================================================================== BUG: KCSAN: data-race in dst_alloc / percpu_counter_add_batch write to 0xffff8880a31b2948 of 8 bytes by task 29245 on cpu 1: percpu_counter_add_batch+0xca/0x150 lib/percpu_counter.c:91 percpu_counter_add include/linux/percpu_counter.h:55 [inline] dst_entries_add include/net/dst_ops.h:57 [inline] dst_init net/core/dst.c:75 [inline] dst_init+0x1f3/0x200 net/core/dst.c:47 dst_alloc+0xd3/0x149 net/core/dst.c:97 ip6_dst_alloc+0x3d/0x80 net/ipv6/route.c:353 ip6_rt_cache_alloc+0x12b/0x480 net/ipv6/route.c:1342 ip6_pol_route+0x5d2/0x730 net/ipv6/route.c:2221 ip6_pol_route_output+0x48/0x60 net/ipv6/route.c:2453 fib6_rule_lookup+0x95/0x470 net/ipv6/fib6_rules.c:114 ip6_route_output_flags_noref+0x16b/0x230 net/ipv6/route.c:2485 ip6_route_output_flags+0x50/0x1a0 net/ipv6/route.c:2498 ip6_dst_lookup_tail+0x25d/0xc50 net/ipv6/ip6_output.c:1052 ip6_dst_lookup_flow+0x5c/0x110 net/ipv6/ip6_output.c:1153 rawv6_sendmsg+0x9be/0x2340 net/ipv6/raw.c:928 inet_sendmsg+0x6d/0x90 net/ipv4/af_inet.c:807 sock_sendmsg_nosec net/socket.c:639 [inline] sock_sendmsg+0x9f/0xc0 net/socket.c:659 kernel_sendmsg+0x4d/0x70 net/socket.c:679 sock_no_sendpage+0xda/0x110 net/core/sock.c:2740 kernel_sendpage+0x7b/0xc0 net/socket.c:3776 sock_sendpage+0x6c/0x90 net/socket.c:937 pipe_to_sendpage+0x102/0x1a0 fs/splice.c:458 splice_from_pipe_feed fs/splice.c:512 [inline] __splice_from_pipe+0x295/0x4a0 fs/splice.c:636 splice_from_pipe+0xbb/0x100 fs/splice.c:671 generic_splice_sendpage+0x45/0x60 fs/splice.c:844 do_splice_from fs/splice.c:863 [inline] direct_splice_actor+0xa0/0xc0 fs/splice.c:1037 splice_direct_to_actor+0x22b/0x540 fs/splice.c:992 do_splice_direct+0x161/0x1e0 fs/splice.c:1080 do_sendfile+0x384/0x7f0 fs/read_write.c:1464 __do_sys_sendfile64 fs/read_write.c:1525 [inline] __se_sys_sendfile64 fs/read_write.c:1511 [inline] __x64_sys_sendfile64+0x12a/0x140 fs/read_write.c:1511 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 read to 0xffff8880a31b2948 of 8 bytes by task 29125 on cpu 0: dst_entries_get_fast include/net/dst_ops.h:47 [inline] dst_alloc+0x55/0x149 net/core/dst.c:84 ip6_dst_alloc+0x3d/0x80 net/ipv6/route.c:353 ip6_rt_cache_alloc+0x12b/0x480 net/ipv6/route.c:1342 ip6_pol_route+0x5d2/0x730 net/ipv6/route.c:2221 ip6_pol_route_output+0x48/0x60 net/ipv6/route.c:2453 fib6_rule_lookup+0x95/0x470 net/ipv6/fib6_rules.c:114 ip6_route_output_flags_noref+0x16b/0x230 net/ipv6/route.c:2485 ip6_route_output_flags+0x50/0x1a0 net/ipv6/route.c:2498 ip6_dst_lookup_tail+0x25d/0xc50 net/ipv6/ip6_output.c:1052 ip6_dst_lookup_flow+0x5c/0x110 net/ipv6/ip6_output.c:1153 rawv6_sendmsg+0x9be/0x2340 net/ipv6/raw.c:928 inet_sendmsg+0x6d/0x90 net/ipv4/af_inet.c:807 sock_sendmsg_nosec net/socket.c:639 [inline] sock_sendmsg+0x9f/0xc0 net/socket.c:659 kernel_sendmsg+0x4d/0x70 net/socket.c:679 sock_no_sendpage+0xda/0x110 net/core/sock.c:2740 kernel_sendpage+0x7b/0xc0 net/socket.c:3776 sock_sendpage+0x6c/0x90 net/socket.c:937 pipe_to_sendpage+0x102/0x1a0 fs/splice.c:458 splice_from_pipe_feed fs/splice.c:512 [inline] __splice_from_pipe+0x295/0x4a0 fs/splice.c:636 splice_from_pipe+0xbb/0x100 fs/splice.c:671 generic_splice_sendpage+0x45/0x60 fs/splice.c:844 do_splice_from fs/splice.c:863 [inline] direct_splice_actor+0xa0/0xc0 fs/splice.c:1037 splice_direct_to_actor+0x22b/0x540 fs/splice.c:992 do_splice_direct+0x161/0x1e0 fs/splice.c:1080 do_sendfile+0x384/0x7f0 fs/read_write.c:1464 __do_sys_sendfile64 fs/read_write.c:1525 [inline] __se_sys_sendfile64 fs/read_write.c:1511 [inline] __x64_sys_sendfile64+0x12a/0x140 fs/read_write.c:1511 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 29125 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================