================================================================== BUG: KCSAN: data-race in data_push_tail / vsnprintf write to 0xffffffff88e71d2b of 11 bytes by task 8109 on cpu 1: vsnprintf+0x2ce/0x890 lib/vsprintf.c:2878 vscnprintf+0x41/0x90 lib/vsprintf.c:2991 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2189 vprintk_store+0x599/0x860 kernel/printk/printk.c:2309 vprintk_emit+0x10d/0x580 kernel/printk/printk.c:2399 vprintk_default+0x26/0x30 kernel/printk/printk.c:2438 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2448 fail_dump lib/fault-inject.c:66 [inline] should_fail_ex+0x24d/0x280 lib/fault-inject.c:174 should_failslab+0x8c/0xb0 mm/failslab.c:46 slab_pre_alloc_hook mm/slub.c:4931 [inline] slab_alloc_node mm/slub.c:5264 [inline] __do_kmalloc_node mm/slub.c:5649 [inline] __kmalloc_noprof+0xa5/0x570 mm/slub.c:5662 kmalloc_noprof include/linux/slab.h:961 [inline] kmalloc_array_noprof include/linux/slab.h:1003 [inline] alloc_pipe_info+0x1c9/0x350 fs/pipe.c:817 splice_direct_to_actor+0x592/0x680 fs/splice.c:1049 do_splice_direct_actor fs/splice.c:1204 [inline] do_splice_direct+0xda/0x150 fs/splice.c:1230 do_sendfile+0x380/0x650 fs/read_write.c:1370 __do_sys_sendfile64 fs/read_write.c:1431 [inline] __se_sys_sendfile64 fs/read_write.c:1417 [inline] __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1417 x64_sys_call+0x2bb4/0x3000 arch/x86/include/generated/asm/syscalls_64.h:41 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff88e71d30 of 8 bytes by task 8111 on cpu 0: data_make_reusable kernel/printk/printk_ringbuffer.c:591 [inline] data_push_tail+0xfd/0x420 kernel/printk/printk_ringbuffer.c:676 data_alloc+0xfb/0x2e0 kernel/printk/printk_ringbuffer.c:1061 prb_reserve+0x807/0xaf0 kernel/printk/printk_ringbuffer.c:1685 vprintk_store+0x56d/0x860 kernel/printk/printk.c:2299 vprintk_emit+0x10d/0x580 kernel/printk/printk.c:2399 vprintk_default+0x26/0x30 kernel/printk/printk.c:2438 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2448 __ext4_error+0x248/0x320 fs/ext4/super.c:822 ext4_free_blocks+0x124f/0x1480 fs/ext4/mballoc.c:-1 ext4_remove_blocks fs/ext4/extents.c:2533 [inline] ext4_ext_rm_leaf fs/ext4/extents.c:2716 [inline] ext4_ext_remove_space+0x194e/0x2900 fs/ext4/extents.c:2965 ext4_ext_truncate+0xc7/0x170 fs/ext4/extents.c:4484 ext4_truncate+0x70d/0xae0 fs/ext4/inode.c:4614 ext4_evict_inode+0x8a7/0xd90 fs/ext4/inode.c:261 evict+0x2e3/0x550 fs/inode.c:810 iput_final fs/inode.c:1914 [inline] iput+0x4ed/0x650 fs/inode.c:1966 ext4_process_orphan+0x1a9/0x1c0 fs/ext4/orphan.c:356 ext4_orphan_cleanup+0x6a8/0xa00 fs/ext4/orphan.c:470 __ext4_fill_super fs/ext4/super.c:5617 [inline] ext4_fill_super+0x3483/0x3810 fs/ext4/super.c:5736 get_tree_bdev_flags+0x291/0x300 fs/super.c:1698 get_tree_bdev+0x1f/0x30 fs/super.c:1721 ext4_get_tree+0x1c/0x30 fs/ext4/super.c:5768 vfs_get_tree+0x57/0x1d0 fs/super.c:1758 fc_mount fs/namespace.c:1199 [inline] do_new_mount_fc fs/namespace.c:3642 [inline] do_new_mount+0x24d/0x660 fs/namespace.c:3718 path_mount+0x4a5/0xb70 fs/namespace.c:4028 do_mount fs/namespace.c:4041 [inline] __do_sys_mount fs/namespace.c:4229 [inline] __se_sys_mount+0x28c/0x2e0 fs/namespace.c:4206 __x64_sys_mount+0x67/0x80 fs/namespace.c:4206 x64_sys_call+0x2b51/0x3000 arch/x86/include/generated/asm/syscalls_64.h:166 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x00000000ffffe7ba -> 0x70202c31206c6176 Reported by Kernel Concurrency Sanitizer on: CPU: 0 UID: 0 PID: 8111 Comm: syz.1.1602 Not tainted syzkaller #0 PREEMPT(voluntary) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 ================================================================== EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1602: Invalid inode bitmap blk 0 in block_group 0 EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem EXT4-fs (loop1): 1 orphan inode deleted EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. lo speed is unknown, defaulting to 1000