syzbot

==================================================================
BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping

write to 0xffffea0004324a18 of 8 bytes by task 11101 on cpu 1:
 page_cache_delete mm/filemap.c:145 [inline]
 __filemap_remove_folio+0x201/0x310 mm/filemap.c:228
 filemap_remove_folio+0x6d/0x1d0 mm/filemap.c:257
 truncate_inode_folio+0x42/0x50 mm/truncate.c:176
 shmem_undo_range+0x26d/0xb10 mm/shmem.c:1145
 shmem_truncate_range mm/shmem.c:1277 [inline]
 shmem_evict_inode+0x12e/0x510 mm/shmem.c:1407
 evict+0x2af/0x510 fs/inode.c:846
 iput_final fs/inode.c:1966 [inline]
 iput+0x41a/0x580 fs/inode.c:2015
 dentry_unlink_inode+0x24f/0x260 fs/dcache.c:467
 __dentry_kill+0x13f/0x460 fs/dcache.c:670
 finish_dput+0x2b/0x200 fs/dcache.c:879
 dput+0x52/0x60 fs/dcache.c:928
 __fput+0x444/0x650 fs/file_table.c:477
 ____fput+0x1c/0x30 fs/file_table.c:497
 task_work_run+0x130/0x1a0 kernel/task_work.c:233
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x466/0x15a0 kernel/exit.c:971
 do_group_exit+0xfe/0x140 kernel/exit.c:1112
 get_signal+0xe54/0xf60 kernel/signal.c:3034
 arch_do_signal_or_restart+0x96/0x450 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
 exit_to_user_mode_loop+0x6a/0x6f0 kernel/entry/common.c:98
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
 do_syscall_64+0x249/0x370 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffea0004324a18 of 8 bytes by task 11177 on cpu 0:
 folio_mapping+0xa1/0xe0 mm/util.c:703
 folio_evictable mm/internal.h:568 [inline]
 sort_folio mm/vmscan.c:4452 [inline]
 scan_folios mm/vmscan.c:4580 [inline]
 isolate_folios mm/vmscan.c:4676 [inline]
 evict_folios+0xdfa/0x35c0 mm/vmscan.c:4706
 try_to_shrink_lruvec+0x81b/0xbf0 mm/vmscan.c:4881
 lru_gen_shrink_lruvec mm/vmscan.c:5030 [inline]
 shrink_lruvec+0x255/0x1c60 mm/vmscan.c:5784
 shrink_node_memcgs mm/vmscan.c:6020 [inline]
 shrink_node+0x67a/0x2130 mm/vmscan.c:6061
 shrink_zones mm/vmscan.c:6300 [inline]
 do_try_to_free_pages+0x408/0xc80 mm/vmscan.c:6362
 try_to_free_mem_cgroup_pages+0x1f5/0x470 mm/vmscan.c:6683
 try_charge_memcg+0x37e/0xa10 mm/memcontrol.c:2414
 obj_cgroup_charge_pages+0x23/0xc0 mm/memcontrol.c:2857
 __memcg_kmem_charge_page+0x9e/0x170 mm/memcontrol.c:2901
 __alloc_frozen_pages_noprof+0x18a/0x360 mm/page_alloc.c:5267
 alloc_pages_mpol+0xb3/0x260 mm/mempolicy.c:2484
 alloc_frozen_pages_noprof mm/mempolicy.c:2555 [inline]
 alloc_pages_noprof+0x8f/0x130 mm/mempolicy.c:2575
 vm_area_alloc_pages mm/vmalloc.c:3731 [inline]
 __vmalloc_area_node mm/vmalloc.c:3876 [inline]
 __vmalloc_node_range_noprof+0xa46/0x12b0 mm/vmalloc.c:4064
 __kvmalloc_node_noprof+0x3d4/0x650 mm/slub.c:6758
 ip_set_alloc+0x24/0x30 net/netfilter/ipset/ip_set_core.c:261
 hash_netiface_create+0x282/0x740 net/netfilter/ipset/ip_set_hash_gen.h:1567
 ip_set_create+0x3cf/0x970 net/netfilter/ipset/ip_set_core.c:1109
 nfnetlink_rcv_msg+0x509/0x5d0 net/netfilter/nfnetlink.c:302
 netlink_rcv_skb+0x123/0x220 net/netlink/af_netlink.c:2550
 nfnetlink_rcv+0x167/0x1720 net/netfilter/nfnetlink.c:669
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x5c0/0x690 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x5c8/0x6f0 net/netlink/af_netlink.c:1894
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg net/socket.c:742 [inline]
 ____sys_sendmsg+0x5af/0x600 net/socket.c:2592
 ___sys_sendmsg+0x195/0x1e0 net/socket.c:2646
 __sys_sendmsg net/socket.c:2678 [inline]
 __do_sys_sendmsg net/socket.c:2683 [inline]
 __se_sys_sendmsg net/socket.c:2681 [inline]
 __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2681
 x64_sys_call+0x194c/0x3020 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xffff88811a2664d0 -> 0x0000000000000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 11177 Comm: syz.0.10235 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
==================================================================