==================================================================
BUG: KCSAN: data-race in vti_tunnel_xmit / vti_tunnel_xmit

write to 0xffff888132ebb158 of 8 bytes by task 28236 on cpu 1:
 vti_xmit net/ipv4/ip_vti.c:270 [inline]
 vti_tunnel_xmit+0x8d8/0xb70 net/ipv4/ip_vti.c:304
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x105/0x2f0 net/core/dev.c:3473
 dev_hard_start_xmit net/core/dev.c:3489 [inline]
 __dev_queue_xmit+0x86d/0xf90 net/core/dev.c:4116
 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149
 __bpf_tx_skb net/core/filter.c:2113 [inline]
 __bpf_redirect_no_mac net/core/filter.c:2138 [inline]
 __bpf_redirect+0x5a9/0x850 net/core/filter.c:2161
 ____bpf_clone_redirect net/core/filter.c:2428 [inline]
 bpf_clone_redirect+0x168/0x1c0 net/core/filter.c:2400
 ___bpf_prog_run+0xc87/0x30c0 kernel/bpf/core.c:1558
 __bpf_prog_run512+0x70/0xa0 kernel/bpf/core.c:1787
 bpf_dispatcher_nop_func include/linux/bpf.h:785 [inline]
 __bpf_prog_run include/linux/filter.h:626 [inline]
 bpf_prog_run include/linux/filter.h:633 [inline]
 bpf_test_run+0x18b/0x400 net/bpf/test_run.c:120
 bpf_prog_test_run_skb+0x73d/0xed0 net/bpf/test_run.c:666
 bpf_prog_test_run kernel/bpf/syscall.c:3350 [inline]
 __sys_bpf+0x3caa/0xa3c0 kernel/bpf/syscall.c:4652
 __do_sys_bpf kernel/bpf/syscall.c:4738 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:4736 [inline]
 __x64_sys_bpf+0x3f/0x50 kernel/bpf/syscall.c:4736
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff888132ebb158 of 8 bytes by task 28221 on cpu 0:
 vti_xmit net/ipv4/ip_vti.c:270 [inline]
 vti_tunnel_xmit+0x8c6/0xb70 net/ipv4/ip_vti.c:304
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x105/0x2f0 net/core/dev.c:3473
 dev_hard_start_xmit net/core/dev.c:3489 [inline]
 __dev_queue_xmit+0x86d/0xf90 net/core/dev.c:4116
 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149
 __bpf_tx_skb net/core/filter.c:2113 [inline]
 __bpf_redirect_no_mac net/core/filter.c:2138 [inline]
 __bpf_redirect+0x5a9/0x850 net/core/filter.c:2161
 ____bpf_clone_redirect net/core/filter.c:2428 [inline]
 bpf_clone_redirect+0x168/0x1c0 net/core/filter.c:2400
 ___bpf_prog_run+0xc87/0x30c0 kernel/bpf/core.c:1558
 __bpf_prog_run512+0x70/0xa0 kernel/bpf/core.c:1787
 bpf_dispatcher_nop_func include/linux/bpf.h:785 [inline]
 __bpf_prog_run include/linux/filter.h:626 [inline]
 bpf_prog_run include/linux/filter.h:633 [inline]
 bpf_test_run+0x18b/0x400 net/bpf/test_run.c:120
 bpf_prog_test_run_skb+0x73d/0xed0 net/bpf/test_run.c:666
 bpf_prog_test_run kernel/bpf/syscall.c:3350 [inline]
 __sys_bpf+0x3caa/0xa3c0 kernel/bpf/syscall.c:4652
 __do_sys_bpf kernel/bpf/syscall.c:4738 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:4736 [inline]
 __x64_sys_bpf+0x3f/0x50 kernel/bpf/syscall.c:4736
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x000000000006ee1b -> 0x000000000006ee1d

