netlink: 8 bytes leftover after parsing attributes in process `syz.3.7300'. ================================================================== BUG: KCSAN: data-race in data_push_tail / vsnprintf write to 0xffffffff88e38128 of 26 bytes by task 379 on cpu 0: vsnprintf+0x2ce/0x890 lib/vsprintf.c:2826 vscnprintf+0x41/0x90 lib/vsprintf.c:2939 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2216 vprintk_store+0x599/0x860 kernel/printk/printk.c:2336 vprintk_emit+0x178/0x650 kernel/printk/printk.c:2426 vprintk_default+0x26/0x30 kernel/printk/printk.c:2465 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2475 buffer_io_error fs/buffer.c:130 [inline] end_buffer_write_sync+0xf5/0x100 fs/buffer.c:170 end_bio_bh_io_sync+0x76/0xa0 fs/buffer.c:2783 bio_endio+0x374/0x410 block/bio.c:1645 submit_bio_noacct+0x104/0x8f0 block/blk-core.c:881 submit_bio+0x227/0x240 block/blk-core.c:916 submit_bh_wbc+0x2e0/0x320 fs/buffer.c:2831 submit_bh+0x1e/0x30 fs/buffer.c:2836 ext4_commit_super+0x1ac/0x280 fs/ext4/super.c:6222 ext4_handle_error+0x451/0x550 fs/ext4/super.c:709 __ext4_error_inode+0x1e3/0x3f0 fs/ext4/super.c:852 __ext4_get_inode_loc_noinmem fs/ext4/inode.c:4914 [inline] ext4_write_inode+0x218/0x3c0 fs/ext4/inode.c:5669 write_inode fs/fs-writeback.c:1525 [inline] __writeback_single_inode+0x319/0x7c0 fs/fs-writeback.c:1745 writeback_sb_inodes+0x480/0xa20 fs/fs-writeback.c:1976 wb_writeback+0x252/0x5c0 fs/fs-writeback.c:2156 wb_do_writeback fs/fs-writeback.c:2303 [inline] wb_workfn+0x194/0x910 fs/fs-writeback.c:2343 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0x4cb/0x9d0 kernel/workqueue.c:3321 worker_thread+0x582/0x770 kernel/workqueue.c:3402 kthread+0x489/0x510 kernel/kthread.c:464 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 read to 0xffffffff88e38130 of 8 bytes by task 25833 on cpu 1: data_make_reusable kernel/printk/printk_ringbuffer.c:594 [inline] data_push_tail+0xfd/0x420 kernel/printk/printk_ringbuffer.c:679 data_alloc+0xbf/0x2b0 kernel/printk/printk_ringbuffer.c:1054 prb_reserve+0x808/0xaf0 kernel/printk/printk_ringbuffer.c:1669 vprintk_store+0x56d/0x860 kernel/printk/printk.c:2326 vprintk_emit+0x178/0x650 kernel/printk/printk.c:2426 vprintk_default+0x26/0x30 kernel/printk/printk.c:2465 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2475 __nla_validate_parse+0x1738/0x1d00 lib/nlattr.c:647 __nla_parse+0x40/0x60 lib/nlattr.c:732 __nlmsg_parse include/net/netlink.h:787 [inline] nlmsg_parse_deprecated include/net/netlink.h:828 [inline] nl80211_prepare_wdev_dump+0x229/0x3b0 net/wireless/nl80211.c:1024 nl80211_dump_station+0x88/0x440 net/wireless/nl80211.c:6973 genl_dumpit+0xa9/0x110 net/netlink/genetlink.c:1027 netlink_dump+0x38f/0x7f0 net/netlink/af_netlink.c:2309 __netlink_dump_start+0x43e/0x520 net/netlink/af_netlink.c:2424 genl_family_rcv_msg_dumpit+0x115/0x180 net/netlink/genetlink.c:1076 genl_family_rcv_msg net/netlink/genetlink.c:1192 [inline] genl_rcv_msg+0x3f0/0x460 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x120/0x220 net/netlink/af_netlink.c:2534 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x5a1/0x670 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x58b/0x6b0 net/netlink/af_netlink.c:1883 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg+0x145/0x180 net/socket.c:727 ____sys_sendmsg+0x31e/0x4e0 net/socket.c:2566 ___sys_sendmsg+0x17b/0x1d0 net/socket.c:2620 __sys_sendmsg net/socket.c:2652 [inline] __do_sys_sendmsg net/socket.c:2657 [inline] __se_sys_sendmsg net/socket.c:2655 [inline] __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2655 x64_sys_call+0x2999/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x0000000100003d1e -> 0x726f727265204f2f Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 25833 Comm: syz.3.7300 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 ==================================================================