kmalloc_noprof include/linux/slab.h:909 [inline] kmalloc_array_noprof include/linux/slab.h:948 [inline] duplicate_policydb_bools security/selinux/ss/conditional.c:713 [inline] cond_policydb_dup+0xa3/0x4e0 security/selinux/ss/conditional.c:745 security_set_bools+0xa0/0x340 security/selinux/ss/services.c:3097 sel_commit_bools_write+0x1ea/0x270 security/selinux/selinuxfs.c:1332 do_loop_readv_writev fs/read_write.c:850 [inline] vfs_writev+0x406/0x8b0 fs/read_write.c:1059 ================================================================== BUG: KCSAN: data-race in data_alloc / prb_reserve write to 0xffffffff86891a58 of 8 bytes by task 26250 on cpu 0: data_alloc+0x27d/0x2b0 kernel/printk/printk_ringbuffer.c:1096 prb_reserve+0x808/0xaf0 kernel/printk/printk_ringbuffer.c:1669 vprintk_store+0x56d/0x860 kernel/printk/printk.c:2326 vprintk_emit+0x178/0x650 kernel/printk/printk.c:2426 vprintk_default+0x26/0x30 kernel/printk/printk.c:2465 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2475 __nla_validate_parse+0x1738/0x1d00 lib/nlattr.c:647 nla_validate_array lib/nlattr.c:109 [inline] validate_nla lib/nlattr.c:536 [inline] __nla_validate_parse+0x6a4/0x1d00 lib/nlattr.c:635 __nla_parse+0x40/0x60 lib/nlattr.c:732 nla_parse_deprecated include/net/netlink.h:734 [inline] nfnetlink_rcv_batch net/netfilter/nfnetlink.c:518 [inline] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:648 [inline] nfnetlink_rcv+0xb57/0x1690 net/netfilter/nfnetlink.c:666 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x59e/0x670 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x58b/0x6b0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg+0x142/0x180 net/socket.c:727 ____sys_sendmsg+0x31e/0x4e0 net/socket.c:2566 ___sys_sendmsg+0x17b/0x1d0 net/socket.c:2620 __sys_sendmsg net/socket.c:2652 [inline] __do_sys_sendmsg net/socket.c:2657 [inline] __se_sys_sendmsg net/socket.c:2655 [inline] __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2655 x64_sys_call+0x2999/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff86891a58 of 8 bytes by task 26248 on cpu 1: desc_read kernel/printk/printk_ringbuffer.c:482 [inline] desc_push_tail kernel/printk/printk_ringbuffer.c:778 [inline] desc_reserve kernel/printk/printk_ringbuffer.c:924 [inline] prb_reserve+0x221/0xaf0 kernel/printk/printk_ringbuffer.c:1619 vprintk_store+0x56d/0x860 kernel/printk/printk.c:2326 vprintk_emit+0x178/0x650 kernel/printk/printk.c:2426 vprintk_default+0x26/0x30 kernel/printk/printk.c:2465 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2475 printk_stack_address arch/x86/kernel/dumpstack.c:70 [inline] show_trace_log_lvl+0x4e3/0x560 arch/x86/kernel/dumpstack.c:282 __dump_stack+0x1d/0x30 lib/dump_stack.c:94 dump_stack_lvl+0xe8/0x140 lib/dump_stack.c:120 dump_stack+0x15/0x1b lib/dump_stack.c:129 fail_dump lib/fault-inject.c:73 [inline] should_fail_ex+0x265/0x280 lib/fault-inject.c:174 should_failslab+0x8c/0xb0 mm/failslab.c:46 slab_pre_alloc_hook mm/slub.c:4101 [inline] slab_alloc_node mm/slub.c:4177 [inline] __do_kmalloc_node mm/slub.c:4327 [inline] __kmalloc_noprof+0xa5/0x3e0 mm/slub.c:4340 kmalloc_noprof include/linux/slab.h:909 [inline] kmalloc_array_noprof include/linux/slab.h:948 [inline] duplicate_policydb_bools security/selinux/ss/conditional.c:713 [inline] cond_policydb_dup+0xa3/0x4e0 security/selinux/ss/conditional.c:745 security_set_bools+0xa0/0x340 security/selinux/ss/services.c:3097 sel_commit_bools_write+0x1ea/0x270 security/selinux/selinuxfs.c:1332 do_loop_readv_writev fs/read_write.c:850 [inline] vfs_writev+0x406/0x8b0 fs/read_write.c:1059 do_writev+0xe7/0x210 fs/read_write.c:1103 __do_sys_writev fs/read_write.c:1171 [inline] __se_sys_writev fs/read_write.c:1168 [inline] __x64_sys_writev+0x45/0x50 fs/read_write.c:1168 x64_sys_call+0x2006/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:21 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x00000000003f6290 -> 0x0000000000493d20 Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 26248 Comm: syz.5.30548 Not tainted 6.15.0-syzkaller-13659-g5b032cac6225 #0 PREEMPT(voluntary) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 ================================================================== do_writev+0xe7/0x210 fs/read_write.c:1103 __do_sys_writev fs/read_write.c:1171 [inline] __se_sys_writev fs/read_write.c:1168 [inline] __x64_sys_writev+0x45/0x50 fs/read_write.c:1168 x64_sys_call+0x2006/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:21 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fae80b4e929 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fae7f1b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: 00007fae80d75fa0 RCX: 00007fae80b4e929 RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000008 RBP: 00007fae7f1b7090 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000000 R14: 00007fae80d75fa0 R15: 00007fff01c84cc8