syzbot

==================================================================
BUG: KCSAN: data-race in data_alloc / data_push_tail

write to 0xffffffff88e86ee0 of 8 bytes by task 10376 on cpu 0:
 data_alloc+0x1d5/0x2e0 kernel/printk/printk_ringbuffer.c:1088
 prb_reserve+0x807/0xaf0 kernel/printk/printk_ringbuffer.c:1685
 vprintk_store+0x56d/0x860 kernel/printk/printk.c:2299
 vprintk_emit+0x10d/0x580 kernel/printk/printk.c:2399
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2438
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2448
 dump_stack_print_info+0xee/0x1b0 lib/dump_stack.c:57
 __dump_stack+0x11/0x30 lib/dump_stack.c:93
 dump_stack_lvl+0xe8/0x140 lib/dump_stack.c:120
 dump_stack+0x15/0x1b lib/dump_stack.c:129
 fail_dump lib/fault-inject.c:73 [inline]
 should_fail_ex+0x265/0x280 lib/fault-inject.c:174
 should_failslab+0x8c/0xb0 mm/failslab.c:46
 slab_pre_alloc_hook mm/slub.c:4931 [inline]
 slab_alloc_node mm/slub.c:5264 [inline]
 kmem_cache_alloc_node_noprof+0x57/0x4a0 mm/slub.c:5340
 __alloc_skb+0x101/0x320 net/core/skbuff.c:660
 alloc_skb include/linux/skbuff.h:1383 [inline]
 netlink_alloc_large_skb+0xbf/0xf0 net/netlink/af_netlink.c:1186
 netlink_sendmsg+0x3cf/0x6b0 net/netlink/af_netlink.c:1871
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg+0x145/0x180 net/socket.c:742
 ____sys_sendmsg+0x345/0x4e0 net/socket.c:2630
 ___sys_sendmsg+0x17b/0x1d0 net/socket.c:2684
 __sys_sendmmsg+0x178/0x300 net/socket.c:2773
 __do_sys_sendmmsg net/socket.c:2800 [inline]
 __se_sys_sendmmsg net/socket.c:2797 [inline]
 __x64_sys_sendmmsg+0x57/0x70 net/socket.c:2797
 x64_sys_call+0x1c4a/0x3000 arch/x86/include/generated/asm/syscalls_64.h:308
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff88e86ee0 of 8 bytes by task 10372 on cpu 1:
 data_make_reusable kernel/printk/printk_ringbuffer.c:591 [inline]
 data_push_tail+0xfd/0x420 kernel/printk/printk_ringbuffer.c:676
 data_realloc kernel/printk/printk_ringbuffer.c:1158 [inline]
 prb_reserve_in_last+0x815/0xba0 kernel/printk/printk_ringbuffer.c:1456
 vprintk_store+0x494/0x860 kernel/printk/printk.c:2273
 vprintk_emit+0x10d/0x580 kernel/printk/printk.c:2399
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2438
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2448
 __ext4_grp_locked_error+0x5bf/0x7b0 fs/ext4/super.c:1061
 mb_free_blocks+0xb97/0xbc0 fs/ext4/mballoc.c:2014
 ext4_mb_clear_bb fs/ext4/mballoc.c:6638 [inline]
 ext4_free_blocks+0xded/0x1480 fs/ext4/mballoc.c:6770
 ext4_remove_blocks fs/ext4/extents.c:2551 [inline]
 ext4_ext_rm_leaf fs/ext4/extents.c:2716 [inline]
 ext4_ext_remove_space+0x177b/0x2900 fs/ext4/extents.c:2965
 ext4_ext_truncate+0xc7/0x170 fs/ext4/extents.c:4484
 ext4_truncate+0x70d/0xae0 fs/ext4/inode.c:4614
 ext4_process_orphan+0x110/0x1c0 fs/ext4/orphan.c:335
 ext4_orphan_cleanup+0x6a8/0xa00 fs/ext4/orphan.c:470
 __ext4_fill_super fs/ext4/super.c:5617 [inline]
 ext4_fill_super+0x3483/0x3810 fs/ext4/super.c:5736
 get_tree_bdev_flags+0x291/0x300 fs/super.c:1698
 get_tree_bdev+0x1f/0x30 fs/super.c:1721
 ext4_get_tree+0x1c/0x30 fs/ext4/super.c:5768
 vfs_get_tree+0x57/0x1d0 fs/super.c:1758
 fc_mount fs/namespace.c:1199 [inline]
 do_new_mount_fc fs/namespace.c:3642 [inline]
 do_new_mount+0x24d/0x660 fs/namespace.c:3718
 path_mount+0x4a5/0xb70 fs/namespace.c:4028
 do_mount fs/namespace.c:4041 [inline]
 __do_sys_mount fs/namespace.c:4229 [inline]
 __se_sys_mount+0x28c/0x2e0 fs/namespace.c:4206
 __x64_sys_mount+0x67/0x80 fs/namespace.c:4206
 x64_sys_call+0x2b51/0x3000 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000100004a5e -> 0x0000000100005623

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 10372 Comm: syz.7.13067 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
==================================================================
block 144:freeing already freed block (bit 9); block bitmap corrupt.
EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #13: comm syz.7.13067: corrupted inode contents
EXT4-fs error (device loop7): ext4_dirty_inode:6517: inode #13: comm syz.7.13067: mark_inode_dirty error
EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #13: comm syz.7.13067: corrupted inode contents
EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #13: comm syz.7.13067: mark_inode_dirty error
EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #13: comm syz.7.13067: corrupted inode contents
EXT4-fs error (device loop7) in ext4_orphan_del:301: Corrupt filesystem
EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #13: comm syz.7.13067: corrupted inode contents
EXT4-fs error (device loop7): ext4_truncate:4637: inode #13: comm syz.7.13067: mark_inode_dirty error
EXT4-fs error (device loop7) in ext4_process_orphan:343: Corrupt filesystem
EXT4-fs (loop7): 1 truncate cleaned up