KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
dea8cfef-67d7-408c-a8f4-2f8ff3e26315	assessment-security	DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌	❓	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (5)	2026/06/21 00:03	2026/06/21 00:03	2026/06/21 00:42	43bfcdb07c3552e4664e1029672054ac0924d543
6e812a03-7787-4bc2-b090-84c9ac635457	assessment-kcsan	Benign: ✅	❓	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (5)	2026/06/19 10:59	2026/06/19 10:59	2026/06/19 11:26	d7ffd47b8f76bd5cf05ca432102140d6c277a065

Kernel	Title	Rank 🛈	Count	Last	Reported	Patched	Status
upstream	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char serial	6	1	1388d	1388d	0/29	auto-closed as invalid on 2022/10/07 05:26
upstream	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (2) serial	6	1	840d	840d	0/29	auto-obsoleted due to no activity on 2024/04/07 12:21
upstream	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (4) serial	6	1	394d	394d	0/29	auto-obsoleted due to no activity on 2025/07/18 01:45
upstream	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (3) serial	6	2	781d	794d	0/29	auto-obsoleted due to no activity on 2024/06/05 18:36

Kernel

Title

Rank 🛈

upstream

KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char serial

1388d

0/29

auto-closed as invalid on 2022/10/07 05:26

upstream

KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (2) serial

840d

0/29

auto-obsoleted due to no activity on 2024/04/07 12:21

upstream

KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (4) serial

394d

0/29

auto-obsoleted due to no activity on 2025/07/18 01:45

upstream

KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char (3) serial

781d

794d

0/29

auto-obsoleted due to no activity on 2024/06/05 18:36

================================================================== BUG: KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char write to 0xffff888119de8195 of 1 bytes by task 11602 on cpu 0: n_tty_ioctl_helper+0x2c2/0x370 drivers/tty/tty_ioctl.c:950 n_tty_ioctl+0x101/0x200 drivers/tty/n_tty.c:2496 tty_ioctl+0x83e/0xb80 drivers/tty/tty_io.c:2801 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:597 [inline] __se_sys_ioctl+0xce/0x140 fs/ioctl.c:583 __x64_sys_ioctl+0x43/0x50 fs/ioctl.c:583 x64_sys_call+0x1563/0x3020 arch/x86/include/generated/asm/syscalls_64.h:17 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x136/0x3c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffff888119de8195 of 1 bytes by task 36 on cpu 1: n_tty_receive_char+0x51/0x6d0 drivers/tty/n_tty.c:1403 n_tty_receive_buf_standard+0x563/0x3cb0 drivers/tty/n_tty.c:1582 __receive_buf drivers/tty/n_tty.c:1616 [inline] n_tty_receive_buf_common+0x821/0xc10 drivers/tty/n_tty.c:1715 n_tty_receive_buf2+0x33/0x40 drivers/tty/n_tty.c:1759 tty_ldisc_receive_buf+0x66/0xf0 drivers/tty/tty_buffer.c:394 tty_port_default_receive_buf+0x59/0x90 drivers/tty/tty_port.c:37 receive_buf drivers/tty/tty_buffer.c:452 [inline] flush_to_ldisc+0x13a/0x330 drivers/tty/tty_buffer.c:502 process_one_work kernel/workqueue.c:3322 [inline] process_scheduled_works+0x4d4/0x9a0 kernel/workqueue.c:3405 worker_thread+0x569/0x750 kernel/workqueue.c:3486 kthread+0x221/0x270 kernel/kthread.c:436 ret_from_fork+0x146/0x330 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(lazy) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 Workqueue: events_unbound flush_to_ldisc ================================================================== bridge_slave_1: left allmulticast mode bridge0: port 2(bridge_slave_1) entered disabled state bridge_slave_0: left allmulticast mode bridge_slave_0: left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state bond1 (unregistering): (slave ip6gretap1): Releasing active interface bond0 (unregistering): (slave bond_slave_0): Releasing backup interface bond0 (unregistering): (slave bond_slave_1): Releasing backup interface bond0 (unregistering): Released all slaves bond1 (unregistering): Released all slaves hsr_slave_0: left promiscuous mode hsr_slave_1: left promiscuous mode batman_adv: batadv0: Removing interface: batadv_slave_0 batman_adv: batadv0: Removing interface: batadv_slave_1 team0 (unregistering): Port device team_slave_1 removed team0 (unregistering): Port device team_slave_0 removed

Crashes (1):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2026/06/19 10:59	upstream	9ecfb2f7287a	570c59ee	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in n_tty_ioctl_helper / n_tty_receive_char

Crashes (1):

Assets (help?)