bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5823/1:b..l P10519/2:b..l
rcu: (detected by 1, t=10503 jiffies, g=28061, q=1722 ncpus=2)
task:syz.1.1545 state:R running task stack:27536 pid:10519 tgid:10518 ppid:5836 flags:0x00004002
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5328 [inline]
__schedule+0xe55/0x5740 kernel/sched/core.c:6690
preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7012
irqentry_exit+0x36/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire.part.0+0x155/0x380 kernel/locking/lockdep.c:5790
Code: b8 ff ff ff ff 65 0f c1 05 80 de 97 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
RSP: 0018:ffffc9000320f738 EFLAGS: 00000206
RAX: 0000000000000046 RBX: 1ffff92000641ee8 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffffffff8b6cd340 RDI: ffffffff8bd1b3c0
RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dc5d88
R10: ffffffff96e2ec47 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff8e1b8340 R14: 0000000000000000 R15: 0000000000000000
rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
rcu_read_lock include/linux/rcupdate.h:849 [inline]
percpu_ref_tryget_many include/linux/percpu-refcount.h:241 [inline]
percpu_ref_tryget include/linux/percpu-refcount.h:266 [inline]
css_tryget include/linux/cgroup_refcnt.h:45 [inline]
css_tryget include/linux/cgroup_refcnt.h:42 [inline]
get_mem_cgroup_from_objcg+0x197/0x330 include/linux/memcontrol.h:549
uncharge_folio+0x3a1/0x7c0 mm/memcontrol.c:4648
__mem_cgroup_uncharge+0x129/0x1d0 mm/memcontrol.c:4697
mem_cgroup_uncharge include/linux/memcontrol.h:717 [inline]
__folio_put+0x27c/0x3d0 mm/swap.c:125
folio_put include/linux/mm.h:1478 [inline]
put_page+0x21e/0x280 include/linux/mm.h:1550
anon_pipe_buf_release+0x11a/0x240 fs/pipe.c:128
pipe_buf_release include/linux/pipe_fs_i.h:219 [inline]
free_pipe_info+0x1fa/0x3b0 fs/pipe.c:853
put_pipe_info fs/pipe.c:719 [inline]
pipe_release+0x2bf/0x320 fs/pipe.c:742
__fput+0x3f6/0xb60 fs/file_table.c:431
task_work_run+0x14e/0x250 kernel/task_work.c:239
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0xadd/0x2d70 kernel/exit.c:939
do_group_exit+0xd3/0x2a0 kernel/exit.c:1088
get_signal+0x25fb/0x2770 kernel/signal.c:2917
arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6380d7e719
RSP: 002b:00007f637f1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: 000000000000000b RBX: 00007f6380f35f80 RCX: 00007f6380d7e719
RDX: 0000000000000318 RSI: 00000000200bd000 RDI: 0000000000000004
RBP: 00007f6380df139e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f6380f35f80 R15: 00007ffc0cd244c8
</TASK>
task:syz-executor state:R running task stack:25392 pid:5823 tgid:5823 ppid:5817 flags:0x00004004
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5328 [inline]
__schedule+0xe55/0x5740 kernel/sched/core.c:6690
preempt_schedule_common+0x44/0xc0 kernel/sched/core.c:6869
preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
_raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:186
spin_unlock include/linux/spinlock.h:391 [inline]
zap_pte_range mm/memory.c:1691 [inline]
zap_pmd_range mm/memory.c:1739 [inline]
zap_pud_range mm/memory.c:1768 [inline]
zap_p4d_range mm/memory.c:1789 [inline]
unmap_page_range+0xb01/0x3cf0 mm/memory.c:1810
unmap_single_vma+0x194/0x2b0 mm/memory.c:1856
unmap_vmas+0x22f/0x490 mm/memory.c:1900
exit_mmap+0x1c6/0xb30 mm/mmap.c:1913
