syzbot

bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5810/1:b..l
rcu: 	(detected by 1, t=10503 jiffies, g=22329, q=357 ncpus=2)
task:syz-executor    state:R  running task     stack:21232 pid:5810  tgid:5810  ppid:5808   flags:0x00000002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5328 [inline]
 __schedule+0xe55/0x5740 kernel/sched/core.c:6693
 preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7015
 irqentry_exit+0x36/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:unwind_next_frame+0x26/0x20c0 arch/x86/kernel/unwind_orc.c:471
Code: 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 48 89 fa 41 57 48 c1 ea 03 41 56 41 55 49 89 fd 41 54 55 53 48 83 ec 38 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 48 0a 00 00 41 8b 5d 00 85 db
RSP: 0018:ffffc9000318f920 EFLAGS: 00000282
RAX: dffffc0000000000 RBX: ffffc9000318f990 RCX: 0000000000000000
RDX: 1ffff92000631f32 RSI: ffffffff8b233f9d RDI: ffffc9000318f990
RBP: ffffc9000318fa20 R08: ffffc9000318f9c4 R09: ffffffff9100b596
R10: ffffc9000318f990 R11: 00000000000103a3 R12: ffffffff817946d0
R13: ffffc9000318f990 R14: 0000000000000000 R15: ffff88802a3c2440
 arch_stack_walk+0x95/0x100 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x95/0xd0 kernel/stacktrace.c:122
 save_stack+0x162/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x8d/0x400 mm/page_owner.c:297
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1127 [inline]
 free_unref_page+0x661/0x1080 mm/page_alloc.c:2657
 __put_partials+0x14c/0x170 mm/slub.c:3145
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x4e/0x120 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x192/0x1e0 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x69/0x90 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:247 [inline]
 slab_post_alloc_hook mm/slub.c:4085 [inline]
 slab_alloc_node mm/slub.c:4134 [inline]
 __kmalloc_cache_noprof+0x11e/0x300 mm/slub.c:4290
 kmalloc_noprof include/linux/slab.h:878 [inline]
 kzalloc_noprof include/linux/slab.h:1014 [inline]
 alloc_pipe_info+0x10e/0x590 fs/pipe.c:798
 get_pipe_inode fs/pipe.c:890 [inline]
 create_pipe_files+0x8c/0x850 fs/pipe.c:922
 __do_pipe_flags fs/pipe.c:973 [inline]
 do_pipe2+0xb0/0x1d0 fs/pipe.c:1024
 __do_sys_pipe2 fs/pipe.c:1042 [inline]
 __se_sys_pipe2 fs/pipe.c:1040 [inline]
 __x64_sys_pipe2+0x54/0x80 fs/pipe.c:1040
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9ae377d469
RSP: 002b:00007ffcff6db1b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
RAX: ffffffffffffffda RBX: 000055558dc3baf0 RCX: 00007f9ae377d469
RDX: 0000000000000005 RSI: 0000000000000000 RDI: 00007ffcff6db1d8
RBP: 00007ffcff6db790 R08: 0000000000000007 R09: 000055558dc40ef0
R10: 928d3abf3bde0f35 R11: 0000000000000246 R12: 00007ffcff6db5e0
R13: 000055558dc3eb30 R14: 00007ffcff6db300 R15: 000055558dc3d930
 </TASK>
rcu: rcu_preempt kthread starved for 9548 jiffies! g22329 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:25680 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5328 [inline]
 __schedule+0xe55/0x5740 kernel/sched/core.c:6693
 __schedule_loop kernel/sched/core.c:6770 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6785
 schedule_timeout+0x136/0x2a0 kernel/time/timer.c:2615
 rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:2045
 rcu_gp_kthread+0x271/0x380 kernel/rcu/tree.c:2247
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
RIP: 0010:__sanitizer_cov_trace_pc+0x66/0x70 kernel/kcov.c:235
Code: 82 f8 15 00 00 83 f8 02 75 20 48 8b 8a 00 16 00 00 8b 92 fc 15 00 00 48 8b 01 48 83 c0 01 48 39 d0 73 07 48 89 01 48 89 34 c1 <c3> cc cc cc cc 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900001e7250 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff89cb36c8
RDX: ffff88801d6e8000 RSI: ffffffff89cb36d2 RDI: 0000000000000004
RBP: 0000000000000003 R08: 0000000000000004 R09: 0000000000000038
R10: 000000000000001e R11: 0000000000000000 R12: 000000000000001e
R13: ffff88807b9cf4b8 R14: 0000000000000038 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffea28cbb80 CR3: 000000000df7c000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 </IRQ>
 <TASK>
 rt6_score_route+0x92/0x430 net/ipv6/route.c:720
 find_match+0x221/0xf80 net/ipv6/route.c:749
 __find_rr_leaf+0x141/0xe00 net/ipv6/route.c:832
 find_rr_leaf net/ipv6/route.c:853 [inline]
 rt6_select net/ipv6/route.c:897 [inline]
 fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195
 ip6_pol_route+0x1cd/0x1120 net/ipv6/route.c:2231
 pol_lookup_func include/net/ip6_fib.h:616 [inline]
 fib6_rule_lookup+0x536/0x720 net/ipv6/fib6_rules.c:117
 ip6_route_input_lookup net/ipv6/route.c:2300 [inline]
 ip6_route_input+0x663/0xc10 net/ipv6/route.c:2596
 ip6_rcv_finish_core.constprop.0+0x1a0/0x5d0 net/ipv6/ip6_input.c:66
 ip6_rcv_finish net/ipv6/ip6_input.c:77 [inline]
 NF_HOOK include/linux/netfilter.h:314 [inline]
 NF_HOOK include/linux/netfilter.h:308 [inline]
 ipv6_rcv+0x1e4/0x680 net/ipv6/ip6_input.c:309
 __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5670
 __netif_receive_skb+0x1d/0x160 net/core/dev.c:5783
 process_backlog+0x443/0x15f0 net/core/dev.c:6115
 __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6779
 napi_poll net/core/dev.c:6848 [inline]
 net_rx_action+0xa92/0x1010 net/core/dev.c:6970
 handle_softirqs+0x213/0x8f0 kernel/softirq.c:554
 run_ksoftirqd kernel/softirq.c:927 [inline]
 run_ksoftirqd+0x3a/0x60 kernel/softirq.c:919
 smpboot_thread_fn+0x661/0xa30 kernel/smpboot.c:164
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
net_ratelimit: 42392 callbacks suppressed
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:6a:e3:f4:07:78:02, vlan:0)