==================================================================
BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick

read-write to 0xffff8881000732b8 of 8 bytes by interrupt on cpu 0:
 wq_worker_tick+0x60/0x230 kernel/workqueue.c:1478
 sched_tick+0x11a/0x270 kernel/sched/core.c:5648
 update_process_times+0x15f/0x190 kernel/time/timer.c:2478
 tick_sched_handle kernel/time/tick-sched.c:276 [inline]
 tick_nohz_handler+0x249/0x2d0 kernel/time/tick-sched.c:297
 __run_hrtimer kernel/time/hrtimer.c:1761 [inline]
 __hrtimer_run_queues+0x20c/0x5a0 kernel/time/hrtimer.c:1825
 hrtimer_interrupt+0x21a/0x460 kernel/time/hrtimer.c:1887
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1d0 arch/x86/kernel/apic/apic.c:1056
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 __preempt_count_dec_and_test arch/x86/include/asm/preempt.h:95 [inline]
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
 _raw_spin_unlock_irqrestore+0x3c/0x60 kernel/locking/spinlock.c:194
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 pcpu_alloc_noprof+0x9c7/0x1210 mm/percpu.c:1858
 fib_nh_common_init+0x48/0x260 net/ipv4/fib_semantics.c:620
 fib6_nh_init+0xfcb/0x15a0 net/ipv6/route.c:3671
 ip6_route_info_create_nh+0xc7/0x610 net/ipv6/route.c:3892
 ip6_route_add+0x6e/0x170 net/ipv6/route.c:3944
 addrconf_prefix_route net/ipv6/addrconf.c:2488 [inline]
 addrconf_add_linklocal+0x2a6/0x340 net/ipv6/addrconf.c:3313
 addrconf_addr_gen+0x314/0x360 net/ipv6/addrconf.c:3442
 addrconf_init_auto_addrs+0x4ef/0x690 net/ipv6/addrconf.c:-1
 addrconf_notify+0x72c/0x930 net/ipv6/addrconf.c:3740
 notifier_call_chain kernel/notifier.c:85 [inline]
 raw_notifier_call_chain+0x6c/0x1b0 kernel/notifier.c:453
 call_netdevice_notifiers_info+0xae/0x100 net/core/dev.c:2229
 netif_state_change+0x16d/0x1f0 net/core/dev.c:1583
 linkwatch_do_dev+0xb9/0xf0 net/core/link_watch.c:186
 __linkwatch_run_queue+0x582/0x850 net/core/link_watch.c:244
 linkwatch_event+0x40/0x50 net/core/link_watch.c:304
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3319
 worker_thread+0x582/0x770 kernel/workqueue.c:3400
 kthread+0x486/0x510 kernel/kthread.c:463
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff8881000732b8 of 8 bytes by interrupt on cpu 1:
 wq_worker_tick+0x60/0x230 kernel/workqueue.c:1478
 sched_tick+0x11a/0x270 kernel/sched/core.c:5648
 update_process_times+0x15f/0x190 kernel/time/timer.c:2478
 tick_sched_handle kernel/time/tick-sched.c:276 [inline]
 tick_nohz_handler+0x249/0x2d0 kernel/time/tick-sched.c:297
 __run_hrtimer kernel/time/hrtimer.c:1761 [inline]
 __hrtimer_run_queues+0x20c/0x5a0 kernel/time/hrtimer.c:1825
 hrtimer_interrupt+0x21a/0x460 kernel/time/hrtimer.c:1887
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1d0 arch/x86/kernel/apic/apic.c:1056
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 kcsan_setup_watchpoint+0x415/0x430 kernel/kcsan/core.c:705
 check_access kernel/kcsan/core.c:753 [inline]
 __tsan_memset+0x1da/0x1f0 kernel/kcsan/core.c:1335
 skb_put_zero include/linux/skbuff.h:2743 [inline]
 nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:789 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]
 nsim_dev_trap_report_work+0x467/0x630 drivers/net/netdevsim/dev.c:866
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3319
 worker_thread+0x582/0x770 kernel/workqueue.c:3400
 kthread+0x486/0x510 kernel/kthread.c:463
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x00000000002bcaf0 -> 0x00000000002bf200

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 3600 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================