__mmput+0x12a/0x480 kernel/fork.c:1348
mmput+0x62/0x70 kernel/fork.c:1370
exit_mm kernel/exit.c:571 [inline]
do_exit+0x9bf/0x2d70 kernel/exit.c:926
do_group_exit+0xd3/0x2a0 kernel/exit.c:1088
get_signal+0x25fb/0x2770 kernel/signal.c:2917
arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6380d74953
RSP: 002b:00007ffc0cd24a18 EFLAGS: 00000202 ORIG_RAX: 000000000000003d
RAX: fffffffffffffe00 RBX: 00000000000016cc RCX: 00007f6380d74953
RDX: 0000000040000000 RSI: 00007ffc0cd24a2c RDI: 00000000ffffffff
RBP: 00007ffc0cd24a2c R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
</TASK>
rcu: rcu_preempt kthread starved for 6244 jiffies! g28061 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:27008 pid:17 tgid:17 ppid:2 flags:0x00004000
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5328 [inline]
__schedule+0xe55/0x5740 kernel/sched/core.c:6690
__schedule_loop kernel/sched/core.c:6767 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6782
schedule_timeout+0x136/0x2a0 kernel/time/timer.c:2615
rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:2045
rcu_gp_kthread+0x271/0x380 kernel/rcu/tree.c:2247
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
</TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
RIP: 0010:fib6_check_expired include/net/ip6_fib.h:270 [inline]
RIP: 0010:__find_rr_leaf+0x2c7/0xe00 net/ipv6/route.c:806
Code: 8e 3a 09 00 00 44 8b a3 90 00 00 00 44 8b 74 24 10 44 89 e7 44 89 f6 e8 c7 b9 c1 f7 45 39 f4 0f 85 11 05 00 00 e8 39 b8 c1 f7 <4c> 8d 63 64 4c 89 e0 48 c1 e8 03 0f b6 14 28 4c 89 e0 83 e0 07 83
RSP: 0018:ffffc900001e7378 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff888032bed400 RCX: ffffffff89cbc309
RDX: ffff88801d6e8000 RSI: ffffffff89cbc317 RDI: 0000000000000004
RBP: dffffc0000000000 R08: 0000000000000004 R09: 0000000000000100
R10: 0000000000000100 R11: 0000000000000000 R12: 0000000000000100
R13: ffffc900001e7680 R14: 0000000000000100 R15: ffff888034ba14b8
FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020106030 CR3: 000000003605e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
</IRQ>
<TASK>
find_rr_leaf net/ipv6/route.c:853 [inline]
rt6_select net/ipv6/route.c:897 [inline]
fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195
ip6_pol_route+0x1cd/0x1120 net/ipv6/route.c:2231
pol_lookup_func include/net/ip6_fib.h:616 [inline]
fib6_rule_lookup+0x536/0x720 net/ipv6/fib6_rules.c:117
ip6_route_input_lookup net/ipv6/route.c:2300 [inline]
ip6_route_input+0x663/0xc10 net/ipv6/route.c:2596
ip6_rcv_finish_core.constprop.0+0x1a0/0x5d0 net/ipv6/ip6_input.c:66
ip6_rcv_finish net/ipv6/ip6_input.c:77 [inline]
NF_HOOK include/linux/netfilter.h:314 [inline]
NF_HOOK include/linux/netfilter.h:308 [inline]
ipv6_rcv+0x1e4/0x680 net/ipv6/ip6_input.c:309
__netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5670
__netif_receive_skb+0x1d/0x160 net/core/dev.c:5783
process_backlog+0x443/0x15f0 net/core/dev.c:6115
__napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6779
napi_poll net/core/dev.c:6848 [inline]
net_rx_action+0xa92/0x1010 net/core/dev.c:6970
handle_softirqs+0x213/0x8f0 kernel/softirq.c:554
run_ksoftirqd kernel/softirq.c:927 [inline]
run_ksoftirqd+0x3a/0x60 kernel/softirq.c:919
smpboot_thread_fn+0x661/0xa30 kernel/smpboot.c:164
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
</TASK>
net_ratelimit: 28103 callbacks suppressed
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)