==================================================================
BUG: KCSAN: data-race in can_receive / can_receive

read-write to 0xffff888104135568 of 8 bytes by interrupt on cpu 1:
 can_receive+0x62/0x1f0 net/can/af_can.c:651
 canfd_rcv+0xe7/0x180 net/can/af_can.c:703
 __netif_receive_skb_one_core net/core/dev.c:5828 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5941
 process_backlog+0x22e/0x440 net/core/dev.c:6289
 __napi_poll+0x63/0x3c0 net/core/dev.c:7106
 napi_poll net/core/dev.c:7175 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:7297
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 do_softirq+0x5e/0x90 kernel/softirq.c:462
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:389
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_nc_purge_paths+0x220/0x270 net/batman-adv/network-coding.c:471
 batadv_nc_worker+0x3db/0xad0 net/batman-adv/network-coding.c:720
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0x4db/0xa20 kernel/workqueue.c:3317
 worker_thread+0x51d/0x6f0 kernel/workqueue.c:3398
 kthread+0x4ae/0x520 kernel/kthread.c:464
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read-write to 0xffff888104135568 of 8 bytes by interrupt on cpu 0:
 can_receive+0x62/0x1f0 net/can/af_can.c:651
 canfd_rcv+0xe7/0x180 net/can/af_can.c:703
 __netif_receive_skb_one_core net/core/dev.c:5828 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5941
 process_backlog+0x22e/0x440 net/core/dev.c:6289
 __napi_poll+0x63/0x3c0 net/core/dev.c:7106
 napi_poll net/core/dev.c:7175 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:7297
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 __do_softirq kernel/softirq.c:595 [inline]
 invoke_softirq kernel/softirq.c:435 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:662
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1049
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 __preempt_count_add kernel/locking/spinlock.c:153 [inline]
 __raw_spin_lock include/linux/spinlock_api_smp.h:132 [inline]
 _raw_spin_lock+0x5/0x50 kernel/locking/spinlock.c:154
 spin_lock include/linux/spinlock.h:351 [inline]
 wg_ratelimiter_gc_entries+0x5d/0x340 drivers/net/wireguard/ratelimiter.c:63
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0x4db/0xa20 kernel/workqueue.c:3317
 worker_thread+0x51d/0x6f0 kernel/workqueue.c:3398
 kthread+0x4ae/0x520 kernel/kthread.c:464
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

value changed: 0x0000000000001c1a -> 0x0000000000001c1b

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 3373 Comm: kworker/0:3 Not tainted 6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Workqueue: events_power_efficient wg_ratelimiter_gc_entries
==================================================================
==================================================================
BUG: KCSAN: data-race in can_receive / can_receive

read-write to 0xffff888104135508 of 8 bytes by interrupt on cpu 1:
 can_receive+0x4e/0x1f0 net/can/af_can.c:650
 canfd_rcv+0xe7/0x180 net/can/af_can.c:703
 __netif_receive_skb_one_core net/core/dev.c:5828 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5941
 process_backlog+0x22e/0x440 net/core/dev.c:6289
 __napi_poll+0x63/0x3c0 net/core/dev.c:7106
 napi_poll net/core/dev.c:7175 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:7297
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 do_softirq+0x5e/0x90 kernel/softirq.c:462
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:389
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]
 nsim_dev_trap_report_work+0x522/0x620 drivers/net/netdevsim/dev.c:851
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0x4db/0xa20 kernel/workqueue.c:3317
 worker_thread+0x51d/0x6f0 kernel/workqueue.c:3398
 kthread+0x4ae/0x520 kernel/kthread.c:464
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

read-write to 0xffff888104135508 of 8 bytes by interrupt on cpu 0:
 can_receive+0x4e/0x1f0 net/can/af_can.c:650
 canfd_rcv+0xe7/0x180 net/can/af_can.c:703
 __netif_receive_skb_one_core net/core/dev.c:5828 [inline]
 __netif_receive_skb+0x123/0x280 net/core/dev.c:5941
 process_backlog+0x22e/0x440 net/core/dev.c:6289
 __napi_poll+0x63/0x3c0 net/core/dev.c:7106
 napi_poll net/core/dev.c:7175 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:7297
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 __do_softirq kernel/softirq.c:595 [inline]
 invoke_softirq kernel/softirq.c:435 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:662
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1049
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 __tsan_read8+0x4/0x180 kernel/kcsan/core.c:1025
 kernfs_find_ns+0xae/0x1a0
 kernfs_find_and_get_ns+0x55/0xb0 fs/kernfs/dir.c:919
 kernfs_find_and_get include/linux/kernfs.h:604 [inline]
 sysfs_unmerge_group+0x36/0xb0 fs/sysfs/group.c:399
 pm_qos_sysfs_remove_resume_latency+0x1c/0x30 drivers/base/power/sysfs.c:800
 dev_pm_qos_constraints_destroy+0x2a/0x3b0 drivers/base/power/qos.c:260
 dpm_sysfs_remove+0x54/0x90 drivers/base/power/sysfs.c:834
 device_del+0x134/0x780 drivers/base/core.c:3829
 rfkill_unregister+0x80/0x170 net/rfkill/core.c:1143
 nfc_unregister_device+0x52/0x130 net/nfc/core.c:1167
 nci_unregister_device+0x14c/0x160 net/nfc/nci/core.c:1323
 virtual_ncidev_close+0x2a/0x50 drivers/nfc/virtual_ncidev.c:172
 __fput+0x2ac/0x640 fs/file_table.c:464
 ____fput+0x1c/0x30 fs/file_table.c:492
 task_work_run+0x13a/0x1a0 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x5d8/0x17f0 kernel/exit.c:938
 do_group_exit+0x102/0x150 kernel/exit.c:1087
 get_signal+0xeb9/0x1000 kernel/signal.c:3036
 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x62/0x120 kernel/entry/common.c:218
 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000007655 -> 0x0000000000007656

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 4067 Comm: syz.0.208 Not tainted 6.14.0-rc2-syzkaller-00185-g128c8f96eb86 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
==================================================================