syzbot

 sign-in | mailing list | source | docs
🐞 Open [1519]
Subsystems
🐞 Fixed [6463]
🐞 Invalid [16363]
Missing Backports [199]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in __tipc_sendstream / tipc_poll (2)

Status: auto-obsoleted due to no activity on 2025/05/25 13:47
Subsystems: tipc
[Documentation on labels]
First crash: 120d, last: 117d
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __tipc_sendstream / tipc_poll tipc 6 4 1273d 1288d 0/29 auto-closed as invalid on 2022/03/05 19:55

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __tipc_sendstream / tipc_poll

read-write to 0xffff8881035d5386 of 2 bytes by task 4005 on cpu 0:
 __tipc_sendstream+0x7c0/0xb10 net/tipc/socket.c:1628
 tipc_sendstream+0x3e/0x60 net/tipc/socket.c:1546
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x140/0x180 net/socket.c:727
 sock_write_iter+0x186/0x1c0 net/socket.c:1131
 new_sync_write fs/read_write.c:591 [inline]
 vfs_write+0x79b/0x950 fs/read_write.c:684
 ksys_write+0xeb/0x1b0 fs/read_write.c:736
 __do_sys_write fs/read_write.c:747 [inline]
 __se_sys_write fs/read_write.c:744 [inline]
 __x64_sys_write+0x42/0x50 fs/read_write.c:744
 x64_sys_call+0x2a45/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:2
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff8881035d5386 of 2 bytes by task 4002 on cpu 1:
 tsk_conn_cong net/tipc/socket.c:222 [inline]
 tipc_poll+0x1f6/0x360 net/tipc/socket.c:806
 sock_poll+0x22d/0x250 net/socket.c:1379
 vfs_poll include/linux/poll.h:82 [inline]
 __io_arm_poll_handler+0x1e5/0xd40 io_uring/poll.c:583
 io_poll_add+0x70/0xf0 io_uring/poll.c:893
 __io_issue_sqe io_uring/io_uring.c:1734 [inline]
 io_issue_sqe+0x15f/0xaf0 io_uring/io_uring.c:1753
 io_queue_sqe io_uring/io_uring.c:1969 [inline]
 io_submit_sqe io_uring/io_uring.c:2225 [inline]
 io_submit_sqes+0x67f/0x1050 io_uring/io_uring.c:2342
 __do_sys_io_uring_enter io_uring/io_uring.c:3402 [inline]
 __se_sys_io_uring_enter+0x1ce/0x1c00 io_uring/io_uring.c:3336
 __x64_sys_io_uring_enter+0x78/0x90 io_uring/io_uring.c:3336
 x64_sys_call+0x26cb/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:427
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0041 -> 0x0082

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 4002 Comm: syz.1.171 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/30 13:40 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __tipc_sendstream / tipc_poll
2025/03/27 12:13 upstream 1e1ba8d23dae 20510e88 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __tipc_sendstream / tipc_poll
* Struck through repros no longer work on HEAD.