syzbot

 sign-in | mailing list | source | docs
🐞 Open [1384]
Subsystems
🐞 Fixed [7025]
🐞 Invalid [18347]
Missing Backports [223]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (9)

Status: moderation: reported on 2026/02/06 13:20
Subsystems: serial
[Documentation on labels]
Reported-by: syzbot+80806cf7508e92c7cc86@syzkaller.appspotmail.com
First crash: 51d, last: 51d
✨ AI Jobs (3)
ID Workflow Result Correct Bug Created Started Finished Revision Error
5da79419-2aba-4ce6-96df-d654f17e587e repro KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (9) 2026/03/06 13:19 2026/03/06 13:19 2026/03/06 13:26 31e9c887f7dc24e04b3ca70d0d54fc34141844b0
98b73c8c-9257-4b80-8aac-da60283c5bce assessment-kcsan Benign: ❌  Confident: ✅  KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (9) 2026/02/24 17:11 2026/02/24 17:11 2026/02/24 17:21 305c0ec5cd886e2d13738e28e1b2df9b0ec20fc9
2a78a448-1af1-46c2-a7b9-2c1911cbd206 assessment-kcsan 💥 KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (9) 2026/02/06 13:19 2026/02/06 13:19 2026/02/06 13:24 97745f52f5b9361548048f53f0b3b51b9313fedf fork/exec ./syz-agent: no such file or directory
Discussions (1)
Title Replies (including bot) Last reply
[PATCH] tty: n_tty: fix KCSAN data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl 5 (5) 2026/03/13 23:16
Similar bugs (8)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl serial 6 1 1287d 1287d 0/29 auto-obsoleted due to no activity on 2022/10/24 16:46
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (8) serial 6 1 192d 192d 0/29 auto-obsoleted due to no activity on 2025/11/13 20:33
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (5) serial 6 11 590d 749d 0/29 auto-obsoleted due to no activity on 2024/09/20 19:47
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (4) serial 6 1 828d 828d 0/29 auto-obsoleted due to no activity on 2024/01/26 04:56
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (2) serial 6 14 1062d 1238d 0/29 auto-obsoleted due to no activity on 2023/06/06 13:18
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (7) serial 6 2 256d 261d 0/29 auto-obsoleted due to no activity on 2025/09/10 16:46
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (3) serial 6 6 953d 1016d 0/29 auto-obsoleted due to no activity on 2023/09/23 08:11
upstream KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl (6) serial 6 13 331d 503d 0/29 auto-obsoleted due to no activity on 2025/06/27 12:49

Sample crash report:
==================================================================
BUG: KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl

read-write to 0xffffc9000729b270 of 8 bytes by task 5323 on cpu 0:
 n_tty_lookahead_flow_ctrl+0x51/0x300 drivers/tty/n_tty.c:1483
 tty_port_default_lookahead_buf+0x91/0xc0 drivers/tty/tty_port.c:59
 lookahead_bufs drivers/tty/tty_buffer.c:428 [inline]
 flush_to_ldisc+0x288/0x340 drivers/tty/tty_buffer.c:498
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0x4cd/0x9d0 kernel/workqueue.c:3340
 worker_thread+0x6bc/0x8b0 kernel/workqueue.c:3421
 kthread+0x488/0x510 kernel/kthread.c:463
 ret_from_fork+0x148/0x280 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

write to 0xffffc9000729b270 of 8 bytes by task 11199 on cpu 1:
 reset_buffer_flags drivers/tty/n_tty.c:322 [inline]
 n_tty_flush_buffer+0xa8/0x1d0 drivers/tty/n_tty.c:350
 tty_ldisc_hangup+0x77/0x480 drivers/tty/tty_ldisc.c:699
 __tty_hangup+0x3c2/0x540 drivers/tty/tty_io.c:621
 tty_vhangup+0x17/0x20 drivers/tty/tty_io.c:691
 pty_close+0x2c5/0x2f0 drivers/tty/pty.c:77
 tty_release+0x1ff/0xb10 drivers/tty/tty_io.c:1745
 __fput+0x29b/0x650 fs/file_table.c:468
 ____fput+0x1c/0x30 fs/file_table.c:496
 task_work_run+0x130/0x1a0 kernel/task_work.c:233
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x466/0x1590 kernel/exit.c:971
 do_group_exit+0xfe/0x140 kernel/exit.c:1112
 get_signal+0xe4f/0xf60 kernel/signal.c:3034
 arch_do_signal_or_restart+0x96/0x450 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
 exit_to_user_mode_loop+0x6a/0x6f0 kernel/entry/common.c:75
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
 do_syscall_64+0x1d3/0x2a0 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000000801 -> 0x0000000000001001

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 11199 Comm: syz.2.1559 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/06 13:19 upstream b7ff7151e653 97745f52 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl
* Struck through repros no longer work on HEAD.