syzbot

==================================================================
BUG: KCSAN: data-race in pollwake / pollwake

write to 0xffffc900013ef9e0 of 4 bytes by interrupt on cpu 1:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xb6/0x100 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up_sync_key+0x52/0x80 kernel/sched/wait.c:173
 sock_def_readable+0x70/0x190 net/core/sock.c:3583
 tcp_data_ready+0x1ae/0x290 net/ipv4/tcp_input.c:5246
 tcp_data_queue+0x15b0/0x3270 net/ipv4/tcp_input.c:5336
 tcp_rcv_established+0xa0f/0xef0 net/ipv4/tcp_input.c:6308
 tcp_v4_do_rcv+0x672/0x740 net/ipv4/tcp_ipv4.c:1925
 tcp_v4_rcv+0x1bd7/0x1f60 net/ipv4/tcp_ipv4.c:2363
 ip_protocol_deliver_rcu+0x397/0x780 net/ipv4/ip_input.c:205
 ip_local_deliver_finish+0x184/0x220 net/ipv4/ip_input.c:233
 NF_HOOK include/linux/netfilter.h:317 [inline]
 ip_local_deliver+0xe8/0x1c0 net/ipv4/ip_input.c:254
 dst_input include/net/dst.h:469 [inline]
 ip_sublist_rcv_finish net/ipv4/ip_input.c:578 [inline]
 ip_list_rcv_finish net/ipv4/ip_input.c:627 [inline]
 ip_sublist_rcv+0x56b/0x650 net/ipv4/ip_input.c:635
 ip_list_rcv+0x261/0x290 net/ipv4/ip_input.c:669
 __netif_receive_skb_list_ptype net/core/dev.c:6020 [inline]
 __netif_receive_skb_list_core+0x4dc/0x500 net/core/dev.c:6067
 __netif_receive_skb_list net/core/dev.c:6119 [inline]
 netif_receive_skb_list_internal+0x487/0x600 net/core/dev.c:6210
 gro_normal_list include/net/gro.h:532 [inline]
 napi_complete_done+0x1a3/0x410 net/core/dev.c:6580
 virtqueue_napi_complete drivers/net/virtio_net.c:737 [inline]
 virtnet_poll+0x189f/0x1d10 drivers/net/virtio_net.c:3053
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xb7/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 common_interrupt+0x83/0x90 arch/x86/kernel/irq.c:285
 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
 __wrmsrq arch/x86/include/asm/msr.h:80 [inline]
 native_write_msr arch/x86/include/asm/msr.h:137 [inline]
 wrmsrq arch/x86/include/asm/msr.h:199 [inline]
 native_x2apic_icr_write arch/x86/include/asm/apic.h:233 [inline]
 __x2apic_send_IPI_dest arch/x86/kernel/apic/x2apic_phys.c:113 [inline]
 x2apic_send_IPI+0x4c/0x80 arch/x86/kernel/apic/x2apic_phys.c:50
 __apic_send_IPI arch/x86/include/asm/apic.h:430 [inline]
 native_send_call_func_single_ipi+0xe/0x20 arch/x86/kernel/apic/ipi.c:79
 arch_send_call_function_single_ipi arch/x86/include/asm/smp.h:95 [inline]
 send_call_function_single_ipi kernel/smp.c:118 [inline]
 __smp_call_single_queue+0x10b/0x380 kernel/smp.c:411
 generic_exec_single+0x14a/0x350 kernel/smp.c:444
 smp_call_function_single_async+0x5c/0xb0 kernel/smp.c:724
 rdmsr_safe_on_cpu+0xa7/0x130 arch/x86/lib/msr-smp.c:179
 msr_read+0xa3/0x160 arch/x86/kernel/msr.c:66
 vfs_read+0x1a0/0x6f0 fs/read_write.c:570
 ksys_read+0xda/0x1a0 fs/read_write.c:715
 __do_sys_read fs/read_write.c:724 [inline]
 __se_sys_read fs/read_write.c:722 [inline]
 __x64_sys_read+0x40/0x50 fs/read_write.c:722
 x64_sys_call+0x2d77/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:1
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffffc900013ef9e0 of 4 bytes by task 18112 on cpu 0:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xb6/0x100 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up_sync_key+0x52/0x80 kernel/sched/wait.c:173
 anon_pipe_write+0x8ba/0xaa0 fs/pipe.c:594
 new_sync_write fs/read_write.c:593 [inline]
 vfs_write+0x4a0/0x8e0 fs/read_write.c:686
 ksys_write+0xda/0x1a0 fs/read_write.c:738
 __do_sys_write fs/read_write.c:749 [inline]
 __se_sys_write fs/read_write.c:746 [inline]
 __x64_sys_write+0x40/0x50 fs/read_write.c:746
 x64_sys_call+0x2cdd/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:2
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 18112 Comm: syz-executor Tainted: G        W           6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================