syzbot

 sign-in | mailing list | source | docs
🐞 Open [1491]
Subsystems
🐞 Fixed [6678]
🐞 Invalid [17105]
Missing Backports [214]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in __tty_hangup / tty_hung_up_p (13)

Status: moderation: reported on 2025/09/05 11:41
Subsystems: serial
[Documentation on labels]
Reported-by: syzbot+0ddd606c3d58e5663ddd@syzkaller.appspotmail.com
First crash: 48d, last: 48d
Similar bugs (12)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (4) serial 6 3 1612d 1658d 0/29 auto-closed as invalid on 2021/06/30 05:54
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (10) serial 6 3 869d 915d 0/29 auto-obsoleted due to no activity on 2023/07/13 04:28
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (8) serial 6 1 1379d 1379d 0/29 auto-closed as invalid on 2022/02/17 20:31
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (9) serial 6 1 1212d 1212d 0/29 auto-closed as invalid on 2022/08/03 23:21
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (6) serial 6 1 1470d 1470d 0/29 auto-closed as invalid on 2021/11/19 04:32
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p serial 6 4 2133d 2152d 0/29 auto-closed as invalid on 2020/02/29 07:50
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (11) serial 6 2 566d 577d 0/29 auto-obsoleted due to no activity on 2024/05/10 06:45
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (3) serial 6 1 1722d 1722d 0/29 auto-closed as invalid on 2021/03/12 04:16
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (7) serial 6 1 1428d 1428d 0/29 auto-closed as invalid on 2021/12/30 10:24
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (12) serial 6 1 337d 337d 0/29 auto-obsoleted due to no activity on 2025/01/15 07:11
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (5) serial 6 1 1560d 1560d 0/29 auto-closed as invalid on 2021/08/21 03:58
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (2) serial 6 1 1903d 1903d 0/29 auto-closed as invalid on 2020/09/11 06:18

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __tty_hangup / tty_hung_up_p

write to 0xffff888122eb6308 of 8 bytes by task 14256 on cpu 0:
 __tty_hangup+0x1ef/0x540 drivers/tty/tty_io.c:612
 tty_vhangup drivers/tty/tty_io.c:691 [inline]
 tty_ioctl+0x601/0xb80 drivers/tty/tty_io.c:2732
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:598 [inline]
 __se_sys_ioctl+0xcb/0x140 fs/ioctl.c:584
 __x64_sys_ioctl+0x43/0x50 fs/ioctl.c:584
 x64_sys_call+0x1816/0x2ff0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888122eb6308 of 8 bytes by task 14251 on cpu 1:
 tty_hung_up_p+0x20/0x50 drivers/tty/tty_io.c:736
 n_tty_poll+0x393/0x450 drivers/tty/n_tty.c:2463
 tty_poll+0x79/0xf0 drivers/tty/tty_io.c:2199
 vfs_poll include/linux/poll.h:82 [inline]
 __io_arm_poll_handler+0x1ee/0xb70 io_uring/poll.c:581
 io_arm_apoll+0x3d2/0x4f0 io_uring/poll.c:691
 io_arm_poll_handler+0x131/0x160 io_uring/poll.c:720
 io_queue_async+0x25b/0x450 io_uring/io_uring.c:2004
 io_queue_sqe io_uring/io_uring.c:2032 [inline]
 io_submit_sqe io_uring/io_uring.c:2285 [inline]
 io_submit_sqes+0xa4d/0x1060 io_uring/io_uring.c:2398
 __do_sys_io_uring_enter io_uring/io_uring.c:3465 [inline]
 __se_sys_io_uring_enter+0x1c1/0x1b70 io_uring/io_uring.c:3399
 __x64_sys_io_uring_enter+0x78/0x90 io_uring/io_uring.c:3399
 x64_sys_call+0x2de1/0x2ff0 arch/x86/include/generated/asm/syscalls_64.h:427
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xffffffff858a1f90 -> 0xffffffff858a1e80

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 14251 Comm: syz.4.3765 Not tainted syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/09/05 11:40 upstream d69eb204c255 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __tty_hangup / tty_hung_up_p
* Struck through repros no longer work on HEAD.