syzbot

 sign-in | mailing list | source | docs
🐞 Open [1651]
Subsystems
🐞 Fixed [6000]
🐞 Invalid [14793]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in tcp_disconnect / tcp_poll (2)

Status: auto-closed as invalid on 2021/11/12 06:31
Subsystems: net
[Documentation on labels]
First crash: 1207d, last: 1207d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (5) net 1 959d 959d 0/28 auto-closed as invalid on 2022/07/18 21:08
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (4) net 8 1056d 1092d 0/28 auto-closed as invalid on 2022/04/12 08:00
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (6) net 1 853d 853d 0/28 auto-obsoleted due to no activity on 2022/11/01 19:29
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (7) net 2 652d 630d 22/28 fixed on 2023/07/01 16:05
upstream KCSAN: data-race in tcp_disconnect / tcp_poll net 2 1498d 1508d 0/28 auto-closed as invalid on 2021/01/25 19:57
upstream KCSAN: data-race in tcp_disconnect / tcp_poll (3) net 4 1140d 1168d 0/28 auto-closed as invalid on 2022/01/18 12:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in tcp_disconnect / tcp_poll

write to 0xffff8881328235b8 of 1 bytes by task 9518 on cpu 1:
 tcp_disconnect+0x62c/0xeb0 net/ipv4/tcp.c:2979
 __inet_stream_connect+0x621/0x6e0 net/ipv4/af_inet.c:716
 inet_stream_connect+0x44/0x70 net/ipv4/af_inet.c:728
 __sys_connect_file+0xd3/0xe0 net/socket.c:1896
 io_connect fs/io_uring.c:5191 [inline]
 io_issue_sqe+0x13a8/0x67b0 fs/io_uring.c:6695
 __io_queue_sqe+0x34/0x460 fs/io_uring.c:6960
 io_queue_sqe fs/io_uring.c:7011 [inline]
 io_submit_sqe+0x88b/0x3eb0 fs/io_uring.c:7187
 io_submit_sqes+0x505/0xde0 fs/io_uring.c:7293
 __do_sys_io_uring_enter fs/io_uring.c:9986 [inline]
 __se_sys_io_uring_enter+0x20d/0xb30 fs/io_uring.c:9928
 __x64_sys_io_uring_enter+0x74/0x80 fs/io_uring.c:9928
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff8881328235b8 of 1 bytes by task 9443 on cpu 0:
 tcp_poll+0x100/0x580 net/ipv4/tcp.c:549
 sock_poll+0x23e/0x260 net/socket.c:1302
 vfs_poll include/linux/poll.h:90 [inline]
 __io_arm_poll_handler+0x1af/0x5c0 fs/io_uring.c:5569
 io_arm_poll_handler+0x317/0x480 fs/io_uring.c:5644
 __io_queue_sqe+0xa7/0x460 fs/io_uring.c:6983
 io_queue_sqe fs/io_uring.c:7011 [inline]
 io_submit_sqe+0x88b/0x3eb0 fs/io_uring.c:7187
 io_submit_sqes+0x505/0xde0 fs/io_uring.c:7293
 __do_sys_io_uring_enter fs/io_uring.c:9986 [inline]
 __se_sys_io_uring_enter+0x20d/0xb30 fs/io_uring.c:9928
 __x64_sys_io_uring_enter+0x74/0x80 fs/io_uring.c:9928
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x03 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 9443 Comm: syz-executor.4 Not tainted 5.15.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/10/08 06:21 upstream 4a16df549d23 efe0f24d .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in tcp_disconnect / tcp_poll
* Struck through repros no longer work on HEAD.