syzbot

 sign-in | mailing list | source | docs
🐞 Open [9]
🐞 Fixed [562]
🐞 Invalid [423]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: WARNING: circular locking detected: kernel.fsContextMutex -> tmpfs.filesystemRWMutex:

Status: fixed on 2025/09/17 13:21
Fix commit: 2c49d9fd3897 kernel: fix circular locking in FSContext.destroy
First crash: 178d, last: 175d

Sample crash report:
panic: WARNING: circular locking detected: kernel.fsContextMutex -> tmpfs.filesystemRWMutex:
	goroutine 42586 [running]:
	gvisor.dev/gvisor/pkg/sync/locking.(*ancestorsAtomicPtrMap).RangeRepeatable(0xc000293a00, 0xc000fa7270)
		bazel-out/k8-fastbuild/bin/pkg/sync/locking/atomicptrmap_ancestors_unsafe.go:440 +0x1e8
	gvisor.dev/gvisor/pkg/sync/locking.checkLock(0xc000293b90, 0xc0002939e0, {0xc0023fc0c0, 0x1, 0x1})
		pkg/sync/locking/lockdep.go:112 +0x48a
	gvisor.dev/gvisor/pkg/sync/locking.checkLock.func1(0xc0002939e0, 0xc000fa73f8?)
		pkg/sync/locking/lockdep.go:115 +0x65
	gvisor.dev/gvisor/pkg/sync/locking.(*ancestorsAtomicPtrMap).RangeRepeatable(0xc0003cce30, 0xc000fa74b0)
		bazel-out/k8-fastbuild/bin/pkg/sync/locking/atomicptrmap_ancestors_unsafe.go:440 +0x1e8
	gvisor.dev/gvisor/pkg/sync/locking.checkLock(0xc000293b90, 0xc0003cce10, {0x0, 0x0, 0x0})
		pkg/sync/locking/lockdep.go:112 +0x48a
	gvisor.dev/gvisor/pkg/sync/locking.AddGLock(0xc000293b90, 0xffffffffffffffff)
		pkg/sync/locking/lockdep.go:144 +0x2ec
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*filesystemRWMutex).Lock(0xc000901c08)
		bazel-out/k8-fastbuild/bin/pkg/sentry/fsimpl/tmpfs/filesystem_mutex.go:31 +0x3c
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*filesystem).Release(0xc000901ba0, {0x2112f90, 0xc00309b908})
		pkg/sentry/fsimpl/tmpfs/tmpfs.go:356 +0x8f
	gvisor.dev/gvisor/pkg/sentry/vfs.(*Filesystem).DecRef.func1()
		pkg/sentry/vfs/filesystem.go:83 +0x102
	gvisor.dev/gvisor/pkg/sentry/vfs.(*FilesystemRefs).DecRef(0xc000901ba0, 0xc000fa7810)
		bazel-out/k8-fastbuild/bin/pkg/sentry/vfs/filesystem_refs.go:133 +0x6d
	gvisor.dev/gvisor/pkg/sentry/vfs.(*Filesystem).DecRef(0xc000901ba0, {0x2112f90, 0xc00309b908})
		pkg/sentry/vfs/filesystem.go:79 +0x94
	gvisor.dev/gvisor/pkg/sentry/vfs.(*VirtualFilesystem).unlockMounts(0xc0000049e0, {0x2112f90, 0xc00309b908})
		pkg/sentry/vfs/vfs.go:1059 +0x23e
	gvisor.dev/gvisor/pkg/sentry/vfs.(*Mount).destroy(0xc000a72790, {0x2112f90, 0xc00309b908})
		pkg/sentry/vfs/mount.go:979 +0x745
	gvisor.dev/gvisor/pkg/sentry/vfs.(*Mount).DecRef(0xc000a72790, {0x2112f90, 0xc00309b908})
		pkg/sentry/vfs/mount.go:943 +0x6d
	gvisor.dev/gvisor/pkg/sentry/vfs.VirtualDentry.DecRef({0xc000a72790?, 0xc001692808?}, {0x2112f90, 0xc00309b908})
		pkg/sentry/vfs/vfs.go:1115 +0x7f
	gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).destroy(0xc00107a580, {0x2112f90, 0xc00309b908})
		pkg/sentry/kernel/fs_context.go:73 +0x153
	gvisor.dev/gvisor/pkg/sentry/kernel.(*runExitMain).execute.(*FSContext).DecRef.func2()
		pkg/sentry/kernel/fs_context.go:87 +0x47
	gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContextRefs).DecRef(0xc00107a580, 0xc000fa7da0)
		bazel-out/k8-fastbuild/bin/pkg/sentry/kernel/fs_context_refs.go:133 +0x6d
	gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).DecRef(...)
