syzbot

loop5: detected capacity change from 0 to 1024
EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.8550: bad orphan inode 2304
EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
==================================================================
BUG: KCSAN: data-race in xas_find_marked / xas_set_mark

write to 0xffff8881062cf8a4 of 4 bytes by task 24198 on cpu 0:
 xa_mark_set lib/xarray.c:71 [inline]
 xas_set_mark+0x13d/0x150 lib/xarray.c:899
 __folio_start_writeback+0x1ea/0x440 mm/page-writeback.c:3126
 ext4_bio_write_folio+0x591/0x9d0 fs/ext4/page-io.c:556
 mpage_submit_folio fs/ext4/inode.c:1932 [inline]
 mpage_process_page_bufs+0x488/0x5d0 fs/ext4/inode.c:2045
 mpage_prepare_extent_to_map+0x791/0xb80 fs/ext4/inode.c:2546
 ext4_do_writepages+0xa22/0x2130 fs/ext4/inode.c:2733
 ext4_writepages+0x15c/0x2f0 fs/ext4/inode.c:2824
 do_writepages+0x1d8/0x480 mm/page-writeback.c:2687
 filemap_fdatawrite_wbc mm/filemap.c:388 [inline]
 __filemap_fdatawrite_range mm/filemap.c:421 [inline]
 file_write_and_wait_range+0x16e/0x2f0 mm/filemap.c:796
 generic_buffers_fsync_noflush+0x46/0x120 fs/buffer.c:600
 ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
 ext4_sync_file+0x1ff/0x6c0 fs/ext4/fsync.c:151
 vfs_fsync_range+0x116/0x130 fs/sync.c:187
 generic_write_sync include/linux/fs.h:2968 [inline]
 ext4_buffered_write_iter+0x358/0x3c0 fs/ext4/file.c:305
 ext4_file_write_iter+0x373/0xf60
 iter_file_splice_write+0x5f2/0x980 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x160/0x2c0 fs/splice.c:1158
 splice_direct_to_actor+0x305/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xd9/0x150 fs/splice.c:1227
 do_sendfile+0x40a/0x690 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x113/0x160 fs/read_write.c:1415
 x64_sys_call+0xfc3/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff8881062cf8a4 of 4 bytes by task 24196 on cpu 1:
 xa_marked include/linux/xarray.h:424 [inline]
 xas_find_marked+0x614/0x660 lib/xarray.c:1350
 find_get_entry+0x54/0x390 mm/filemap.c:2027
 filemap_get_folios_tag+0xa0/0x220 mm/filemap.c:2294
 mpage_prepare_extent_to_map+0x332/0xb80 fs/ext4/inode.c:2448
 ext4_do_writepages+0xa22/0x2130 fs/ext4/inode.c:2733
 ext4_writepages+0x15c/0x2f0 fs/ext4/inode.c:2824
 do_writepages+0x1d8/0x480 mm/page-writeback.c:2687
 filemap_fdatawrite_wbc mm/filemap.c:388 [inline]
 __filemap_fdatawrite_range mm/filemap.c:421 [inline]
 file_write_and_wait_range+0x16e/0x2f0 mm/filemap.c:796
 generic_buffers_fsync_noflush+0x46/0x120 fs/buffer.c:600
 ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
 ext4_sync_file+0x1ff/0x6c0 fs/ext4/fsync.c:151
 vfs_fsync_range+0x116/0x130 fs/sync.c:187
 generic_write_sync include/linux/fs.h:2968 [inline]
 ext4_buffered_write_iter+0x358/0x3c0 fs/ext4/file.c:305
 ext4_file_write_iter+0x373/0xf60
 iter_file_splice_write+0x5f2/0x980 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x160/0x2c0 fs/splice.c:1158
 splice_direct_to_actor+0x305/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xd9/0x150 fs/splice.c:1227
 do_sendfile+0x40a/0x690 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x113/0x160 fs/read_write.c:1415
 x64_sys_call+0xfc3/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0a000021 -> 0x04000021

