==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv

read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x74/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 finish_task_switch+0xb6/0x2b0 kernel/sched/core.c:5269
 context_switch kernel/sched/core.c:5404 [inline]
 __schedule+0x6a8/0xb30 kernel/sched/core.c:6790
 __schedule_loop kernel/sched/core.c:6868 [inline]
 schedule+0x5f/0xd0 kernel/sched/core.c:6883
 schedule_timeout+0x53/0x170 kernel/time/sleep_timeout.c:75
 unix_wait_for_peer+0x113/0x170 net/unix/af_unix.c:1596
 unix_dgram_sendmsg+0x87f/0xfa0 net/unix/af_unix.c:2199
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x145/0x180 net/socket.c:727
 ____sys_sendmsg+0x345/0x4e0 net/socket.c:2566
 ___sys_sendmsg+0x17b/0x1d0 net/socket.c:2620
 __sys_sendmmsg+0x178/0x300 net/socket.c:2709
 __do_sys_sendmmsg net/socket.c:2736 [inline]
 __se_sys_sendmmsg net/socket.c:2733 [inline]
 __x64_sys_sendmmsg+0x57/0x70 net/socket.c:2733
 x64_sys_call+0x2f2f/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:308
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x74/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 preempt_count arch/x86/include/asm/preempt.h:27 [inline]
 check_kcov_mode kernel/kcov.c:183 [inline]
 __sanitizer_cov_trace_pc+0x18/0x70 kernel/kcov.c:217
 scm_recv_unix+0x2d/0x220 net/core/scm.c:520
 __unix_dgram_recvmsg+0x74f/0x840 net/unix/af_unix.c:2596
 unix_dgram_recvmsg+0x81/0x90 net/unix/af_unix.c:2616
 sock_recvmsg_nosec+0x104/0x130 net/socket.c:1017
 ____sys_recvmsg+0x26f/0x280 net/socket.c:2784
 ___sys_recvmsg+0x11f/0x370 net/socket.c:2828
 do_recvmmsg+0x1ef/0x540 net/socket.c:2923
 __sys_recvmmsg net/socket.c:2997 [inline]
 __do_sys_recvmmsg net/socket.c:3020 [inline]
 __se_sys_recvmmsg net/socket.c:3013 [inline]
 __x64_sys_recvmmsg+0xe5/0x170 net/socket.c:3013
 x64_sys_call+0x1c6a/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:300
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00158134 -> 0x00158135

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5539 Comm: syz.5.606 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 lock_sock_nested+0x112/0x140 net/core/sock.c:3759
 lock_sock include/net/sock.h:1667 [inline]
 sockopt_lock_sock+0x42/0x50 net/core/sock.c:1150
 do_ip_getsockopt+0xa85/0xfe0 net/ipv4/ip_sockglue.c:1703
 ip_getsockopt+0x5c/0x180 net/ipv4/ip_sockglue.c:1765
 tcp_getsockopt+0xaa/0xe0 net/ipv4/tcp.c:4760
 sock_common_getsockopt+0x5d/0x70 net/core/sock.c:3917
 do_sock_getsockopt+0x200/0x240 net/socket.c:2357
 __sys_getsockopt net/socket.c:2386 [inline]
 __do_sys_getsockopt net/socket.c:2393 [inline]
 __se_sys_getsockopt net/socket.c:2390 [inline]
 __x64_sys_getsockopt+0x11e/0x1a0 net/socket.c:2390
 x64_sys_call+0x12aa/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:56
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x74/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 __sanitizer_cov_trace_pc+0x4a/0x70 kernel/kcov.c:222
 pid_nr_ns kernel/pid.c:494 [inline]
 pid_vnr+0xa9/0x100 kernel/pid.c:505
 scm_set_cred include/net/scm.h:73 [inline]
 __unix_dgram_recvmsg+0x5e3/0x840 net/unix/af_unix.c:2567
 unix_dgram_recvmsg+0x81/0x90 net/unix/af_unix.c:2616
 sock_recvmsg_nosec+0x104/0x130 net/socket.c:1017
 ____sys_recvmsg+0x26f/0x280 net/socket.c:2784
 ___sys_recvmsg+0x11f/0x370 net/socket.c:2828
 do_recvmmsg+0x1ef/0x540 net/socket.c:2923
 __sys_recvmmsg net/socket.c:2997 [inline]
 __do_sys_recvmmsg net/socket.c:3020 [inline]
 __se_sys_recvmmsg net/socket.c:3013 [inline]
 __x64_sys_recvmmsg+0xe5/0x170 net/socket.c:3013
 x64_sys_call+0x1c6a/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:300
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000161403 -> 0x0000000000161404

