bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5841/1:b..l P5954/1:b..l P5198/1:b..l
rcu: 	(detected by 1, t=10503 jiffies, g=8953, q=875 ncpus=2)
task:udevd           state:R  running task     stack:23904 pid:5198  tgid:5198  ppid:1      flags:0x00000002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0x1850/0x4c30 kernel/sched/core.c:6756
 preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6935
 preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6959
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
 _raw_spin_unlock_irqrestore+0x130/0x140 kernel/locking/spinlock.c:194
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 __wake_up_common_lock+0x18c/0x1e0 kernel/sched/wait.c:108
 sock_def_readable+0x20f/0x5a0 net/core/sock.c:3453
 __netlink_sendskb net/netlink/af_netlink.c:1268 [inline]
 netlink_sendskb+0xa0/0x140 net/netlink/af_netlink.c:1274
 netlink_unicast+0x39d/0x990 net/netlink/af_netlink.c:1362
 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg+0x223/0x270 net/socket.c:726
 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583
 ___sys_sendmsg net/socket.c:2637 [inline]
 __sys_sendmsg+0x269/0x350 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f36b3924a4b
RSP: 002b:00007ffe7ba91298 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000561f4779d9e0 RCX: 00007f36b3924a4b
RDX: 0000000000000000 RSI: 00007ffe7ba912a8 RDI: 0000000000000004
RBP: 0000561f47837fe0 R08: 0000000000000001 R09: 0000000000000000
R10: 000000000000010f R11: 0000000000000246 R12: 0000000000000000
R13: 00000000000000b2 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
task:syz.1.7         state:R  running task     stack:24408 pid:5954  tgid:5953  ppid:5827   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0x1850/0x4c30 kernel/sched/core.c:6756
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7078
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__sanitizer_cov_trace_pc+0x5d/0x70 kernel/kcov.c:235
Code: f8 15 00 00 83 fa 02 75 21 48 8b 91 00 16 00 00 48 8b 32 48 8d 7e 01 8b 89 fc 15 00 00 48 39 cf 73 08 48 89 3a 48 89 44 f2 08 <e9> c9 cc 50 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90
RSP: 0018:ffffc90003caedc8 EFLAGS: 00000287
RAX: ffffffff816ad3a4 RBX: 0000000000400140 RCX: 0000000000080000
RDX: ffffc9000c349000 RSI: 00000000000472a5 RDI: 00000000000472a6
RBP: 0000000000000000 R08: ffffffff816ad39b R09: 1ffffffff2854910
R10: dffffc0000000000 R11: fffffbfff2854911 R12: ffffea0001b638d8
R13: dffffc0000000000 R14: ffff8880320a0000 R15: dffffc0000000000
 kthread_blkcg+0x54/0xe0 kernel/kthread.c:1555
 blkcg_css+0x10/0x1d0 block/blk-cgroup.c:107
 blk_cgroup_congested+0xbb/0x200 block/blk-cgroup.c:2196
 __folio_throttle_swaprate+0x84/0x1d0 mm/swapfile.c:4018
 folio_throttle_swaprate include/linux/swap.h:646 [inline]
 shmem_add_to_page_cache+0x7d4/0xcc0 mm/shmem.c:817
 shmem_alloc_and_add_folio+0x964/0x1080 mm/shmem.c:1863
 shmem_get_folio_gfp+0x621/0x1840 mm/shmem.c:2357
 shmem_fault+0x220/0x5b0 mm/shmem.c:2558
 __do_fault+0x137/0x390 mm/memory.c:4907
 do_read_fault mm/memory.c:5322 [inline]
 do_fault mm/memory.c:5456 [inline]
 do_pte_missing mm/memory.c:3979 [inline]
 handle_pte_fault+0x39eb/0x5ed0 mm/memory.c:5801
 __handle_mm_fault mm/memory.c:5944 [inline]
 handle_mm_fault+0x1106/0x1bb0 mm/memory.c:6112
 faultin_page mm/gup.c:1196 [inline]
 __get_user_pages+0x1c82/0x49e0 mm/gup.c:1494
 populate_vma_page_range+0x264/0x330 mm/gup.c:1932
 __mm_populate+0x27a/0x460 mm/gup.c:2035
 mm_populate include/linux/mm.h:3396 [inline]
 vm_mmap_pgoff+0x2c3/0x3d0 mm/util.c:585
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fef82785d29
RSP: 002b:00007fef834e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007fef82975fa0 RCX: 00007fef82785d29
RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
RBP: 00007fef82801b08 R08: ffffffffffffffff R09: 0000000000000000
R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fef82975fa0 R15: 00007ffc7f5de358
 </TASK>
task:syz-executor    state:R  running task     stack:18736 pid:5841  tgid:5841  ppid:5824   flags:0x00000000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0x1850/0x4c30 kernel/sched/core.c:6756
 preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6935
 preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6959
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 copy_pte_range mm/memory.c:1200 [inline]
 copy_pmd_range+0x6dc8/0x77a0 mm/memory.c:1261
 copy_pud_range mm/memory.c:1298 [inline]
 copy_p4d_range mm/memory.c:1322 [inline]
 copy_page_range+0x99f/0xe90 mm/memory.c:1420
