==================================================================
BUG: KCSAN: data-race in mod_timer / run_timer_softirq

read to 0xffff88812c01da88 of 8 bytes by interrupt on cpu 1:
 __mod_timer kernel/time/timer.c:1026 [inline]
 mod_timer+0x1ec/0x7a0 kernel/time/timer.c:1100
 sctp_transport_reset_hb_timer+0x149/0x200 net/sctp/transport.c:197
 sctp_do_8_2_transport_strike.isra.0+0x49e/0x550 net/sctp/sm_sideeffect.c:557
 sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1627 [inline]
 sctp_side_effects net/sctp/sm_sideeffect.c:1189 [inline]
 sctp_do_sm+0xbec/0x2f10 net/sctp/sm_sideeffect.c:1160
 sctp_generate_timeout_event+0x11c/0x1b0 net/sctp/sm_sideeffect.c:295
 sctp_generate_t2_shutdown_event+0x27/0x30 net/sctp/sm_sideeffect.c:329
 call_timer_fn+0x5f/0x2f0 kernel/time/timer.c:1404
 expire_timers kernel/time/timer.c:1449 [inline]
 __run_timers kernel/time/timer.c:1773 [inline]
 __run_timers kernel/time/timer.c:1740 [inline]
 run_timer_softirq+0xc0c/0xcd0 kernel/time/timer.c:1786
 __do_softirq+0x115/0x33f kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xbb/0xe0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:536 [inline]
 smp_apic_timer_interrupt+0xe6/0x280 arch/x86/kernel/apic/apic.c:1137
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 should_watch kernel/kcsan/core.c:206 [inline]
 check_access kernel/kcsan/core.c:458 [inline]
 __tsan_unaligned_write4+0xb2/0x110 kernel/kcsan/core.c:588
 __tlb_remove_page_size+0x56/0x1d0 mm/mmu_gather.c:81
 __tlb_remove_page include/asm-generic/tlb.h:414 [inline]
 zap_pte_range mm/memory.c:1083 [inline]
 zap_pmd_range mm/memory.c:1184 [inline]
 zap_pud_range mm/memory.c:1213 [inline]
 zap_p4d_range mm/memory.c:1234 [inline]
 unmap_page_range+0xb8e/0x1940 mm/memory.c:1255
 unmap_single_vma+0x144/0x200 mm/memory.c:1300
 unmap_vmas+0xda/0x1a0 mm/memory.c:1332
 exit_mmap+0x13e/0x300 mm/mmap.c:3140
 __mmput kernel/fork.c:1082 [inline]
 mmput+0xea/0x280 kernel/fork.c:1103
 exit_mm kernel/exit.c:485 [inline]
 do_exit+0x4ac/0x18c0 kernel/exit.c:784
 do_group_exit+0xb4/0x1c0 kernel/exit.c:895
 __do_sys_exit_group kernel/exit.c:906 [inline]
 __se_sys_exit_group kernel/exit.c:904 [inline]
 __x64_sys_exit_group+0x2e/0x30 kernel/exit.c:904
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff88812c01da88 of 8 bytes by interrupt on cpu 0:
 expire_timers kernel/time/timer.c:1450 [inline]
 __run_timers kernel/time/timer.c:1773 [inline]
 __run_timers kernel/time/timer.c:1740 [inline]
 run_timer_softirq+0xc14/0xcd0 kernel/time/timer.c:1786
 __do_softirq+0x115/0x33f kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xbb/0xe0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:536 [inline]
 smp_apic_timer_interrupt+0xe6/0x280 arch/x86/kernel/apic/apic.c:1137
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 arch_local_irq_enable arch/x86/include/asm/paravirt.h:762 [inline]
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline]
 _raw_spin_unlock_irq+0x4e/0x80 kernel/locking/spinlock.c:199
 finish_lock_switch kernel/sched/core.c:3124 [inline]
 finish_task_switch+0x7b/0x260 kernel/sched/core.c:3224
 context_switch kernel/sched/core.c:3388 [inline]
 __schedule+0x30e/0x690 kernel/sched/core.c:4081
 preempt_schedule_common+0x37/0x90 kernel/sched/core.c:4236
 preempt_schedule+0x30/0x40 kernel/sched/core.c:4261
 ___preempt_schedule+0x16/0x18 arch/x86/entry/thunk_64.S:50
 __local_bh_enable_ip+0x44/0x80 kernel/softirq.c:196
 local_bh_enable include/linux/bottom_half.h:32 [inline]
 get_next_corpse net/netfilter/nf_conntrack_core.c:2011 [inline]
 nf_ct_iterate_cleanup+0x129/0x2e0 net/netfilter/nf_conntrack_core.c:2034
 nf_ct_iterate_cleanup_net net/netfilter/nf_conntrack_core.c:2119 [inline]
 nf_ct_iterate_cleanup_net+0xe2/0xf0 net/netfilter/nf_conntrack_core.c:2104
 masq_device_event+0x8a/0x90 net/netfilter/nf_nat_masquerade.c:88
 notifier_call_chain+0xd7/0x160 kernel/notifier.c:83
 __raw_notifier_call_chain kernel/notifier.c:361 [inline]
 raw_notifier_call_chain+0x37/0x50 kernel/notifier.c:368
 call_netdevice_notifiers_info net/core/dev.c:1893 [inline]
 call_netdevice_notifiers_info+0x9a/0x120 net/core/dev.c:1878
 call_netdevice_notifiers_extack net/core/dev.c:1905 [inline]
 call_netdevice_notifiers net/core/dev.c:1919 [inline]
 dev_close_many+0x24f/0x380 net/core/dev.c:1544
 rollback_registered_many+0x2f5/0xa40 net/core/dev.c:8721
 unregister_netdevice_many net/core/dev.c:9907 [inline]
 unregister_netdevice_many+0x62/0x240 net/core/dev.c:9902
 default_device_exit_batch+0x234/0x270 net/core/dev.c:10380
 ops_exit_list.isra.0+0xa2/0xc0 net/core/net_namespace.c:175
 cleanup_net+0x405/0x6b0 net/core/net_namespace.c:597
 process_one_work+0x3d4/0x890 kernel/workqueue.c:2264
 worker_thread+0xa0/0x800 kernel/workqueue.c:2410
 kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 1043 Comm: kworker/u4:7 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
==================================================================