel.taskMutex -> kernel.taskSetRWMutex: 2 C 1470 1014d 1016d 14/26 1012d 38a0512f13fa Fix circular lock in process_vm_(read|write)v
DATA RACE in binary.littleEndian.Uint64 -1 C 29 1113d 1116d 14/26 1016d 106f6ea96746 Re-enable process_vm_(read|write)v
panic: runtime error: slice bounds out of range [:ADDR] with capacity ADDR 2 C 914 1016d 1033d 14/26 1016d 3c0e0a3746a3 io_uring: Fix several issues with shared ring buffers.
DATA RACE in safemem.Copy (4) -1 C 1019 1113d 1117d 14/26 1016d 106f6ea96746 Re-enable process_vm_(read|write)v
panic: runtime error: slice bounds out of range [ADDR:NUM] 2 C 13 1020d 1020d 14/26 1016d 3c0e0a3746a3 io_uring: Fix several issues with shared ring buffers.
panic: runtime error: slice bounds out of range [:ADDR] with capacity NUM 2 C 124 1016d 1032d 14/26 1016d 3c0e0a3746a3 io_uring: Fix several issues with shared ring buffers.
panic: runtime error: integer divide by zero (3) 2 C 443 1016d 1032d 14/26 1016d 3c0e0a3746a3 io_uring: Fix several issues with shared ring buffers.
panic: Unknown syscall -NUM error: EOF 2 C 14 1020d 1022d 14/26 1016d f3aaf4326636 io_ring: Handle EOF on IORING_OP_READV
DATA RACE in tmpfs.GetSeals -1 1 1021d 1021d 14/26 1018d 374e716c7ce2 AddSeals has to take the write lock to modify seals
DATA RACE in tmpfs.AddSeals -1 C 4 1021d 1021d 14/26 1018d 374e716c7ce2 AddSeals has to take the write lock to modify seals
panic: runtime error: slice bounds out of range [:NUM] with capacity NUM 2 C 196 1301d 1309d 14/26 1019d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
panic: addresses IP and fe80::aa do not have the same length (2) 2 1 1025d 1025d 14/26 1020d 8756ebc3b406 Netstack: Check address matches the endpoint protocol for IP_DROP_MEMBERSHIP
panic: runtime error: invalid memory address or nil pointer dereference (11) 2 C 2733 1023d 1117d 14/26 1022d ae136df84998 Add nil-check for parent mount in umount(2) while handling mount propagation.
DATA RACE in vfs.(*VirtualFilesystem).setPropagation -1 C 3 1036d 1036d 14/26 1023d 20ef2127a102 Lock around optional tag generation.
DATA RACE in bufferv2.newChunk -1 C 68 1030d 1045d 14/26 1029d 6b3b5493d0ea Fix ipv6 header view ownership.
DATA RACE in vfs.(*VirtualFilesystem).GenerateProcMountInfo -1 C 2 1034d 1036d 14/26 1032d 20ef2127a102 Lock around optional tag generation.
panic: runtime error: integer divide by zero (2) 2 C 56 1032d 1033d 14/26 1032d d4b159ae93b5 iouring: Disallow zero, or less CQ entries than SQ entries
panic: nested locking: kernel.taskSetRWMutex: 2 C 2 1091d 1091d 14/26 1038d c1427a04dfba Disable fasync for signalfd descriptors
gvisor test error: panic: WARNING: circular locking detected: mm.activeRWMutex -> kernel.taskSetRWMutex: -1 1 1059d 1059d 14/26 1053d 2e844f74fcdd Do not use ktime.Timer for CPU clock ticks.
panic: Decrementing non-positive ref count ADDR, owned by kernel.ProcessGroup (2) 2 C 3 1057d 1091d 14/26 1057d 36ddd3050cc2 Check if ThreadGroup exists before executing JoinProcessGroup.
kvm: panic: Sentry detected stuck tasks (9) -1 2 1085d 1087d 14/26 1074d 48e2252b3bac fix panic caused by too-large buffer allocations
gvisor build error (15) -1 232 1081d 1080d 14/26 1078d d2827e5a9242 Don't require gcc-multilib to be installed to build BPF
panic: cgroupfs: pids controller pending pool would be negative if charge was allowed: current pool: NUM, proposed charg 2 C 97 1095d 1214d 14/26 1095d 46e08207b58f cgroupfs: Handle hierachy changes across charge/uncharge.
panic: addresses IP and fe80::aa do not have the same length 2 102 1114d 1143d 14/26 1108d b195ca54f311 Netstack: Check that the multicast address matches the endpoint protocol.
DATA RACE in fuse.newFUSEFilesystem -1 C 384 1301d 1309d 14/26 1117d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
panic: WARNING: circular locking detected: cgroupfs.pidsControllerMutex -> mm.mappingRWMutex: 2 3 1171d 1172d 14/26 1170d d5a04e338eef cgroupfs: Don't copy in with cgroups locks held.
panic: WARNING: circular locking detected: tmpfs.inodeMutex -> mm.activeRWMutex: 2 C 8353 1172d 1173d 14/26 1170d 82498d087ef8 Don't hold MM.activeMu when calling MM.vmaMapsEntryLocked().
panic: Sentry detected stuck tasks (16) 2 5 1177d 1250d 14/26 1176d 8b41af93300c sync/lockdep: use RangeRepeatable instead of Range
kvm: panic: Sentry detected stuck tasks (7) -1 1 1196d 1189d 14/26 1177d 6fda48f50dcd tcpip/transport/raw: check MTU before copying a buffer from user memory
panic: invalid allocation length: 0x0 (4) 2 C 4338 1177d 1180d 14/26 1177d 3290a054c5bd getdents: Test that size parameter is not zero before allocating PMAs.
panic: WARNING: circular locking detected: kernel.taskSetRWMutex -> mm.activeRWMutex: 2 2 1194d 1190d 14/26 1183d e47be0cfc06d Move Send/RecvNotify calls outside of CopyIn/Out, due to lock order.
panic: runtime error: index out of range [-NUM] 2 C 13 1209d 1209d 14/26 1206d a7cad2b092de Tmpfs with size option enabled bug fix.
DATA RACE in fuse.(*connection).callFutureLocked -1 C 2 1306d 1309d 14/26 1214d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
DATA RACE in fuse.(*DeviceFD).Read -1 C 238 1304d 1309d 14/26 1214d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
DATA RACE in fuse.newFUSEConnection -1 C 52 1304d 1309d 14/26 1214d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
DATA RACE in fuse.(*DeviceFD).PWrite -1 C 11 1306d 1309d 14/26 1214d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
DATA RACE in fuse.(*DeviceFD).PRead -1 C 9 1305d 1309d 14/26 1214d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
DATA RACE in fuse.(*DeviceFD).Seek -1 C 8 1309d 1309d 14/26 1214d 32c474d82f65 Allow multiple FUSE filesystems to share a connection.
panic: unexpected tcp state in processor: BOUND 2 C 36 1226d 1228d 14/26 1225d 3b917921d7fe Fix race in listen.
