syzbot

==================================================================
BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64

read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
 tick_do_update_jiffies64+0x113/0x1c0 kernel/time/tick-sched.c:118
 tick_sched_do_timer kernel/time/tick-sched.c:232 [inline]
 tick_nohz_handler+0x7f/0x2d0 kernel/time/tick-sched.c:290
 __run_hrtimer kernel/time/hrtimer.c:1761 [inline]
 __hrtimer_run_queues+0x20c/0x5a0 kernel/time/hrtimer.c:1825
 hrtimer_interrupt+0x21a/0x460 kernel/time/hrtimer.c:1887
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1d0 arch/x86/kernel/apic/apic.c:1056
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 console_flush_all+0x55b/0x730 arch/x86/include/asm/irqflags.h:-1
 __console_flush_and_unlock kernel/printk/printk.c:3285 [inline]
 console_unlock+0xa1/0x330 kernel/printk/printk.c:3325
 vprintk_emit+0x388/0x650 kernel/printk/printk.c:2450
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2465
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2475
 __ext4_warning_inode+0x17b/0x190 fs/ext4/super.c:1023
 ext4_empty_dir+0x258/0x610 fs/ext4/namei.c:3086
 ext4_rmdir+0x1df/0x640 fs/ext4/namei.c:3162
 vfs_rmdir+0x276/0x330 fs/namei.c:4461
 do_rmdir+0x19c/0x4b0 fs/namei.c:4516
 __do_sys_unlinkat fs/namei.c:4690 [inline]
 __se_sys_unlinkat fs/namei.c:4684 [inline]
 __x64_sys_unlinkat+0x86/0xb0 fs/namei.c:4684
 x64_sys_call+0x2438/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:264
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff868099c0 of 8 bytes by task 27684 on cpu 1:
 mem_cgroup_flush_stats_ratelimited+0x29/0x70 mm/memcontrol.c:639
 count_shadow_nodes+0x6a/0x230 mm/workingset.c:678
 do_shrink_slab+0x60/0x680 mm/shrinker.c:384
 shrink_slab_memcg mm/shrinker.c:550 [inline]
 shrink_slab+0x448/0x760 mm/shrinker.c:628
 shrink_node_memcgs mm/vmscan.c:6035 [inline]
 shrink_node+0x6c3/0x2120 mm/vmscan.c:6074
 shrink_zones mm/vmscan.c:6318 [inline]
 do_try_to_free_pages+0x3f6/0xcd0 mm/vmscan.c:6380
 try_to_free_mem_cgroup_pages+0x1ab/0x410 mm/vmscan.c:6708
 try_charge_memcg+0x358/0x9e0 mm/memcontrol.c:2362
 obj_cgroup_charge_pages+0xa6/0x150 mm/memcontrol.c:2803
 __memcg_kmem_charge_page+0x9f/0x170 mm/memcontrol.c:2847
 __alloc_frozen_pages_noprof+0x188/0x360 mm/page_alloc.c:4976
 alloc_pages_mpol+0xb3/0x250 mm/mempolicy.c:2419
 alloc_frozen_pages_noprof mm/mempolicy.c:2490 [inline]
 alloc_pages_noprof+0x90/0x130 mm/mempolicy.c:2510
 vm_area_alloc_pages mm/vmalloc.c:3634 [inline]
 __vmalloc_area_node mm/vmalloc.c:3712 [inline]
 __vmalloc_node_range_noprof+0x6f2/0xe00 mm/vmalloc.c:3885
 __kvmalloc_node_noprof+0x30f/0x4e0 mm/slub.c:5037
 ip_set_alloc+0x1f/0x30 net/netfilter/ipset/ip_set_core.c:261
 hash_netiface_create+0x282/0x740 net/netfilter/ipset/ip_set_hash_gen.h:1568
 ip_set_create+0x3c9/0x960 net/netfilter/ipset/ip_set_core.c:1109
 nfnetlink_rcv_msg+0x4c3/0x590 net/netfilter/nfnetlink.c:303
 netlink_rcv_skb+0x123/0x220 net/netlink/af_netlink.c:2534
 nfnetlink_rcv+0x16b/0x1690 net/netfilter/nfnetlink.c:668
 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]
 netlink_unicast+0x5a1/0x670 net/netlink/af_netlink.c:1339
 netlink_sendmsg+0x58b/0x6b0 net/netlink/af_netlink.c:1883
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x145/0x180 net/socket.c:727
 ____sys_sendmsg+0x31e/0x4e0 net/socket.c:2566
 ___sys_sendmsg+0x17b/0x1d0 net/socket.c:2620
 __sys_sendmsg net/socket.c:2652 [inline]
 __do_sys_sendmsg net/socket.c:2657 [inline]
 __se_sys_sendmsg net/socket.c:2655 [inline]
 __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2655
 x64_sys_call+0x2999/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000001000074ab -> 0x00000001000074ac

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 27684 Comm: syz.5.8912 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================