==================================================================
BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64

read-write to 0xffffffff860079c0 of 8 bytes by interrupt on cpu 0:
 tick_do_update_jiffies64+0x112/0x1b0 kernel/time/tick-sched.c:118
 tick_sched_do_timer kernel/time/tick-sched.c:232 [inline]
 tick_nohz_handler+0x7c/0x2d0 kernel/time/tick-sched.c:290
 __run_hrtimer kernel/time/hrtimer.c:1687 [inline]
 __hrtimer_run_queues+0x20d/0x5e0 kernel/time/hrtimer.c:1751
 hrtimer_interrupt+0x210/0x7b0 kernel/time/hrtimer.c:1813
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1a0 arch/x86/kernel/apic/apic.c:1049
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x6e/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 preempt_count arch/x86/include/asm/preempt.h:26 [inline]
 get_ctx kernel/kcsan/core.c:206 [inline]
 check_access kernel/kcsan/core.c:750 [inline]
 __tsan_read8+0xba/0x180 kernel/kcsan/core.c:1025
 __tlb_adjust_range include/asm-generic/tlb.h:366 [inline]
 tlb_flush_pte_range include/asm-generic/tlb.h:577 [inline]
 tlb_remove_tlb_entries include/asm-generic/tlb.h:631 [inline]
 zap_present_folio_ptes mm/memory.c:1499 [inline]
 zap_present_ptes mm/memory.c:1564 [inline]
 zap_pte_range mm/memory.c:1606 [inline]
 zap_pmd_range mm/memory.c:1724 [inline]
 zap_pud_range mm/memory.c:1753 [inline]
 zap_p4d_range mm/memory.c:1774 [inline]
 unmap_page_range+0xf58/0x21f0 mm/memory.c:1795
 unmap_single_vma+0x142/0x1d0 mm/memory.c:1841
 unmap_vmas+0x18d/0x2b0 mm/memory.c:1885
 exit_mmap+0x18f/0x710 mm/mmap.c:3341
 __mmput+0x28/0x1c0 kernel/fork.c:1346
 mmput+0x4c/0x60 kernel/fork.c:1368
 exit_mm+0xe4/0x190 kernel/exit.c:565
 do_exit+0x556/0x1710 kernel/exit.c:861
 do_group_exit+0x142/0x150 kernel/exit.c:1023
 __do_sys_exit_group kernel/exit.c:1034 [inline]
 __se_sys_exit_group kernel/exit.c:1032 [inline]
 __x64_sys_exit_group+0x1f/0x20 kernel/exit.c:1032
 x64_sys_call+0x27f9/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff860079c0 of 8 bytes by task 32354 on cpu 1:
 mem_cgroup_flush_stats_ratelimited+0x29/0x100 mm/memcontrol.c:906
 count_shadow_nodes+0x6b/0x230 mm/workingset.c:685
 do_shrink_slab+0x5a/0x690 mm/shrinker.c:382
 shrink_slab_memcg mm/shrinker.c:548 [inline]
 shrink_slab+0x4ed/0x860 mm/shrinker.c:626
 shrink_node_memcgs mm/vmscan.c:5891 [inline]
 shrink_node+0xa0d/0x13c0 mm/vmscan.c:5924
 shrink_zones mm/vmscan.c:6168 [inline]
 do_try_to_free_pages+0x3c6/0xc50 mm/vmscan.c:6230
 try_to_free_mem_cgroup_pages+0x1eb/0x4e0 mm/vmscan.c:6545
 try_charge_memcg+0x27a/0xcd0 mm/memcontrol.c:2944
 try_charge mm/memcontrol.c:3092 [inline]
 charge_memcg mm/memcontrol.c:7495 [inline]
 mem_cgroup_swapin_charge_folio+0x107/0x1a0 mm/memcontrol.c:7580
 __read_swap_cache_async+0x2b9/0x520 mm/swap_state.c:514
 swap_cluster_readahead+0x380/0x3f0 mm/swap_state.c:697
 shmem_swapin_cluster mm/shmem.c:1576 [inline]
 shmem_swapin_folio+0x246/0x760 mm/shmem.c:1885
 shmem_get_folio_gfp+0x278/0xb70 mm/shmem.c:1991
 shmem_get_folio mm/shmem.c:2160 [inline]
 shmem_write_begin+0xa0/0x1c0 mm/shmem.c:2743
 generic_perform_write+0x1d5/0x410 mm/filemap.c:4015
 shmem_file_write_iter+0xc8/0xf0 mm/shmem.c:2919
 do_iter_readv_writev+0x339/0x3e0
 vfs_iter_write+0x26a/0x5c0 fs/read_write.c:895
 lo_write_bvec drivers/block/loop.c:246 [inline]
 lo_write_simple drivers/block/loop.c:267 [inline]
 do_req_filebacked drivers/block/loop.c:514 [inline]
 loop_handle_cmd drivers/block/loop.c:1930 [inline]
 loop_process_work+0xad3/0x1230 drivers/block/loop.c:1965
 loop_rootcg_workfn+0x22/0x30 drivers/block/loop.c:1996
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3312
 worker_thread+0x526/0x730 kernel/workqueue.c:3393
 kthread+0x1d1/0x210 kernel/kthread.c:389
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x000000010000b471 -> 0x000000010000b472

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 32354 Comm: kworker/u8:30 Tainted: G        W          6.10.0-rc4-syzkaller-00217-g35bb670d65fc #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Workqueue: loop1 loop_rootcg_workfn
==================================================================