DATA RACE in cgroupfs.(*memsData).Write -1 C 4 1237d 1237d 14/26 1229d 5f9bd8a53b20 cgroupfs: Synchronize access to cpuset controller bitmaps.
panic: unknown network protocol number NUM 2 C 56 1318d 1330d 14/26 1248d 6a28dc7c5963 Correct fragmentation reference counting.
panic: runtime error: invalid memory address or nil pointer dereference (10) 2 C 11 1254d 1260d 14/26 1253d 5835bc8c3a4b cgroupfs: Handle invalid PID/PGID on migration.
DATA RACE in kernfs.(*OrderedChildren).checkExistingLocked -1 C 1 1276d 1276d 14/26 1255d 9085d334deed kernfs: Handle duplicate unlink on orphaned directories.
panic: Inode doesn't match what kernfs thinks! OrderedChild: &{dir:{InodeNoopRefCount:{InodeTemporary:{}} InodeAlwaysVal 2 C 12 1261d 1276d 14/26 1255d 9085d334deed kernfs: Handle duplicate unlink on orphaned directories.
DATA RACE in bitmap.(*Bitmap).Maximum -1 C 8 1268d 1276d 14/26 1268d 4503ba3f5efd Fix data race when using UNSHARE in close_range.
kvm: lost connection to test machine -1 364 1271d 1624d 14/26 1268d 81d384cfe9d3 Fix race between epoll readiness check and re-readying.
lost connection to test machine (6) -1 4341 1269d 1508d 14/26 1269d 81d384cfe9d3 Fix race between epoll readiness check and re-readying.
DATA RACE in transport.(*connectionedEndpoint).Connect.func1 (2) -1 C 4 1285d 1278d 14/26 1274d b1ceabc884c0 Hold baseEndpoint.mu when calling baseEndpoint.Connected()
kvm: panic: Sentry detected stuck tasks (6) -1 15 1278d 1288d 14/26 1277d f51097051ac5 tun: reject packets larger MTU
panic: Sentry detected stuck tasks (15) 2 C 2582 1286d 1364d 14/26 1281d 510cc2f7fca9 Fix pivot_root lock inversion.
Invalid request partialResult in sendto (3) -1 C 9 1284d 1284d 14/26 1282d 395c38be75d1 Add ECONNABORTED to the partial result error list.
kvm: panic: Sentry detected stuck tasks (5) -1 C 65 1289d 1351d 14/26 1288d b413d78c27db sendfile: limit a buffer size
panic: runtime error: invalid memory address or nil pointer dereference (9) 2 C 262 1301d 1298d 14/26 1297d b7ccfa5084e2 Fixes #7086,#6964,#3413,#7001.
DATA RACE in fuse.(*connection).callFuture (2) -1 3 1302d 1303d 14/26 1301d e219f75d8b3c Fuse: Cache `maxActiveRequests` in `connection` to avoid reading it from `fs`.
panic: Unknown syscall NUM error: payload too small. Minimum data lenth required: NUM, but got data length NUM 2 C 79 1302d 1308d 14/26 1302d 55ef37166897 Return well-defined error on short payload in FUSE.
fatal error: sync: unlock of unlocked mutex -1 C 26 1303d 1303d 14/26 1302d 10d1a49c5ba2 Fuse: `DeviceFD.Read`: Lock `DeviceFD` ahead of other locks.
DATA RACE in fuse.(*connection).callFuture -1 1 1307d 1307d 14/26 1304d a5ce865145c7 fuse: Attempt to fix five data races.
DATA RACE in fuse.(*connection).initProcessReply -1 C 14 1304d 1308d 14/26 1304d a5ce865145c7 fuse: Attempt to fix five data races.
DATA RACE in fuse.(*DeviceFD).writeLocked -1 C 33 1304d 1309d 14/26 1304d a5ce865145c7 fuse: Attempt to fix five data races.
DATA RACE in fuse.(*connection).Call -1 C 65 1304d 1307d 14/26 1304d a5ce865145c7 fuse: Attempt to fix five data races.
DATA RACE in fuse.(*DeviceFD).Release -1 C 404 1304d 1309d 14/26 1304d a5ce865145c7 fuse: Attempt to fix five data races.
DATA RACE in stack.(*PacketBuffer).reset (2) -1 syz 2 1330d 1330d 14/26 1305d 6d15b0ee64f1 Fix packet buffer reference counting in IP fragmentation/reassembly.
panic: runtime error: invalid memory address or nil pointer dereference (8) 2 C 214 1305d 1330d 14/26 1305d 6d15b0ee64f1 Fix packet buffer reference counting in IP fragmentation/reassembly.
panic: Incrementing non-positive count ADDR on stack.PacketBuffer 2 C 9 1316d 1316d 14/26 1305d 6d15b0ee64f1 Fix packet buffer reference counting in IP fragmentation/reassembly.
DATA RACE in mqfs.FilesystemType.GetFilesystem -1 1 1320d 1320d 14/26 1305d d1dadc9c19a1 Remove dentry_cache_limit mount option from mqfs.
gvisor build error (13) -1 201 1311d 1318d 14/26 1311d c18ec0b53cf2 Fix race build error.
panic: runtime error: index out of range [NUM] with length NUM (2) 2 C 21 1311d 1318d 14/26 1311d 5fb527632358 Handle 0 sized writes to /dev/net/tun.
panic: PullUp failed (2) 2 syz 4 1319d 1328d 14/26 1316d 6d15b0ee64f1 Fix packet buffer reference counting in IP fragmentation/reassembly.
DATA RACE in transport.(*connectionedEndpoint).Listen -1 1 1347d 1347d 14/26 1332d 52bee5297caf unix: call Listening under the endpoint lock
DATA RACE in udp.(*endpoint).Connect (2) -1 C 4 1738d 1743d 14/26 1341d 2485a4e2cb4a Make stack.Route safe to access concurrently
kvm: panic: Sentry detected stuck tasks (4) -1 C 627 1358d 1386d 14/26 1358d 4d29819e13a1 pipe: have separate notifiers for readers and writers
panic: Sentry detected stuck tasks (14) 2 20 1367d 1412d 14/26 1366d b2f8b495ad73 cgroup/cpuset: handle the offset argument of write methods properly
DATA RACE in stack.(*PacketBuffer).reset -1 9 1388d 1388d 14/26 1388d bb1ae811f4eb Prevent PacketBuffers from being returned to the pool too early in nic.
panic: runtime error: makeslice: len out of range (4) 2 36 1388d 1392d 14/26 1388d 37792ee1e6e1 Validate ControlMessageHeader.Length
SYZFAIL: tun: can't open /dev/net/tun -1 syz 339 1396d 1649d 14/26 1396d 58017e655399 Handle UMOUNT_NOFOLLOW in VFS2 umount(2).
kvm: no output from test machine (2) -1 C 23 1398d 1475d 14/26 1396d 58017e655399 Handle UMOUNT_NOFOLLOW in VFS2 umount(2).
