syzbot

==================================================================
BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping

write to 0xffffea0005750298 of 8 bytes by task 6539 on cpu 0:
 page_cache_delete mm/filemap.c:144 [inline]
 __filemap_remove_folio+0x1a5/0x2a0 mm/filemap.c:227
 filemap_remove_folio+0x6d/0x1d0 mm/filemap.c:256
 truncate_inode_folio+0x42/0x50 mm/truncate.c:176
 shmem_undo_range+0x244/0xa80 mm/shmem.c:1116
 shmem_truncate_range mm/shmem.c:1232 [inline]
 shmem_evict_inode+0x134/0x520 mm/shmem.c:1360
 evict+0x2e3/0x550 fs/inode.c:810
 iput_final fs/inode.c:1914 [inline]
 iput+0x4ed/0x650 fs/inode.c:1966
 dentry_unlink_inode+0x24f/0x260 fs/dcache.c:466
 __dentry_kill+0x18d/0x4b0 fs/dcache.c:669
 dput+0x5e/0xd0 fs/dcache.c:911
 __fput+0x444/0x650 fs/file_table.c:476
 ____fput+0x1c/0x30 fs/file_table.c:496
 task_work_run+0x131/0x1a0 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x483/0x15c0 kernel/exit.c:966
 do_group_exit+0xff/0x140 kernel/exit.c:1107
 get_signal+0xe58/0xf70 kernel/signal.c:3034
 arch_do_signal_or_restart+0x96/0x440 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:40 [inline]
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 irqentry_exit_to_user_mode+0x5b/0xa0 kernel/entry/common.c:73
 irqentry_exit+0x12/0x50 kernel/entry/common.c:191
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:618

read to 0xffffea0005750298 of 8 bytes by task 6600 on cpu 1:
 folio_mapping+0xa1/0xe0 mm/util.c:703
 folio_evictable mm/internal.h:499 [inline]
 sort_folio mm/vmscan.c:4480 [inline]
 scan_folios mm/vmscan.c:4607 [inline]
 isolate_folios mm/vmscan.c:4703 [inline]
 evict_folios+0xe05/0x3590 mm/vmscan.c:4733
 try_to_shrink_lruvec+0x5b5/0x950 mm/vmscan.c:4908
 lru_gen_shrink_lruvec mm/vmscan.c:5057 [inline]
 shrink_lruvec+0x22e/0x1b50 mm/vmscan.c:5818
 shrink_node_memcgs mm/vmscan.c:6054 [inline]
 shrink_node+0x686/0x2120 mm/vmscan.c:6095
 shrink_zones mm/vmscan.c:6339 [inline]
 do_try_to_free_pages+0x3f6/0xcd0 mm/vmscan.c:6401
 try_to_free_mem_cgroup_pages+0x1ab/0x410 mm/vmscan.c:6729
 try_charge_memcg+0x383/0xa10 mm/memcontrol.c:2356
 obj_cgroup_charge_pages+0xa6/0x150 mm/memcontrol.c:2799
 __memcg_kmem_charge_page+0x9f/0x170 mm/memcontrol.c:2843
 __alloc_frozen_pages_noprof+0x188/0x360 mm/page_alloc.c:5200
 alloc_pages_mpol+0xb3/0x260 mm/mempolicy.c:2416
 alloc_frozen_pages_noprof mm/mempolicy.c:2487 [inline]
 alloc_pages_noprof+0x90/0x130 mm/mempolicy.c:2507
 vm_area_alloc_pages mm/vmalloc.c:3647 [inline]
 __vmalloc_area_node mm/vmalloc.c:3724 [inline]
 __vmalloc_node_range_noprof+0x7a5/0xed0 mm/vmalloc.c:3897
 __kvmalloc_node_noprof+0x483/0x670 mm/slub.c:7134
 ip_set_alloc+0x24/0x30 net/netfilter/ipset/ip_set_core.c:261
 hash_netiface_create+0x282/0x740 net/netfilter/ipset/ip_set_hash_gen.h:1568
 ip_set_create+0x3cc/0x970 net/netfilter/ipset/ip_set_core.c:1109
 nfnetlink_rcv_msg+0x4c6/0x590 net/netfilter/nfnetlink.c:302
 netlink_rcv_skb+0x123/0x220 net/netlink/af_netlink.c:2552
 nfnetlink_rcv+0x167/0x16c0 net/netfilter/nfnetlink.c:669
 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]
 netlink_unicast+0x5c0/0x690 net/netlink/af_netlink.c:1346
 netlink_sendmsg+0x58b/0x6b0 net/netlink/af_netlink.c:1896
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg+0x145/0x180 net/socket.c:742
 ____sys_sendmsg+0x31e/0x4e0 net/socket.c:2630
 ___sys_sendmsg+0x17b/0x1d0 net/socket.c:2684
 __sys_sendmsg net/socket.c:2716 [inline]
 __do_sys_sendmsg net/socket.c:2721 [inline]
 __se_sys_sendmsg net/socket.c:2719 [inline]
 __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2719
 x64_sys_call+0x191e/0x3000 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xffff88811abd5f00 -> 0x0000000000000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 6600 Comm: syz.3.719 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
==================================================================