syzbot

==================================================================
BUG: KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath

write to 0xffffc90008c4f1f0 of 1 bytes by task 28289 on cpu 0:
 rwsem_try_write_lock kernel/locking/rwsem.c:653 [inline]
 rwsem_down_write_slowpath+0x3eb/0xa80 kernel/locking/rwsem.c:1159
 __down_write_common kernel/locking/rwsem.c:1317 [inline]
 __down_write kernel/locking/rwsem.c:1326 [inline]
 down_write+0xab/0xc0 kernel/locking/rwsem.c:1591
 kernfs_add_one+0x5a/0x280 fs/kernfs/dir.c:796
 kernfs_create_link+0xeb/0x130 fs/kernfs/symlink.c:48
 sysfs_do_create_link_sd+0x6a/0x100 fs/sysfs/symlink.c:44
 sysfs_do_create_link fs/sysfs/symlink.c:80 [inline]
 sysfs_create_link+0x51/0x70 fs/sysfs/symlink.c:92
 device_add_class_symlinks+0x168/0x1d0 drivers/base/core.c:3448
 device_add+0x359/0x770 drivers/base/core.c:3640
 wakeup_source_device_create drivers/base/power/wakeup_stats.c:163 [inline]
 wakeup_source_sysfs_add+0x15a/0x1d0 drivers/base/power/wakeup_stats.c:183
 wakeup_source_register+0xfd/0x240 drivers/base/power/wakeup.c:218
 ep_create_wakeup_source fs/eventpoll.c:1501 [inline]
 ep_insert+0x8ca/0xe00 fs/eventpoll.c:1630
 do_epoll_ctl+0x686/0x8a0 fs/eventpoll.c:2340
 __do_sys_epoll_ctl fs/eventpoll.c:2391 [inline]
 __se_sys_epoll_ctl fs/eventpoll.c:2382 [inline]
 __x64_sys_epoll_ctl+0xcb/0x100 fs/eventpoll.c:2382
 x64_sys_call+0x745/0x3000 arch/x86/include/generated/asm/syscalls_64.h:234
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc0/0x2a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffc90008c4f1f0 of 1 bytes by task 28292 on cpu 1:
 rwsem_down_write_slowpath+0x45e/0xa80 kernel/locking/rwsem.c:1177
 __down_write_common kernel/locking/rwsem.c:1317 [inline]
 __down_write kernel/locking/rwsem.c:1326 [inline]
 down_write+0xab/0xc0 kernel/locking/rwsem.c:1591
 kernfs_add_one+0x5a/0x280 fs/kernfs/dir.c:796
 __kernfs_create_file+0x145/0x180 fs/kernfs/file.c:1086
 sysfs_add_file_mode_ns+0x132/0x1b0 fs/sysfs/file.c:313
 create_files fs/sysfs/group.c:82 [inline]
 internal_create_group+0x441/0x9e0 fs/sysfs/group.c:189
 internal_create_groups fs/sysfs/group.c:229 [inline]
 sysfs_create_groups+0x3f/0xf0 fs/sysfs/group.c:255
 device_add_groups drivers/base/core.c:2836 [inline]
 device_add_attrs+0x64/0x3f0 drivers/base/core.c:2900
 device_add+0x37a/0x770 drivers/base/core.c:3643
 netdev_register_kobject+0x109/0x230 net/core/net-sysfs.c:2358
 register_netdevice+0x8df/0x1000 net/core/dev.c:11406
 bond_newlink+0x2f/0xb0 drivers/net/bonding/bond_netlink.c:601
 rtnl_newlink_create+0x1e4/0x650 net/core/rtnetlink.c:3840
 __rtnl_newlink net/core/rtnetlink.c:3957 [inline]
 rtnl_newlink+0xf5b/0x1370 net/core/rtnetlink.c:4072
 rtnetlink_rcv_msg+0x64b/0x720 net/core/rtnetlink.c:6958
 netlink_rcv_skb+0x123/0x220 net/netlink/af_netlink.c:2550
 rtnetlink_rcv+0x1c/0x30 net/core/rtnetlink.c:6985
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x5c0/0x690 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x5c8/0x6f0 net/netlink/af_netlink.c:1894
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg net/socket.c:742 [inline]
 ____sys_sendmsg+0x5af/0x600 net/socket.c:2592
 ___sys_sendmsg+0x195/0x1e0 net/socket.c:2646
 __sys_sendmsg net/socket.c:2678 [inline]
 __do_sys_sendmsg net/socket.c:2683 [inline]
 __se_sys_sendmsg net/socket.c:2681 [inline]
 __x64_sys_sendmsg+0xd4/0x160 net/socket.c:2681
 x64_sys_call+0x17ba/0x3000 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc0/0x2a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 28292 Comm: syz.2.7164 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
==================================================================
8021q: adding VLAN 0 to HW filter on device bond2
__nla_validate_parse: 1 callbacks suppressed
netlink: 8 bytes leftover after parsing attributes in process `syz.2.7164'.
netlink: 4 bytes leftover after parsing attributes in process `syz.2.7164'.
netlink: 8 bytes leftover after parsing attributes in process `syz.2.7164'.