		pkg/sentry/kernel/fs_context.go:86
	gvisor.dev/gvisor/pkg/sentry/kernel.(*runExitMain).execute(0xc00309b908?, 0xc00309b908)
		pkg/sentry/kernel/task_exit.go:301 +0x82b
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc00309b908, 0x33ff)
		pkg/sentry/kernel/task_run.go:97 +0x4ca
	created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start in goroutine 42528
		pkg/sentry/kernel/task_start.go:416 +0x15c
	
	known lock chain: tmpfs.filesystemRWMutex -> tmpfs.inodeMutex -> mm.mappingRWMutex -> kernel.fsContextMutex
	
	====== tmpfs.filesystemRWMutex -> tmpfs.inodeMutex =====
	goroutine 1 [running]:
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*inodeMutex).Lock(0xc00027f088)
		bazel-out/k8-fastbuild/bin/pkg/sentry/fsimpl/tmpfs/inode_mutex.go:33 +0x3c
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*inode).touchCMtime(0xc00027f058)
		pkg/sentry/fsimpl/tmpfs/tmpfs.go:854 +0x74
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*filesystem).doCreateAt(0xc00024a820, {0x2113320, 0xc0005e6260}, 0xc000224488, 0x0, 0xc000357ab0)
		pkg/sentry/fsimpl/tmpfs/filesystem.go:219 +0x505
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*filesystem).SymlinkAt(0xc00024a820, {0x2113320, 0xc0005e6260}, 0xc000224488, {0x1eab92a, 0xd})
		pkg/sentry/fsimpl/tmpfs/filesystem.go:795 +0xe5
	gvisor.dev/gvisor/pkg/sentry/vfs.(*VirtualFilesystem).SymlinkAt(0xc0000049e0, {0x2113320, 0xc0005e6260}, 0xc000418300, 0xc000357c98, {0x1eab92a, 0xd})
		pkg/sentry/vfs/vfs.go:695 +0x216
	gvisor.dev/gvisor/pkg/sentry/fsimpl/dev.userspaceInit({0x2113320, 0xc0005e6260}, 0xc0000049e0, 0xc000418300, {0xc0002f8c60?, 0xc00027f008?}, 0x0)
		pkg/sentry/fsimpl/dev/dev.go:164 +0x445
	gvisor.dev/gvisor/pkg/sentry/fsimpl/dev.FilesystemType.GetFilesystem({}, {0x2113320, 0xc0005e6260}, 0xc0000049e0, 0xc000418300, {0x0, 0x0}, {0x1, {0x0, 0x0}, ...})
		pkg/sentry/fsimpl/dev/dev.go:60 +0x33d
	gvisor.dev/gvisor/pkg/sentry/vfs.(*VirtualFilesystem).NewFilesystem(0xc0000049e0, {0x2113320, 0xc0005e6260}, 0xc000418300, {0x0, 0x0}, {0x1ea1990, 0x3}, 0xc0002dfac0)
		pkg/sentry/vfs/mount.go:252 +0x18d
	gvisor.dev/gvisor/pkg/sentry/vfs.(*VirtualFilesystem).MountDisconnected(0xc0000049e0, {0x2113320, 0xc0005e6260}, 0xc000418300, {0x0, 0x0}, {0x1ea1990, 0x3}, 0xc0002dfac0)
		pkg/sentry/vfs/mount.go:271 +0xa5
	gvisor.dev/gvisor/runsc/boot.(*containerMounter).mountSubmount(0xc00087c4e0, {0x2113320, 0xc0005e6260}, 0xc000458000, 0xc0002c5c08, 0xc00067bef0, 0xc000418300, 0xc00021e038)
		runsc/boot/vfs.go:872 +0x97b
