syzbot

 sign-in | mailing list | source | docs
🐞 Open [1586]
Subsystems
🐞 Fixed [6358]
🐞 Invalid [16220]
Missing Backports [194]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in fifo_open / pipe_poll

Status: moderation: reported on 2025/06/10 20:31
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+fc3a5d813a8b4da5b920@syzkaller.appspotmail.com
First crash: 27d, last: 27d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in fifo_open / pipe_poll

read-write to 0xffff88811abdcdf4 of 4 bytes by task 8841 on cpu 1:
 fifo_open+0x2ae/0x5d0 fs/pipe.c:1209
 do_dentry_open+0x649/0xa20 fs/open.c:964
 vfs_open+0x37/0x1e0 fs/open.c:1094
 do_open fs/namei.c:3887 [inline]
 path_openat+0x1c5e/0x2170 fs/namei.c:4046
 do_filp_open+0x109/0x230 fs/namei.c:4073
 do_sys_openat2+0xa6/0x110 fs/open.c:1437
 do_sys_open fs/open.c:1452 [inline]
 __do_sys_openat fs/open.c:1468 [inline]
 __se_sys_openat fs/open.c:1463 [inline]
 __x64_sys_openat+0xf2/0x120 fs/open.c:1463
 x64_sys_call+0x1af/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff88811abdcdf4 of 4 bytes by task 8836 on cpu 0:
 pipe_poll+0x1a8/0x250 fs/pipe.c:689
 vfs_poll include/linux/poll.h:82 [inline]
 __io_arm_poll_handler+0x1eb/0xb70 io_uring/poll.c:583
 io_poll_add+0x69/0xe0 io_uring/poll.c:893
 __io_issue_sqe+0xfb/0x2e0 io_uring/io_uring.c:1735
 io_issue_sqe+0x53/0x970 io_uring/io_uring.c:1758
 io_queue_sqe io_uring/io_uring.c:1965 [inline]
 io_submit_sqe io_uring/io_uring.c:2221 [inline]
 io_submit_sqes+0x667/0xfd0 io_uring/io_uring.c:2334
 __do_sys_io_uring_enter io_uring/io_uring.c:3401 [inline]
 __se_sys_io_uring_enter+0x1c1/0x1b70 io_uring/io_uring.c:3335
 __x64_sys_io_uring_enter+0x78/0x90 io_uring/io_uring.c:3335
 x64_sys_call+0x28c8/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:427
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000001 -> 0x00000002

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 8836 Comm: syz.4.1526 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/10 20:30 upstream f09079bd04a9 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in fifo_open / pipe_poll
* Struck through repros no longer work on HEAD.