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 28221 Comm: syz-executor.3 Not tainted 5.17.0-rc4-syzkaller-00020-g705d84a366cf-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
==================================================================
BUG: KCSAN: data-race in vti_tunnel_xmit / vti_tunnel_xmit

read to 0xffff888132ebb1b8 of 8 bytes by task 28236 on cpu 1:
 vti_xmit net/ipv4/ip_vti.c:224 [inline]
 vti_tunnel_xmit+0x830/0xb70 net/ipv4/ip_vti.c:304
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x105/0x2f0 net/core/dev.c:3473
 dev_hard_start_xmit net/core/dev.c:3489 [inline]
 __dev_queue_xmit+0x86d/0xf90 net/core/dev.c:4116
 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149
 __bpf_tx_skb net/core/filter.c:2113 [inline]
 __bpf_redirect_no_mac net/core/filter.c:2138 [inline]
 __bpf_redirect+0x5a9/0x850 net/core/filter.c:2161
 ____bpf_clone_redirect net/core/filter.c:2428 [inline]
 bpf_clone_redirect+0x168/0x1c0 net/core/filter.c:2400
 ___bpf_prog_run+0xc87/0x30c0 kernel/bpf/core.c:1558
 __bpf_prog_run512+0x70/0xa0 kernel/bpf/core.c:1787
 bpf_dispatcher_nop_func include/linux/bpf.h:785 [inline]
 __bpf_prog_run include/linux/filter.h:626 [inline]
 bpf_prog_run include/linux/filter.h:633 [inline]
 bpf_test_run+0x18b/0x400 net/bpf/test_run.c:120
 bpf_prog_test_run_skb+0x73d/0xed0 net/bpf/test_run.c:666
 bpf_prog_test_run kernel/bpf/syscall.c:3350 [inline]
 __sys_bpf+0x3caa/0xa3c0 kernel/bpf/syscall.c:4652
 __do_sys_bpf kernel/bpf/syscall.c:4738 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:4736 [inline]
 __x64_sys_bpf+0x3f/0x50 kernel/bpf/syscall.c:4736
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

write to 0xffff888132ebb1b8 of 8 bytes by task 28221 on cpu 0:
 vti_xmit net/ipv4/ip_vti.c:224 [inline]
 vti_tunnel_xmit+0x842/0xb70 net/ipv4/ip_vti.c:304
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x105/0x2f0 net/core/dev.c:3473
 dev_hard_start_xmit net/core/dev.c:3489 [inline]
 __dev_queue_xmit+0x86d/0xf90 net/core/dev.c:4116
 dev_queue_xmit+0x13/0x20 net/core/dev.c:4149
 __bpf_tx_skb net/core/filter.c:2113 [inline]
 __bpf_redirect_no_mac net/core/filter.c:2138 [inline]
 __bpf_redirect+0x5a9/0x850 net/core/filter.c:2161
 ____bpf_clone_redirect net/core/filter.c:2428 [inline]
 bpf_clone_redirect+0x168/0x1c0 net/core/filter.c:2400
 ___bpf_prog_run+0xc87/0x30c0 kernel/bpf/core.c:1558
 __bpf_prog_run512+0x70/0xa0 kernel/bpf/core.c:1787
 bpf_dispatcher_nop_func include/linux/bpf.h:785 [inline]
 __bpf_prog_run include/linux/filter.h:626 [inline]
 bpf_prog_run include/linux/filter.h:633 [inline]
 bpf_test_run+0x18b/0x400 net/bpf/test_run.c:120
 bpf_prog_test_run_skb+0x73d/0xed0 net/bpf/test_run.c:666
 bpf_prog_test_run kernel/bpf/syscall.c:3350 [inline]
 __sys_bpf+0x3caa/0xa3c0 kernel/bpf/syscall.c:4652
 __do_sys_bpf kernel/bpf/syscall.c:4738 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:4736 [inline]
 __x64_sys_bpf+0x3f/0x50 kernel/bpf/syscall.c:4736
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x000000000007025d -> 0x000000000007025e

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 28221 Comm: syz-executor.3 Not tainted 5.17.0-rc4-syzkaller-00020-g705d84a366cf-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================