	gvisor.dev/gvisor/runsc/boot.(*containerMounter).mountSubmounts(0xc00087c4e0, {0x2113320, 0xc0005e6260}, 0xc000458000, 0xc0002c5c08, 0xc00067bef0, 0xc000418300)
		runsc/boot/vfs.go:750 +0x9b3
	gvisor.dev/gvisor/runsc/boot.(*containerMounter).mountAll(0xc00087c4e0, {0x2113320, 0xc0005e6260}, 0xc000418300, 0xc000458000, 0xc0002c5c08, 0xc00087c5b0)
		runsc/boot/vfs.go:473 +0x525
	gvisor.dev/gvisor/runsc/boot.setupContainerVFS({0x2113320, 0xc0005e6000}, 0xc000362018, 0xc00087c4e0, 0xc000362048)
		runsc/boot/vfs.go:174 +0x48a
	gvisor.dev/gvisor/runsc/boot.(*Loader).createContainerProcess(0xc000362008, 0xc000362018)
		runsc/boot/loader.go:1248 +0xaf0
	gvisor.dev/gvisor/runsc/boot.(*Loader).run(0xc000362008)
		runsc/boot/loader.go:1003 +0x332
	gvisor.dev/gvisor/runsc/boot.(*Loader).Run(0xc000362008)
		runsc/boot/loader.go:952 +0x2f
	gvisor.dev/gvisor/runsc/cmd.(*Boot).Execute(0xc0002f2a80, {0xc00003e338?, 0x12?}, 0xc000278000, {0xc00045a040, 0x2, 0xc0003fddb7?})
		runsc/cmd/boot.go:585 +0x3835
	github.com/google/subcommands.(*Commander).Execute(0xc000234000, {0x2101e30, 0x3d2bd20}, {0xc00045a040, 0x2, 0x2})
		external/com_github_google_subcommands/subcommands.go:200 +0x676
	github.com/google/subcommands.Execute(...)
		external/com_github_google_subcommands/subcommands.go:481
	gvisor.dev/gvisor/runsc/cli.Main()
		runsc/cli/main.go:229 +0x249f
	main.main()
		runsc/main.go:31 +0x1d
	
	====== tmpfs.inodeMutex -> mm.mappingRWMutex =====
	goroutine 2728 [running]:
	gvisor.dev/gvisor/pkg/sentry/mm.(*mappingRWMutex).RLock(0xc00168605c)
		bazel-out/k8-fastbuild/bin/pkg/sentry/mm/mapping_mutex.go:59 +0x3c
	gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).withInternalMappings(0xc001686008, {0x2112f90, 0xc0008f4588}, {0x48866c?, 0x48a315?}, {0x98?, 0xc1?, 0xd2?}, 0x0, 0xc000769018)
		pkg/sentry/mm/io.go:545 +0xf4
	gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).withVecInternalMappings(0xc001686008, {0x2112f90, 0xc0008f4588}, {0x0?, 0xc0026622b8?, 0xc000686fc8?, 0x47b379?}, {0x1, 0x0, 0x0}, ...)
		pkg/sentry/mm/io.go:607 +0x6db
	gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).CopyInTo(0xc001686008, {0x2112f90, 0xc0008f4588}, {0x0?, 0xc00385482f?, 0xc0006870b0?, 0x41465d?}, {0x20ec240, 0xc0026622b8}, {0x0, ...})
		pkg/sentry/mm/io.go:325 +0x23a
	gvisor.dev/gvisor/pkg/usermem.IOSequence.CopyInTo(...)
		pkg/usermem/usermem.go:516
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*regularFileFD).pwrite(0xc00086d580, {0x2112f90, 0xc0008f4588}, {{0x2108718, 0xc001686008}, {0x0, 0x1, 0x0, 0x33}, {0x0, ...}}, ...)