DATA RACE in cgroupfs.(*cpusData).Generate -1 2 1402d 1406d 14/26 1401d 6078d26588c0 Sychronize access to cpuset controller bitmaps.
DATA RACE in cgroupfs.(*cpusData).Write -1 C 6 1402d 1407d 14/26 1401d 6078d26588c0 Sychronize access to cpuset controller bitmaps.
panic: runtime error: index out of range [NUM] with length NUM 2 C 12 1404d 1406d 14/26 1403d f54a25c1f03e Validate an icmp header before accessing it
panic: interface conversion: kernfs.Inode is nil, not *mqfs.rootInode 2 2 1404d 1407d 14/26 1403d 763d7e6e396d Obtain ref on root dentry in mqfs.GetFilesystem.
panic: runtime error: invalid memory address or nil pointer dereference (7) 2 C 45305 1403d 1432d 14/26 1403d 763d7e6e396d Obtain ref on root dentry in mqfs.GetFilesystem.
panic: kernfs.Dentry.DecRef() called without holding a reference 2 C 87 1403d 1407d 14/26 1403d 763d7e6e396d Obtain ref on root dentry in mqfs.GetFilesystem.
panic: Only permission mask must be set: ADDR 2 C 756 1403d 1407d 14/26 1403d 4d07fc952d6b Do not leak non-permission mode bits in mq_open(2).
gvisor build error (11) -1 386 1474d 1479d 14/26 1431d c2353e4055ac [op] Fix //debian:debian.
FATAL ERROR: waiting on pid X: waiting on pid X in sandbox NAME failed: EOF (3) -1 C 2034 1432d 1525d 14/26 1431d 0bdd79ccd469 kvm: trap mmap syscalls to map new regions to the guest
DATA RACE in safemem.Copy (3) -1 C 3 1437d 1437d 14/26 1431d 1fe0a6691ff5 Prevent PacketData from being modified.
panic: runtime error: slice bounds out of range [:LINE] with capacity 0 2 2 1481d 1482d 14/26 1432d 6d0b40b1d159 [op] Make PacketBuffer Clone() do a deeper copy.
panic: Sentry detected stuck tasks (13) 2 1 1442d 1442d 14/26 1432d 4076153be684 Fix lock ordering violation
Invalid request partialResult in pwritev -1 C 278 1625d 1643d 14/26 1434d 7fac7e32f3a8 Translate syserror when validating partial IO errors
kvm: panic: Watchdog goroutine is stuck (4) -1 18 1463d 1520d 14/26 1434d 14d6cb4436f1 platform/kvm: fix a race condition in vCPU.unlock()
panic: runtime error: slice bounds out of range [40:LINE] 2 3 1488d 1492d 14/26 1434d 6d0b40b1d159 [op] Make PacketBuffer Clone() do a deeper copy.
Invalid request partialResult in sendto (2) -1 C 10 1470d 1545d 14/26 1434d e5fe488b2273 Wake up Writers when tcp socket is shutdown for writes.
kvm: panic: Sentry detected stuck tasks (2) -1 C 66 1442d 1604d 14/26 1434d 1947c873423c Fix deadlock in /proc/[pid]/fd/[num]
panic: Sentry detected stuck tasks (12) 2 2 1443d 1443d 14/26 1443d 51b96514cd93 Limit most file mmaps to the range of an int64.
DATA RACE in msgqueue.(*Queue).pop -1 C 2 1468d 1468d 14/26 1444d d6c99694bcb9 Fix race on msgrcv(MSG_COPY).
panic: Sentry detected stuck tasks (11) 2 C 31 1459d 1586d 14/26 1456d 9149b2cefdb5 unix: avoid taking two endpoint locks
panic: runtime error: makeslice: len out of range (3) 2 C 10 1459d 1459d 14/26 1458d 927ea16dd384 unix: handle a case when a buffer is overflowed
panic: unknown error: SIGBUS at ADDR 2 C 17 1460d 1474d 14/26 1459d dfbcb8903ae8 [syserr] Fix SIGBUS on syserr.FromError
DATA RACE in safemem.Copy (2) -1 C 9 1484d 1484d 14/26 1474d 6d0b40b1d159 [op] Make PacketBuffer Clone() do a deeper copy.
panic: runtime error: slice bounds out of range [2:LINE] 2 1 1501d 1501d 14/26 1474d 6d0b40b1d159 [op] Make PacketBuffer Clone() do a deeper copy.
DATA RACE in buffer.(*buffer).Remove -1 C 2 1484d 1484d 14/26 1474d 6d0b40b1d159 [op] Make PacketBuffer Clone() do a deeper copy.
kvm: no output from test machine -1 1107 1485d 1635d 14/26 1485d 569f605f438d Correctly handle interruptions in blocking msgqueue syscalls.
no output from test machine (9) -1 C 2298 1485d 1640d 14/26 1485d 569f605f438d Correctly handle interruptions in blocking msgqueue syscalls.
panic: unable to find an index for ID: 0 2 C 1497 1498d 1498d 14/26 1498d 3d0a9300050a Don't panic on user-controlled state in semaphore syscalls.
DATA RACE in atomic.CompareAndSwapInt32 (4) -1 syz 4 1511d 1504d 14/26 1500d a89b2f005b71 Use atomics when checking for parent setgid in VFS2 tmpfs file creation.
panic: FIN segments must be the final segment in the write list. 2 2 1517d 1517d 14/26 1513d 1fc7a9eac2f2 Do not queue zero sized segments.
FATAL ERROR: waiting on pid X: waiting on pid X in sandbox NAME failed: EOF (2) -1 C 2532 1526d 2138d 14/26 1526d d703340bc04a runsc: don't kill sandbox, let it stop properly
panic: Incrementing non-positive count ADDR on kernel.ProcessGroup (2) 2 1 1535d 1535d 14/26 1526d 2e6195ffe0ad CreateProcessGroup has to check whether a target process stil exists or not
kvm: panic: Watchdog goroutine is stuck (3) -1 C 48 1541d 1592d 14/26 1539d 3fcbad509300 Fix lock ordering issue when enumerating cgroup tasks.
panic: Watchdog goroutine is stuck (2) 2 1 1553d 1546d 14/26 1540d 3fcbad509300 Fix lock ordering issue when enumerating cgroup tasks.
panic: Incrementing non-positive count ADDR on vfs.Filesystem (2) 2 1 1564d 1564d 14/26 1562d af229f46a149 Fix cgroupfs mount racing with unmount.
panic: PullUp failed 2 C 615 1567d 1569d 14/26 1567d 436148d68a50 Fix panic on consume in a mixed push/consume case
panic: Incrementing non-positive count ADDR on vfs.Filesystem 2 C 2 1585d 1585d 14/26 1567d 78ae3db1a39c Fix cgroup hierarchy registration.
