syzbot

 sign-in | mailing list | source | docs
🐞 Open [13]
🐞 Fixed [525]
🐞 Invalid [406]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

DATA RACE in kernel.(*Task).Unshare

Status: fixed on 2025/08/28 18:30
Fix commit: 1941bc68e20d Fix race between unshare(2) and execve(2).
First crash: 8d20h, last: 7d19h
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/08/24 02:04 shailend@google.com git://github.com/google/gvisor.git 15c6e778f9c3 pending

Sample crash report:
WARNING: DATA RACE
Write at 0x00c00277b658 by goroutine 808:
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Unshare()
      pkg/sentry/kernel/task_clone.go:705 +0x12f9
  gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Unshare()
      pkg/sentry/syscalls/linux/sys_thread.go:453 +0x4e
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall()
      pkg/sentry/kernel/task_syscall.go:143 +0x94b
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke()
      pkg/sentry/kernel/task_syscall.go:323 +0x71
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter()
      pkg/sentry/kernel/task_syscall.go:283 +0x93
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall()
      pkg/sentry/kernel/task_syscall.go:258 +0x48f
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute()
      pkg/sentry/kernel/task_run.go:269 +0x1ec8
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:97 +0x4c9
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.gowrap1()
      pkg/sentry/kernel/task_start.go:416 +0x44

Previous read at 0x00c00277b658 by goroutine 826:
  gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).checkAndPreventSharingOutsideTG.func1()
      pkg/sentry/kernel/fs_context.go:205 +0x44
  gvisor.dev/gvisor/pkg/sentry/kernel.(*ThreadGroup).ForEachTask()
      pkg/sentry/kernel/threads.go:520 +0x10c
  gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).checkAndPreventSharingOutsideTG()
      pkg/sentry/kernel/fs_context.go:204 +0x124
  gvisor.dev/gvisor/pkg/sentry/kernel.(*runExecveAfterExecveCredsLock).execute()
      pkg/sentry/kernel/task_exec.go:155 +0x3c4
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run()
      pkg/sentry/kernel/task_run.go:97 +0x4c9
  gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.gowrap1()
      pkg/sentry/kernel/task_start.go:416 +0x44

Crashes (6):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/22 16:25 gvisor bb664f219b9c bf27483f .config console log report syz / log C ci-gvisor-ptrace-1-race DATA RACE in kernel.(*Task).Unshare
2025/08/22 16:00 gvisor bb664f219b9c bf27483f .config console log report syz / log C ci-gvisor-ptrace-3-race DATA RACE in kernel.(*Task).Unshare
2025/08/22 17:33 gvisor bb664f219b9c bf27483f .config console log report syz / log C ci-gvisor-arm64-systrap-1-race DATA RACE in kernel.(*Task).Unshare
2025/08/23 17:01 gvisor bb664f219b9c bf27483f .config console log report syz / log ci-gvisor-systrap-1-race DATA RACE in kernel.(*Task).Unshare
2025/08/22 16:21 gvisor bb664f219b9c bf27483f .config console log report syz / log ci-gvisor-ptrace-2-race DATA RACE in kernel.(*Task).Unshare
2025/08/22 17:03 gvisor bb664f219b9c bf27483f .config console log report syz / log ci-gvisor-arm64-ptrace-1-race DATA RACE in kernel.(*Task).Unshare
* Struck through repros no longer work on HEAD.