==================================================================
BUG: KCSAN: data-race in relay_switch_subbuf / relay_switch_subbuf

write to 0xffff88812312c838 of 8 bytes by task 28813 on cpu 0:
 relay_switch_subbuf+0x39e/0x3b0 kernel/relay.c:708
 relay_reserve include/linux/relay.h:248 [inline]
 __blk_add_trace+0x66a/0x730 kernel/trace/blktrace.c:276
 blk_add_trace_bio kernel/trace/blktrace.c:902 [inline]
 blk_add_trace_getrq+0x130/0x140 kernel/trace/blktrace.c:939
 trace_block_getrq include/trace/events/block.h:394 [inline]
 blk_mq_submit_bio+0xd20/0xd90 block/blk-mq.c:2992
 __submit_bio+0xf2/0x470 block/blk-core.c:627
 __submit_bio_noacct_mq block/blk-core.c:708 [inline]
 submit_bio_noacct_nocheck+0x295/0x6e0 block/blk-core.c:737
 submit_bio_noacct+0x6b9/0x870 block/blk-core.c:848
 submit_bio+0x218/0x230 block/blk-core.c:890
 ext4_io_submit fs/ext4/page-io.c:377 [inline]
 io_submit_add_bh fs/ext4/page-io.c:418 [inline]
 ext4_bio_write_folio+0x6b9/0x9a0 fs/ext4/page-io.c:560
 mpage_submit_folio fs/ext4/inode.c:1869 [inline]
 mpage_map_and_submit_buffers fs/ext4/inode.c:2115 [inline]
 mpage_map_and_submit_extent fs/ext4/inode.c:2254 [inline]
 ext4_do_writepages+0x13a6/0x2110 fs/ext4/inode.c:2679
 ext4_writepages+0x159/0x2e0 fs/ext4/inode.c:2768
 do_writepages+0x1d8/0x480 mm/page-writeback.c:2634
 filemap_fdatawrite_wbc+0xdb/0x100 mm/filemap.c:397
 __filemap_fdatawrite_range mm/filemap.c:430 [inline]
 __filemap_fdatawrite mm/filemap.c:436 [inline]
 filemap_flush+0x61/0x90 mm/filemap.c:463
 ext4_alloc_da_blocks+0x50/0x130 fs/ext4/inode.c:3069
 ext4_release_file+0x5f/0x1c0 fs/ext4/file.c:169
 __fput+0x2c2/0x660 fs/file_table.c:422
 ____fput+0x15/0x20 fs/file_table.c:450
 task_work_run+0x13a/0x1a0 kernel/task_work.c:180
 exit_task_work include/linux/task_work.h:38 [inline]
 do_exit+0x5d5/0x1710 kernel/exit.c:874
 do_group_exit+0x102/0x150 kernel/exit.c:1023
 get_signal+0xf2f/0x1080 kernel/signal.c:2909
 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x59/0x130 kernel/entry/common.c:218
 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffff88812312c838 of 8 bytes by task 28870 on cpu 1:
 relay_switch_subbuf+0x39e/0x3b0 kernel/relay.c:708
 relay_reserve include/linux/relay.h:248 [inline]
 __blk_add_trace+0x66a/0x730 kernel/trace/blktrace.c:276
 blk_add_trace_bio_remap+0x165/0x180 kernel/trace/blktrace.c:1020
 trace_block_bio_remap include/trace/events/block.h:507 [inline]
 blk_partition_remap block/blk-core.c:575 [inline]
 submit_bio_noacct+0x81b/0x870 block/blk-core.c:773
 submit_bio+0x218/0x230 block/blk-core.c:890
 swap_writepage_bdev_async mm/page_io.c:372 [inline]
 __swap_writepage+0x612/0xc50 mm/page_io.c:390
 swap_writepage+0xa9/0x160 mm/page_io.c:209
 shmem_writepage+0x7be/0x970 mm/shmem.c:1518
 pageout mm/vmscan.c:660 [inline]
 shrink_folio_list+0x194f/0x2560 mm/vmscan.c:1341
 shrink_inactive_list mm/vmscan.c:1944 [inline]
 shrink_list mm/vmscan.c:2179 [inline]
 shrink_lruvec+0xbd9/0x15f0 mm/vmscan.c:5703
 shrink_node_memcgs mm/vmscan.c:5889 [inline]
 shrink_node+0x9d1/0x13c0 mm/vmscan.c:5924
 shrink_zones mm/vmscan.c:6168 [inline]
 do_try_to_free_pages+0x3c6/0xc50 mm/vmscan.c:6230
 try_to_free_mem_cgroup_pages+0x1eb/0x4e0 mm/vmscan.c:6545
 try_charge_memcg+0x27a/0xcd0 mm/memcontrol.c:2944
 obj_cgroup_charge_pages+0xbd/0x1d0 mm/memcontrol.c:3416
 __memcg_kmem_charge_page+0x9d/0x170 mm/memcontrol.c:3442
 __alloc_pages_noprof+0x1bc/0x360 mm/page_alloc.c:4695
 alloc_pages_preferred_many mm/mempolicy.c:2206 [inline]
 alloc_pages_mpol_noprof+0xec/0x1e0 mm/mempolicy.c:2230
 alloc_pages_noprof+0xe1/0x100 mm/mempolicy.c:2336
 vm_area_alloc_pages mm/vmalloc.c:3566 [inline]
 __vmalloc_area_node mm/vmalloc.c:3642 [inline]
 __vmalloc_node_range_noprof+0x719/0xef0 mm/vmalloc.c:3823
 kvmalloc_node_noprof+0x121/0x170 mm/util.c:659
 ip_set_alloc+0x1f/0x30 net/netfilter/ipset/ip_set_core.c:255
 hash_netiface_create+0x273/0x730 net/netfilter/ipset/ip_set_hash_gen.h:1568
 ip_set_create+0x359/0x8a0 net/netfilter/ipset/ip_set_core.c:1103
 nfnetlink_rcv_msg+0x4a9/0x570 net/netfilter/nfnetlink.c:302
 netlink_rcv_skb+0x12c/0x230 net/netlink/af_netlink.c:2564
 nfnetlink_rcv+0x16c/0x15b0 net/netfilter/nfnetlink.c:664
 netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]
 netlink_unicast+0x58d/0x660 net/netlink/af_netlink.c:1361
 netlink_sendmsg+0x5ca/0x6e0 net/netlink/af_netlink.c:1905
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x140/0x180 net/socket.c:745
 ____sys_sendmsg+0x312/0x410 net/socket.c:2585
 ___sys_sendmsg net/socket.c:2639 [inline]
 __sys_sendmsg+0x1e9/0x280 net/socket.c:2668
 __do_sys_sendmsg net/socket.c:2677 [inline]
 __se_sys_sendmsg net/socket.c:2675 [inline]
 __x64_sys_sendmsg+0x46/0x50 net/socket.c:2675
 x64_sys_call+0xb25/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000000030 -> 0x0000000000000038

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 28870 Comm: syz-executor.1 Tainted: G        W          6.10.0-rc3-syzkaller-00022-gcea2a26553ac #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
==================================================================