================================================================== BUG: KCSAN: data-race in fasync_remove_entry / kill_fasync write to 0xffff8880a2f06b00 of 8 bytes by task 23584 on cpu 0: fasync_remove_entry+0xba/0x120 fs/fcntl.c:882 fasync_helper+0xcf/0xdc fs/fcntl.c:981 perf_fasync+0x6c/0xa0 kernel/events/core.c:6002 __fput+0x46a/0x520 fs/file_table.c:277 ____fput+0x1f/0x30 fs/file_table.c:313 task_work_run+0xf6/0x130 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x2b4/0x2c0 arch/x86/entry/common.c:164 prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] syscall_return_slowpath arch/x86/entry/common.c:278 [inline] do_syscall_64+0x384/0x3a0 arch/x86/entry/common.c:304 entry_SYSCALL_64_after_hwframe+0x44/0xa9 read to 0xffff8880a2f06b00 of 8 bytes by interrupt on cpu 1: kill_fasync+0x3f/0x180 fs/fcntl.c:1019 perf_event_wakeup+0x11f/0x160 kernel/events/core.c:6042 perf_pending_event+0x12d/0x170 kernel/events/core.c:6098 irq_work_run_list+0x136/0x190 kernel/irq_work.c:156 irq_work_run+0x48/0xa0 kernel/irq_work.c:172 smp_irq_work_interrupt+0x3f/0x100 arch/x86/kernel/irq_work.c:21 irq_work_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:860 should_watch kernel/kcsan/core.c:206 [inline] check_access kernel/kcsan/core.c:458 [inline] __tsan_read8+0xb4/0x100 kernel/kcsan/core.c:589 ipv6_masked_addr_cmp include/net/ipv6.h:506 [inline] ip6_packet_match net/ipv6/netfilter/ip6_tables.c:62 [inline] ip6t_do_table+0x3aa/0xf40 net/ipv6/netfilter/ip6_tables.c:307 ip6table_mangle_hook+0x7e/0x310 net/ipv6/netfilter/ip6table_mangle.c:75 nf_hook_entry_hookfn include/linux/netfilter.h:135 [inline] nf_hook_slow+0x83/0x160 net/netfilter/core.c:512 nf_hook include/linux/netfilter.h:262 [inline] NF_HOOK_COND include/linux/netfilter.h:295 [inline] ip6_output+0x254/0x290 net/ipv6/ip6_output.c:175 dst_output include/net/dst.h:436 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ndisc_send_skb+0x459/0x5f0 net/ipv6/ndisc.c:505 ndisc_send_rs+0xb3/0x3d0 net/ipv6/ndisc.c:699 addrconf_rs_timer+0x1ee/0x420 net/ipv6/addrconf.c:3879 call_timer_fn+0x5f/0x2f0 kernel/time/timer.c:1404 expire_timers kernel/time/timer.c:1449 [inline] __run_timers kernel/time/timer.c:1773 [inline] __run_timers kernel/time/timer.c:1740 [inline] run_timer_softirq+0xc0c/0xcd0 kernel/time/timer.c:1786 __do_softirq+0x115/0x33f kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0xbb/0xe0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0xe6/0x280 arch/x86/kernel/apic/apic.c:1137 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829 arch_local_irq_enable arch/x86/include/asm/paravirt.h:762 [inline] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] _raw_spin_unlock_irq+0x4e/0x80 kernel/locking/spinlock.c:199 spin_unlock_irq include/linux/spinlock.h:388 [inline] __add_to_page_cache_locked+0x2c7/0x780 mm/filemap.c:896 add_to_page_cache_lru+0xc4/0x260 mm/filemap.c:943 pagecache_get_page+0x2ac/0x6f0 mm/filemap.c:1682 find_or_create_page include/linux/pagemap.h:310 [inline] grow_dev_page fs/buffer.c:989 [inline] grow_buffers fs/buffer.c:1058 [inline] __getblk_slow fs/buffer.c:1085 [inline] __getblk_gfp+0x1fe/0x570 fs/buffer.c:1362 __bread_gfp+0x38/0x1e0 fs/buffer.c:1396 sb_bread include/linux/buffer_head.h:307 [inline] fat__get_entry+0x35e/0x4f0 fs/fat/dir.c:100 fat_get_entry fs/fat/dir.c:128 [inline] fat_get_short_entry+0x103/0x200 fs/fat/dir.c:877 fat_subdirs+0x6b/0x110 fs/fat/dir.c:943 fat_read_root fs/fat/inode.c:1416 [inline] fat_fill_super+0x1552/0x1f50 fs/fat/inode.c:1862 vfat_fill_super+0x3b/0x50 fs/fat/namei_vfat.c:1050 mount_bdev+0x262/0x2d0 fs/super.c:1415 vfat_mount+0x3e/0x60 fs/fat/namei_vfat.c:1057 legacy_get_tree+0x7e/0xf0 fs/fs_context.c:647 vfs_get_tree+0x56/0x1a0 fs/super.c:1545 do_new_mount fs/namespace.c:2822 [inline] do_mount+0x1004/0x14f0 fs/namespace.c:3142 ksys_mount+0xe8/0x160 fs/namespace.c:3351 __do_sys_mount fs/namespace.c:3365 [inline] __se_sys_mount fs/namespace.c:3362 [inline] __x64_sys_mount+0x70/0x90 fs/namespace.c:3362 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 23585 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================