DATA RACE in cgroupfs.FilesystemType.GetFilesystem -1 C 1 1585d 1578d 14/26 1567d 78ae3db1a39c Fix cgroup hierarchy registration.
panic: Sentry detected stuck tasks (10) 2 C 264 1593d 1645d 14/26 1593d b0333d33a206 Optimize safemem.Zero
kvm: panic: Watchdog goroutine is stuck (2) -1 110 1599d 1616d 14/26 1599d f4f6ce337aa8 Don't grab TaskSet mu recursively when reading task state.
panic: Watchdog goroutine is stuck 2 C 1831 1600d 1898d 14/26 1599d f4f6ce337aa8 Don't grab TaskSet mu recursively when reading task state.
panic: makechan: size out of range 2 C 183 1603d 1606d 14/26 1602d dc8f6c691474 Move maxListenBacklog check to sentry
fatal error: unexpected signal during runtime execution -1 syz 272 1670d 2359d 14/26 1602d eb9b8e53a3ef platform/kvm/x86: restore mxcsr when switching from guest to sentry
kvm: panic: Watchdog goroutine is stuck -1 240 1618d 1628d 14/26 1617d 2f3dac78ca9a kvm: prefault a floating point state before restoring it
Invalid request partialResult in write (2) -1 C 11628 1620d 1685d 14/26 1619d 7fac7e32f3a8 Translate syserror when validating partial IO errors
kvm: panic: Sentry detected stuck tasks -1 C 152 1619d 1635d 14/26 1619d 2f3dac78ca9a kvm: prefault a floating point state before restoring it
panic: Sentry detected stuck tasks (9) 2 9 1646d 1646d 14/26 1646d 38c42bbf4ad2 Remove deadlock in raw.endpoint caused by recursive read locking
panic: Sentry detected stuck tasks (8) 2 C 64 1646d 1648d 14/26 1646d f5692f7dcc48 Kernfs should not try to rename a file to itself.
no output from test machine (8) -1 C 15268 1647d 1750d 14/26 1647d acd516cfe292 Add YAMA security module restrictions on ptrace(2).
panic: running on goroutine 582 (task goroutine for kernel.Task ADDR is 400) 2 C 1 1651d 1651d 14/26 1647d 6e000d3424c0 Use async task context for async IO.
panic: unknown error *tcpip.ErrMalformedHeader 2 C 5 1664d 1657d 14/26 1647d c39284f45738 Let sentry understand tcpip.ErrMalformedHeader
panic: Sentry detected stuck tasks (7) 2 syz 2567 1648d 1680d 14/26 1648d c5a4e100085c unix: sendmmsg and recvmsg have to cap a number of message to UIO_MAXIOV
panic: wd changed: "/tmp" -> "(unreachable)/" 2 syz 2534 1660d 1742d 14/26 1660d 97a36d169698 Don't allow to umount the namespace root mount
Invalid request partialResult in sendto -1 C 236 1669d 1672d 14/26 1661d d6d169320cd4 Add ETIMEDOUT to partial result list
FATAL ERROR: executing processes for container: executing command "/syz-fuzzer -executor=/syz-executor -name=vm-1 -arch= -1 4 1668d 1669d 14/26 1661d 120c8e346871 Replace TaskFromContext(ctx).Kernel() with KernelFromContext(ctx)
panic: Incrementing non-positive count ADDR on kernel.ProcessGroup 2 C 12 1678d 1678d 14/26 1661d fe4f4789601d kernel: reparentLocked has to update children maps of old and new parents
panic: Child "." for parent Dentry &{vfsd:{mu:{m:{Mutex:{state:LINE sema:LINE}}} dead:false mounts:LINE impl:ADDR} refs: 2 C 13 1662d 1671d 14/26 1661d 09afd6832689 [vfs] Handle `.` and `..` as last path component names in kernfs Rename.
panic: Start ADDR + offset ADDR overflows? 2 C 19 1686d 1992d 14/26 1661d bf4968e17d7d exec: don't panic if an elf file is malformed
panic: Decrementing non-positive ref count ADDR, owned by vfs.FileDescription 2 C 12 1692d 1687d 14/26 1676d abdff887483f Do not send SCM Rights more than once when message is truncated.
DATA RACE in safemem.Copy -1 C 4 1680d 1680d 14/26 1676d 76da673a0dda Do not modify IGMP packets when verifying checksum
panic: Sentry detected stuck tasks (6) 2 syz 714 1680d 1732d 14/26 1680d e57ebcd37a7b Simplify the pipe implementation.
panic: IPv6 payload too large: NUM, must be <= NUM 2 C 46 1688d 1720d 14/26 1685d ec9e263f213c Correctly return EMSGSIZE when packet is too big in raw socket.
panic: buffer too long by 8 bytes 2 C 12 1700d 1718d 14/26 1696d ce7a4440cae8 Fix panic when parsing SO_TIMESTAMP cmsg
panic: runtime error: invalid memory address or nil pointer dereference (5) 2 syz 62 1697d 1742d 14/26 1696d 2a200811d4c9 fs/fuse: check that a task has a specified file descriptor
panic: invalid pipe flags: must be readable, writable, or both 2 1 1706d 1706d 14/26 1696d 807a080d9574 Add missing error checks for FileDescription.Init.
DATA RACE in stack.(*NIC).DeliverNetworkPacket -1 4 1720d 1729d 14/26 1704d 25ebddbddfbc Fix a data race in packetEPs
panic: runtime error: integer divide by zero 2 C 116 1820d 1846d 14/26 1704d b3ff31d041c9 fix panic when calling SO_ORIGINAL_DST without initializing iptables
panic: error when reading RouterAlert option's data bytes: EOF 2 C 35 1718d 1720d 14/26 1704d c55e5bda4d45 Validate router alert's data length
DATA RACE in raw.(*endpoint).HandlePacket -1 C 5 1717d 1717d 14/26 1704d 981faa2c1229 RLock Endpoint in raw.Endpoint.HandlePacket
panic: header.ScopeForIPv6Address(172.20.20.170): bad address 2 C 48 1725d 1731d 14/26 1704d b15acae9a6e2 Fix error code for connect in raw sockets.
panic: close of nil channel (2) 2 1 1727d 1726d 14/26 1704d f6407de6bafb [syzkaller] Avoid AIOContext from resurrecting after being marked dead.
panic: Unknown syscall 165 error: strconv.ParseInt: parsing "ADDR": invalid syntax 2 C 51 1726d 1731d 14/26 1704d 9c198e5df421 Fix error handling on fusefs mount.
DATA RACE in header.ICMPv6Checksum -1 C 1 1718d 1718d 14/26 1704d 946cb909e62e Don't modify a packet header when it can be used by other endpoints
panic: Unknown syscall 8 error: EOF 2 syz 22 1715d 1721d 14/26 1704d 1ea241e4cc95 Fix seek on /proc/pid/cmdline when task is zombie.
panic: Stack for running G's are skipped while panicking. 2 C 2426 2003d 2257d 14/26 1705d ab7ecdd66d2a watchdog: print panic error message before other messages
panic: Sentry detected stuck tasks (5) 2 syz 83 1732d 1745d 0/26 1732d 79e2364933bb Fix deadlock in UDP handleControlPacket path.