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 24196 Comm: syz.5.8550 Tainted: G        W          6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark

write to 0xffff8881062cf8a4 of 4 bytes by task 24198 on cpu 1:
 xa_mark_set lib/xarray.c:71 [inline]
 xas_set_mark+0x13d/0x150 lib/xarray.c:899
 __folio_start_writeback+0x1ea/0x440 mm/page-writeback.c:3126
 ext4_bio_write_folio+0x591/0x9d0 fs/ext4/page-io.c:556
 mpage_submit_folio fs/ext4/inode.c:1932 [inline]
 mpage_process_page_bufs+0x488/0x5d0 fs/ext4/inode.c:2045
 mpage_prepare_extent_to_map+0x791/0xb80 fs/ext4/inode.c:2546
 ext4_do_writepages+0x6ec/0x2130 fs/ext4/inode.c:2688
 ext4_writepages+0x15c/0x2f0 fs/ext4/inode.c:2824
 do_writepages+0x1d8/0x480 mm/page-writeback.c:2687
 filemap_fdatawrite_wbc mm/filemap.c:388 [inline]
 __filemap_fdatawrite_range mm/filemap.c:421 [inline]
 file_write_and_wait_range+0x16e/0x2f0 mm/filemap.c:796
 generic_buffers_fsync_noflush+0x46/0x120 fs/buffer.c:600
 ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
 ext4_sync_file+0x1ff/0x6c0 fs/ext4/fsync.c:151
 vfs_fsync_range+0x116/0x130 fs/sync.c:187
 generic_write_sync include/linux/fs.h:2968 [inline]
 ext4_buffered_write_iter+0x358/0x3c0 fs/ext4/file.c:305
 ext4_file_write_iter+0x373/0xf60
 iter_file_splice_write+0x5f2/0x980 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x160/0x2c0 fs/splice.c:1158
 splice_direct_to_actor+0x305/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xd9/0x150 fs/splice.c:1227
 do_sendfile+0x40a/0x690 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x113/0x160 fs/read_write.c:1415
 x64_sys_call+0xfc3/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff8881062cf8a4 of 4 bytes by task 24196 on cpu 0:
 xa_marked include/linux/xarray.h:424 [inline]
 mapping_tagged include/linux/fs.h:540 [inline]
 filemap_fdatawrite_wbc mm/filemap.c:384 [inline]
 __filemap_fdatawrite_range mm/filemap.c:421 [inline]
 file_write_and_wait_range+0x11e/0x2f0 mm/filemap.c:796
 generic_buffers_fsync_noflush+0x46/0x120 fs/buffer.c:600
 ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
 ext4_sync_file+0x1ff/0x6c0 fs/ext4/fsync.c:151
 vfs_fsync_range+0x116/0x130 fs/sync.c:187
 generic_write_sync include/linux/fs.h:2968 [inline]
 ext4_buffered_write_iter+0x358/0x3c0 fs/ext4/file.c:305
 ext4_file_write_iter+0x373/0xf60
 iter_file_splice_write+0x5f2/0x980 fs/splice.c:738
 do_splice_from fs/splice.c:935 [inline]
 direct_splice_actor+0x160/0x2c0 fs/splice.c:1158
 splice_direct_to_actor+0x305/0x680 fs/splice.c:1102
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xd9/0x150 fs/splice.c:1227
 do_sendfile+0x40a/0x690 fs/read_write.c:1368
 __do_sys_sendfile64 fs/read_write.c:1429 [inline]
 __se_sys_sendfile64 fs/read_write.c:1415 [inline]
 __x64_sys_sendfile64+0x113/0x160 fs/read_write.c:1415
 x64_sys_call+0xfc3/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0a000021 -> 0x04000021

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 24196 Comm: syz.5.8550 Tainted: G        W          6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
==================================================================