syzbot

bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5187/1:b..l P5810/2:b..l P5198/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=18141, q=933 ncpus=2)
task:udevd           state:R  running task     stack:24664 pid:5198  tgid:5198  ppid:1      task_flags:0x400140 flags:0x00000002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x116f/0x5de0 kernel/sched/core.c:6767
 preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7090
 irqentry_exit+0x36/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x62/0x350 kernel/locking/lockdep.c:5870
Code: b0 0e 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 f2 15 ee 0e 0f 82 74 02 00 00 8b 35 8a 45 ee 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 c9 af 0e 12 0f 85 c7 02 00 00 48 83 c4
RSP: 0018:ffffc90003cc76a8 EFLAGS: 00000206
RAX: 0000000000000046 RBX: ffffffff8e3bf5c0 RCX: 0000000084ebc1a8
RDX: 0000000000000000 RSI: ffffffff8dbca21f RDI: ffffffff8bf46440
RBP: 0000000000000002 R08: d698d0fb28a81432 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xd1/0x20a0 arch/x86/kernel/unwind_orc.c:479
 __unwind_start+0x45f/0x7f0 arch/x86/kernel/unwind_orc.c:758
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0x73/0x100 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 save_stack+0x160/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x84/0x1a0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0x69d/0xff0 mm/page_alloc.c:2725
 discard_slab mm/slub.c:2730 [inline]
 __put_partials+0x16d/0x1c0 mm/slub.c:3199
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x4e/0x120 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x195/0x1e0 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x8a/0xb0 mm/kasan/common.c:385
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4341 [inline]
 __kvmalloc_node_noprof+0x279/0x600 mm/slub.c:5026
 seq_buf_alloc fs/seq_file.c:38 [inline]
 seq_read_iter+0x826/0x12c0 fs/seq_file.c:210
 kernfs_fop_read_iter+0x40f/0x5a0 fs/kernfs/file.c:279
 new_sync_read fs/read_write.c:489 [inline]
 vfs_read+0x8c8/0xc70 fs/read_write.c:570
 ksys_read+0x12a/0x240 fs/read_write.c:713
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f020c516b6a
RSP: 002b:00007fff5c0503c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00005634a24d7640 RCX: 00007f020c516b6a
RDX: 0000000000001000 RSI: 00005634a251a440 RDI: 000000000000000c
RBP: 00005634a24d7640 R08: 000000000000000c R09: 0000000000000000
R10: 000000000000010f R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000003fff R14: 00007fff5c0508a8 R15: 000000000000000a
 </TASK>
task:syz-executor    state:R  running task     stack:23160 pid:5810  tgid:5810  ppid:5808   task_flags:0x400100 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x116f/0x5de0 kernel/sched/core.c:6767
 preempt_schedule_common+0x44/0xc0 kernel/sched/core.c:6947
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __local_bh_enable_ip+0x107/0x120 kernel/softirq.c:414
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 rcu_read_unlock_bh include/linux/rcupdate.h:910 [inline]
 __dev_queue_xmit+0x8ab/0x43e0 net/core/dev.c:4656
 dev_queue_xmit include/linux/netdevice.h:3350 [inline]
 neigh_hh_output include/net/neighbour.h:523 [inline]
 neigh_output include/net/neighbour.h:537 [inline]
 ip_finish_output2+0xc38/0x21a0 net/ipv4/ip_output.c:235
 __ip_finish_output net/ipv4/ip_output.c:313 [inline]
 __ip_finish_output+0x49e/0x950 net/ipv4/ip_output.c:295
 ip_finish_output+0x35/0x380 net/ipv4/ip_output.c:323
 NF_HOOK_COND include/linux/netfilter.h:303 [inline]
 ip_output+0x13b/0x2a0 net/ipv4/ip_output.c:433
 dst_output include/net/dst.h:459 [inline]
 ip_local_out net/ipv4/ip_output.c:129 [inline]
