syzbot

==================================================================
BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick

read-write to 0xffff8881000c5ed8 of 8 bytes by interrupt on cpu 1:
 wq_worker_tick+0x60/0x230 kernel/workqueue.c:1493
 sched_tick+0xda/0x210 kernel/sched/core.c:5585
 update_process_times+0x15e/0x190 kernel/time/timer.c:2479
 tick_sched_handle kernel/time/tick-sched.c:298 [inline]
 tick_nohz_handler+0x275/0x3d0 kernel/time/tick-sched.c:319
 __run_hrtimer kernel/time/hrtimer.c:1785 [inline]
 __hrtimer_run_queues+0x218/0x4f0 kernel/time/hrtimer.c:1849
 hrtimer_interrupt+0x269/0x810 kernel/time/hrtimer.c:1911
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1045 [inline]
 __sysvec_apic_timer_interrupt+0x5f/0x1f0 arch/x86/kernel/apic/apic.c:1062
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1056
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
 __preempt_count_dec_and_test arch/x86/include/asm/preempt.h:95 [inline]
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:188 [inline]
 _raw_spin_unlock_irq+0x12/0x30 kernel/locking/spinlock.c:202
 process_one_work kernel/workqueue.c:3244 [inline]
 process_scheduled_works+0x497/0x9e0 kernel/workqueue.c:3358
 worker_thread+0x581/0x770 kernel/workqueue.c:3439
 kthread+0x22a/0x280 kernel/kthread.c:467
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff8881000c5ed8 of 8 bytes by interrupt on cpu 0:
 wq_worker_tick+0x60/0x230 kernel/workqueue.c:1493
 sched_tick+0xda/0x210 kernel/sched/core.c:5585
 update_process_times+0x15e/0x190 kernel/time/timer.c:2479
 tick_sched_handle kernel/time/tick-sched.c:298 [inline]
 tick_nohz_handler+0x275/0x3d0 kernel/time/tick-sched.c:319
 __run_hrtimer kernel/time/hrtimer.c:1785 [inline]
 __hrtimer_run_queues+0x218/0x4f0 kernel/time/hrtimer.c:1849
 hrtimer_interrupt+0x269/0x810 kernel/time/hrtimer.c:1911
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1045 [inline]
 __sysvec_apic_timer_interrupt+0x5f/0x1f0 arch/x86/kernel/apic/apic.c:1062
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1056
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
 queue_work_on+0xda/0x140 kernel/workqueue.c:2410
 queue_work include/linux/workqueue.h:669 [inline]
 tty_insert_flip_string_and_push_buffer+0x1ce/0x1f0 drivers/tty/tty_buffer.c:563
 pty_write+0x70/0x90 drivers/tty/pty.c:116
 tty_put_char+0x8f/0xc0 drivers/tty/tty_io.c:3154
 n_tty_process_echo_ops drivers/tty/n_tty.c:643 [inline]
 __process_echoes+0x2f9/0x6b0 drivers/tty/n_tty.c:689
 flush_echoes drivers/tty/n_tty.c:785 [inline]
 __receive_buf drivers/tty/n_tty.c:1618 [inline]
 n_tty_receive_buf_common+0x918/0xc10 drivers/tty/n_tty.c:1715
 n_tty_receive_buf2+0x33/0x40 drivers/tty/n_tty.c:1759
 tty_ldisc_receive_buf+0x66/0xf0 drivers/tty/tty_buffer.c:387
 tty_port_default_receive_buf+0x59/0x90 drivers/tty/tty_port.c:37
 receive_buf drivers/tty/tty_buffer.c:445 [inline]
 flush_to_ldisc+0x148/0x340 drivers/tty/tty_buffer.c:495
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0x4de/0x9e0 kernel/workqueue.c:3358
 worker_thread+0x581/0x770 kernel/workqueue.c:3439
 kthread+0x22a/0x280 kernel/kthread.c:467
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x00000000000cf850 -> 0x00000000000d1f60

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 30 Comm: kworker/u8:1 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: events_unbound flush_to_ldisc
==================================================================