bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:12:ca:b3:ce:f9:83, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P18712/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=137417, q=2852 ncpus=1)
task:modprobe        state:R  running task     stack:25416 pid:18712 tgid:18712 ppid:15551  task_flags:0x400000 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6908
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7235
 irqentry_exit+0x17b/0x670 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x19e/0x320 kernel/locking/lockdep.c:5893
Code: ff 65 0f c1 05 4b 2a 29 12 83 f8 01 0f 85 3d 01 00 00 9c 58 f6 c4 02 0f 85 28 01 00 00 41 f7 c6 00 02 00 00 0f 85 de 00 00 00 <48> 8b 44 24 10 65 48 2b 05 9d e2 28 12 0f 85 63 01 00 00 48 83 c4
RSP: 0018:ffffc9000cc1f028 EFLAGS: 00000206
RAX: 0000000000000046 RBX: ffffffff8e7e9220 RCX: ffffc9000cc1f034
RDX: 0000000000000001 RSI: ffffffff8de55850 RDI: ffffffff8c1af520
RBP: ffffffff81b7adde R08: 0000000000000001 R09: 0000000000000007
R10: 0000000000000200 R11: 0000000000017392 R12: ffff88802a0d8000
R13: ffffc9000cc1f0e0 R14: 0000000000000202 R15: 0000000000000002
 rcu_lock_release include/linux/rcupdate.h:322 [inline]
 rcu_read_unlock include/linux/rcupdate.h:881 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0x3c3/0x1ea0 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x94/0xf0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 kasan_save_stack+0x30/0x50 mm/kasan/common.c:57
 kasan_record_aux_stack+0xa7/0xc0 mm/kasan/generic.c:556
 __call_rcu_common.constprop.0+0xa5/0x9b0 kernel/rcu/tree.c:3131
 slab_free_hook mm/slub.c:2656 [inline]
 slab_free mm/slub.c:6143 [inline]
 kmem_cache_free+0x44b/0x6a0 mm/slub.c:6273
 vms_complete_munmap_vmas+0x7ac/0xdd0 mm/vma.c:1342
 __mmap_complete mm/vma.c:2588 [inline]
 __mmap_region+0xa09/0x29e0 mm/vma.c:2768
 mmap_region+0x180/0x3e0 mm/vma.c:2837
 do_mmap+0xc63/0x12f0 mm/mmap.c:559
 vm_mmap_pgoff+0x29e/0x470 mm/util.c:581
 ksys_mmap_pgoff+0x3c8/0x650 mm/mmap.c:605
 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:89 [inline]
 __se_sys_mmap arch/x86/kernel/sys_x86_64.c:82 [inline]
 __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:82
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3311098242
RSP: 002b:00007fffaf2b3508 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007f3310db7000 RCX: 00007f3311098242
RDX: 0000000000000003 RSI: 0000000000002000 RDI: 00007f3310db7000
RBP: 0000000000000812 R08: 0000000000000000 R09: 0000000000004000
R10: 0000000000000812 R11: 0000000000000206 R12: 00007fffaf2b35c8
R13: 00007f331106d050 R14: 00007fffaf2b3940 R15: 00000ffff5e566a4
 </TASK>
rcu: rcu_preempt kthread starved for 1598 jiffies! g137417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27832 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6908
 __schedule_loop kernel/sched/core.c:6990 [inline]
 schedule+0xdd/0x390 kernel/sched/core.c:7005
 schedule_timeout+0x127/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1a9/0x900 kernel/rcu/tree.c:2095
 rcu_gp_kthread+0x179/0x230 kernel/rcu/tree.c:2297
 kthread+0x370/0x450 kernel/kthread.c:467
 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 15553 Comm: kworker/u8:32 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
Tainted: [U]=USER, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: events_unbound cfg80211_wiphy_work
RIP: 0010:kasan_quarantine_put+0x95/0x240 mm/kasan/quarantine.c:237
Code: 00 00 00 00 00 48 03 5a 10 48 89 5a 10 48 81 fb 00 00 10 00 0f 87 8d 00 00 00 4d 85 e4 75 75 9c 58 f6 c4 02 0f 85 72 01 00 00 <5b> b8 01 00 00 00 5d 41 5c 41 5d 41 5e c3 cc cc cc cc 9c 58 f6 c4
RSP: 0018:ffffc90000006e88 EFLAGS: 00000246
RAX: 0000000000000002 RBX: 0000000000099bc0 RCX: 0000000000000004
RDX: 0000000000000000 RSI: ffffffff8de7b8e8 RDI: ffffffff8c1af520
RBP: ffff888140ab9640 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 00000000000075eb R12: 0000000000000200
