syzbot

EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
EXT4-fs (loop1): 1 truncate cleaned up
EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
==================================================================
BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked

read-write to 0xffff88811ad21b48 of 8 bytes by interrupt on cpu 0:
 instrument_read_write include/linux/instrumented.h:56 [inline]
 __instrument_read_write_bitop include/asm-generic/bitops/instrumented-non-atomic.h:84 [inline]
 ___test_and_clear_bit include/asm-generic/bitops/instrumented-non-atomic.h:114 [inline]
 node_clear_mark lib/xarray.c:102 [inline]
 xas_clear_mark lib/xarray.c:922 [inline]
 __xa_clear_mark+0xf5/0x1e0 lib/xarray.c:2100
 __folio_end_writeback+0xf4/0x360 mm/page-writeback.c:2948
 folio_end_writeback_no_dropbehind+0x6d/0x1d0 mm/filemap.c:1666
 folio_end_writeback+0x1c/0x70 mm/filemap.c:1692
 ext4_finish_bio+0x459/0x8b0 fs/ext4/page-io.c:145
 ext4_end_bio+0x27b/0x380 fs/ext4/page-io.c:393
 bio_endio+0x38a/0x420 block/bio.c:1792
 blk_update_request+0x338/0x740 block/blk-mq.c:1016
 blk_mq_end_request+0x26/0x50 block/blk-mq.c:1178
 lo_complete_rq+0x98/0x140 drivers/block/loop.c:314
 blk_complete_reqs block/blk-mq.c:1253 [inline]
 blk_done_softirq+0x77/0xb0 block/blk-mq.c:1258
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:1063
 smpboot_thread_fn+0x32a/0x510 kernel/smpboot.c:160
 kthread+0x22a/0x280 kernel/kthread.c:436
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read to 0xffff88811ad21b48 of 8 bytes by task 5676 on cpu 1:
 xas_find_chunk include/linux/xarray.h:1752 [inline]
 xas_find_marked+0x213/0x620 lib/xarray.c:1510
 find_get_entry mm/filemap.c:2069 [inline]
 filemap_get_folios_tag+0xfa/0x510 mm/filemap.c:2337
 __filemap_fdatawait_range mm/filemap.c:523 [inline]
 file_write_and_wait_range+0x20c/0x2f0 mm/filemap.c:789
 generic_buffers_fsync_noflush+0x45/0x130 fs/buffer.c:606
 ext4_fsync_nojournal fs/ext4/fsync.c:92 [inline]
 ext4_sync_file+0x1e4/0x710 fs/ext4/fsync.c:159
 vfs_fsync_range+0xc5/0xe0 fs/sync.c:186
 generic_write_sync include/linux/fs.h:2640 [inline]
 ext4_buffered_write_iter+0x34f/0x3c0 fs/ext4/file.c:306
 ext4_file_write_iter+0x380/0xfa0 fs/ext4/file.c:-1
 do_iter_readv_writev+0x4fd/0x5a0 fs/read_write.c:-1
 vfs_writev+0x2e1/0x900 fs/read_write.c:1059
 do_pwritev fs/read_write.c:1155 [inline]
 __do_sys_pwritev2 fs/read_write.c:1213 [inline]
 __se_sys_pwritev2+0xfc/0x1c0 fs/read_write.c:1204
 __x64_sys_pwritev2+0x67/0x80 fs/read_write.c:1204
 x64_sys_call+0xe07/0x3020 arch/x86/include/generated/asm/syscalls_64.h:329
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x000000000007ffe0 -> 0x000000000007ff00

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 5676 Comm: syz.1.580 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
==================================================================