DATA RACE in log.GoogleEmitter.Emit -1 C 34 1744d 1749d 0/26 1743d 9c553f2d4e4b Remove racy stringification of socket fds from /proc/net/*.
panic: runtime error: slice bounds out of range [255:LINE] 2 C 5 1747d 1747d 0/26 1743d 49adf36ed7d3 Fix possible panic due to bad data.
panic: cacheLocked called on a dentry which has already been destroyed: &{{{{0 0}} true 0 ADDR} -1 ADDR 1 ADDR NUM false 2 1 1748d 1748d 0/26 1743d 74bc6e56ccd9 [vfs] kernfs: Do not panic if destroyed dentry is cached.
gvisor boot error: FATAL ERROR: running container: creating container: open /sys/fs/cgroup/devices/ci-gvisor-kvm-proxy-overlay-sandbox-test -1 1 1745d 1745d 0/26 1744d 764504c38fb5 runsc: check whether cgroup exists or not for each controller
panic: Sentry detected stuck tasks (4) 2 C 5 1746d 1746d 0/26 1745d 05d2a26f7a86 Fix possible deadlock in UDP.Write().
panic: Incrementing non-positive count ADDR on tmpfs.inode 2 syz 2 1749d 1749d 0/26 1745d 10ba578c0182 tmpfs: make sure that a dentry will not be destroyed before the open() call
panic: Sentry detected stuck tasks (3) 2 C 180 1746d 1750d 0/26 1746d 267560d159b2 Reset watchdog timer between sendfile() iterations.
panic: runtime error: invalid memory address or nil pointer dereference (4) 2 C 4 1758d 1776d 0/26 1750d 4e389c785779 Check for nil in kernel.FSContext functions.
panic: Decrementing non-positive ref count ADDR, owned by *mm.SpecialMappable 2 56 1751d 1781d 0/26 1750d dcc1b71f1ba4 Fix reference counting on kcov mappings.
panic: Sentry detected stuck tasks (2) 2 C 951 1750d 1791d 0/26 1750d db36d948fa63 TCP Receive window advertisement fixes.
no output from test machine (7) -1 C 184 1750d 1777d 0/26 1750d 34a6e9576a96 loader/elf: validate file offset
panic: runtime error: makeslice: len out of range (2) 2 C 5 1750d 1778d 0/26 1750d cd108432a50e splice: return EINVAL is len is negative
panic: Incrementing non-positive ref count ADDR owned by *mm.SpecialMappable 2 45 1752d 1781d 0/26 1750d dcc1b71f1ba4 Fix reference counting on kcov mappings.
panic: Child "" for parent Dentry &{vfsd:{mu:{Mutex:{state:LINE sema:LINE}} dead:false mounts:LINE impl:ADDR} DentryRefs 2 C 3 1756d 1764d 0/26 1750d 1321f837bd9f [vfs2] Refactor kernfs checkCreateLocked.
panic: unknown error: EOF 2 C 68 1778d 1781d 0/26 1777d c002fc36f9bb sockets: ignore io.EOF from view.ReadAt
no output from test machine (6) -1 syz 1873 1785d 1791d 0/26 1785d 76a09f0cf599 syscalls: Don't leak a file on the error path
no output from test machine (5) -1 C 86414 1791d 1906d 0/26 1791d de85b045d42f kvm/x86: handle a case when interrupts are enabled in the kernel space
panic: Sentry detected stuck tasks 2 C 506 1791d 1811d 0/26 1791d de85b045d42f kvm/x86: handle a case when interrupts are enabled in the kernel space
DATA RACE in tcp.(*endpoint).bindLocked -1 syz 2 1822d 1822d 0/26 1815d 38cdb0579b69 Fix data race in tcp.GetSockOpt.
panic: runtime error: invalid memory address or nil pointer dereference (3) 2 C 20051 1824d 2359d 0/26 1815d b3ff31d041c9 fix panic when calling SO_ORIGINAL_DST without initializing iptables
DATA RACE in transport.(*connectionedEndpoint).Connect.func1 -1 syz 21 1899d 1905d 0/26 1897d 70c45e09cfd1 socket/unix: (*connectionedEndpoint).State() has to take the endpoint lock
panic: Sentry detected 1 stuck task(s): 2 C 6204 1908d 1995d 0/26 1906d 4950ccde75b3 Fix write hang bug found by syzkaller.
DATA RACE in atomic.LoadInt64 -1 1 1913d 1913d 0/26 1911d 7da69fe9719b Fix data race on f.offset.
DATA RACE in fs.(*File).offsetForAppend -1 syz 2 1913d 1913d 0/26 1911d 7da69fe9719b Fix data race on f.offset.
DATA RACE in kernel.(*Task).accountTaskGoroutineEnter -1 syz 2 1936d 1936d 0/26 1934d 8dd1d5b75a95 Don't call kernel.Task.Block() from netstack.SocketOperations.Write().
panic: D0415 01:LINE.ADDR 8857 transport_flipcall.go:LINE] recv [channel @ADDR] Rlerror{Error: 95} 2 1 1963d 1963d 0/26 1946d 2dd6384de89a Fix cleanup around socketpair() failure to copy out FDs.
panic: close of nil channel 2 syz 6 1955d 1960d 0/26 1953d 37f863f62813 tcp: handle listen after shutdown properly
panic: D0414 08:LINE.ADDR NUM transport_flipcall.go:LINE] recv [channel @ADDR] Rlerror{Error: 2} 2 1 1963d 1963d 0/26 1962d 2dd6384de89a Fix cleanup around socketpair() failure to copy out FDs.
panic: D0414 11:LINE.ADDR NUM transport_flipcall.go:LINE] recv [channel @ADDR] Rlerror{Error: 95} 2 1 1963d 1963d 0/26 1962d 2dd6384de89a Fix cleanup around socketpair() failure to copy out FDs.
panic: D0414 14:LINE.ADDR NUM task_exit.go:LINE] [ 98] Transitioning from exit state TaskExitNone to TaskExitInitiate 2 1 1963d 1963d 0/26 1962d 2dd6384de89a Fix cleanup around socketpair() failure to copy out FDs.
panic: D0414 16:LINE.ADDR 5236 transport_flipcall.go:LINE] recv [channel @ADDR] Rlerror{Error: 2} 2 1 1963d 1963d 0/26 1962d 2dd6384de89a Fix cleanup around socketpair() failure to copy out FDs.
panic: D0414 13:LINE.ADDR NUM transport_flipcall.go:LINE] recv [channel @ADDR] Rlerror{Error: 2} 2 1 1963d 1963d 0/26 1962d 2dd6384de89a Fix cleanup around socketpair() failure to copy out FDs.
panic: interface conversion: context.Context is kernel.taskAsyncContext, not *kernel.Task 2 syz 16 1965d 1981d 0/26 1965d c9195349c9ac Replace type assertion with TaskFromContext.
panic: runtime error: makeslice: len out of range 2 syz 49 1967d 1989d 0/26 1967d a10389e783aa splice: cap splice calls to MAX_RW_COUNT
DATA RACE in tcp.(*endpoint).Readiness -1 syz 2 1988d 1987d 0/26 1982d d04adebaab86 Fix data-race in endpoint.Readiness
DATA RACE in netstack.(*SocketOperations).SetSockOpt -1 syz 2 1986d 1986d 0/26 1985d 369cf38bd718 Fix data race in SetSockOpt.
