syzbot

bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P11586/1:b..l P11594/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=55785, q=5315 ncpus=1)
task:syz.2.1147      state:R  running task     stack:24712 pid:11594 tgid:11590 ppid:5830   task_flags:0x400040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x60e0 kernel/sched/core.c:6907
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7234
 irqentry_exit+0x17b/0x670 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x5e/0x380 kernel/locking/lockdep.c:5872
Code: 05 3b de 28 12 83 f8 07 0f 87 f0 00 00 00 48 0f a3 05 06 64 f5 0e 0f 82 c2 02 00 00 8b 35 ce 97 f5 0e 85 f6 0f 85 dd 00 00 00 <48> 8b 44 24 30 65 48 2b 05 dd dd 28 12 0f 85 02 03 00 00 48 83 c4
RSP: 0018:ffffc90004546788 EFLAGS: 00000206
RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8de54f1c RDI: ffffffff8c1af0a0
RBP: ffffffff8e7e9220 R08: 0000000086db7919 R09: 0000000000000007
R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0xd1/0x1ea0 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x94/0xf0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 save_stack+0x162/0x1e0 mm/page_owner.c:165
 __set_page_owner+0x8c/0x540 mm/page_owner.c:341
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x153/0x170 mm/page_alloc.c:1889
 prep_new_page mm/page_alloc.c:1897 [inline]
 get_page_from_freelist+0x111d/0x3140 mm/page_alloc.c:3962
 __alloc_frozen_pages_noprof+0x27c/0x2ba0 mm/page_alloc.c:5250
 alloc_pages_mpol+0x1fb/0x550 mm/mempolicy.c:2484
 folio_alloc_mpol_noprof+0x36/0x340 mm/mempolicy.c:2503
 swap_cache_alloc_folio+0x1a8/0x300 mm/swap_state.c:571
 swap_cluster_readahead+0x411/0x770 mm/swap_state.c:749
 shmem_swapin_cluster mm/shmem.c:1785 [inline]
 shmem_swapin_folio+0x22a4/0x2c10 mm/shmem.c:2349
 shmem_get_folio_gfp+0x56c/0x1900 mm/shmem.c:2500
 shmem_get_folio+0x84/0xb0 mm/shmem.c:2673
 collapse_file+0x1263/0x3cc0 mm/khugepaged.c:1919
 hpage_collapse_scan_file+0x603/0x1fc0 mm/khugepaged.c:2380
 madvise_collapse+0x412/0xbe0 mm/khugepaged.c:2809
 madvise_vma_behavior+0x1987/0x3050 mm/madvise.c:1370
 madvise_walk_vmas+0x2fe/0xa90 mm/madvise.c:1719
 madvise_do_behavior+0x1ea/0x510 mm/madvise.c:1935
 do_madvise+0x195/0x240 mm/madvise.c:2028
 __do_sys_madvise mm/madvise.c:2037 [inline]
 __se_sys_madvise mm/madvise.c:2035 [inline]
 __x64_sys_madvise+0xa9/0x110 mm/madvise.c:2035
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc4b879c799
RSP: 002b:00007fc4b9614028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
RAX: ffffffffffffffda RBX: 00007fc4b8a16090 RCX: 00007fc4b879c799
RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000
RBP: 00007fc4b8832bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fc4b8a16128 R14: 00007fc4b8a16090 R15: 00007ffc9b72fea8
 </TASK>
task:syz.3.1146      state:R  running task     stack:27784 pid:11586 tgid:11584 ppid:5826   task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x60e0 kernel/sched/core.c:6907
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7234
 irqentry_exit+0x17b/0x670 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x19e/0x320 kernel/locking/lockdep.c:5893
Code: ff 65 0f c1 05 cb 1e 29 12 83 f8 01 0f 85 3d 01 00 00 9c 58 f6 c4 02 0f 85 28 01 00 00 41 f7 c6 00 02 00 00 0f 85 de 00 00 00 <48> 8b 44 24 10 65 48 2b 05 1d d7 28 12 0f 85 63 01 00 00 48 83 c4
RSP: 0018:ffffc90004537990 EFLAGS: 00000206
RAX: 0000000000000046 RBX: ffffffff8e7e9220 RCX: ffffc9000453799c
RDX: 0000000000000002 RSI: ffffffff8de54f1c RDI: ffffffff8c1af0a0
RBP: ffffffff8280270e R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff888031f79e40
R13: fffffbfff1c23fe5 R14: 0000000000000202 R15: 0000000000000003
 rcu_lock_release include/linux/rcupdate.h:322 [inline]
 rcu_read_unlock include/linux/rcupdate.h:881 [inline]
 page_ext_put+0x43/0xd0 mm/page_ext.c:579
 pagetypeinfo_showmixedcount_print+0x6c4/0x8c0 mm/page_owner.c:497
 walk_zones_in_node mm/vmstat.c:1539 [inline]
 pagetypeinfo_showmixedcount mm/vmstat.c:1696 [inline]
 pagetypeinfo_show+0x855/0xa60 mm/vmstat.c:1718
 seq_read_iter+0x32f/0x1270 fs/seq_file.c:231
 proc_reg_read_iter+0x220/0x310 fs/proc/inode.c:299
 new_sync_read fs/read_write.c:493 [inline]
 vfs_read+0x825/0xb30 fs/read_write.c:574
 ksys_read+0x12a/0x250 fs/read_write.c:717
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fca43d9c799
RSP: 002b:00007fca44be3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007fca44016090 RCX: 00007fca43d9c799
RDX: 00000000000000b2 RSI: 0000200000000180 RDI: 0000000000000002
RBP: 00007fca43e32bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fca44016128 R14: 00007fca44016090 R15: 00007ffe38196a48
 </TASK>
net_ratelimit: 24149 callbacks suppressed
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:02:98:05:d3:35:7e, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:02:98:05:d3:35:7e, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:02:98:05:d3:35:7e, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
net_ratelimit: 25066 callbacks suppressed
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:02:98:05:d3:35:7e, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:02:98:05:d3:35:7e, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:02:98:05:d3:35:7e, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)