__dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xda/0x130 lib/dump_stack.c:106 dump_stack+0x15/0x20 lib/dump_stack.c:113 dump_header+0x82/0x2d0 mm/oom_kill.c:460 oom_kill_process+0x33a/0x4c0 mm/oom_kill.c:1031 out_of_memory+0x9ca/0xbf0 mm/oom_kill.c:1169 mem_cgroup_out_of_memory+0x139/0x190 mm/memcontrol.c:1791 mem_cgroup_oom mm/memcontrol.c:2021 [inline] try_charge_memcg+0x75c/0xd30 mm/memcontrol.c:2790 obj_cgroup_charge_pages+0xab/0x130 mm/memcontrol.c:3254 ================================================================== BUG: KCSAN: data-race in data_push_tail / string write to 0xffffffff86ead278 of 1 bytes by task 32689 on cpu 1: string_nocheck lib/vsprintf.c:650 [inline] string+0x16c/0x200 lib/vsprintf.c:728 vsnprintf+0xa09/0xe20 lib/vsprintf.c:2819 vscnprintf+0x42/0x80 lib/vsprintf.c:2925 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2124 vprintk_store+0x56f/0x800 kernel/printk/printk.c:2238 vprintk_emit+0xd0/0x5d0 kernel/printk/printk.c:2284 vprintk_default+0x26/0x30 kernel/printk/printk.c:2318 vprintk+0x71/0x80 kernel/printk/printk_safe.c:45 _printk+0x7a/0xa0 kernel/printk/printk.c:2328 caif_disconnect_client+0x133/0x140 net/caif/cfcnfg.c:194 chnl_net_open+0x50b/0x5b0 net/caif/chnl_net.c:326 __dev_open+0x281/0x3a0 net/core/dev.c:1447 __dev_change_flags+0x159/0x400 net/core/dev.c:8605 dev_change_flags+0x59/0xd0 net/core/dev.c:8677 do_setlink+0x9f6/0x2430 net/core/rtnetlink.c:2916 rtnl_group_changelink net/core/rtnetlink.c:3458 [inline] __rtnl_newlink net/core/rtnetlink.c:3717 [inline] rtnl_newlink+0xbb3/0x1670 net/core/rtnetlink.c:3754 rtnetlink_rcv_msg+0x807/0x8c0 net/core/rtnetlink.c:6558 netlink_rcv_skb+0x126/0x220 net/netlink/af_netlink.c:2545 rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:6576 netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline] netlink_unicast+0x589/0x650 net/netlink/af_netlink.c:1368 netlink_sendmsg+0x66e/0x770 net/netlink/af_netlink.c:1910 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg net/socket.c:745 [inline] ____sys_sendmsg+0x37c/0x4d0 net/socket.c:2584 ___sys_sendmsg net/socket.c:2638 [inline] __sys_sendmsg+0x1e9/0x270 net/socket.c:2667 __do_sys_sendmsg net/socket.c:2676 [inline] __se_sys_sendmsg net/socket.c:2674 [inline] __x64_sys_sendmsg+0x46/0x50 net/socket.c:2674 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x63/0x6b read to 0xffffffff86ead278 of 8 bytes by task 32677 on cpu 0: data_make_reusable kernel/printk/printk_ringbuffer.c:590 [inline] data_push_tail+0x102/0x430 kernel/printk/printk_ringbuffer.c:675 data_alloc+0xbe/0x2c0 kernel/printk/printk_ringbuffer.c:1046 prb_reserve+0x893/0xbc0 kernel/printk/printk_ringbuffer.c:1555 vprintk_store+0x53e/0x800 kernel/printk/printk.c:2228 vprintk_emit+0xd0/0x5d0 kernel/printk/printk.c:2284 vprintk_default+0x26/0x30 kernel/printk/printk.c:2318 vprintk+0x71/0x80 kernel/printk/printk_safe.c:45 _printk+0x7a/0xa0 kernel/printk/printk.c:2328 printk_stack_address arch/x86/kernel/dumpstack.c:72 [inline] show_trace_log_lvl+0x42e/0x510 arch/x86/kernel/dumpstack.c:285 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xda/0x130 lib/dump_stack.c:106 dump_stack+0x15/0x20 lib/dump_stack.c:113 dump_header+0x82/0x2d0 mm/oom_kill.c:460 oom_kill_process+0x33a/0x4c0 mm/oom_kill.c:1031 out_of_memory+0x9ca/0xbf0 mm/oom_kill.c:1169 mem_cgroup_out_of_memory+0x139/0x190 mm/memcontrol.c:1791 mem_cgroup_oom mm/memcontrol.c:2021 [inline] try_charge_memcg+0x75c/0xd30 mm/memcontrol.c:2790 obj_cgroup_charge_pages+0xab/0x130 mm/memcontrol.c:3254 obj_cgroup_charge+0xec/0x140 