syzbot

==================================================================
BUG: KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free

write to 0xffff88810fe0c0e8 of 4 bytes by task 7165 on cpu 0:
 __local_list_add_pending kernel/bpf/bpf_lru_list.c:358 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:457 [inline]
 bpf_lru_pop_free+0xbf0/0xcd0 kernel/bpf/bpf_lru_list.c:504
 prealloc_lru_pop kernel/bpf/hashtab.c:303 [inline]
 __htab_lru_percpu_map_update_elem+0xea/0x600 kernel/bpf/hashtab.c:1349
 bpf_percpu_hash_update+0x61/0xa0 kernel/bpf/hashtab.c:2408
 bpf_map_update_value+0x297/0x3a0 kernel/bpf/syscall.c:268
 generic_map_update_batch+0x3f5/0x540 kernel/bpf/syscall.c:1989
 bpf_map_do_batch+0x255/0x380 kernel/bpf/syscall.c:5512
 __sys_bpf+0x5ee/0x7b0 kernel/bpf/syscall.c:-1
 __do_sys_bpf kernel/bpf/syscall.c:6139 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:6137 [inline]
 __x64_sys_bpf+0x41/0x50 kernel/bpf/syscall.c:6137
 x64_sys_call+0x2aea/0x2ff0 arch/x86/include/generated/asm/syscalls_64.h:322
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff88810fe0c0e8 of 4 bytes by task 4530 on cpu 1:
 lookup_nulls_elem_raw kernel/bpf/hashtab.c:643 [inline]
 __htab_map_lookup_elem+0xab/0x150 kernel/bpf/hashtab.c:673
 htab_lru_percpu_map_lookup_percpu_elem+0x43/0xf0 kernel/bpf/hashtab.c:2359
 bpf_prog_30f6e55231ed8cc8+0x40/0x48
 bpf_dispatcher_nop_func include/linux/bpf.h:1332 [inline]
 __bpf_prog_run include/linux/filter.h:718 [inline]
 bpf_prog_run include/linux/filter.h:725 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2257 [inline]
 bpf_trace_run2+0x107/0x1c0 kernel/trace/bpf_trace.c:2298
 __traceiter_kfree+0x2e/0x50 include/trace/events/kmem.h:94
 __do_trace_kfree include/trace/events/kmem.h:94 [inline]
 trace_kfree include/trace/events/kmem.h:94 [inline]
 kfree+0x27b/0x320 mm/slub.c:4866
 context_destroy security/selinux/ss/context.h:185 [inline]
 security_compute_sid+0x11da/0x1290 security/selinux/ss/services.c:1946
 security_transition_sid+0x5a/0x70 security/selinux/ss/services.c:1968
 selinux_determine_inode_label+0x1e3/0x210 security/selinux/hooks.c:1803
 may_create+0x1e2/0x2b0 security/selinux/hooks.c:1837
 selinux_inode_mkdir+0x22/0x30 security/selinux/hooks.c:3046
 security_inode_mkdir+0x7a/0xc0 security/security.c:2198
 vfs_mkdir+0x18c/0x340 fs/namei.c:4358
 do_mkdirat+0x132/0x3f0 fs/namei.c:4399
 __do_sys_mkdirat fs/namei.c:4416 [inline]
 __se_sys_mkdirat fs/namei.c:4414 [inline]
 __x64_sys_mkdirat+0x4c/0x60 fs/namei.c:4414
 x64_sys_call+0x2b7/0x2ff0 arch/x86/include/generated/asm/syscalls_64.h:259
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xd8ed1f1f -> 0x03db37d4

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 4530 Comm: syz-executor Tainted: G        W           6.17.0-rc1-syzkaller-00214-g99bade344cfa #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
==================================================================