==================================================================
BUG: KCSAN: data-race in batadv_bla_tx / batadv_bla_tx

write to 0xffff88811c8d80a0 of 8 bytes by interrupt on cpu 1:
 batadv_bla_update_own_backbone_gw net/batman-adv/bridge_loop_avoidance.c:577 [inline]
 batadv_bla_tx+0x7b4/0xc40 net/batman-adv/bridge_loop_avoidance.c:2105
 batadv_interface_tx+0x34a/0xb30 net/batman-adv/soft-interface.c:240
 __netdev_start_xmit include/linux/netdevice.h:5151 [inline]
 netdev_start_xmit include/linux/netdevice.h:5160 [inline]
 xmit_one net/core/dev.c:3800 [inline]
 dev_hard_start_xmit+0x119/0x3f0 net/core/dev.c:3816
 __dev_queue_xmit+0x100a/0x2090 net/core/dev.c:4649
 dev_queue_xmit include/linux/netdevice.h:3313 [inline]
 br_dev_queue_push_xmit+0x444/0x500 net/bridge/br_forward.c:53
 NF_HOOK include/linux/netfilter.h:314 [inline]
 br_forward_finish+0x90/0x160 net/bridge/br_forward.c:66
 br_nf_forward_finish+0x6b1/0x720 net/bridge/br_netfilter_hooks.c:665
 NF_HOOK include/linux/netfilter.h:314 [inline]
 br_nf_forward_arp net/bridge/br_netfilter_hooks.c:755 [inline]
 br_nf_forward+0xae2/0xe70 net/bridge/br_netfilter_hooks.c:778
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0x86/0x1b0 net/netfilter/core.c:626
 nf_hook include/linux/netfilter.h:269 [inline]
 NF_HOOK include/linux/netfilter.h:312 [inline]
 __br_forward+0x27d/0x360 net/bridge/br_forward.c:115
 deliver_clone net/bridge/br_forward.c:131 [inline]
 maybe_deliver+0x1c0/0x260 net/bridge/br_forward.c:190
 br_flood+0x246/0x490 net/bridge/br_forward.c:237
 br_handle_frame_finish+0xd19/0xe90 net/bridge/br_input.c:220
 nf_hook_bridge_pre net/bridge/br_input.c:304 [inline]
 br_handle_frame+0x5af/0x9b0 net/bridge/br_input.c:433
 __netif_receive_skb_core+0xb1a/0x2350 net/core/dev.c:5787
 __netif_receive_skb_one_core net/core/dev.c:5891 [inline]
 __netif_receive_skb+0x5a/0x280 net/core/dev.c:6006
 process_backlog+0x22e/0x440 net/core/dev.c:6354
 __napi_poll+0x63/0x3c0 net/core/dev.c:7188
 napi_poll net/core/dev.c:7257 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:7379
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 do_softirq+0x5e/0x90 kernel/softirq.c:462
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:389
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 batadv_tt_global_purge net/batman-adv/translation-table.c:2250 [inline]
 batadv_tt_purge+0x2e7/0x630 net/batman-adv/translation-table.c:3510
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0x4db/0xa20 kernel/workqueue.c:3319
 worker_thread+0x51d/0x6f0 kernel/workqueue.c:3400
 kthread+0x4ae/0x520 kernel/kthread.c:464
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

