================================================================== BUG: KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish write to 0xffff888131ce8170 of 8 bytes by interrupt on cpu 0: br_handle_frame_finish+0xab2/0xbe0 net/bridge/br_input.c:147 br_nf_hook_thresh+0x194/0x1d0 br_nf_pre_routing_finish_ipv6+0x4e6/0x500 NF_HOOK include/linux/netfilter.h:307 [inline] br_nf_pre_routing_ipv6+0x1ea/0x280 net/bridge/br_netfilter_ipv6.c:236 br_nf_pre_routing+0x4d1/0xb30 net/bridge/br_netfilter_hooks.c:505 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_bridge_pre net/bridge/br_input.c:230 [inline] br_handle_frame+0x483/0xbc0 net/bridge/br_input.c:370 __netif_receive_skb_core+0xa39/0x1e20 net/core/dev.c:5245 __netif_receive_skb_one_core net/core/dev.c:5349 [inline] __netif_receive_skb+0x52/0x1b0 net/core/dev.c:5465 process_backlog+0x23f/0x3e0 net/core/dev.c:5797 __napi_poll+0x65/0x3f0 net/core/dev.c:6365 napi_poll net/core/dev.c:6432 [inline] net_rx_action+0x29e/0x650 net/core/dev.c:6519 __do_softirq+0x158/0x2de kernel/softirq.c:558 run_ksoftirqd+0x1f/0x30 kernel/softirq.c:921 smpboot_thread_fn+0x308/0x4a0 kernel/smpboot.c:164 kthread+0x1bf/0x1e0 kernel/kthread.c:377 ret_from_fork+0x1f/0x30 read to 0xffff888131ce8170 of 8 bytes by interrupt on cpu 1: br_handle_frame_finish+0xaa0/0xbe0 net/bridge/br_input.c:147 br_nf_hook_thresh+0x194/0x1d0 br_nf_pre_routing_finish_ipv6+0x4e6/0x500 NF_HOOK include/linux/netfilter.h:307 [inline] br_nf_pre_routing_ipv6+0x1ea/0x280 net/bridge/br_netfilter_ipv6.c:236 br_nf_pre_routing+0x4d1/0xb30 net/bridge/br_netfilter_hooks.c:505 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline] nf_hook_bridge_pre net/bridge/br_input.c:230 [inline] br_handle_frame+0x483/0xbc0 net/bridge/br_input.c:370 __netif_receive_skb_core+0xa39/0x1e20 net/core/dev.c:5245 __netif_receive_skb_one_core net/core/dev.c:5349 [inline] __netif_receive_skb+0x52/0x1b0 net/core/dev.c:5465 process_backlog+0x23f/0x3e0 net/core/dev.c:5797 __napi_poll+0x65/0x3f0 net/core/dev.c:6365 napi_poll net/core/dev.c:6432 [inline] net_rx_action+0x29e/0x650 net/core/dev.c:6519 __do_softirq+0x158/0x2de kernel/softirq.c:558 do_softirq+0xb1/0xf0 kernel/softirq.c:459 __local_bh_enable_ip+0x68/0x70 kernel/softirq.c:383 local_bh_enable+0x1b/0x20 include/linux/bottom_half.h:33 rcu_read_unlock_bh include/linux/rcupdate.h:764 [inline] ip_finish_output2+0x748/0xb70 net/ipv4/ip_output.c:229 ip_finish_output+0xfb/0x240 net/ipv4/ip_output.c:316 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip_output+0xf3/0x1a0 net/ipv4/ip_output.c:430 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] __ip_queue_xmit+0xa5f/0xa90 net/ipv4/ip_output.c:532 ip_queue_xmit+0x34/0x40 net/ipv4/ip_output.c:546 __tcp_transmit_skb+0x1323/0x1840 net/ipv4/tcp_output.c:1402 tcp_transmit_skb net/ipv4/tcp_output.c:1420 [inline] tcp_write_xmit+0x1450/0x4460 net/ipv4/tcp_output.c:2680 __tcp_push_pending_frames+0x68/0x1c0 net/ipv4/tcp_output.c:2864 tcp_push+0x2d9/0x2f0 net/ipv4/tcp.c:725 tcp_sendmsg_locked+0x1cba/0x25b0 net/ipv4/tcp.c:1421 tcp_sendmsg+0x2c/0x40 net/ipv4/tcp.c:1449 inet_sendmsg+0x5f/0x80 net/ipv4/af_inet.c:819 sock_sendmsg_nosec net/socket.c:705 [inline] sock_sendmsg net/socket.c:725 [inline] sock_write_iter+0x1a3/0x200 net/socket.c:1061 call_write_iter include/linux/fs.h:2074 [inline] new_sync_write fs/read_write.c:503 [inline] vfs_write+0x7f5/0x950 fs/read_write.c:590 ksys_write+0xd9/0x190 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __x64_sys_write+0x3e/0x50 fs/read_write.c:652 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae value changed: 0x000000000000c7b3 -> 0x000000000000c7b4 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 1801 Comm: syz-fuzzer Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================