syzbot

 sign-in | mailing list | source | docs
🐞 Open [1448]
Subsystems
🐞 Fixed [6942]
🐞 Invalid [18089]
Missing Backports [223]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KCSAN: data-race in can_rcv_filter / can_rcv_filter (14)

Status: moderation: reported on 2025/12/15 00:20
Subsystems: can
[Documentation on labels]
Reported-by: syzbot+f12639ce6abace0ad523@syzkaller.appspotmail.com
First crash: 73d, last: 1d04h
✨ AI Jobs (1)
ID Workflow Result Correct Bug Created Started Finished Revision Error
7f501227-3553-4790-b5fe-fa4754b1541f assessment-kcsan Benign: ✅  Confident: ✅  KCSAN: data-race in can_rcv_filter / can_rcv_filter (14) 2026/01/16 00:01 2026/01/16 00:01 2026/01/16 00:03 a9d6a79219801d2130df3b1a792c57f0e5428e9f
Similar bugs (13)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (13) can 6 4 132d 150d 0/29 auto-obsoleted due to no activity on 2025/12/11 20:38
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (11) can 6 5 362d 353d 0/29 auto-obsoleted due to no activity on 2025/04/25 09:54
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter can 6 3 2217d 2229d 0/29 auto-closed as invalid on 2020/04/11 00:08
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (12) can 6 7 230d 265d 0/29 auto-obsoleted due to no activity on 2025/09/04 19:07
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (2) can 6 1 1814d 1814d 0/29 auto-closed as invalid on 2021/04/14 07:16
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (9) can 6 9 641d 701d 0/29 auto-obsoleted due to no activity on 2024/06/30 06:15
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (8) can 6 9 966d 1083d 0/29 auto-obsoleted due to no activity on 2023/08/09 14:18
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (5) can 6 1 1389d 1389d 0/29 auto-closed as invalid on 2022/06/12 10:04
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (7) can 6 3 1158d 1189d 0/29 auto-obsoleted due to no activity on 2023/02/28 05:31
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (4) can 6 6 1425d 1491d 0/29 auto-closed as invalid on 2022/05/07 18:40
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (10) can 6 1 496d 496d 0/29 auto-obsoleted due to no activity on 2024/11/22 01:30
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (3) can 6 2 1534d 1534d 0/29 auto-closed as invalid on 2022/01/19 00:57
upstream KCSAN: data-race in can_rcv_filter / can_rcv_filter (6) can 6 7 1235d 1312d 0/29 auto-obsoleted due to no activity on 2022/11/13 19:42

Sample crash report:
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888100ab8158 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x13e/0x190 net/can/af_can.c:674
 can_rcv+0x17d/0x1f0 net/can/af_can.c:699
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x363/0x670 net/core/dev.c:6620
 __napi_poll+0x61/0x330 net/core/dev.c:7684
 napi_poll net/core/dev.c:7747 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7899
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 do_softirq+0x45/0x60 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 __alloc_skb+0x2b6/0x690 net/core/skbuff.c:697
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:819 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:876 [inline]
 nsim_dev_trap_report_work+0x18a/0x630 drivers/net/netdevsim/dev.c:922
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0x4de/0x9e0 kernel/workqueue.c:3358
 worker_thread+0x581/0x770 kernel/workqueue.c:3439
 kthread+0x22a/0x280 kernel/kthread.c:467
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff888100ab8158 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x13e/0x190 net/can/af_can.c:674
 can_rcv+0x17d/0x1f0 net/can/af_can.c:699
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x363/0x670 net/core/dev.c:6620
 __napi_poll+0x61/0x330 net/core/dev.c:7684
 napi_poll net/core/dev.c:7747 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7899
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0x39/0xc0 kernel/softirq.c:723
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0x74/0x80 arch/x86/kernel/apic/apic.c:1056
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
 kcsan_setup_watchpoint+0x404/0x410 kernel/kcsan/core.c:705
 ____sys_recvmsg+0x61/0x280 net/socket.c:2799
 ___sys_recvmsg+0x11f/0x3b0 net/socket.c:2854
 do_recvmmsg+0x1ef/0x560 net/socket.c:2949
 __sys_recvmmsg net/socket.c:3023 [inline]
 __do_sys_recvmmsg net/socket.c:3046 [inline]
 __se_sys_recvmmsg net/socket.c:3039 [inline]
 __x64_sys_recvmmsg+0xe5/0x170 net/socket.c:3039
 x64_sys_call+0x80f/0x3020 arch/x86/include/generated/asm/syscalls_64.h:300
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000002d8e02 -> 0x00000000002d8e03