write to 0xffff88811c8d80a0 of 8 bytes by interrupt on cpu 0:
 batadv_bla_update_own_backbone_gw net/batman-adv/bridge_loop_avoidance.c:577 [inline]
 batadv_bla_tx+0x7b4/0xc40 net/batman-adv/bridge_loop_avoidance.c:2105
 batadv_interface_tx+0x34a/0xb30 net/batman-adv/soft-interface.c:240
 __netdev_start_xmit include/linux/netdevice.h:5151 [inline]
 netdev_start_xmit include/linux/netdevice.h:5160 [inline]
 xmit_one net/core/dev.c:3800 [inline]
 dev_hard_start_xmit+0x119/0x3f0 net/core/dev.c:3816
 __dev_queue_xmit+0x100a/0x2090 net/core/dev.c:4649
 dev_queue_xmit include/linux/netdevice.h:3313 [inline]
 br_dev_queue_push_xmit+0x444/0x500 net/bridge/br_forward.c:53
 br_nf_dev_queue_xmit+0x40d/0xc30
 NF_HOOK include/linux/netfilter.h:314 [inline]
 br_nf_post_routing+0x86a/0x930 net/bridge/br_netfilter_hooks.c:969
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0x86/0x1b0 net/netfilter/core.c:626
 nf_hook include/linux/netfilter.h:269 [inline]
 NF_HOOK include/linux/netfilter.h:312 [inline]
 br_forward_finish+0x120/0x160 net/bridge/br_forward.c:66
 br_nf_forward_finish+0x6b1/0x720 net/bridge/br_netfilter_hooks.c:665
 NF_HOOK include/linux/netfilter.h:314 [inline]
 br_nf_forward_ip+0x5c2/0x5d0 net/bridge/br_netfilter_hooks.c:719
 br_nf_forward+0x5a7/0xe70 net/bridge/br_netfilter_hooks.c:776
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0x86/0x1b0 net/netfilter/core.c:626
 nf_hook include/linux/netfilter.h:269 [inline]
 NF_HOOK include/linux/netfilter.h:312 [inline]
 __br_forward+0x27d/0x360 net/bridge/br_forward.c:115
 deliver_clone net/bridge/br_forward.c:131 [inline]
 maybe_deliver+0x1c0/0x260 net/bridge/br_forward.c:190
 br_flood+0x246/0x490 net/bridge/br_forward.c:237
 br_handle_frame_finish+0xd19/0xe90 net/bridge/br_input.c:220
 br_nf_hook_thresh+0x1e5/0x220
 br_nf_pre_routing_finish_ipv6+0x575/0x5a0
 NF_HOOK include/linux/netfilter.h:314 [inline]
 br_nf_pre_routing_ipv6+0x1f6/0x2a0 net/bridge/br_netfilter_ipv6.c:184
 br_nf_pre_routing+0x517/0xbc0 net/bridge/br_netfilter_hooks.c:508
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_bridge_pre net/bridge/br_input.c:282 [inline]
 br_handle_frame+0x4e0/0x9b0 net/bridge/br_input.c:433
 __netif_receive_skb_core+0xb1a/0x2350 net/core/dev.c:5787
 __netif_receive_skb_one_core net/core/dev.c:5891 [inline]
 __netif_receive_skb+0x5a/0x280 net/core/dev.c:6006
 process_backlog+0x22e/0x440 net/core/dev.c:6354
 __napi_poll+0x63/0x3c0 net/core/dev.c:7188
 napi_poll net/core/dev.c:7257 [inline]
 net_rx_action+0x3a1/0x7f0 net/core/dev.c:7379
 handle_softirqs+0xbf/0x280 kernel/softirq.c:561
 do_softirq+0x5e/0x90 kernel/softirq.c:462
 __local_bh_enable_ip+0x6e/0x70 kernel/softirq.c:389
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 lock_sock_nested+0x10f/0x140 net/core/sock.c:3669
 lock_sock include/net/sock.h:1624 [inline]
 sockopt_lock_sock+0x42/0x50 net/core/sock.c:1133
 do_ip_getsockopt+0xbf3/0x1270 net/ipv4/ip_sockglue.c:1703
 ip_getsockopt+0x5c/0x170 net/ipv4/ip_sockglue.c:1765
 tcp_getsockopt+0xaa/0xe0 net/ipv4/tcp.c:4684
 sock_common_getsockopt+0x5b/0x70 net/core/sock.c:3827
 do_sock_getsockopt+0x1ca/0x260 net/socket.c:2364
 __sys_getsockopt net/socket.c:2393 [inline]
 __do_sys_getsockopt net/socket.c:2400 [inline]
 __se_sys_getsockopt net/socket.c:2397 [inline]
 __x64_sys_getsockopt+0x18c/0x200 net/socket.c:2397
 x64_sys_call+0x1288/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:56
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000ffffe757 -> 0x00000000ffffe758

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 3771 Comm: syz-executor Tainted: G        W          6.14.0-rc4-syzkaller-00278-gece144f151ac #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
==================================================================
net_ratelimit: 13210 callbacks suppressed
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
net_ratelimit: 13547 callbacks suppressed
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)