syzbot

==================================================================
BUG: KCSAN: data-race in __queue_work / wq_worker_running

read-write to 0xffff888237d2abe0 of 4 bytes by task 3223 on cpu 1:
 wq_worker_running+0x96/0xe0 kernel/workqueue.c:880
 schedule_timeout+0xc1/0x290 kernel/time/timer.c:2167
 synchronize_rcu_expedited_wait_once kernel/rcu/tree_exp.h:571 [inline]
 synchronize_rcu_expedited_wait+0x22a/0xc40 kernel/rcu/tree_exp.h:622
 rcu_exp_wait_wake kernel/rcu/tree_exp.h:688 [inline]
 rcu_exp_sel_wait_wake+0x355/0x730 kernel/rcu/tree_exp.h:722
 wait_rcu_exp_gp+0x1a/0x20 kernel/rcu/tree_exp.h:512
 process_one_work+0x3d3/0x720 kernel/workqueue.c:2289
 worker_thread+0x618/0xa70 kernel/workqueue.c:2436
 kthread+0x1a9/0x1e0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

read to 0xffff888237d2abe0 of 4 bytes by task 16548 on cpu 0:
 __need_more_worker kernel/workqueue.c:785 [inline]
 insert_work kernel/workqueue.c:1365 [inline]
 __queue_work+0x79e/0xa60 kernel/workqueue.c:1517
 queue_work_on+0x7e/0xe0 kernel/workqueue.c:1545
 queue_work include/linux/workqueue.h:503 [inline]
 schedule_work include/linux/workqueue.h:564 [inline]
 __xfrm_state_destroy net/xfrm/xfrm_state.c:697 [inline]
 xfrm_state_put include/net/xfrm.h:810 [inline]
 xfrm_state_find+0x20ca/0x29d0 net/xfrm/xfrm_state.c:1351
 xfrm_tmpl_resolve_one net/xfrm/xfrm_policy.c:2467 [inline]
 xfrm_tmpl_resolve net/xfrm/xfrm_policy.c:2512 [inline]
 xfrm_resolve_and_create_bundle+0x522/0x1bf0 net/xfrm/xfrm_policy.c:2805
 xfrm_lookup_with_ifid+0x38f/0x1460 net/xfrm/xfrm_policy.c:3139
 xfrm_lookup net/xfrm/xfrm_policy.c:3268 [inline]
 xfrm_lookup_route+0x37/0x100 net/xfrm/xfrm_policy.c:3279
 ip6_dst_lookup_flow+0x94/0xc0 net/ipv6/ip6_output.c:1246
 rawv6_sendmsg+0x8af/0xe00 net/ipv6/raw.c:898
 inet_sendmsg+0x5f/0x80 net/ipv4/af_inet.c:827
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0x38f/0x500 net/socket.c:2476
 ___sys_sendmsg net/socket.c:2530 [inline]
 __sys_sendmmsg+0x27c/0x4a0 net/socket.c:2616
 __do_sys_sendmmsg net/socket.c:2645 [inline]
 __se_sys_sendmmsg net/socket.c:2642 [inline]
 __x64_sys_sendmmsg+0x53/0x60 net/socket.c:2642
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 16548 Comm: syz-executor.5 Not tainted 6.2.0-rc6-syzkaller-00083-ge7368fd30165-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
==================================================================