syzbot

 sign-in | mailing list | source | docs
🐞 Open [1471]
Subsystems
🐞 Fixed [6786]
🐞 Invalid [17519]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in tcp_disconnect / tcp_poll (2)

Status: auto-closed as invalid on 2021/11/12 06:31
Subsystems: net
[Documentation on labels]
First crash: 1524d, last: 1524d
Similar bugs (6)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (5) net 6 1 1276d 1276d 0/29 auto-closed as invalid on 2022/07/18 21:08
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (4) net 6 8 1373d 1409d 0/29 auto-closed as invalid on 2022/04/12 08:00
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (6) net 6 1 1170d 1170d 0/29 auto-obsoleted due to no activity on 2022/11/01 19:29
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (7) net 6 2 969d 947d 22/29 fixed on 2023/07/01 16:05
upstream KCSAN: data-race in tcp_disconnect / tcp_poll net 6 2 1815d 1825d 0/29 auto-closed as invalid on 2021/01/25 19:57
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (3) net 6 4 1457d 1485d 0/29 auto-closed as invalid on 2022/01/18 12:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in tcp_disconnect / tcp_poll

write to 0xffff8881328235b8 of 1 bytes by task 9518 on cpu 1:
 tcp_disconnect+0x62c/0xeb0 net/ipv4/tcp.c:2979
 __inet_stream_connect+0x621/0x6e0 net/ipv4/af_inet.c:716
 inet_stream_connect+0x44/0x70 net/ipv4/af_inet.c:728
 __sys_connect_file+0xd3/0xe0 net/socket.c:1896
 io_connect fs/io_uring.c:5191 [inline]
 io_issue_sqe+0x13a8/0x67b0 fs/io_uring.c:6695
 __io_queue_sqe+0x34/0x460 fs/io_uring.c:6960
 io_queue_sqe fs/io_uring.c:7011 [inline]
 io_submit_sqe+0x88b/0x3eb0 fs/io_uring.c:7187
 io_submit_sqes+0x505/0xde0 fs/io_uring.c:7293
 __do_sys_io_uring_enter fs/io_uring.c:9986 [inline]
 __se_sys_io_uring_enter+0x20d/0xb30 fs/io_uring.c:9928
 __x64_sys_io_uring_enter+0x74/0x80 fs/io_uring.c:9928
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff8881328235b8 of 1 bytes by task 9443 on cpu 0:
 tcp_poll+0x100/0x580 net/ipv4/tcp.c:549
 sock_poll+0x23e/0x260 net/socket.c:1302
 vfs_poll include/linux/poll.h:90 [inline]
 __io_arm_poll_handler+0x1af/0x5c0 fs/io_uring.c:5569
 io_arm_poll_handler+0x317/0x480 fs/io_uring.c:5644
 __io_queue_sqe+0xa7/0x460 fs/io_uring.c:6983
 io_queue_sqe fs/io_uring.c:7011 [inline]
 io_submit_sqe+0x88b/0x3eb0 fs/io_uring.c:7187
 io_submit_sqes+0x505/0xde0 fs/io_uring.c:7293
 __do_sys_io_uring_enter fs/io_uring.c:9986 [inline]
 __se_sys_io_uring_enter+0x20d/0xb30 fs/io_uring.c:9928
 __x64_sys_io_uring_enter+0x74/0x80 fs/io_uring.c:9928
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x03 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 9443 Comm: syz-executor.4 Not tainted 5.15.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/10/08 06:21 upstream 4a16df549d23 efe0f24d .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in tcp_disconnect / tcp_poll
* Struck through repros no longer work on HEAD.