==================================================================
BUG: KCSAN: data-race in pollwake / pollwake

write to 0xffffc9000310f9e0 of 4 bytes by interrupt on cpu 1:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xb6/0x100 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up+0x63/0xb0 kernel/sched/wait.c:127
 bpf_ringbuf_notify+0x22/0x30 kernel/bpf/ringbuf.c:155
 irq_work_single kernel/irq_work.c:221 [inline]
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0xdf/0x2d0 kernel/irq_work.c:261
 __sysvec_irq_work+0x22/0x170 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x66/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 finish_task_switch+0xb6/0x2b0 kernel/sched/core.c:5264
 context_switch kernel/sched/core.c:5399 [inline]
 __schedule+0x6a8/0xb30 kernel/sched/core.c:6785
 __schedule_loop kernel/sched/core.c:6863 [inline]
 schedule+0x5f/0xd0 kernel/sched/core.c:6878
 schedule_hrtimeout_range_clock+0xf7/0x180 kernel/time/sleep_timeout.c:207
 schedule_hrtimeout_range+0x28/0x40 kernel/time/sleep_timeout.c:263
 ep_poll fs/eventpoll.c:2116 [inline]
 do_epoll_wait+0x840/0x940 fs/eventpoll.c:2532
 do_epoll_pwait fs/eventpoll.c:2562 [inline]
 __do_sys_epoll_pwait fs/eventpoll.c:2575 [inline]
 __se_sys_epoll_pwait+0x157/0x270 fs/eventpoll.c:2569
 __x64_sys_epoll_pwait+0x78/0x90 fs/eventpoll.c:2569
 x64_sys_call+0x298e/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:282
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffffc9000310f9e0 of 4 bytes by interrupt on cpu 0:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xb6/0x100 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up+0x63/0xb0 kernel/sched/wait.c:127
 bpf_ringbuf_notify+0x22/0x30 kernel/bpf/ringbuf.c:155
 irq_work_single kernel/irq_work.c:221 [inline]
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0xdf/0x2d0 kernel/irq_work.c:261
 __sysvec_irq_work+0x22/0x170 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x2f/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 __wrmsrq arch/x86/include/asm/msr.h:80 [inline]
 native_write_msr arch/x86/include/asm/msr.h:137 [inline]
 wrmsrq arch/x86/include/asm/msr.h:199 [inline]
 native_apic_msr_write+0x3d/0x60 arch/x86/include/asm/apic.h:212
 apic_write arch/x86/include/asm/apic.h:405 [inline]
 x2apic_send_IPI_self+0x10/0x20 arch/x86/kernel/apic/x2apic_phys.c:107
 __apic_send_IPI_self arch/x86/include/asm/apic.h:455 [inline]
 arch_irq_work_raise+0x46/0x50 arch/x86/kernel/irq_work.c:31
 irq_work_raise kernel/irq_work.c:84 [inline]
 __irq_work_queue_local+0x10f/0x2c0 kernel/irq_work.c:112
 irq_work_queue+0x70/0x100 kernel/irq_work.c:124
 bpf_ringbuf_commit kernel/bpf/ringbuf.c:-1 [inline]
 ____bpf_ringbuf_discard kernel/bpf/ringbuf.c:525 [inline]
 bpf_ringbuf_discard+0xd3/0xf0 kernel/bpf/ringbuf.c:523
 bpf_prog_fe0ed97373b08409+0x4b/0x4f
 bpf_dispatcher_nop_func include/linux/bpf.h:1322 [inline]
 __bpf_prog_run include/linux/filter.h:709 [inline]
 bpf_prog_run include/linux/filter.h:725 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2258 [inline]
 bpf_trace_run3+0x199/0x1d0 kernel/trace/bpf_trace.c:2300
 __traceiter_kmem_cache_free+0x38/0x60 include/trace/events/kmem.h:114
 __do_trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 kmem_cache_free+0x257/0x300 mm/slub.c:4744
 inode_free_by_rcu+0x36/0x70 security/security.c:1711
 rcu_do_batch kernel/rcu/tree.c:2576 [inline]
 rcu_core+0x5a2/0xc00 kernel/rcu/tree.c:2832
 rcu_core_si+0xd/0x20 kernel/rcu/tree.c:2849
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x6b/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 finish_task_switch+0xb6/0x2b0 kernel/sched/core.c:5264
 context_switch kernel/sched/core.c:5399 [inline]
 __schedule+0x6a8/0xb30 kernel/sched/core.c:6785
 __schedule_loop kernel/sched/core.c:6863 [inline]
 schedule+0x5f/0xd0 kernel/sched/core.c:6878
 smpboot_thread_fn+0x370/0x530 kernel/smpboot.c:160
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================