 __ip_queue_xmit+0x1d7d/0x26c0 net/ipv4/ip_output.c:527
 __tcp_transmit_skb+0x2686/0x3e90 net/ipv4/tcp_output.c:1479
 tcp_transmit_skb net/ipv4/tcp_output.c:1497 [inline]
 tcp_write_xmit+0x1274/0x8770 net/ipv4/tcp_output.c:2839
 __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:3022
 tcp_push+0x225/0x700 net/ipv4/tcp.c:759
 tcp_sendmsg_locked+0x294a/0x3930 net/ipv4/tcp.c:1334
 tcp_sendmsg+0x2e/0x50 net/ipv4/tcp.c:1366
 inet_sendmsg+0xb9/0x140 net/ipv4/af_inet.c:851
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg net/socket.c:727 [inline]
 sock_write_iter+0x4aa/0x5b0 net/socket.c:1131
 new_sync_write fs/read_write.c:591 [inline]
 vfs_write+0x5ba/0x1180 fs/read_write.c:684
 ksys_write+0x205/0x240 fs/read_write.c:736
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f847918cbe0
RSP: 002b:00007ffefb7b1018 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00000006553f1000 RCX: 00007f847918cbe0
RDX: 0000000000000108 RSI: 00007f8476bffef8 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000dffde8
R10: f53c8bef15952bad R11: 0000000000000202 R12: 0000000000000108
R13: 000055558d227d20 R14: 00007ffefb7b1520 R15: 00007f8476bffef8
 </TASK>
task:klogd           state:R  running task     stack:24664 pid:5187  tgid:5187  ppid:1      task_flags:0x400100 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x116f/0x5de0 kernel/sched/core.c:6767
 preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7090
 irqentry_exit+0x36/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_release+0x183/0x2f0 kernel/locking/lockdep.c:5891
Code: 0f c1 05 08 f3 0e 12 83 f8 01 0f 85 1d 01 00 00 9c 58 f6 c4 02 0f 85 08 01 00 00 41 f7 c5 00 02 00 00 74 01 fb 48 8b 44 24 10 <65> 48 2b 05 5d b5 0e 12 0f 85 58 01 00 00 48 83 c4 18 5b 41 5c 41
RSP: 0018:ffffc90003d97688 EFLAGS: 00000206
RAX: 7c4409ff6afec700 RBX: ffffffff8e3bf5c0 RCX: ffffc90003d97694
RDX: 0000000000000001 RSI: ffffffff8dbca21f RDI: ffffffff8bf46440
RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff822ab50d
R13: 0000000000000206 R14: ffff888063b10000 R15: 0000000000000002
 rcu_lock_release include/linux/rcupdate.h:341 [inline]
 rcu_read_unlock include/linux/rcupdate.h:871 [inline]
 __update_page_owner_free_handle.constprop.0+0x302/0x470 mm/page_owner.c:283
 __reset_page_owner+0x93/0x1a0 mm/page_owner.c:309
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0x69d/0xff0 mm/page_alloc.c:2725
 discard_slab mm/slub.c:2730 [inline]
 __put_partials+0x16d/0x1c0 mm/slub.c:3199
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x4e/0x120 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x195/0x1e0 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x8a/0xb0 mm/kasan/common.c:385
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4341 [inline]
 __kmalloc_node_track_caller_noprof+0x221/0x510 mm/slub.c:4360
 kmalloc_reserve+0xef/0x2c0 net/core/skbuff.c:599
 __alloc_skb+0x166/0x380 net/core/skbuff.c:668
 alloc_skb include/linux/skbuff.h:1340 [inline]
 alloc_skb_with_frags+0xe0/0x860 net/core/skbuff.c:6639
 sock_alloc_send_pskb+0x7fb/0x990 net/core/sock.c:2954
 unix_dgram_sendmsg+0x463/0x1910 net/unix/af_unix.c:2007
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg net/socket.c:727 [inline]
 __sys_sendto+0x495/0x510 net/socket.c:2180
 __do_sys_sendto net/socket.c:2187 [inline]
 __se_sys_sendto net/socket.c:2183 [inline]
 __x64_sys_sendto+0xe0/0x1c0 net/socket.c:2183
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3ac3a839b5
RSP: 002b:00007ffe9191fbb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3ac3a839b5
RDX: 00000000000000a0 RSI: 000055b4563e6770 RDI: 0000000000000003
RBP: 000055b4563de2c0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013
R13: 00007f3ac3c11212 R14: 00007ffe9191fcb8 R15: 0000000000000000
 </TASK>
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:e2:fc:28:87:03:3a, vlan:0)