syzbot

 sign-in | mailing list | source | docs
🐞 Open [1621]
Subsystems
🐞 Fixed [6267]
🐞 Invalid [15911]
Missing Backports [186]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in __tty_hangup / tty_hung_up_p (11)

Status: auto-obsoleted due to no activity on 2024/05/10 06:45
Subsystems: serial
[Documentation on labels]
Reported-by: syzbot+20a8e5e71029bb3835cc@syzkaller.appspotmail.com
First crash: 435d, last: 425d
Similar bugs (11)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (4) serial 3 1470d 1516d 0/28 auto-closed as invalid on 2021/06/30 05:54
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (10) serial 3 727d 773d 0/28 auto-obsoleted due to no activity on 2023/07/13 04:28
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (8) serial 1 1237d 1237d 0/28 auto-closed as invalid on 2022/02/17 20:31
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (9) serial 1 1070d 1070d 0/28 auto-closed as invalid on 2022/08/03 23:21
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (6) serial 1 1328d 1328d 0/28 auto-closed as invalid on 2021/11/19 04:32
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p serial 4 1992d 2011d 0/28 auto-closed as invalid on 2020/02/29 07:50
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (3) serial 1 1580d 1580d 0/28 auto-closed as invalid on 2021/03/12 04:16
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (7) serial 1 1287d 1287d 0/28 auto-closed as invalid on 2021/12/30 10:24
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (12) serial 1 196d 196d 0/28 auto-obsoleted due to no activity on 2025/01/15 07:11
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (5) serial 1 1418d 1418d 0/28 auto-closed as invalid on 2021/08/21 03:58
upstream KCSAN: data-race in __tty_hangup / tty_hung_up_p (2) serial 1 1762d 1762d 0/28 auto-closed as invalid on 2020/09/11 06:18

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __tty_hangup / tty_hung_up_p

write to 0xffff88811de4f7b0 of 8 bytes by task 23684 on cpu 1:
 __tty_hangup+0x1e8/0x540 drivers/tty/tty_io.c:621
 tty_vhangup+0x17/0x20 drivers/tty/tty_io.c:700
 pty_close+0x262/0x280 drivers/tty/pty.c:79
 tty_release+0x20c/0x940 drivers/tty/tty_io.c:1760
 __fput+0x2c1/0x660 fs/file_table.c:422
 __fput_sync+0x44/0x60 fs/file_table.c:507
 __do_sys_close fs/open.c:1556 [inline]
 __se_sys_close+0x101/0x1b0 fs/open.c:1541
 __x64_sys_close+0x1f/0x30 fs/open.c:1541
 do_syscall_64+0xd3/0x1d0
 entry_SYSCALL_64_after_hwframe+0x72/0x7a

read to 0xffff88811de4f7b0 of 8 bytes by task 23685 on cpu 0:
 tty_hung_up_p+0x23/0x50 drivers/tty/tty_io.c:745
 n_tty_poll+0x3d7/0x490 drivers/tty/n_tty.c:2465
 tty_poll+0x7e/0x100 drivers/tty/tty_io.c:2214
 vfs_poll include/linux/poll.h:84 [inline]
 __io_arm_poll_handler+0x229/0xf30 io_uring/poll.c:622
 io_arm_poll_handler+0x3e6/0x590 io_uring/poll.c:758
 io_queue_async+0x89/0x310 io_uring/io_uring.c:2084
 io_queue_sqe io_uring/io_uring.c:2113 [inline]
 io_req_task_submit+0xff/0x110 io_uring/io_uring.c:1510
 io_handle_tw_list+0x1ef/0x240 io_uring/io_uring.c:1198
 tctx_task_work_run+0x6c/0x1b0 io_uring/io_uring.c:1270
 tctx_task_work+0x40/0x80 io_uring/io_uring.c:1288
 task_work_run+0x13a/0x1a0 kernel/task_work.c:180
 get_signal+0xeee/0x1080 kernel/signal.c:2683
 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x59/0x130 kernel/entry/common.c:218
 do_syscall_64+0xe2/0x1d0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x72/0x7a

value changed: 0xffffffff85299b28 -> 0xffffffff852999c0

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 23685 Comm: syz-executor.3 Tainted: G        W          6.9.0-rc2-syzkaller-00193-gc88b9b4cde17 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/05 06:44 upstream c88b9b4cde17 0ee3535e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __tty_hangup / tty_hung_up_p
2024/03/26 05:31 upstream 928a87efa423 bcd9b39f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __tty_hangup / tty_hung_up_p
* Struck through repros no longer work on HEAD.