netlink: 6 bytes leftover after parsing attributes in process `syz.1.2674'. ================================================================== BUG: KCSAN: data-race in data_push_tail / vsnprintf write to 0xffffffff8938a348 of 11 bytes by task 12015 on cpu 0: vsnprintf+0x2ce/0x860 lib/vsprintf.c:2899 vscnprintf+0x41/0x90 lib/vsprintf.c:3013 printk_sprint+0x30/0x2b0 kernel/printk/printk.c:2222 vprintk_store+0x57b/0x910 kernel/printk/printk.c:2364 vprintk_emit+0x1a4/0x600 kernel/printk/printk.c:2455 vprintk_default+0x26/0x30 kernel/printk/printk.c:2494 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2504 __nla_validate_parse+0x1735/0x1cf0 lib/nlattr.c:647 __nla_parse+0x40/0x60 lib/nlattr.c:732 nla_parse_nested_deprecated include/net/netlink.h:1379 [inline] tc_action_load_ops+0xa6/0x3b0 net/sched/act_api.c:1345 tcf_action_init+0x182/0x700 net/sched/act_api.c:1499 tcf_action_add net/sched/act_api.c:2106 [inline] tc_ctl_action+0x29b/0x830 net/sched/act_api.c:2163 rtnetlink_rcv_msg+0x6a7/0x720 net/core/rtnetlink.c:7006 netlink_rcv_skb+0x123/0x220 net/netlink/af_netlink.c:2555 rtnetlink_rcv+0x1c/0x30 net/core/rtnetlink.c:7024 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x5a8/0x680 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x5c8/0x6f0 net/netlink/af_netlink.c:1899 sock_sendmsg_nosec net/socket.c:787 [inline] __sock_sendmsg net/socket.c:802 [inline] __sys_sendto+0x42e/0x490 net/socket.c:2265 __do_sys_sendto net/socket.c:2272 [inline] __se_sys_sendto net/socket.c:2268 [inline] __x64_sys_sendto+0x76/0x90 net/socket.c:2268 x64_sys_call+0x2d35/0x3020 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x12c/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff8938a348 of 8 bytes by task 12019 on cpu 1: data_make_reusable kernel/printk/printk_ringbuffer.c:608 [inline] data_push_tail+0x100/0x470 kernel/printk/printk_ringbuffer.c:693 data_alloc+0x11b/0x390 kernel/printk/printk_ringbuffer.c:1089 prb_reserve+0x8d6/0xad0 kernel/printk/printk_ringbuffer.c:1727 vprintk_store+0x54a/0x910 kernel/printk/printk.c:2354 vprintk_emit+0x1a4/0x600 kernel/printk/printk.c:2455 vprintk_default+0x26/0x30 kernel/printk/printk.c:2494 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2504 __nla_validate_parse+0x1735/0x1cf0 lib/nlattr.c:647 nla_validate_array lib/nlattr.c:109 [inline] validate_nla lib/nlattr.c:536 [inline] __nla_validate_parse+0x6a4/0x1cf0 lib/nlattr.c:635 __nla_parse+0x40/0x60 lib/nlattr.c:732 nla_parse_deprecated include/net/netlink.h:736 [inline] nfnetlink_rcv_msg+0x37f/0x5d0 net/netfilter/nfnetlink.c:273 netlink_rcv_skb+0x123/0x220 net/netlink/af_netlink.c:2555 nfnetlink_rcv+0x167/0x1720 net/netfilter/nfnetlink.c:667 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x5a8/0x680 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x5c8/0x6f0 net/netlink/af_netlink.c:1899 sock_sendmsg_nosec net/socket.c:787 [inline] __sock_sendmsg net/socket.c:802 [inline] ____sys_sendmsg+0x563/0x5b0 net/socket.c:2698 ___sys_sendmsg+0x195/0x1e0 net/socket.c:2752 __sys_sendmsg net/socket.c:2784 [inline] __do_sys_sendmsg net/socket.c:2789 [inline] __se_sys_sendmsg net/socket.c:2787 [inline] __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2787 x64_sys_call+0x194c/0x3020 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x12c/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x3fffffffffffe6ae -> 0x3a6b6e696c74656e Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 12019 Comm: syz.1.2674 Not tainted syzkaller #0 PREEMPT(lazy) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 ================================================================== netlink: 6 bytes leftover after parsing attributes in process `syz.1.2674'.