		pkg/sentry/fsimpl/tmpfs/regular_file.go:573 +0x8eb
	gvisor.dev/gvisor/pkg/sentry/fsimpl/tmpfs.(*regularFileFD).Write(0xc00086d580, {0x2112f90, 0xc0008f4588}, {{0x2108718, 0xc001686008}, {0x0, 0x1, 0x0, 0x33}, {0x0, ...}}, ...)
		pkg/sentry/fsimpl/tmpfs/regular_file.go:590 +0x112
	gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).Write(0xc00086d580, {0x2112f90, 0xc0008f4588}, {{0x2108718, 0xc001686008}, {0x0, 0x1, 0x0, 0x33}, {0x0, ...}}, ...)
		pkg/sentry/vfs/file_description.go:684 +0x113
	gvisor.dev/gvisor/pkg/sentry/syscalls/linux.write(0xc0008f4588, 0xc00086d580, {{0x2108718, 0xc001686008}, {0x0, 0x1, 0x0, 0x33}, {0x0, 0x1}}, ...)
		pkg/sentry/syscalls/linux/sys_read_write.go:347 +0x91
	gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Write(0xc0008f4588, 0xc0020b90d0?, {{0x89}, {0x0}, {0x33}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/syscalls/linux/sys_read_write.go:316 +0x2b2
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc0008f4588, 0x1, {{0x89}, {0x0}, {0x33}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/kernel/task_syscall.go:143 +0x94c
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc0008f4588, 0x1, {{0x89}, {0x0}, {0x33}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/kernel/task_syscall.go:323 +0x72
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0xc0008f4588, 0x1, {{0x89}, {0x0}, {0x33}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/kernel/task_syscall.go:283 +0x94
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc0008f4588)
		pkg/sentry/kernel/task_syscall.go:258 +0x490
	gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute(0xc0008f4588?, 0xc0008f4588)
		pkg/sentry/kernel/task_run.go:269 +0x1ec9
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc0008f4588, 0x319)
		pkg/sentry/kernel/task_run.go:97 +0x4ca
	created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start in goroutine 2619
		pkg/sentry/kernel/task_start.go:416 +0x15c
	
	====== mm.mappingRWMutex -> kernel.fsContextMutex =====
	goroutine 2346 [running]:
	gvisor.dev/gvisor/pkg/sentry/kernel.(*fsContextMutex).Lock(0xc001ff09c8)
		bazel-out/k8-fastbuild/bin/pkg/sentry/kernel/fs_context_mutex.go:33 +0x3c
	gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).RootDirectory(0xc001ff09c0)
		pkg/sentry/kernel/fs_context.go:150 +0x4a
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).contextValue(0xc000bfd908, {0x1c123e0, 0x20e1978}, 0x1)
		pkg/sentry/kernel/task_context.go:99 +0x5d8
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Value(0xc000bfd908, {0x1c123e0, 0x20e1978})
		pkg/sentry/kernel/task_context.go:61 +0x4a
	gvisor.dev/gvisor/pkg/sentry/vfs.RootFromContext(...)
		pkg/sentry/vfs/context.go:88
	gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).MappedName(0xc0007ca100, {0x2112f90, 0xc000bfd908})
		pkg/sentry/vfs/file_description.go:818 +0x77
	gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).appendVMAMapsEntryLocked(0xc000b3c05c?, {0x2112f90, 0xc000bfd908}, {0xc00099cd08?, 0xc000d98f90?}, 0xc000d99048)
		pkg/sentry/mm/procfs.go:129 +0x2a2
	gvisor.dev/gvisor/pkg/sentry/mm.(*MemoryManager).ReadMapsDataInto(0xc000b3c008, {0x2112f90, 0xc000bfd908}, 0xc000d99048)
		pkg/sentry/mm/procfs.go:85 +0x185
	gvisor.dev/gvisor/pkg/sentry/fsimpl/proc.(*mapsData).Generate(0xc00228ca88, {0x2112f90, 0xc000bfd908}, 0xc000ad8100)
		pkg/sentry/fsimpl/proc/task_files.go:651 +0xa9
	gvisor.dev/gvisor/pkg/sentry/vfs.(*DynamicBytesFileDescriptionImpl).preadLocked(0xc000ad80e0, {0x2112f90, 0xc000bfd908}, {{0x2108718, 0xc000b3c008}, {0x0, 0x1, 0x200000000080, 0xab}, {0x0, ...}}, ...)
