syzbot

audit: audit_backlog=65 > audit_backlog_limit=64
==================================================================
BUG: KCSAN: data-race in data_push_tail / vsnprintf

write to 0xffffffff893a4768 of 20 bytes by interrupt on cpu 1:
 vsnprintf+0x2ce/0x860 lib/vsprintf.c:2899
 vscnprintf+0x41/0x90 lib/vsprintf.c:3013
 printk_sprint+0x30/0x2e0 kernel/printk/printk.c:2222
 vprintk_store+0x57b/0x910 kernel/printk/printk.c:2364
 vprintk_emit+0x1a4/0x600 kernel/printk/printk.c:2455
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2494
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2504
 audit_log_lost+0x1cc/0x200 kernel/audit.c:416
 audit_log_start+0x46f/0x730 kernel/audit.c:-1
 common_lsm_audit+0x65/0x230 security/lsm_audit.c:442
 slow_avc_audit+0x14c/0x190 security/selinux/avc.c:779
 avc_audit security/selinux/include/avc.h:131 [inline]
 avc_has_perm+0x144/0x190 security/selinux/avc.c:1198
 selinux_socket_sock_rcv_skb+0x5ac/0x640 security/selinux/hooks.c:5347
 security_sock_rcv_skb+0x3c/0x70 security/security.c:4318
 sk_filter_trim_cap+0xe0/0x5e0 net/core/filter.c:156
 tcp_filter include/net/tcp.h:1644 [inline]
 tcp_v4_rcv+0x13ae/0x1db0 net/ipv4/tcp_ipv4.c:2299
 ip_protocol_deliver_rcu+0x395/0x790 net/ipv4/ip_input.c:207
 ip_local_deliver_finish+0x1fc/0x2f0 net/ipv4/ip_input.c:241
 NF_HOOK include/linux/netfilter.h:318 [inline]
 ip_local_deliver+0xe8/0x1e0 net/ipv4/ip_input.c:262
 dst_input include/net/dst.h:480 [inline]
 ip_sublist_rcv_finish net/ipv4/ip_input.c:584 [inline]
 ip_list_rcv_finish net/ipv4/ip_input.c:636 [inline]
 ip_sublist_rcv+0x5a4/0x6a0 net/ipv4/ip_input.c:644
 ip_list_rcv+0x261/0x290 net/ipv4/ip_input.c:678
 __netif_receive_skb_list_ptype net/core/dev.c:6224 [inline]
 __netif_receive_skb_list_core+0x4dc/0x500 net/core/dev.c:6271
 __netif_receive_skb_list net/core/dev.c:6323 [inline]
 netif_receive_skb_list_internal+0x47d/0x5f0 net/core/dev.c:6414
 gro_normal_list include/net/gro.h:523 [inline]
 gro_flush_normal include/net/gro.h:531 [inline]
 napi_complete_done+0x19c/0x3f0 net/core/dev.c:6782
 virtqueue_napi_complete drivers/net/virtio_net.c:747 [inline]
 virtnet_poll+0x1bb1/0x2040 drivers/net/virtio_net.c:3089
 __napi_poll+0x61/0x330 net/core/dev.c:7709
 napi_poll net/core/dev.c:7772 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7929
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0x39/0xc0 kernel/softirq.c:723
 common_interrupt+0x83/0x90 arch/x86/kernel/irq.c:326
 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:688
 native_save_fl arch/x86/include/asm/irqflags.h:26 [inline]
 arch_local_save_flags arch/x86/include/asm/irqflags.h:109 [inline]
 arch_local_irq_save arch/x86/include/asm/irqflags.h:127 [inline]
 kcsan_setup_watchpoint+0xfb/0x410 kernel/kcsan/core.c:589
 avtab_hash security/selinux/ss/avtab.c:30 [inline]
 avtab_search_node+0x59/0x2b0 security/selinux/ss/avtab.c:154
 context_struct_compute_av+0x343/0xaf0 security/selinux/ss/services.c:664
 security_compute_av+0x34f/0xa20 security/selinux/ss/services.c:1177
 avc_compute_av+0x5d/0x430 security/selinux/avc.c:992
 avc_perm_nonode+0x5e/0xe0 security/selinux/avc.c:1117
 avc_has_perm_noaudit+0xf2/0x130 security/selinux/avc.c:1160
 avc_has_perm+0x60/0x190 security/selinux/avc.c:1195
 inode_has_perm security/selinux/hooks.c:1691 [inline]
 file_has_perm security/selinux/hooks.c:1787 [inline]
 selinux_revalidate_file_permission security/selinux/hooks.c:3793 [inline]
 selinux_file_permission+0x633/0x690 security/selinux/hooks.c:3814
 security_file_permission+0x3a/0x70 security/security.c:2367
 rw_verify_area fs/read_write.c:475 [inline]
 vfs_write+0x135/0x9f0 fs/read_write.c:679
 ksys_write+0xdc/0x1a0 fs/read_write.c:740
 __do_sys_write fs/read_write.c:751 [inline]
 __se_sys_write fs/read_write.c:748 [inline]
 __x64_sys_write+0x40/0x50 fs/read_write.c:748
 x64_sys_call+0x27e1/0x3020 arch/x86/include/generated/asm/syscalls_64.h:2
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff893a4768 of 8 bytes by task 3317 on cpu 0:
 data_make_reusable kernel/printk/printk_ringbuffer.c:608 [inline]
 data_push_tail+0x100/0x470 kernel/printk/printk_ringbuffer.c:693
 data_alloc+0x11b/0x390 kernel/printk/printk_ringbuffer.c:1089
 prb_reserve+0x8d7/0xae0 kernel/printk/printk_ringbuffer.c:1724
 vprintk_store+0x54a/0x910 kernel/printk/printk.c:2354
 vprintk_emit+0x1a4/0x600 kernel/printk/printk.c:2455
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2494
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2504
 audit_log_start+0x709/0x730 kernel/audit.c:1949
 common_lsm_audit+0x65/0x230 security/lsm_audit.c:442
 slow_avc_audit+0x14c/0x190 security/selinux/avc.c:779
 avc_xperms_audit security/selinux/avc.c:425 [inline]
 avc_has_extended_perms+0x613/0x890 security/selinux/avc.c:1090
 ioctl_has_perm+0x27e/0x2d0 security/selinux/hooks.c:3863
 selinux_file_ioctl+0x5f7/0xcb0 security/selinux/hooks.c:-1
 security_file_ioctl+0x44/0x80 security/security.c:2436
 __do_sys_ioctl fs/ioctl.c:591 [inline]
 __se_sys_ioctl+0x47/0x140 fs/ioctl.c:583
 __x64_sys_ioctl+0x43/0x50 fs/ioctl.c:583
 x64_sys_call+0x1563/0x3020 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000fffff9df -> 0x3a74696475613401

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 3317 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
==================================================================