R13: ffff8880a227cd00 R14: ffffffff8955c162 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88812434c000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555790b2a28 CR3: 000000009cfca000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 kasan_slab_free include/linux/kasan.h:235 [inline]
 slab_free_hook mm/slub.c:2692 [inline]
 slab_free mm/slub.c:6143 [inline]
 kmem_cache_free+0x124/0x6a0 mm/slub.c:6273
 __skb_ext_put+0x102/0x2f0 net/core/skbuff.c:7252
 skb_ext_reset include/linux/skbuff.h:5090 [inline]
 skb_ext_reset include/linux/skbuff.h:5087 [inline]
 skb_release_head_state+0x2c8/0x400 net/core/skbuff.c:1195
 skb_release_all net/core/skbuff.c:1201 [inline]
 __kfree_skb net/core/skbuff.c:1217 [inline]
 sk_skb_reason_drop+0xc4/0x1b0 net/core/skbuff.c:1255
 kfree_skb_reason include/linux/skbuff.h:1322 [inline]
 kfree_skb include/linux/skbuff.h:1331 [inline]
 ip6_mc_input+0x832/0xf50 net/ipv6/ip6_input.c:593
 dst_input include/net/dst.h:480 [inline]
 dst_input include/net/dst.h:478 [inline]
 ip6_rcv_finish+0x3b1/0x550 net/ipv6/ip6_input.c:79
 ip_sabotage_in+0x21e/0x290 net/bridge/br_netfilter_hooks.c:990
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xbf/0x220 net/netfilter/core.c:623
 nf_hook.constprop.0+0x2a6/0x750 include/linux/netfilter.h:273
 NF_HOOK include/linux/netfilter.h:316 [inline]
 ipv6_rcv+0xa4/0x610 net/ipv6/ip6_input.c:311
 __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:6167
 __netif_receive_skb+0x1f/0x120 net/core/dev.c:6280
 netif_receive_skb_internal net/core/dev.c:6366 [inline]
 netif_receive_skb+0x139/0x820 net/core/dev.c:6425
 NF_HOOK include/linux/netfilter.h:318 [inline]
 NF_HOOK include/linux/netfilter.h:312 [inline]
 br_pass_frame_up+0x346/0x490 net/bridge/br_input.c:70
 br_handle_frame_finish+0x84f/0x1f00 net/bridge/br_input.c:235
 br_nf_hook_thresh+0x30d/0x420 net/bridge/br_netfilter_hooks.c:1167
 br_nf_pre_routing_finish_ipv6+0x769/0xfb0 net/bridge/br_netfilter_ipv6.c:154
 NF_HOOK include/linux/netfilter.h:318 [inline]
 br_nf_pre_routing_ipv6+0x39c/0x8b0 net/bridge/br_netfilter_ipv6.c:184
 br_nf_pre_routing+0x93b/0x1510 net/bridge/br_netfilter_hooks.c:508
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_bridge_pre net/bridge/br_input.c:291 [inline]
 br_handle_frame+0xcdd/0x1520 net/bridge/br_input.c:442
 __netif_receive_skb_core.constprop.0+0x6c5/0x3550 net/core/dev.c:6054
 __netif_receive_skb_one_core+0xb0/0x1e0 net/core/dev.c:6165
 __netif_receive_skb+0x1f/0x120 net/core/dev.c:6280
 process_backlog+0x37a/0x1580 net/core/dev.c:6631
 __napi_poll.constprop.0+0xaf/0x450 net/core/dev.c:7695
 napi_poll net/core/dev.c:7758 [inline]
 net_rx_action+0xa40/0xf20 net/core/dev.c:7910
 handle_softirqs+0x1eb/0x9e0 kernel/softirq.c:622
 do_softirq kernel/softirq.c:523 [inline]
 do_softirq+0xac/0xe0 kernel/softirq.c:510
 </IRQ>
 <TASK>
 __local_bh_enable_ip+0xf8/0x120 kernel/softirq.c:450
 spin_unlock_bh include/linux/spinlock.h:395 [inline]
 cfg80211_put_bss+0x1b4/0x280 net/wireless/scan.c:3346
 ieee80211_rx_bss_put net/mac80211/scan.c:37 [inline]
 ieee80211_rx_bss_put+0x43/0x60 net/mac80211/scan.c:32
 ieee80211_rx_bss_info net/mac80211/ibss.c:1166 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1575 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x1a32/0x2f80 net/mac80211/ibss.c:1602
 ieee80211_iface_process_skb net/mac80211/iface.c:1748 [inline]
 ieee80211_iface_work+0xbff/0x13d0 net/mac80211/iface.c:1802
 cfg80211_wiphy_work+0x446/0x5c0 net/wireless/core.c:440
 process_one_work+0x9d7/0x1920 kernel/workqueue.c:3275
 process_scheduled_works kernel/workqueue.c:3358 [inline]
 worker_thread+0x5da/0xe40 kernel/workqueue.c:3439
 kthread+0x370/0x450 kernel/kthread.c:467
 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
net_ratelimit: 10788 callbacks suppressed
bridge0: received packet on veth0_to_bridge with own address as source address (addr:12:ca:b3:ce:f9:83, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:12:ca:b3:ce:f9:83, vlan:0)
net_ratelimit: 13068 callbacks suppressed
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:12:ca:b3:ce:f9:83, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:12:ca:b3:ce:f9:83, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)