syzbot

==================================================================
BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping

write to 0xffffea00041de818 of 8 bytes by task 6924 on cpu 1:
 page_cache_delete mm/filemap.c:144 [inline]
 __filemap_remove_folio+0x1a5/0x2a0 mm/filemap.c:224
 folio_unmap_invalidate+0x1dd/0x360 mm/truncate.c:618
 invalidate_inode_pages2_range+0x27c/0x3d0 mm/truncate.c:693
 filemap_invalidate_pages+0x16d/0x1a0 mm/filemap.c:2817
 kiocb_invalidate_pages+0x6e/0x80 mm/filemap.c:2825
 __iomap_dio_rw+0x5d4/0x1250 fs/iomap/direct-io.c:703
 iomap_dio_rw+0x40/0x90 fs/iomap/direct-io.c:823
 ext4_dio_write_iter fs/ext4/file.c:575 [inline]
 ext4_file_write_iter+0xad9/0xf00 fs/ext4/file.c:716
 iter_file_splice_write+0x5ef/0x970 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x156/0x2a0 fs/splice.c:1158
 splice_direct_to_actor+0x312/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xda/0x150 fs/splice.c:1227
 do_sendfile+0x380/0x640 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1415
 x64_sys_call+0xb39/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd0/0x1a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffea00041de818 of 8 bytes by task 6911 on cpu 0:
 folio_mapping+0xa1/0x120 mm/util.c:701
 folio_evictable mm/internal.h:475 [inline]
 lru_add+0x80/0x430 mm/swap.c:136
 folio_batch_move_lru+0x177/0x230 mm/swap.c:168
 lru_add_drain_cpu+0x77/0x250 mm/swap.c:642
 lru_add_drain mm/swap.c:730 [inline]
 __folio_batch_release+0x44/0xb0 mm/swap.c:1049
 folio_batch_release include/linux/pagevec.h:101 [inline]
 filemap_splice_read+0x521/0x6b0 mm/filemap.c:3032
 ext4_file_splice_read+0x8f/0xb0 fs/ext4/file.c:158
 do_splice_read fs/splice.c:979 [inline]
 splice_direct_to_actor+0x26c/0x680 fs/splice.c:1083
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xda/0x150 fs/splice.c:1227
 do_sendfile+0x380/0x640 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1415
 x64_sys_call+0xb39/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd0/0x1a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xffff888107316618 -> 0x0000000000000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 6911 Comm: syz.3.1098 Tainted: G        W           6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in ext4_do_writepages / xas_set_mark

write to 0xffff888107316624 of 4 bytes by task 6924 on cpu 1:
 xa_mark_set lib/xarray.c:71 [inline]
 xas_set_mark+0x12b/0x140 lib/xarray.c:900
 __folio_start_writeback+0x1dd/0x430 mm/page-writeback.c:3096
 ext4_bio_write_folio+0x590/0x9d0 fs/ext4/page-io.c:583
 mpage_submit_folio fs/ext4/inode.c:1937 [inline]
 mpage_process_page_bufs+0x46c/0x5b0 fs/ext4/inode.c:2050
 mpage_prepare_extent_to_map+0x775/0xb80 fs/ext4/inode.c:2551
 ext4_do_writepages+0xa25/0x2270 fs/ext4/inode.c:2737
 ext4_writepages+0x176/0x300 fs/ext4/inode.c:2829
 do_writepages+0x1d5/0x480 mm/page-writeback.c:2656
 filemap_fdatawrite_wbc mm/filemap.c:386 [inline]
 __filemap_fdatawrite_range mm/filemap.c:419 [inline]
 file_write_and_wait_range+0x156/0x2c0 mm/filemap.c:794
 generic_buffers_fsync_noflush+0x45/0x120 fs/buffer.c:611
 ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
 ext4_sync_file+0x1ab/0x690 fs/ext4/fsync.c:147
 vfs_fsync_range+0x10d/0x130 fs/sync.c:187
 generic_write_sync include/linux/fs.h:2976 [inline]
 ext4_buffered_write_iter+0x34f/0x3c0 fs/ext4/file.c:305
 ext4_dio_write_iter fs/ext4/file.c:608 [inline]
 ext4_file_write_iter+0xdbf/0xf00 fs/ext4/file.c:716
 iter_file_splice_write+0x5ef/0x970 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x156/0x2a0 fs/splice.c:1158
 splice_direct_to_actor+0x312/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xda/0x150 fs/splice.c:1227
 do_sendfile+0x380/0x640 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1415
 x64_sys_call+0xb39/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd0/0x1a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888107316624 of 4 bytes by task 6911 on cpu 0:
 xa_marked include/linux/xarray.h:424 [inline]
 mapping_tagged include/linux/fs.h:540 [inline]
 ext4_do_writepages+0xf2/0x2270 fs/ext4/inode.c:2594
 ext4_writepages+0x176/0x300 fs/ext4/inode.c:2829
 do_writepages+0x1d5/0x480 mm/page-writeback.c:2656
 filemap_fdatawrite_wbc mm/filemap.c:386 [inline]
 __filemap_fdatawrite_range mm/filemap.c:419 [inline]
 filemap_write_and_wait_range+0x144/0x340 mm/filemap.c:691
 filemap_invalidate_pages+0xa4/0x1a0 mm/filemap.c:2806
 kiocb_invalidate_pages+0x6e/0x80 mm/filemap.c:2825
 __iomap_dio_rw+0x5d4/0x1250 fs/iomap/direct-io.c:703
 iomap_dio_rw+0x40/0x90 fs/iomap/direct-io.c:823
 ext4_dio_write_iter fs/ext4/file.c:575 [inline]
 ext4_file_write_iter+0xad9/0xf00 fs/ext4/file.c:716
 iter_file_splice_write+0x5ef/0x970 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x156/0x2a0 fs/splice.c:1158
 splice_direct_to_actor+0x312/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xda/0x150 fs/splice.c:1227
 do_sendfile+0x380/0x640 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1415
 x64_sys_call+0xb39/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd0/0x1a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0a000021 -> 0x00000021

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 6911 Comm: syz.3.1098 Tainted: G        W           6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
==================================================================
syz.3.1098 (6911) used greatest stack depth: 9400 bytes left