==================================================================
BUG: KCSAN: data-race in do_sys_poll / pollwake

read to 0xffffc900030c3bd0 of 4 bytes by task 5000 on cpu 1:
 poll_schedule_timeout fs/select.c:240 [inline]
 do_poll fs/select.c:958 [inline]
 do_sys_poll+0x97b/0xbc0 fs/select.c:1009
 __do_sys_ppoll fs/select.c:1115 [inline]
 __se_sys_ppoll+0x1b9/0x200 fs/select.c:1095
 __x64_sys_ppoll+0x67/0x80 fs/select.c:1095
 x64_sys_call+0x2de5/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:272
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd0/0x1a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffffc900030c3bd0 of 4 bytes by interrupt on cpu 0:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xb6/0x100 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up+0x63/0xb0 kernel/sched/wait.c:127
 bpf_ringbuf_notify+0x22/0x30 kernel/bpf/ringbuf.c:155
 irq_work_single kernel/irq_work.c:221 [inline]
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0xdf/0x2d0 kernel/irq_work.c:261
 __sysvec_irq_work+0x22/0x170 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x2f/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 __wrmsr arch/x86/include/asm/msr.h:96 [inline]
 native_write_msr arch/x86/include/asm/msr.h:147 [inline]
 wrmsr arch/x86/include/asm/msr.h:256 [inline]
 native_apic_msr_write+0x3d/0x60 arch/x86/include/asm/apic.h:212
 apic_write arch/x86/include/asm/apic.h:405 [inline]
 x2apic_send_IPI_self+0x10/0x20 arch/x86/kernel/apic/x2apic_phys.c:107
 __apic_send_IPI_self arch/x86/include/asm/apic.h:455 [inline]
 arch_irq_work_raise+0x46/0x50 arch/x86/kernel/irq_work.c:31
 irq_work_raise kernel/irq_work.c:84 [inline]
 __irq_work_queue_local+0x80/0x1b0 kernel/irq_work.c:112
 irq_work_queue+0x70/0x100 kernel/irq_work.c:124
 bpf_ringbuf_commit kernel/bpf/ringbuf.c:-1 [inline]
 ____bpf_ringbuf_discard kernel/bpf/ringbuf.c:525 [inline]
 bpf_ringbuf_discard+0xd3/0xf0 kernel/bpf/ringbuf.c:523
 bpf_prog_fe0ed97373b08409+0x47/0x4b
 bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline]
 __bpf_prog_run include/linux/filter.h:718 [inline]
 bpf_prog_run include/linux/filter.h:725 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2363 [inline]
 bpf_trace_run3+0x10c/0x1d0 kernel/trace/bpf_trace.c:2405
 __do_trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 kmem_cache_free+0x246/0x2f0 mm/slub.c:4757
 kernfs_free_rcu+0x97/0xb0 fs/kernfs/dir.c:555
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x59c/0xc00 kernel/rcu/tree.c:2824
 rcu_core_si+0xd/0x20 kernel/rcu/tree.c:2841
 handle_softirqs+0xb7/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x74/0x80 arch/x86/kernel/apic/apic.c:1049
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 idr_alloc_u32+0xcd/0x180 lib/idr.c:46
 idr_alloc_cyclic+0x7b/0x140 lib/idr.c:125
 __kernfs_new_node+0xb5/0x350 fs/kernfs/dir.c:643
 kernfs_new_node+0xd0/0x140 fs/kernfs/dir.c:713
 __kernfs_create_file+0x4b/0x180 fs/kernfs/file.c:1038
 sysfs_add_file_mode_ns+0x132/0x1c0 fs/sysfs/file.c:319
 create_files fs/sysfs/group.c:76 [inline]
 internal_create_group+0x441/0x9e0 fs/sysfs/group.c:183
 internal_create_groups fs/sysfs/group.c:223 [inline]
 sysfs_create_groups+0x3f/0xf0 fs/sysfs/group.c:249
 setup_gid_attrs drivers/infiniband/core/sysfs.c:1162 [inline]
 ib_setup_port_attrs+0xe48/0x1430 drivers/infiniband/core/sysfs.c:1439
 add_one_compat_dev+0x261/0x360 drivers/infiniband/core/device.c:968
 rdma_dev_init_net+0x182/0x210 drivers/infiniband/core/device.c:1184
 ops_init+0x227/0x2e0 net/core/net_namespace.c:138
 setup_net+0x13b/0x5f0 net/core/net_namespace.c:364
 copy_net_ns+0x565/0x720 net/core/net_namespace.c:518
 create_new_namespaces+0x20e/0x410 kernel/nsproxy.c:110
 unshare_nsproxy_namespaces+0xe8/0x120 kernel/nsproxy.c:228
 ksys_unshare+0x3d0/0x6d0 kernel/fork.c:3375
 __do_sys_unshare kernel/fork.c:3446 [inline]
 __se_sys_unshare kernel/fork.c:3444 [inline]
 __x64_sys_unshare+0x1f/0x30 kernel/fork.c:3444
 x64_sys_call+0x2d4b/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:273
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd0/0x1a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 4980 Comm: syz.2.606 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
==================================================================