		pkg/sentry/vfs/file_description_impl_util.go:310 +0x18b
	gvisor.dev/gvisor/pkg/sentry/vfs.(*DynamicBytesFileDescriptionImpl).Read(0xc000ad80e0, {0x2112f90, 0xc000bfd908}, {{0x2108718, 0xc000b3c008}, {0x0, 0x1, 0x200000000080, 0xab}, {0x0, ...}}, ...)
		pkg/sentry/vfs/file_description_impl_util.go:337 +0x117
	gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs.(*DynamicBytesFD).Read(0xc000ad80e0, {0x2112f90, 0xc000bfd908}, {{0x2108718, 0xc000b3c008}, {0x0, 0x1, 0x200000000080, 0xab}, {0x0, ...}}, ...)
		pkg/sentry/fsimpl/kernfs/dynamic_bytes_file.go:128 +0x91
	gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).Read(0xc000ad8140, {0x2112f90, 0xc000bfd908}, {{0x2108718, 0xc000b3c008}, {0x0, 0x1, 0x200000000080, 0xab}, {0x0, ...}}, ...)
		pkg/sentry/vfs/file_description.go:653 +0x14f
	gvisor.dev/gvisor/pkg/sentry/syscalls/linux.read(0xc000bfd908, 0xc000ad8140, {{0x2108718, 0xc000b3c008}, {0x0, 0x1, 0x200000000080, 0xab}, {0x0, 0x1}}, ...)
		pkg/sentry/syscalls/linux/sys_read_write.go:93 +0x91
	gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Read(0xc000bfd908, 0xc00170c570?, {{0x4}, {0x200000000080}, {0xab}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/syscalls/linux/sys_read_write.go:62 +0x2b2
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc000bfd908, 0x0, {{0x4}, {0x200000000080}, {0xab}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/kernel/task_syscall.go:143 +0x94c
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc000bfd908, 0x0, {{0x4}, {0x200000000080}, {0xab}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/kernel/task_syscall.go:323 +0x72
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0xc000bfd908, 0x0, {{0x4}, {0x200000000080}, {0xab}, {0x0}, {0x0}, {0x0}})
		pkg/sentry/kernel/task_syscall.go:283 +0x94
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc000bfd908)
		pkg/sentry/kernel/task_syscall.go:258 +0x490
	gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute(0xc000bfd908?, 0xc000bfd908)
		pkg/sentry/kernel/task_run.go:269 +0x1ec9
	gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc000bfd908, 0x2bb)
		pkg/sentry/kernel/task_run.go:97 +0x4ca
	created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start in goroutine 2318
		pkg/sentry/kernel/task_start.go:416 +0x15c

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/09/15 12:17 gvisor 57697a8f6350 e2beed91 .config console log report info ci-gvisor-ptrace-3-race panic: WARNING: circular locking detected: kernel.fsContextMutex -> tmpfs.filesystemRWMutex:
2025/09/15 03:57 gvisor 57697a8f6350 e2beed91 .config console log report info ci-gvisor-ptrace-3-race panic: WARNING: circular locking detected: kernel.fsContextMutex -> tmpfs.filesystemRWMutex:
2025/09/12 03:54 gvisor 57697a8f6350 e2beed91 .config console log report info ci-gvisor-ptrace-3-race-cover panic: WARNING: circular locking detected: kernel.fsContextMutex -> tmpfs.filesystemRWMutex:
2025/09/12 02:05 gvisor 57697a8f6350 e2beed91 .config console log report info ci-gvisor-ptrace-3-race panic: WARNING: circular locking detected: kernel.fsContextMutex -> tmpfs.filesystemRWMutex:
* Struck through repros no longer work on HEAD.