DATA RACE in tcp.(*endpoint).SetSockOpt -1 syz 26 1989d 2009d 0/26 1985d e9e399c25d4f Remove workMu from tcpip.Endpoint.
DATA RACE in udp.(*endpoint).SetSockOptBool -1 syz 2 2003d 1996d 0/26 1987d c15b8515eb4a Fix datarace on TransportEndpointInfo.ID and clean up semantics.
no output from test machine (3) -1 C 11663 1990d 2079d 0/26 1990d b55f0e5d40c1 fdtable: don't try to zap fdtable entry if close is called for non-existing fd
panic: Watchdog goroutine is stuck: 2 12 1991d 1997d 0/26 1991d 1c0535297067 Fix oom_score_adj.
panic: Sentry detected 4 stuck task(s): 2 7 1991d 2002d 0/26 1991d b0f2c3e7646d Fix infinite loop in semaphore.sem.wakeWaiters().
fatal error: out of memory (3) -1 syz 3 1996d 1997d 0/26 1996d 81675b850e27 Fix memory leak in danglingEndpoints.
fatal error: too many address space collisions for -race mode -1 syz 3 1996d 1996d 0/26 1996d 81675b850e27 Fix memory leak in danglingEndpoints.
fatal error: concurrent map iteration and map write (2) -1 syz 1 2007d 2007d 0/26 1998d 62bd3ca8a375 Take write lock when removing xattr
DATA RACE in fsutil.(*InodeSimpleExtendedAttributes).ListXattr -1 1 2007d 2007d 0/26 1998d 62bd3ca8a375 Take write lock when removing xattr
lost connection to test machine (4) -1 1025286 1998d 2170d 0/26 1998d 6b4d36e32532 Hide /dev/net/tun when using hostinet.
DATA RACE in udp.(*endpoint).Connect -1 syz 10 2004d 2010d 0/26 1998d c15b8515eb4a Fix datarace on TransportEndpointInfo.ID and clean up semantics.
DATA RACE in fsutil.(*InodeSimpleExtendedAttributes).RemoveXattr -1 syz 2 2007d 2007d 0/26 1998d 62bd3ca8a375 Take write lock when removing xattr
DATA RACE in tcp.(*endpoint).windowCrossedACKThreshold -1 syz 10 2009d 2010d 0/26 1998d 33101752501f Fix data-race when reading/writing e.amss.
DATA RACE in stack.(*TransportEndpointInfo).AddrNetProto -1 syz 148 2003d 2010d 0/26 1998d c15b8515eb4a Fix datarace on TransportEndpointInfo.ID and clean up semantics.
fatal error: concurrent map read and map write (2) -1 syz 2 2007d 2008d 0/26 1998d 62bd3ca8a375 Take write lock when removing xattr
panic: runtime error: index out of range [1] with length 0 2 C 1518 2003d 2010d 0/26 1998d 43abb24657e7 Fix panic caused by invalid address for Bind in packet sockets.
DATA RACE in netstack.(*SocketOperations).fetchReadView -1 syz 12 2004d 2010d 0/26 1998d 42fb7d349137 socket: take readMu to access readView
DATA RACE in fsutil.(*InodeSimpleExtendedAttributes).GetXattr -1 syz 3 2008d 2008d 0/26 1998d 62bd3ca8a375 Take write lock when removing xattr
DATA RACE in fs.(*UnstableAttr).SetOwner (2) -1 syz 3 2043d 2036d 0/26 2010d 115898e368e4 Prevent DATA RACE in UnstableAttr.
DATA RACE in fs.mayDelete -1 1 2039d 2032d 0/26 2010d fba479b3c786 Fix DATA RACE in fs.MayDelete.
DATA RACE in fs.(*Dirent).IncRef -1 syz 1 2036d 2029d 0/26 2010d 53504e29ca27 Fix mount refcount issue.
panic: Incrementing non-positive ref count (4) 2 C 5 2027d 2029d 0/26 2010d 53504e29ca27 Fix mount refcount issue.
panic: munmap(ADDR, NUM)) failed: function not implemented (3) 2 1 2080d 2073d 0/26 2010d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
panic: munmap(0, ADDR)) failed: function not implemented (3) 2 1 2065d 2058d 0/26 2010d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
panic: wait failed: the process NUM:NUM exited: 1f (err <nil>) (2) 2 17 2063d 2086d 0/26 2010d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
panic: wait failed: the process 9793:LINE exited: 1f (err <nil>) 2 C 1 2081d 2074d 0/26 2010d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
panic: wait failed: the process 4877:LINE exited: 1f (err <nil>) 2 1 2081d 2074d 0/26 2010d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
panic: runtime error: slice bounds out of range [:LINE] with capacity 16 2 syz 42 2062d 2073d 0/26 2010d b3ae8a62cfdf Fix slice bounds out of range panic in parsing socket control message.
panic: wait failed: the process NUM:LINE exited: 1f (err <nil>) (4) 2 2 2073d 2067d 0/26 2010d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
DATA RACE in refs.(*WeakRef).init (2) -1 1 2103d 2096d 0/26 2031d 3db317390b5c Remove epoll entry from map when dropping it.
DATA RACE in refs.(*AtomicRefCount).DecRefWithDestructor -1 1 2050d 2043d 0/26 2031d 3db317390b5c Remove epoll entry from map when dropping it.
panic: interface conversion: refs.RefCounter is *fs.File, not *fs.Dirent 2 3 2045d 2054d 0/26 2031d 3db317390b5c Remove epoll entry from map when dropping it.
Invalid request partialResult in splice (2) -1 syz 134 2040d 2076d 0/26 2037d f263801a74d4 fs/splice: don't report partial errors for special files
fatal error: out of memory (2) -1 1 2053d 2046d 0/26 2037d 4cb55a7a3b09 Prevent arbitrary size allocation when sending UDS messages.
panic: invalid allocation length: 0x0 (3) 2 syz 12 2040d 2040d 0/26 2037d ede8dfab3760 Enforce splice offset limits
DATA RACE in fs.Rename (3) -1 1 2051d 2051d 0/26 2050d f1a5178c589d Fix data race in MountNamespace.resolve.