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5539 Comm: syz.5.606 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 lock_sock_nested+0x112/0x140 net/core/sock.c:3759
 lock_sock include/net/sock.h:1667 [inline]
 sockopt_lock_sock+0x42/0x50 net/core/sock.c:1150
 do_ip_getsockopt+0xa85/0xfe0 net/ipv4/ip_sockglue.c:1703
 ip_getsockopt+0x5c/0x180 net/ipv4/ip_sockglue.c:1765
 tcp_getsockopt+0xaa/0xe0 net/ipv4/tcp.c:4760
 sock_common_getsockopt+0x5d/0x70 net/core/sock.c:3917
 do_sock_getsockopt+0x200/0x240 net/socket.c:2357
 __sys_getsockopt net/socket.c:2386 [inline]
 __do_sys_getsockopt net/socket.c:2393 [inline]
 __se_sys_getsockopt net/socket.c:2390 [inline]
 __x64_sys_getsockopt+0x11e/0x1a0 net/socket.c:2390
 x64_sys_call+0x12aa/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:56
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x74/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 get_current arch/x86/include/asm/current.h:25 [inline]
 get_ctx kernel/kcsan/core.c:206 [inline]
 check_access kernel/kcsan/core.c:750 [inline]
 __tsan_unaligned_write1+0x111/0x180 kernel/kcsan/core.c:1022
 iov_iter_init lib/iov_iter.c:167 [inline]
 __import_iovec+0x2b3/0x540 lib/iov_iter.c:1489
 import_iovec+0x61/0x80 lib/iov_iter.c:1523
 copy_msghdr_from_user net/socket.c:2503 [inline]
 recvmsg_copy_msghdr net/socket.c:2752 [inline]
 ___sys_recvmsg+0x358/0x370 net/socket.c:2824
 do_recvmmsg+0x1ef/0x540 net/socket.c:2923
 __sys_recvmmsg net/socket.c:2997 [inline]
 __do_sys_recvmmsg net/socket.c:3020 [inline]
 __se_sys_recvmmsg net/socket.c:3013 [inline]
 __x64_sys_recvmmsg+0xe5/0x170 net/socket.c:3013
 x64_sys_call+0x1c6a/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:300
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000001b6847 -> 0x00000000001b6848

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5539 Comm: syz.5.606 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv

read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:968
 smpboot_thread_fn+0x32b/0x530 kernel/smpboot.c:164
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]
 nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:851
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3321
 worker_thread+0x582/0x770 kernel/workqueue.c:3402
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x00205780 -> 0x00205781

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 51 Comm: kworker/u8:3 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_nc_purge_paths+0x22b/0x270 net/batman-adv/network-coding.c:471
 batadv_nc_worker+0x3ff/0xae0 net/batman-adv/network-coding.c:722
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3321
 worker_thread+0x582/0x770 kernel/workqueue.c:3402
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:968
 smpboot_thread_fn+0x32b/0x530 kernel/smpboot.c:164
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x00000000002118e9 -> 0x00000000002118ea

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================
==================================================================
BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv

read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 1:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 __batadv_dat_purge net/batman-adv/distributed-arp-table.c:185 [inline]
 batadv_dat_purge+0x1e3/0x270 net/batman-adv/distributed-arp-table.c:204
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3321
 worker_thread+0x582/0x770 kernel/workqueue.c:3402
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff8881191d9020 of 4 bytes by interrupt on cpu 0:
 can_can_gw_rcv+0x807/0x820 net/can/gw.c:566
 deliver net/can/af_can.c:575 [inline]
 can_rcv_filter+0xc7/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]
 nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:851
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3321
 worker_thread+0x582/0x770 kernel/workqueue.c:3402
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x0026683f -> 0x00266840

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 31 Comm: kworker/u8:1 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 do_softirq+0x5d/0x90 kernel/softirq.c:480
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:407
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 __batadv_dat_purge net/batman-adv/distributed-arp-table.c:185 [inline]
 batadv_dat_purge+0x1e3/0x270 net/batman-adv/distributed-arp-table.c:204
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3321
 worker_thread+0x582/0x770 kernel/workqueue.c:3402
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff888101f7c108 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x163/0x1c0 net/can/af_can.c:666
 can_rcv+0xed/0x190 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5977 [inline]
 __netif_receive_skb+0x11d/0x270 net/core/dev.c:6090
 process_backlog+0x229/0x420 net/core/dev.c:6442
 __napi_poll+0x66/0x3a0 net/core/dev.c:7414
 napi_poll net/core/dev.c:7478 [inline]
 net_rx_action+0x391/0x830 net/core/dev.c:7605
 handle_softirqs+0xba/0x290 kernel/softirq.c:579
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:968
 smpboot_thread_fn+0x32b/0x530 kernel/smpboot.c:164
 kthread+0x486/0x510 kernel/kthread.c:464
 ret_from_fork+0xda/0x150 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x0000000000271e8a -> 0x0000000000271e8b

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================