syzbot

==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv

read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 1:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 canfd_rcv+0xed/0x190 net/can/af_can.c:705
 __netif_receive_skb_one_core net/core/dev.c:6137 [inline]
 __netif_receive_skb+0x120/0x270 net/core/dev.c:6250
 process_backlog+0x228/0x420 net/core/dev.c:6602
 __napi_poll+0x5f/0x300 net/core/dev.c:7666
 napi_poll net/core/dev.c:7729 [inline]
 net_rx_action+0x425/0x8c0 net/core/dev.c:7881
 handle_softirqs+0xba/0x290 kernel/softirq.c:622
 do_softirq+0x5d/0x90 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_forw_packet_queue+0x141/0x170 net/batman-adv/send.c:-1
 batadv_forw_packet_ogmv1_queue+0x30/0x40 net/batman-adv/send.c:716
 batadv_iv_ogm_aggregate_new net/batman-adv/bat_iv_ogm.c:596 [inline]
 batadv_iv_ogm_queue_add+0x834/0x910 net/batman-adv/bat_iv_ogm.c:677
 batadv_iv_ogm_schedule_buff net/batman-adv/bat_iv_ogm.c:841 [inline]
 batadv_iv_ogm_schedule+0x513/0x810 net/batman-adv/bat_iv_ogm.c:873
 batadv_iv_send_outstanding_bat_ogm_packet+0x419/0x470 net/batman-adv/bat_iv_ogm.c:1709
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
 worker_thread+0x582/0x770 kernel/workqueue.c:3421
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 0:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 canfd_rcv+0xed/0x190 net/can/af_can.c:705
 __netif_receive_skb_one_core net/core/dev.c:6137 [inline]
 __netif_receive_skb+0x120/0x270 net/core/dev.c:6250
 process_backlog+0x228/0x420 net/core/dev.c:6602
 __napi_poll+0x5f/0x300 net/core/dev.c:7666
 napi_poll net/core/dev.c:7729 [inline]
 net_rx_action+0x425/0x8c0 net/core/dev.c:7881
 handle_softirqs+0xba/0x290 kernel/softirq.c:622
 do_softirq+0x5d/0x90 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 __alloc_skb+0x304/0x4d0 net/core/skbuff.c:674
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:818 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:875 [inline]
 nsim_dev_trap_report_work+0x18a/0x630 drivers/net/netdevsim/dev.c:921
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
 worker_thread+0x582/0x770 kernel/workqueue.c:3421
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

value changed: 0x001fe76e -> 0x001fe76f

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 2608 Comm: kworker/u8:12 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv

read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 1:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 canfd_rcv+0xed/0x190 net/can/af_can.c:705
 __netif_receive_skb_one_core net/core/dev.c:6137 [inline]
 __netif_receive_skb+0x120/0x270 net/core/dev.c:6250
 process_backlog+0x228/0x420 net/core/dev.c:6602
 __napi_poll+0x5f/0x300 net/core/dev.c:7666
 napi_poll net/core/dev.c:7729 [inline]
 net_rx_action+0x425/0x8c0 net/core/dev.c:7881
 handle_softirqs+0xba/0x290 kernel/softirq.c:622
 do_softirq+0x5d/0x90 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_tt_global_purge net/batman-adv/translation-table.c:2250 [inline]
 batadv_tt_purge+0x2cd/0x610 net/batman-adv/translation-table.c:3510
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
 worker_thread+0x582/0x770 kernel/workqueue.c:3421
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 0:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 canfd_rcv+0xed/0x190 net/can/af_can.c:705
 __netif_receive_skb_one_core net/core/dev.c:6137 [inline]
 __netif_receive_skb+0x120/0x270 net/core/dev.c:6250
 process_backlog+0x228/0x420 net/core/dev.c:6602
 __napi_poll+0x5f/0x300 net/core/dev.c:7666
 napi_poll net/core/dev.c:7729 [inline]
 net_rx_action+0x425/0x8c0 net/core/dev.c:7881
 handle_softirqs+0xba/0x290 kernel/softirq.c:622
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:1063
 smpboot_thread_fn+0x32b/0x530 kernel/smpboot.c:160
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

value changed: 0x002341a7 -> 0x002341a8

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv

read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 1:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 canfd_rcv+0xed/0x190 net/can/af_can.c:705
 __netif_receive_skb_one_core net/core/dev.c:6137 [inline]
 __netif_receive_skb+0x120/0x270 net/core/dev.c:6250
 process_backlog+0x228/0x420 net/core/dev.c:6602
 __napi_poll+0x5f/0x300 net/core/dev.c:7666
 napi_poll net/core/dev.c:7729 [inline]
 net_rx_action+0x425/0x8c0 net/core/dev.c:7881
 handle_softirqs+0xba/0x290 kernel/softirq.c:622
 do_softirq+0x5d/0x90 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_tt_global_purge net/batman-adv/translation-table.c:2250 [inline]
 batadv_tt_purge+0x2cd/0x610 net/batman-adv/translation-table.c:3510
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
 worker_thread+0x582/0x770 kernel/workqueue.c:3421
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

read-write to 0xffff8881001537a0 of 4 bytes by interrupt on cpu 0:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 canfd_rcv+0xed/0x190 net/can/af_can.c:705
 __netif_receive_skb_one_core net/core/dev.c:6137 [inline]
 __netif_receive_skb+0x120/0x270 net/core/dev.c:6250
 process_backlog+0x228/0x420 net/core/dev.c:6602
 __napi_poll+0x5f/0x300 net/core/dev.c:7666
 napi_poll net/core/dev.c:7729 [inline]
 net_rx_action+0x425/0x8c0 net/core/dev.c:7881
 handle_softirqs+0xba/0x290 kernel/softirq.c:622
 do_softirq+0x5d/0x90 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 __alloc_skb+0x49b/0x4d0 net/core/skbuff.c:674
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:818 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:875 [inline]
 nsim_dev_trap_report_work+0x18a/0x630 drivers/net/netdevsim/dev.c:921
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340
 worker_thread+0x582/0x770 kernel/workqueue.c:3421
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

value changed: 0x002e4cd1 -> 0x002e4cd2

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 4679 Comm: kworker/u8:42 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================