syzbot

==================================================================
BUG: KCSAN: data-race in __xa_set_mark / xas_find_marked

write to 0xffff88811b88cb14 of 4 bytes by task 10105 on cpu 0:
 xa_mark_set lib/xarray.c:71 [inline]
 xas_set_mark lib/xarray.c:900 [inline]
 __xa_set_mark+0x172/0x1a0 lib/xarray.c:2082
 __folio_mark_dirty+0x383/0x4a0 mm/page-writeback.c:2668
 mark_buffer_dirty+0x120/0x220 fs/buffer.c:1203
 block_commit_write fs/buffer.c:2215 [inline]
 block_write_end+0x12d/0x210 fs/buffer.c:2291
 generic_write_end+0x56/0x150 fs/buffer.c:2305
 fat_write_end+0x4f/0x160 fs/fat/inode.c:245
 generic_perform_write+0x311/0x490 mm/filemap.c:4335
 __generic_file_write_iter+0x9e/0x120 mm/filemap.c:4431
 generic_file_write_iter+0x8d/0x310 mm/filemap.c:4457
 iter_file_splice_write+0x6c4/0xa80 fs/splice.c:736
 do_splice_from fs/splice.c:936 [inline]
 direct_splice_actor+0x156/0x2a0 fs/splice.c:1159
 splice_direct_to_actor+0x311/0x670 fs/splice.c:1103
 do_splice_direct_actor fs/splice.c:1202 [inline]
 do_splice_direct+0x119/0x1a0 fs/splice.c:1228
 do_sendfile+0x382/0x650 fs/read_write.c:1372
 __do_sys_sendfile64 fs/read_write.c:1433 [inline]
 __se_sys_sendfile64 fs/read_write.c:1419 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1419
 x64_sys_call+0x2dc4/0x3020 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff88811b88cb14 of 4 bytes by task 10097 on cpu 1:
 xa_marked include/linux/xarray.h:424 [inline]
 xas_find_marked+0x5d7/0x620 lib/xarray.c:1483
 find_get_entry mm/filemap.c:2064 [inline]
 filemap_get_folios_tag+0xfa/0x510 mm/filemap.c:2332
 __filemap_fdatawait_range mm/filemap.c:523 [inline]
 file_write_and_wait_range+0x20c/0x2f0 mm/filemap.c:789
 __generic_file_fsync+0x46/0x160 fs/libfs.c:1560
 fat_file_fsync+0x49/0x100 fs/fat/file.c:191
 vfs_fsync_range+0xc5/0xe0 fs/sync.c:186
 generic_write_sync include/linux/fs.h:2640 [inline]
 generic_file_write_iter+0x1ba/0x310 mm/filemap.c:4461
 iter_file_splice_write+0x6c4/0xa80 fs/splice.c:736
 do_splice_from fs/splice.c:936 [inline]
 direct_splice_actor+0x156/0x2a0 fs/splice.c:1159
 splice_direct_to_actor+0x311/0x670 fs/splice.c:1103
 do_splice_direct_actor fs/splice.c:1202 [inline]
 do_splice_direct+0x119/0x1a0 fs/splice.c:1228
 do_sendfile+0x382/0x650 fs/read_write.c:1372
 __do_sys_sendfile64 fs/read_write.c:1433 [inline]
 __se_sys_sendfile64 fs/read_write.c:1419 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1419
 x64_sys_call+0x2dc4/0x3020 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x04000021 -> 0x0a000021

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 10097 Comm: syz.3.1937 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
==================================================================