 dup_mmap kernel/fork.c:748 [inline]
 dup_mm kernel/fork.c:1691 [inline]
 copy_mm+0x1126/0x1fd0 kernel/fork.c:1743
 copy_process+0x1845/0x3d50 kernel/fork.c:2394
 kernel_clone+0x226/0x8e0 kernel/fork.c:2806
 __do_sys_clone kernel/fork.c:2949 [inline]
 __se_sys_clone kernel/fork.c:2933 [inline]
 __x64_sys_clone+0x258/0x2a0 kernel/fork.c:2933
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6c0fb7c593
RSP: 002b:00007ffccaacf5f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6c0fb7c593
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
R10: 0000555561b997d0 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f6c0fd45260 R14: 00007ffccaacf780 R15: 0000000000000000
 </TASK>
rcu: rcu_preempt kthread starved for 9904 jiffies! g8953 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26264 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0x1850/0x4c30 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6848
 schedule_timeout+0x15a/0x290 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2045
 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2247
 kthread+0x2f2/0x390 kernel/kthread.c:389
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 5950 Comm: syz.3.4 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:26 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:87 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/irqflags.h:123 [inline]
RIP: 0010:__local_bh_disable_ip+0xb6/0x220 kernel/softirq.c:316
Code: a9 00 00 0f 00 0f 85 5e 01 00 00 4c 89 f3 48 c1 eb 03 42 80 3c 23 00 74 08 4c 89 f7 e8 33 1b a4 00 48 c7 44 24 60 00 00 00 00 <9c> 8f 44 24 60 42 80 3c 23 00 74 08 4c 89 f7 e8 26 1a a4 00 48 8d
RSP: 0018:ffffc90000007540 EFLAGS: 00000246
RAX: 0000000080000101 RBX: 1ffff92000000eb4 RCX: ffff8880259b5a00
RDX: 0000000000000100 RSI: 0000000000000200 RDI: ffffffff8a82dc85
RBP: ffffc90000007610 R08: ffffffff8a82dc70 R09: ffffc90000007770
R10: dffffc0000000000 R11: fffff52000000ef2 R12: dffffc0000000000
R13: 1ffff92000000eac R14: ffffc900000075a0 R15: 0000000000000200
FS:  00007fd95718f6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020001440 CR3: 000000007c538000 CR4: 0000000000350ef0
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 local_bh_disable include/linux/bottom_half.h:20 [inline]
 ip6t_do_table+0x214/0x18a0 net/ipv6/netfilter/ip6_tables.c:280
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0xc5/0x220 net/netfilter/core.c:626
 nf_hook include/linux/netfilter.h:269 [inline]
 NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312
 __netif_receive_skb_one_core net/core/dev.c:5672 [inline]
 __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5785
 process_backlog+0x662/0x15b0 net/core/dev.c:6117
 __napi_poll+0xcd/0x490 net/core/dev.c:6883
 napi_poll net/core/dev.c:6952 [inline]
 net_rx_action+0x89b/0x1240 net/core/dev.c:7074
 handle_softirqs+0x2d6/0x9b0 kernel/softirq.c:561
 do_softirq+0x11b/0x1e0 kernel/softirq.c:462
 </IRQ>
 <TASK>
 __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:389
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 htable_selective_cleanup+0x25f/0x310 net/netfilter/xt_hashlimit.c:374
 htable_put+0x1f1/0x250 net/netfilter/xt_hashlimit.c:430
 cleanup_match net/ipv6/netfilter/ip6_tables.c:477 [inline]
 cleanup_entry+0x211/0x4c0 net/ipv6/netfilter/ip6_tables.c:661
 translate_table+0x213c/0x2330 net/ipv6/netfilter/ip6_tables.c:744
 do_replace net/ipv6/netfilter/ip6_tables.c:1154 [inline]
 do_ip6t_set_ctl+0xe4c/0x1270 net/ipv6/netfilter/ip6_tables.c:1644
 nf_setsockopt+0x297/0x2c0 net/netfilter/nf_sockopt.c:101
 rawv6_setsockopt+0x327/0x740 net/ipv6/raw.c:1054
 do_sock_setsockopt+0x3b1/0x720 net/socket.c:2313
 __sys_setsockopt net/socket.c:2338 [inline]
 __do_sys_setsockopt net/socket.c:2344 [inline]
 __se_sys_setsockopt net/socket.c:2341 [inline]
 __x64_sys_setsockopt+0x1ee/0x280 net/socket.c:2341
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd959b85d29
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fd95718f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007fd959d76320 RCX: 00007fd959b85d29
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
RBP: 00007fd959c01b08 R08: 0000000000000488 R09: 0000000000000000
R10: 0000000020000b00 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 00007fd959d76320 R15: 00007ffec64b2878
 </TASK>
net_ratelimit: 21560 callbacks suppressed
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
net_ratelimit: 29934 callbacks suppressed
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:26:63:07:58:3f:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)