syzbot

==================================================================
BUG: KCSAN: data-race in do_sys_poll / pollwake

read to 0xffffc90001dabbd0 of 4 bytes by task 31428 on cpu 0:
 poll_schedule_timeout fs/select.c:240 [inline]
 do_poll fs/select.c:958 [inline]
 do_sys_poll+0x9f1/0xc80 fs/select.c:1009
 __do_sys_ppoll fs/select.c:1115 [inline]
 __se_sys_ppoll+0x1b5/0x1f0 fs/select.c:1095
 __x64_sys_ppoll+0x67/0x80 fs/select.c:1095
 x64_sys_call+0x2c89/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:272
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffffc90001dabbd0 of 4 bytes by interrupt on cpu 1:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xc1/0x110 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up+0x65/0xb0 kernel/sched/wait.c:127
 bpf_ringbuf_notify+0x22/0x30 kernel/bpf/ringbuf.c:154
 irq_work_single kernel/irq_work.c:221 [inline]
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0xe1/0x2d0 kernel/irq_work.c:261
 __sysvec_irq_work+0x23/0x1a0 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x66/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 native_apic_mem_write arch/x86/include/asm/apic.h:101 [inline]
 __default_send_IPI_shortcut arch/x86/kernel/apic/ipi.c:167 [inline]
 default_send_IPI_self+0x38/0x80 arch/x86/kernel/apic/ipi.c:248
 __apic_send_IPI_self arch/x86/include/asm/apic.h:455 [inline]
 arch_irq_work_raise+0x48/0x50 arch/x86/kernel/irq_work.c:31
 irq_work_raise kernel/irq_work.c:84 [inline]
 __irq_work_queue_local+0x82/0x1d0 kernel/irq_work.c:112
 irq_work_queue+0x85/0x120 kernel/irq_work.c:124
 bpf_ringbuf_commit kernel/bpf/ringbuf.c:-1 [inline]
 ____bpf_ringbuf_discard kernel/bpf/ringbuf.c:528 [inline]
 bpf_ringbuf_discard+0xcd/0xf0 kernel/bpf/ringbuf.c:526
 bpf_prog_fe0ed97373b08409+0x47/0x4b
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2358 [inline]
 bpf_trace_run3+0x10e/0x1d0 kernel/trace/bpf_trace.c:2400
 __do_trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 kmem_cache_free+0x243/0x2e0 mm/slub.c:4734
 kfree_skbmem net/core/skbuff.c:-1 [inline]
 __kfree_skb+0x102/0x150 net/core/skbuff.c:1177
 sk_skb_reason_drop+0xba/0x290 net/core/skbuff.c:1214
 packet_rcv+0xd4/0x990 net/packet/af_packet.c:2277
 __netif_receive_skb_list_ptype net/core/dev.c:5939 [inline]
 __netif_receive_skb_list_core+0x495/0x520 net/core/dev.c:5981
 __netif_receive_skb_list net/core/dev.c:6033 [inline]
 netif_receive_skb_list_internal+0x4e6/0x670 net/core/dev.c:6124
 netif_receive_skb_list+0x31/0x230 net/core/dev.c:6176
 xdp_recv_frames net/bpf/test_run.c:280 [inline]
 xdp_test_run_batch net/bpf/test_run.c:361 [inline]
 bpf_test_run_xdp_live+0xe17/0x1050 net/bpf/test_run.c:390
 bpf_prog_test_run_xdp+0x526/0x8e0 net/bpf/test_run.c:1316
 bpf_prog_test_run+0x20e/0x3a0 kernel/bpf/syscall.c:4407
 __sys_bpf+0x40d/0x7c0 kernel/bpf/syscall.c:5813
 __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5900
 x64_sys_call+0x23da/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:322
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 31431 Comm: syz.0.11826 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
==================================================================