DATA RACE in tty.(*queue).readableSize -1 syz 2 2052d 2052d 0/26 2050d 80d0f9304484 Fix data race in tty.queue.readableSize.
panic: Incrementing non-positive ref count (3) 2 2 2071d 2081d 0/26 2060d 6410387ff9b4 Cleanup Shm reference handling
panic: munmap(ADDR, 1000)) failed: function not implemented (3) 2 2 2098d 2098d 0/26 2060d 17c18241cdeb platform/syscall: use syscall + int3 to execute a system call in a stub process
DATA RACE in fs.(*UnstableAttr).SetOwner -1 1 2080d 2080d 0/26 2079d bb00438f36eb Make masterInodeOperations.Truncate take a pointer receiver.
DATA RACE in fsutil.(*InodeSimpleAttributes).SetPermissions -1 syz 3 2080d 2080d 0/26 2079d bb00438f36eb Make masterInodeOperations.Truncate take a pointer receiver.
no output from test machine (2) -1 C 6325 2086d 2202d 0/26 2086d 378d6c1f3697 unix: allow to bind unix sockets only to AF_UNIX addresses
DATA RACE in fs.Rename (2) -1 C 433 2337d 2359d 0/26 2093d 89cc8eef9ba6 DATA RACE in fs.(*Dirent).fullName
Invalid request partialResult in sendfile (2) -1 C 1341 2159d 2359d 0/26 2156d db218fdfcf16 Don't report partialResult errors from sendfile
Invalid request partialResult in splice -1 C 206 2159d 2208d 0/26 2159d 7a234f736fe0 splice: try another fallback option only if the previous one isn't supported
lost connection to test machine (3) -1 C 30758 2209d 2359d 0/26 2207d af90e68623c7 netlink: return an error in nlmsgerr
panic: node.Readdir returned offset -ADDR less than input offset ADDR 2 C 26 2276d 2359d 0/26 2207d ab6774cebf5c gvisor/fs: getdents returns 0 if offset is equal to FileMaxOffset
DATA RACE in ramfs.(*dirFileOperations).Readdir -1 syz 1 2408d 2359d 0/26 2208d 09cf3b40a899 Fix data race in InodeSimpleAttributes.Unstable.
no output from test machine -1 C 27191 2209d 2359d 0/26 2209d af90e68623c7 netlink: return an error in nlmsgerr
DATA RACE in kernel.(*Kernel).EmitUnimplementedEvent -1 syz 3 2221d 2222d 0/26 2221d cf2b2d97d512 Initialize kernel.unimplementedSyscallEmitter with a sync.Once.
DATA RACE in atomic.AddInt32 -1 1 2236d 2236d 0/26 2233d 542fbd01a7ed Fix race in FDTable.GetFDs().
panic: Unknown syscall 85 error: link should be resolved via Readlink() 2 syz 64 2244d 2241d 0/26 2241d 6db3f8d54c02 Don't mask errors in createAt loop.
panic: Unknown syscall 2 error: link should be resolved via Readlink() 2 syz 16 2245d 2241d 0/26 2241d 6db3f8d54c02 Don't mask errors in createAt loop.
panic: Unknown syscall 257 error: link should be resolved via Readlink() 2 syz 14 2244d 2249d 0/26 2242d 6db3f8d54c02 Don't mask errors in createAt loop.
panic: Incrementing non-positive ref count (2) 2 C 183 2249d 2256d 0/26 2248d 4f2f44320f9b Simplify (and fix) refcounts in createAt.
DATA RACE in atomic.AddInt64 -1 1 2278d 2271d 0/26 2253d 8ab0848c70fc gvisor/fs: don't update file.offset for sockets, pipes, etc
DATA RACE in fs.(*lockedReader).Read -1 1 2275d 2268d 0/26 2256d 8ab0848c70fc gvisor/fs: don't update file.offset for sockets, pipes, etc
DATA RACE in atomic.StoreInt64 -1 syz 2 2263d 2268d 0/26 2256d 8ab0848c70fc gvisor/fs: don't update file.offset for sockets, pipes, etc
DATA RACE in mm.(*MemoryManager).Brk -1 syz 14 2296d 2312d 0/26 2295d 14f0e7618e28 Ensure all uses of MM.brk occur under MM.mappingMu in MM.Brk().
panic: hashed child "stat\t\xe9\xdc\xdf\x02\x02\x98\xcc\xf3<\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q\nI\xf81U\ro}\xe 2 C 7 2339d 2332d 0/26 2313d 2df64cd6d2c8 createAt should return all errors from FindInode except ENOENT.
DATA RACE in fs.(*Dirent).fullName -1 3 2342d 2359d 0/26 2332d 89cc8eef9ba6 DATA RACE in fs.(*Dirent).fullName
panic: hashed over a positive child "file0" 2 1 2341d 2341d 0/26 2338d 61d8c361c663 Don't release d.mu in checks for child-existence.
DATA RACE in tty.(*lineDiscipline).masterReadiness -1 1 2340d 2340d 0/26 2339d c79e81bd27cd Addresses data race in tty implementation.
DATA RACE in tty.(*queue).WriteFromBlocks -1 syz 7 2340d 2344d 0/26 2339d c79e81bd27cd Addresses data race in tty implementation.
panic: runtime error: index out of range (2) 2 C 7191 2339d 2345d 0/26 2339d 82529becaee6 Fix index out of bounds in tty implementation.
DATA RACE in atomic.CompareAndSwapInt32 (2) -1 syz 2 2341d 2341d 0/26 2339d d14a7de65865 Fix more data races in shm debug messages.
DATA RACE in atomic.CompareAndSwapInt32 -1 C 9 2346d 2359d 0/26 2342d cea1dd7d21b9 Remove racy access to shm fields.
DATA RACE in netlink.(*Socket).SetSockOpt -1 syz 2 2359d 2359d 0/26 2342d 7b33df68450b Fix data race in netlink send buffer size
DATA RACE in dev.(*randomDevice).GetFile -1 1 2347d 2347d 0/26 2342d 645af7cdd8a1 Dev device methods should take pointer receiver.
DATA RACE in fsutil.(*InodeSimpleAttributes).UnstableAttr -1 syz 8 2408d 2410d 0/26 2404d 09cf3b40a899 Fix data race in InodeSimpleAttributes.Unstable.
panic: invalid allocation length: 0x0 (2) 2 C 4 2446d 2447d 0/26 2445d 3b3f02627870 Truncate ar before calling mm.breakCopyOnWriteLocked().
gvisor boot error (3) -1 4 2451d 2452d 0/26 2451d 1775a0e11e56 container.Destroy should clean up container metadata even if other cleanups fail
DATA RACE in shm.(*Registry).findByKey -1 C 47 2557d 2623d 0/26 2452d f93c288dd708 Fix a data race on Shm.key.
gvisor test error (2) -1 2778 2468d 2604d 0/26 2452d 24c1158b9c21 Add "trace signal" option
panic: invalid type: int 2 C 559 2471d 2573d 0/26 2452d 5560615c531b Return an int32 for netlink SO_RCVBUF
panic: ptrace set regs failed: input/output error 2 C 712 2458d 2555d 0/26 2452d 99d595869332 Validate FS_BASE in Task.Clone
Invalid request partialResult in sendfile -1 C 7399 2458d 2611d 0/26 2452d ffcbda0c8bd7 Partial writes should loop in rpcinet.
panic: Decrementing non-positive ref count 2 C 4804 2547d 2625d 0/26 2452d 0e277a39c8b6 Prevent premature destruction of shm segments.
panic: ptrace status unexpected: got 9, wanted stopped (2) 2 syz 78 2458d 2610d 0/26 2452d e7191f058f55 Use TRAP to simplify vsyscall emulation.
panic: invalid allocation length: 0x0 2 C 223 2458d 2625d 0/26 2452d 46603b569c3a Fix panic on creation of zero-len shm segments.