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 13203 Comm: syz.9.2732 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888100ab8158 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x13e/0x190 net/can/af_can.c:674
 can_rcv+0x17d/0x1f0 net/can/af_can.c:699
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x363/0x670 net/core/dev.c:6620
 __napi_poll+0x61/0x330 net/core/dev.c:7684
 napi_poll net/core/dev.c:7747 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7899
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 do_softirq+0x45/0x60 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:196 [inline]
 _raw_spin_unlock_bh+0x18/0x20 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:395 [inline]
 lock_sock_nested+0x132/0x160 net/core/sock.c:3787
 lock_sock include/net/sock.h:1709 [inline]
 tcp_recvmsg+0x112/0x460 net/ipv4/tcp.c:2978
 inet_recvmsg+0xb7/0x290 net/ipv4/af_inet.c:891
 sock_recvmsg_nosec net/socket.c:1078 [inline]
 sock_recvmsg+0xf6/0x160 net/socket.c:1100
 sock_read_iter+0x169/0x1b0 net/socket.c:1170
 new_sync_read fs/read_write.c:493 [inline]
 vfs_read+0x6c0/0x7f0 fs/read_write.c:574
 ksys_read+0xdc/0x1a0 fs/read_write.c:717
 __do_sys_read fs/read_write.c:726 [inline]
 __se_sys_read fs/read_write.c:724 [inline]
 __x64_sys_read+0x40/0x50 fs/read_write.c:724
 x64_sys_call+0x2886/0x3020 arch/x86/include/generated/asm/syscalls_64.h:1
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x370 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read-write to 0xffff888100ab8158 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x13e/0x190 net/can/af_can.c:674
 can_rcv+0x17d/0x1f0 net/can/af_can.c:699
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x363/0x670 net/core/dev.c:6620
 __napi_poll+0x61/0x330 net/core/dev.c:7684
 napi_poll net/core/dev.c:7747 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7899
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 do_softirq+0x45/0x60 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 __alloc_skb+0x658/0x690 net/core/skbuff.c:697
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:819 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:876 [inline]
 nsim_dev_trap_report_work+0x18a/0x630 drivers/net/netdevsim/dev.c:922
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0x4de/0x9e0 kernel/workqueue.c:3358
 worker_thread+0x581/0x770 kernel/workqueue.c:3439
 kthread+0x22a/0x280 kernel/kthread.c:467
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x0000000000366c61 -> 0x0000000000366c62

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: events_unbound nsim_dev_trap_report_work
==================================================================
==================================================================
BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter

read-write to 0xffff888100ab8158 of 8 bytes by interrupt on cpu 0:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x13e/0x190 net/can/af_can.c:674
 can_rcv+0x17d/0x1f0 net/can/af_can.c:699
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x363/0x670 net/core/dev.c:6620
 __napi_poll+0x61/0x330 net/core/dev.c:7684
 napi_poll net/core/dev.c:7747 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7899
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 do_softirq+0x45/0x60 kernel/softirq.c:523
 __local_bh_enable_ip+0x70/0x80 kernel/softirq.c:450
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:196 [inline]
 _raw_spin_unlock_bh+0x18/0x20 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:395 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:891 [inline]
 nsim_dev_trap_report_work+0x52b/0x630 drivers/net/netdevsim/dev.c:922
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0x4de/0x9e0 kernel/workqueue.c:3358
 worker_thread+0x581/0x770 kernel/workqueue.c:3439
 kthread+0x22a/0x280 kernel/kthread.c:467
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

read-write to 0xffff888100ab8158 of 8 bytes by interrupt on cpu 1:
 deliver net/can/af_can.c:576 [inline]
 can_rcv_filter+0xd9/0x4f0 net/can/af_can.c:602
 can_receive+0x13e/0x190 net/can/af_can.c:674
 can_rcv+0x17d/0x1f0 net/can/af_can.c:699
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x363/0x670 net/core/dev.c:6620
 __napi_poll+0x61/0x330 net/core/dev.c:7684
 napi_poll net/core/dev.c:7747 [inline]
 net_rx_action+0x452/0x930 net/core/dev.c:7899
 handle_softirqs+0xb9/0x2a0 kernel/softirq.c:622
 run_ksoftirqd+0x1c/0x30 kernel/softirq.c:1063
 smpboot_thread_fn+0x32a/0x510 kernel/smpboot.c:160
 kthread+0x22a/0x280 kernel/kthread.c:467
 ret_from_fork+0x150/0x360 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

value changed: 0x00000000003b5267 -> 0x00000000003b5268

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
==================================================================

Crashes (17):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/25 02:58 upstream 7dff99b35460 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/25 02:56 upstream 7dff99b35460 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/21 07:12 upstream a95f71ad3e2e 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/17 04:50 upstream 970296997869 e439b951 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/10 13:37 upstream 72c395024dac 91d776d3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/09 20:21 upstream 05f7e89ab973 df949cd9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/08 18:46 upstream e98f34af6116 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/02/04 10:52 upstream de0674d9bc69 42b01fab .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/24 22:11 upstream 62085877ae65 40acda8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/24 05:23 upstream 5bde837031a3 4f25b9b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/21 19:55 upstream cf38b2340c0e 8fc37797 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/20 18:43 upstream 24d479d26b25 06648d9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/14 09:52 upstream c537e12daeec d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/13 04:01 upstream b71e635feefc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/06 00:33 upstream 7f98ab9da046 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2026/01/06 00:32 upstream 7f98ab9da046 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
2025/12/15 00:19 upstream 8f0b4cce4481 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in can_rcv_filter / can_rcv_filter
* Struck through repros no longer work on HEAD.