mm/memcontrol.c:3545 memcg_slab_pre_alloc_hook mm/slab.h:508 [inline] slab_pre_alloc_hook mm/slab.h:715 [inline] slab_alloc_node mm/slub.c:3460 [inline] __kmem_cache_alloc_node+0xb3/0x210 mm/slub.c:3517 kmalloc_trace+0x2a/0xa0 mm/slab_common.c:1098 kmalloc include/linux/slab.h:600 [inline] kzalloc include/linux/slab.h:721 [inline] get_undo_list ipc/sem.c:1856 [inline] copy_semundo+0x8d/0x170 ipc/sem.c:2312 copy_process+0xf2a/0x20a0 kernel/fork.c:2487 kernel_clone+0x169/0x560 kernel/fork.c:2907 __do_sys_clone3 kernel/fork.c:3208 [inline] __se_sys_clone3+0x1b5/0x1f0 kernel/fork.c:3192 __x64_sys_clone3+0x31/0x40 kernel/fork.c:3192 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x63/0x6b value changed: 0x0000000100023dcb -> 0x6e203a2928746e65 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 32677 Comm: syz-executor.4 Not tainted 6.7.0-rc1-syzkaller-00125-g7475e51b8796 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 ================================================================== obj_cgroup_charge+0xec/0x140 mm/memcontrol.c:3545 memcg_slab_pre_alloc_hook mm/slab.h:508 [inline] slab_pre_alloc_hook mm/slab.h:715 [inline] slab_alloc_node mm/slub.c:3460 [inline] __kmem_cache_alloc_node+0xb3/0x210 mm/slub.c:3517 kmalloc_trace+0x2a/0xa0 mm/slab_common.c:1098 kmalloc include/linux/slab.h:600 [inline] kzalloc include/linux/slab.h:721 [inline] get_undo_list ipc/sem.c:1856 [inline] copy_semundo+0x8d/0x170 ipc/sem.c:2312 copy_process+0xf2a/0x20a0 kernel/fork.c:2487 kernel_clone+0x169/0x560 kernel/fork.c:2907 __do_sys_clone3 kernel/fork.c:3208 [inline] __se_sys_clone3+0x1b5/0x1f0 kernel/fork.c:3192 __x64_sys_clone3+0x31/0x40 kernel/fork.c:3192 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x63/0x6b RIP: 0033:0x7fe82b2148d9 Code: ff ff eb d2 e8 f8 62 fd ff 0f 1f 84 00 00 00 00 00 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 RSP: 002b:00007ffef0ae72f8 EFLAGS: 00000202 ORIG_RAX: 00000000000001b3 RAX: ffffffffffffffda RBX: 00007fe82b1bcfb0 RCX: 00007fe82b2148d9 RDX: 00007fe82b1bcfb0 RSI: 0000000000000058 RDI: 00007ffef0ae7340 RBP: 00007fe82a56b6c0 R08: 00007fe82a56b6c0 R09: 00007ffef0ae7427 R10: 0000000000000008 R11: 0000000000000202 R12: ffffffffffffffb0 R13: 000000000000000b R14: 00007ffef0ae7340 R15: 00007ffef0ae7428 memory: usage 307200kB, limit 307200kB, failcnt 202590 memory+swap: usage 427780kB, limit 9007199254740988kB, failcnt 0 kmem: usage 206028kB, limit 9007199254740988kB, failcnt 0 Memory cgroup stats for /syz4: cache 8429568 rss 94797824 shmem 8417280 mapped_file 524288 dirty 0 writeback 0 workingset_refault_anon 4 workingset_refault_file 28 swap 123482112 swapcached 364544 pgpgin 487689 pgpgout 462398 pgfault 634710 pgmajfault 7 inactive_anon 90103808 active_anon 13475840 inactive_file 8192 active_file 4096 unevictable 0 hierarchical_memory_limit 314572800 hierarchical_memsw_limit 9223372036854771712 total_cache 8429568 total_rss 94797824 total_shmem 8417280 total_mapped_file 524288 total_dirty 0 total_writeback 0 total_workingset_refault_anon 4 total_workingset_refault_file 28 total_swap 123482112 total_swapcached 364544 total_pgpgin 487689 total_pgpgout 462398 total_pgfault 634710 total_pgmajfault 7 total_inactive_anon 90103808 total_active_anon 13475840 total_inactive_file 8192 total_active_file 4096 total_unevictable 0 oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=32677,uid=0 Memory cgroup out of memory: Killed process 32677 (syz-executor.4) total-vm:46296kB, anon-rss:380kB, file-rss:8960kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000