==================================================================
BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick

read-write to 0xffff88810006ceb8 of 8 bytes by interrupt on cpu 0:
 wq_worker_tick+0x63/0x240 kernel/workqueue.c:1479
 scheduler_tick+0x144/0x1d0 kernel/sched/core.c:5699
 update_process_times+0x15a/0x180 kernel/time/timer.c:2481
 tick_sched_handle kernel/time/tick-sched.c:273 [inline]
 tick_nohz_handler+0x250/0x2d0 kernel/time/tick-sched.c:294
 __run_hrtimer kernel/time/hrtimer.c:1692 [inline]
 __hrtimer_run_queues+0x214/0x5e0 kernel/time/hrtimer.c:1756
 hrtimer_interrupt+0x210/0x7b0 kernel/time/hrtimer.c:1818
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1a0 arch/x86/kernel/apic/apic.c:1049
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x6e/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 is_atomic kernel/kcsan/core.c:264 [inline]
 should_watch kernel/kcsan/core.c:277 [inline]
 check_access kernel/kcsan/core.c:752 [inline]
 __tsan_unaligned_write8+0x141/0x180 kernel/kcsan/core.c:1025
 list_del include/linux/list.h:231 [inline]
 io_cqring_overflow_kill+0x181/0x1e0 io_uring/io_uring.c:681
 io_ring_exit_work+0xda/0x500 io_uring/io_uring.c:3051
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243

read-write to 0xffff88810006ceb8 of 8 bytes by interrupt on cpu 1:
 wq_worker_tick+0x63/0x240 kernel/workqueue.c:1479
 scheduler_tick+0x144/0x1d0 kernel/sched/core.c:5699
 update_process_times+0x15a/0x180 kernel/time/timer.c:2481
 tick_sched_handle kernel/time/tick-sched.c:273 [inline]
 tick_nohz_handler+0x250/0x2d0 kernel/time/tick-sched.c:294
 __run_hrtimer kernel/time/hrtimer.c:1692 [inline]
 __hrtimer_run_queues+0x214/0x5e0 kernel/time/hrtimer.c:1756
 hrtimer_interrupt+0x210/0x7b0 kernel/time/hrtimer.c:1818
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1a0 arch/x86/kernel/apic/apic.c:1049
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x6e/0x80 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 percpu_ref_put_many include/linux/percpu-refcount.h:333 [inline]
 percpu_ref_put include/linux/percpu-refcount.h:351 [inline]
 obj_cgroup_put include/linux/memcontrol.h:822 [inline]
 __memcg_slab_free_hook+0x46/0x130 mm/slub.c:2013
 memcg_slab_free_hook mm/slub.c:2030 [inline]
 slab_free mm/slub.c:4297 [inline]
 kmem_cache_free+0x18b/0x250 mm/slub.c:4363
 io_req_caches_free+0x11d/0x220 io_uring/io_uring.c:2862
 io_ring_exit_work+0x20d/0x500 io_uring/io_uring.c:3073
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
 worker_thread+0x526/0x730 kernel/workqueue.c:3416
 kthread+0x1d1/0x210 kernel/kthread.c:388
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243

value changed: 0x00000000017561f0 -> 0x0000000001758900

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 8663 Comm: kworker/u8:0 Not tainted 6.8.0-syzkaller-01185-g855684c7d938 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
Workqueue: events_unbound io_ring_exit_work
==================================================================