bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5823/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=14573, q=1609 ncpus=2)
task:syz-executor    state:R  running task     stack:23824 pid:5823  tgid:5823  ppid:1      task_flags:0x40054c flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x60e0 kernel/sched/core.c:6907
 preempt_schedule_common+0x42/0xc0 kernel/sched/core.c:7091
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock include/linux/spinlock_api_smp.h:169 [inline]
 _raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:389 [inline]
 zap_pte_range mm/memory.c:1959 [inline]
 zap_pmd_range mm/memory.c:2021 [inline]
 zap_pud_range mm/memory.c:2049 [inline]
 zap_p4d_range mm/memory.c:2070 [inline]
 unmap_page_range+0x152f/0x4840 mm/memory.c:2091
 unmap_single_vma+0x153/0x240 mm/memory.c:2133
 unmap_vmas+0x295/0x590 mm/memory.c:2171
 exit_mmap+0x1ef/0xa30 mm/mmap.c:1302
 __mmput+0x12a/0x410 kernel/fork.c:1174
 mmput+0x67/0x80 kernel/fork.c:1197
 exit_mm kernel/exit.c:581 [inline]
 do_exit+0x78a/0x2aa0 kernel/exit.c:959
 do_group_exit+0xd5/0x2a0 kernel/exit.c:1112
 get_signal+0x1ec7/0x21e0 kernel/signal.c:3034
 arch_do_signal_or_restart+0x91/0x770 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
 exit_to_user_mode_loop+0x86/0x4a0 kernel/entry/common.c:98
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
 do_syscall_64+0x668/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff57f95cece
RSP: 002b:00007ffed3e51908 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
RAX: 0000000000000000 RBX: 0000555580bb0500 RCX: 00007ff57f95cece
RDX: 00007ffed3e51960 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007ffed3e519cc R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
R13: 000000000000005f R14: 000000000001a0f6 R15: 00007ffed3e51a20
 </TASK>
rcu: rcu_preempt kthread starved for 5068 jiffies! g14573 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28376 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x60e0 kernel/sched/core.c:6907
 __schedule_loop kernel/sched/core.c:6989 [inline]
 schedule+0xdd/0x390 kernel/sched/core.c:7004
 schedule_timeout+0x127/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1a9/0x900 kernel/rcu/tree.c:2095
 rcu_gp_kthread+0x179/0x230 kernel/rcu/tree.c:2297
 kthread+0x370/0x450 kernel/kthread.c:467
 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:lockdep_enabled kernel/locking/lockdep.c:121 [inline]
RIP: 0010:lock_acquire kernel/locking/lockdep.c:5844 [inline]
RIP: 0010:lock_acquire+0x15d/0x380 kernel/locking/lockdep.c:5825
Code: 0f 0b 90 e9 07 ff ff ff 48 8b 74 24 68 48 89 ef e8 98 f9 8e 00 8b 0d 16 7a f5 0e 85 c9 0f 84 bd 00 00 00 65 8b 05 ab f4 28 12 <85> c0 0f 85 ae 00 00 00 65 48 8b 05 2b ad 28 12 8b 90 14 0b 00 00
RSP: 0018:ffffc90000006c40 EFLAGS: 00000202
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
RDX: 0000000000000000 RSI: ffffffff81b7aaf1 RDI: fffffbfff1cfd244
RBP: ffffffff8e7e9220 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000200 R11: 000000000000dde7 R12: 0000000000000002
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888124351000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000040 CR3: 0000000078b5a000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0xd1/0x1ea0 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x94/0xf0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 kasan_save_stack+0x30/0x50 mm/kasan/common.c:57