DATA RACE in fs.(*Dirent).getDotAttrs -1 1 2566d 2566d 0/26 2452d 54dd0d0dc5ee Fix data race caused by unlocked call of Dirent.descendantOf.
panic: runtime error: invalid memory address or nil pointer dereference (2) 2 C 4493 2547d 2567d 0/26 2510d beac59b37a8b Fix panic if FIOASYNC callback is registered and triggered without target
gvisor boot error -1 1911 2529d 2606d 0/26 2510d 43e6aff50e23 Don't fail if Root is readonly and is not a mount point
DATA RACE in kernel.(*Task).setKUIDsUncheckedLocked -1 C 15 2560d 2618d 0/26 2510d f8ccfbbed487 Document more task-goroutine-owned fields in kernel.Task.
DATA RACE in fs.(*Dirent).hashChildParentSet -1 syz 8 2562d 2565d 0/26 2510d 8d318aac5532 fs: Hold Dirent.mu when calling Dirent.flush().
DATA RACE in waiter.(*Entry).Prev -1 C 3992 2572d 2624d 0/26 2568d d4939f6dc22e TTY: Fix data race where calls into tty.queue's waiter were not synchronized.
DATA RACE in waiter.(*Entry).Next -1 C 2418 2572d 2624d 0/26 2568d d4939f6dc22e TTY: Fix data race where calls into tty.queue's waiter were not synchronized.
fatal error: concurrent map read and map write -1 66 2577d 2580d 0/26 2568d dbbe9ec91541 Protect PCIDs with a mutex.
DATA RACE in waiter.(*Entry).SetNext -1 C 739 2572d 2624d 0/26 2568d d4939f6dc22e TTY: Fix data race where calls into tty.queue's waiter were not synchronized.
fatal error: concurrent map writes -1 3 2578d 2578d 0/26 2568d dbbe9ec91541 Protect PCIDs with a mutex.
panic: runtime error: index out of range 2 C 35 2584d 2620d 0/26 2568d e97717e29a1b Enforce Unix socket address length limit
DATA RACE in waiter.(*Entry).SetPrev -1 70 2572d 2624d 0/26 2568d d4939f6dc22e TTY: Fix data race where calls into tty.queue's waiter were not synchronized.
DATA RACE in waiter.(*Queue).Notify -1 C 72 2572d 2624d 0/26 2568d d4939f6dc22e TTY: Fix data race where calls into tty.queue's waiter were not synchronized.
DATA RACE in unix.(*connectionlessEndpoint).UnidirectionalConnect -1 C 965 2578d 2609d 0/26 2568d 2a44362c0b99 Fix data race in unix.BoundEndpoint.UnidirectionalConnect.
panic: runtime error: invalid memory address or nil pointer dereference 2 C 20682 2572d 2625d 0/26 2568d f93bd2cbe668 Hold t.mu while calling t.FSContext().
DATA RACE in kernel.(*Task).exitNotifyLocked -1 C 2 2597d 2597d 0/26 2578d c036da5dffdf Hold TaskSet.mu in Task.Parent.
panic: invalid segment range [ADDR, ADDR) 2 C 255 2614d 2625d 0/26 2599d 06920b3d1bb6 Exit tmpfs.fileInodeOperations.Translate early if required.Start >= EOF.
DATA RACE in kernel.(*Task).Clone -1 3 2602d 2614d 0/26 2599d 41aeb680b188 Inherit parent in clone(CLONE_THREAD) under TaskSet.mu.
DATA RACE in fs.(*Watch).Notify -1 syz 2 2615d 2615d 0/26 2613d 34af9a61741f Fix data race on inotify.Watch.mask.
lost connection to test machine (2) -1 C 1814 2614d 2624d 0/26 2613d 52ddb8571c46 Skip overlay on root when its readonly
DATA RACE in fs.Rename -1 C 16 2614d 2623d 0/26 2613d 2821dfe6ce95 Hold d.parent.mu when reading d.name
panic: MountNamespace.FindInode: path is empty 2 C 3443 2613d 2625d 0/26 2613d 062a6f6ec5f4 Handle NUL-only paths in exec
panic: runtime error: slice bounds out of range 2 C 39 2618d 2625d 0/26 2618d 1ceed49ba94c Check for invalid offset when submitting an AIO read/write request.
DATA RACE in proc.forEachMountSource -1 C 24 2619d 2624d 0/26 2618d f93bd2cbe668 Hold t.mu while calling t.FSContext().
DATA RACE in kernel.(*Task).Value -1 1 2622d 2622d 0/26 2618d f93bd2cbe668 Hold t.mu while calling t.FSContext().
DATA RACE in semaphore.(*Set).checkPerms -1 C 21 2619d 2624d 0/26 2619d 6b6852bceb12 Fix semaphore data races
DATA RACE in semaphore.(*Registry).RemoveID -1 C 15 2620d 2624d 0/26 2619d 6b6852bceb12 Fix semaphore data races
DATA RACE in queue.(*Queue).Enqueue -1 C 7 2621d 2624d 0/26 2620d 5f7f78c1d7ee Fix data races in Unix sockets
DATA RACE in unix.(*queueReceiver).RecvQueuedSize -1 C 5 2621d 2624d 0/26 2620d 5f7f78c1d7ee Fix data races in Unix sockets
panic: munmap(ADDR, c6000)) failed: function not implemented 2 1 2624d 2624d 0/26 2620d dc33d71f8cf1 Change SIGCHLD to SIGKILL in ptrace stubs.
DATA RACE in unix.(*streamQueueReceiver).RecvQueuedSize -1 C 3 2622d 2623d 0/26 2620d 5f7f78c1d7ee Fix data races in Unix sockets
DATA RACE in kernel.(*FSContext).SetWorkingDirectory -1 1 2624d 2624d 0/26 2621d 4ac79312b093 Don't read cwd or root without holding mu
DATA RACE in proc.(*mountInfoFile).ReadSeqFileData.func1 -1 1 2624d 2624d 0/26 2621d 1a9917d14d66 MountSource.Root() should return a refernce on the dirent.
DATA RACE in kernel.(*FSContext).SetRootDirectory -1 C 165 2621d 2624d 0/26 2621d 478f0ac0038a Don't read FSContext.root without holding FSContext.mu
panic: munmap(ADDR, 0)) failed: invalid argument 2 C 5 2625d 2625d 0/26 2624d fe3fc44da3ca Handle mremap(old_size=0).