syzbot

bridge0: received packet on veth0_to_bridge with own address as source address (addr:d6:ed:92:11:eb:aa, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1):
 P8141/1:b..l
rcu: 	(detected by 0, t=10503 jiffies, g=29237, q=371 ncpus=2)
task:syz.3.691       state:R  running task     stack:24680 pid:8141  tgid:8139  ppid:5854   task_flags:0x40044c flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:rcu_lockdep_current_cpu_online+0x0/0x120 kernel/rcu/tree.c:3979
Code: 8e e8 44 6a 93 03 e9 53 ff ff ff 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 41 57 41 56 53 65 8b 0d 40 dd b9 11 b0 01 f7 c1 00 00
RSP: 0018:ffffc9001c65f780 EFLAGS: 00000202

RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff888032599e00
RDX: 0000000000000000 RSI: ffffffff8ca153e0 RDI: ffffffff8ca153a0
RBP: 00000000000001a0 R08: ffffffff82379aae R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000000000006dbd0
R13: 0000000000000000 R14: ffffffff823799e0 R15: ffff88801c780000
 rcu_read_lock_held_common kernel/rcu/update.c:113 [inline]
 rcu_read_lock_held+0x1e/0x50 kernel/rcu/update.c:349
 lookup_page_ext mm/page_ext.c:254 [inline]
 page_ext_get+0x192/0x2a0 mm/page_ext.c:526
 __reset_page_owner+0x30/0x440 mm/page_owner.c:290
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1127 [inline]
 free_frozen_pages+0xe16/0x10f0 mm/page_alloc.c:2660
 vfree+0x1c3/0x360 mm/vmalloc.c:3383
 kcov_put kernel/kcov.c:439 [inline]
 kcov_close+0x28/0x50 kernel/kcov.c:535
 __fput+0x3e9/0x9f0 fs/file_table.c:465
 task_work_run+0x251/0x310 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0xa11/0x2950 kernel/exit.c:954
 do_group_exit+0x207/0x2c0 kernel/exit.c:1103
 get_signal+0x1696/0x1730 kernel/signal.c:3035
 arch_do_signal_or_restart+0x98/0x840 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xce/0x340 kernel/entry/common.c:218
 do_syscall_64+0x100/0x230 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3fb198d169
RSP: 002b:00007f3fb280c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f3fb1ba6088 RCX: 00007f3fb198d169
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3fb1ba6088
RBP: 00007f3fb1ba6080 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3fb1ba608c
R13: 0000000000000000 R14: 00007f3fb1ccf940 R15: 00007f3fb1ccfa28
 </TASK>
rcu: rcu_preempt kthread starved for 6887 jiffies! g29237 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26680 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 __schedule_loop kernel/sched/core.c:6845 [inline]
 schedule+0x163/0x360 kernel/sched/core.c:6860
 schedule_timeout+0x15b/0x2b0 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x2e1/0x1340 kernel/rcu/tree.c:2046
 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2248
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:console_trylock_spinning kernel/printk/printk.c:2061 [inline]
RIP: 0010:vprintk_emit+0x731/0xa40 kernel/printk/printk.c:2449
Code: 00 e8 63 54 21 00 4c 8d bc 24 a0 00 00 00 4d 85 e4 75 07 e8 51 54 21 00 eb 06 e8 4a 54 21 00 fb 49 bc 00 00 00 00 00 fc ff df <48> c7 c7 20 5e c1 8e 31 f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00
RSP: 0018:ffffc90000006ce0 EFLAGS: 00000246
RAX: ffffffff81a232e6 RBX: 0000000000000000 RCX: ffffffff8ea96580
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90000006df0 R08: ffffffff81a232bf R09: 1ffffffff20bbace
R10: dffffc0000000000 R11: fffffbfff20bbacf R12: dffffc0000000000
R13: 1ffff92000000da0 R14: ffffffff81a23112 R15: ffffc90000006d80
FS:  0000000000000000(0000) GS:ffff888124ff1000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f601bc00218 CR3: 000000002776e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 _printk+0xd5/0x120 kernel/printk/printk.c:2475
 br_fdb_update+0x6d0/0x740 net/bridge/br_fdb.c:897
 br_handle_frame_finish+0x779/0x1f60 net/bridge/br_input.c:144
 br_nf_hook_thresh+0x482/0x5a0 net/bridge/br_netfilter_hooks.c:1170
 br_nf_pre_routing_finish_ipv6+0xaa3/0xdd0 net/bridge/br_netfilter_ipv6.c:-1
 NF_HOOK include/linux/netfilter.h:314 [inline]
 br_nf_pre_routing_ipv6+0x397/0x790 net/bridge/br_netfilter_ipv6.c:184
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_bridge_pre net/bridge/br_input.c:282 [inline]
 br_handle_frame+0x9fa/0x1530 net/bridge/br_input.c:433
 __netif_receive_skb_core+0x155a/0x4bb0 net/core/dev.c:5777
 __netif_receive_skb_one_core net/core/dev.c:5889 [inline]
 __netif_receive_skb+0x130/0x670 net/core/dev.c:6004
 process_backlog+0x664/0x15c0 net/core/dev.c:6356
 __napi_poll+0xcb/0x480 net/core/dev.c:7328
 napi_poll net/core/dev.c:7392 [inline]
 net_rx_action+0x89d/0x1240 net/core/dev.c:7514
 handle_softirqs+0x2d6/0x9b0 kernel/softirq.c:561
 __do_softirq kernel/softirq.c:595 [inline]
 invoke_softirq kernel/softirq.c:435 [inline]
 __irq_exit_rcu+0xfb/0x220 kernel/softirq.c:662
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:native_irq_disable arch/x86/include/asm/irqflags.h:37 [inline]
RIP: 0010:arch_local_irq_disable arch/x86/include/asm/irqflags.h:92 [inline]
RIP: 0010:acpi_safe_halt+0x21/0x30 drivers/acpi/processor_idle.c:112
Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 08 f0 62 93 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 15 b6 85 00 f3 0f 1e fa fb f4 <fa> c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
RSP: 0018:ffffffff8ea07ca8 EFLAGS: 00000246
RAX: ffffffff8ea96580 RBX: ffff888021689864 RCX: ffffffff8c25172c
RDX: 0000000000000001 RSI: ffff888021689800 RDI: ffff888021689864
RBP: ffffffff93644c78 R08: ffff8880b8632b5b R09: 1ffff110170c656b
R10: dffffc0000000000 R11: ffffffff8c253200 R12: ffff88802175a000
R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8f543be0
 acpi_idle_enter+0xe4/0x140 drivers/acpi/processor_idle.c:701
 cpuidle_enter_state+0x111/0x480 drivers/cpuidle/cpuidle.c:268
 cpuidle_enter+0x5d/0xa0 drivers/cpuidle/cpuidle.c:389
 call_cpuidle kernel/sched/idle.c:155 [inline]
 cpuidle_idle_call kernel/sched/idle.c:230 [inline]
 do_idle+0x374/0x5d0 kernel/sched/idle.c:325
 cpu_startup_entry+0x42/0x60 kernel/sched/idle.c:423
 rest_init+0x2dc/0x300 init/main.c:743
 start_kernel+0x484/0x510 init/main.c:1099
 x86_64_start_reservations+0x2a/0x30 arch/x86/kernel/head64.c:513
 x86_64_start_kernel+0x66/0x70 arch/x86/kernel/head64.c:494
 common_startup_64+0x13e/0x147
 </TASK>
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:d6:ed:92:11:eb:aa, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)