 kasan_save_track+0x14/0x30 mm/kasan/common.c:78
 unpoison_slab_object mm/kasan/common.c:340 [inline]
 __kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:366
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4501 [inline]
 slab_alloc_node mm/slub.c:4830 [inline]
 kmem_cache_alloc_noprof+0x241/0x6e0 mm/slub.c:4837
 skb_ext_maybe_cow net/core/skbuff.c:7079 [inline]
 skb_ext_add+0xfa/0x810 net/core/skbuff.c:7154
 nf_bridge_unshare net/bridge/br_netfilter_hooks.c:169 [inline]
 br_nf_forward_ip.part.0+0x28/0x820 net/bridge/br_netfilter_hooks.c:681
 br_nf_forward_ip net/bridge/br_netfilter_hooks.c:676 [inline]
 br_nf_forward+0xfe5/0x19f0 net/bridge/br_netfilter_hooks.c:773
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xbf/0x220 net/netfilter/core.c:623
 nf_hook include/linux/netfilter.h:273 [inline]
 NF_HOOK include/linux/netfilter.h:316 [inline]
 __br_forward+0x2f6/0x970 net/bridge/br_forward.c:115
 deliver_clone net/bridge/br_forward.c:131 [inline]
 maybe_deliver+0xf0/0x180 net/bridge/br_forward.c:191
 br_flood+0x193/0x650 net/bridge/br_forward.c:238
 br_handle_frame_finish+0xf57/0x1f00 net/bridge/br_input.c:229
 br_nf_hook_thresh+0x30d/0x420 net/bridge/br_netfilter_hooks.c:1167
 br_nf_pre_routing_finish_ipv6+0x769/0xfb0 net/bridge/br_netfilter_ipv6.c:154
 NF_HOOK include/linux/netfilter.h:318 [inline]
 br_nf_pre_routing_ipv6+0x39c/0x8b0 net/bridge/br_netfilter_ipv6.c:184
 br_nf_pre_routing+0x93b/0x1510 net/bridge/br_netfilter_hooks.c:508
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_bridge_pre net/bridge/br_input.c:291 [inline]
 br_handle_frame+0xcdd/0x1520 net/bridge/br_input.c:442
 __netif_receive_skb_core.constprop.0+0x6c5/0x3550 net/core/dev.c:6043
 __netif_receive_skb_one_core+0xb0/0x1e0 net/core/dev.c:6154
 __netif_receive_skb+0x1f/0x120 net/core/dev.c:6269
 process_backlog+0x37a/0x1580 net/core/dev.c:6621
 __napi_poll.constprop.0+0xaf/0x450 net/core/dev.c:7685
 napi_poll net/core/dev.c:7748 [inline]
 net_rx_action+0xa40/0xf20 net/core/dev.c:7900
 handle_softirqs+0x1eb/0x9e0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xef/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa3/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:63
Code: c8 85 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 ba 1e 00 fb f4 <e9> bc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
RSP: 0018:ffffffff8e407e00 EFLAGS: 00000242
RAX: 0000000000de0b89 RBX: ffffffff8e4975c0 RCX: ffffffff8b8ccc75
RDX: 0000000000000000 RSI: ffffffff8de7a16b RDI: ffffffff8c1aeb20
RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1017086795
R10: ffff8880b8433cab R11: 0000000000000000 R12: fffffbfff1c92eb8
R13: 0000000000000000 R14: ffffffff90d98910 R15: 0000000000000000
 arch_safe_halt arch/x86/include/asm/paravirt.h:73 [inline]
 default_idle+0x9/0x10 arch/x86/kernel/process.c:767
 default_idle_call+0x6c/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:191 [inline]
 do_idle+0x35b/0x4b0 kernel/sched/idle.c:332
 cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:430
 rest_init+0x251/0x260 init/main.c:760
 start_kernel+0x47f/0x480 init/main.c:1210
 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310
 x86_64_start_kernel+0x12b/0x130 arch/x86/kernel/head64.c:291
 common_startup_64+0x13e/0x148
 </TASK>
net_ratelimit: 12335 callbacks suppressed
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:86:31:fb:3f:e5:00, vlan:0)