syz.0.15384[9510] is installing a program with bpf_probe_write_user helper that may corrupt user memory! ================================================================== BUG: KCSAN: data-race in _prb_read_valid / prb_reserve write to 0xffffffff86712e18 of 8 bytes by task 9380 on cpu 1: prb_reserve+0x740/0xb60 vprintk_store+0x558/0x870 kernel/printk/printk.c:2326 vprintk_emit+0x15e/0x680 kernel/printk/printk.c:2408 vprintk_default+0x26/0x30 kernel/printk/printk.c:2447 vprintk+0x75/0x80 kernel/printk/printk_safe.c:86 _printk+0x7a/0xa0 kernel/printk/printk.c:2457 batadv_check_known_mac_addr+0x153/0x180 net/batman-adv/hard-interface.c:528 batadv_hard_if_event+0x4b9/0xfb0 net/batman-adv/hard-interface.c:998 notifier_call_chain kernel/notifier.c:85 [inline] raw_notifier_call_chain+0x6f/0x1d0 kernel/notifier.c:453 call_netdevice_notifiers_info+0xae/0x100 net/core/dev.c:1996 call_netdevice_notifiers_extack net/core/dev.c:2034 [inline] call_netdevice_notifiers net/core/dev.c:2048 [inline] dev_set_mac_address+0x1ff/0x260 net/core/dev.c:9212 dev_set_mac_address_user+0x31/0x50 net/core/dev.c:9226 do_setlink+0x3ec/0x22c0 net/core/rtnetlink.c:3064 rtnl_changelink net/core/rtnetlink.c:3723 [inline] __rtnl_newlink net/core/rtnetlink.c:3874 [inline] rtnl_newlink+0xd79/0x1200 net/core/rtnetlink.c:4011 rtnetlink_rcv_msg+0x651/0x710 net/core/rtnetlink.c:6921 netlink_rcv_skb+0x12c/0x230 net/netlink/af_netlink.c:2542 rtnetlink_rcv+0x1c/0x30 net/core/rtnetlink.c:6948 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x599/0x670 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x5cc/0x6e0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x140/0x180 net/socket.c:726 __sys_sendto+0x1a8/0x230 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0x78/0x90 net/socket.c:2200 x64_sys_call+0x29fa/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff86712e18 of 8 bytes by task 9510 on cpu 0: desc_read kernel/printk/printk_ringbuffer.c:486 [inline] prb_first_seq kernel/printk/printk_ringbuffer.c:1957 [inline] _prb_read_valid+0x3bb/0xba0 kernel/printk/printk_ringbuffer.c:2114 prb_read_valid+0x3d/0x60 kernel/printk/printk_ringbuffer.c:2182 printk_get_next_message+0xd4/0x710 kernel/printk/printk.c:2989 console_emit_next_record kernel/printk/printk.c:3076 [inline] console_flush_all+0x28a/0x770 kernel/printk/printk.c:3210 __console_flush_and_unlock kernel/printk/printk.c:3269 [inline] console_unlock+0xab/0x330 kernel/printk/printk.c:3309 vprintk_emit+0x3f4/0x680 kernel/printk/printk.c:2432 vprintk_default+0x26/0x30 kernel/printk/printk.c:2447 vprintk+0x75/0x80 kernel/printk/printk_safe.c:86 _printk+0x7a/0xa0 kernel/printk/printk.c:2457 bpf_get_probe_write_proto+0x8b/0x90 kernel/trace/bpf_trace.c:365 bpf_tracing_func_proto+0x596/0x790 kernel/trace/bpf_trace.c:1490 raw_tp_prog_func_proto+0x65/0xc0 kernel/trace/bpf_trace.c:1973 get_helper_proto kernel/bpf/verifier.c:10641 [inline] check_helper_call+0x13d/0x3d00 kernel/bpf/verifier.c:10661 do_check+0x4b03/0x7090 kernel/bpf/verifier.c:18767 do_check_common+0xc37/0x1090 kernel/bpf/verifier.c:21844 do_check_main kernel/bpf/verifier.c:21935 [inline] bpf_check+0x3edb/0xd5e0 kernel/bpf/verifier.c:22661 bpf_prog_load+0xed4/0x1070 kernel/bpf/syscall.c:2947 __sys_bpf+0x463/0x7a0 kernel/bpf/syscall.c:5790 __do_sys_bpf kernel/bpf/syscall.c:5897 [inline] __se_sys_bpf kernel/bpf/syscall.c:5895 [inline] __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5895 x64_sys_call+0x2914/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:322 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x0000000000001711 -> 0x0000000000000000 Reported by Kernel Concurrency Sanitizer on: CPU: 0 UID: 0 PID: 9510 Comm: syz.0.15384 Tainted: G W 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 ================================================================== syz.0.15384[9510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!