syzbot

==================================================================
BUG: KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free

write to 0xffff8881195f6468 of 4 bytes by task 17372 on cpu 0:
 __local_list_add_pending kernel/bpf/bpf_lru_list.c:350 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:449 [inline]
 bpf_lru_pop_free+0xbea/0xcc0 kernel/bpf/bpf_lru_list.c:496
 prealloc_lru_pop kernel/bpf/hashtab.c:311 [inline]
 __htab_lru_percpu_map_update_elem+0xea/0x600 kernel/bpf/hashtab.c:1357
 bpf_percpu_hash_update+0x61/0xa0 kernel/bpf/hashtab.c:2411
 bpf_map_update_value+0x36b/0x570 kernel/bpf/syscall.c:270
 generic_map_update_batch+0x3ff/0x550 kernel/bpf/syscall.c:2044
 bpf_map_do_batch+0x25c/0x380 kernel/bpf/syscall.c:5632
 __sys_bpf+0x5f8/0x7c0 kernel/bpf/syscall.c:-1
 __do_sys_bpf kernel/bpf/syscall.c:6259 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:6257 [inline]
 __x64_sys_bpf+0x41/0x50 kernel/bpf/syscall.c:6257
 x64_sys_call+0x2aee/0x3000 arch/x86/include/generated/asm/syscalls_64.h:322
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff8881195f6468 of 4 bytes by task 17319 on cpu 1:
 lookup_nulls_elem_raw kernel/bpf/hashtab.c:651 [inline]
 __htab_map_lookup_elem+0xab/0x150 kernel/bpf/hashtab.c:681
 htab_lru_percpu_map_lookup_elem+0x20/0xb0 kernel/bpf/hashtab.c:2345
 bpf_prog_1908f35e458ae2da+0x48/0x50
 bpf_dispatcher_nop_func include/linux/bpf.h:1350 [inline]
 __bpf_prog_run include/linux/filter.h:721 [inline]
 bpf_prog_run include/linux/filter.h:728 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2075 [inline]
 bpf_trace_run2+0x107/0x1c0 kernel/trace/bpf_trace.c:2116
 __traceiter_kfree+0x2e/0x50 include/trace/events/kmem.h:97
 __do_trace_kfree include/trace/events/kmem.h:97 [inline]
 trace_kfree include/trace/events/kmem.h:97 [inline]
 kfree+0x351/0x400 mm/slub.c:6824
 ___sys_recvmsg+0x135/0x370 net/socket.c:2893
 do_recvmmsg+0x1ef/0x540 net/socket.c:2987
 __sys_recvmmsg net/socket.c:3061 [inline]
 __do_sys_recvmmsg net/socket.c:3084 [inline]
 __se_sys_recvmmsg net/socket.c:3077 [inline]
 __x64_sys_recvmmsg+0xe5/0x170 net/socket.c:3077
 x64_sys_call+0x27aa/0x3000 arch/x86/include/generated/asm/syscalls_64.h:300
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xd4d94076 -> 0x797086f1

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 17319 Comm: syz.2.15824 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
==================================================================