syzbot

EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
==================================================================
BUG: KCSAN: data-race in __lru_add_drain_all / folios_put_refs

write to 0xffff888237d25ee8 of 1 bytes by task 18234 on cpu 1:
 folio_batch_reinit include/linux/pagevec.h:50 [inline]
 folios_put_refs+0x285/0x2d0 mm/swap.c:996
 folios_put include/linux/mm.h:1484 [inline]
 folio_batch_move_lru+0x24b/0x280 mm/swap.c:179
 __folio_batch_add_and_move mm/swap.c:196 [inline]
 folio_add_lru+0x14a/0x1f0 mm/swap.c:511
 shmem_alloc_and_add_folio mm/shmem.c:1969 [inline]
 shmem_get_folio_gfp+0x7ab/0xd60 mm/shmem.c:2533
 shmem_fault+0xf6/0x250 mm/shmem.c:2734
 __do_fault+0xbc/0x200 mm/memory.c:5280
 do_read_fault mm/memory.c:5698 [inline]
 do_fault mm/memory.c:5832 [inline]
 do_pte_missing mm/memory.c:4361 [inline]
 handle_pte_fault mm/memory.c:6177 [inline]
 __handle_mm_fault mm/memory.c:6318 [inline]
 handle_mm_fault+0xf78/0x2be0 mm/memory.c:6487
 faultin_page mm/gup.c:1126 [inline]
 __get_user_pages+0x102a/0x1ed0 mm/gup.c:1428
 populate_vma_page_range mm/gup.c:1860 [inline]
 __mm_populate+0x243/0x3a0 mm/gup.c:1963
 mm_populate include/linux/mm.h:3471 [inline]
 vm_mmap_pgoff+0x232/0x2e0 mm/util.c:586
 ksys_mmap_pgoff+0xc2/0x310 mm/mmap.c:604
 x64_sys_call+0x14a3/0x3000 arch/x86/include/generated/asm/syscalls_64.h:10
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888237d25ee8 of 1 bytes by task 10888 on cpu 0:
 folio_batch_count include/linux/pagevec.h:56 [inline]
 cpu_needs_drain mm/swap.c:780 [inline]
 __lru_add_drain_all+0x17e/0x450 mm/swap.c:877
 lru_add_drain_all+0x10/0x20 mm/swap.c:893
 invalidate_bdev+0x47/0x70 block/bdev.c:101
 ext4_put_super+0x624/0x7d0 fs/ext4/super.c:1348
 generic_shutdown_super+0xe6/0x210 fs/super.c:642
 kill_block_super+0x2a/0x70 fs/super.c:1722
 ext4_kill_sb+0x42/0x80 fs/ext4/super.c:7403
 deactivate_locked_super+0x75/0x1c0 fs/super.c:473
 deactivate_super+0x97/0xa0 fs/super.c:506
 cleanup_mnt+0x269/0x2e0 fs/namespace.c:1327
 __cleanup_mnt+0x19/0x20 fs/namespace.c:1334
 task_work_run+0x131/0x1a0 kernel/task_work.c:227
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop+0xed/0x110 kernel/entry/common.c:43
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]
 do_syscall_64+0x1d6/0x200 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 10888 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
==================================================================