bridge0: received packet on veth0_to_bridge with own address as source address (addr:52:33:c0:f2:8b:07, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P8937/1:b..l
rcu: (detected by 0, t=10504 jiffies, g=12341, q=3626 ncpus=2)
task:syz.0.263 state:R running task stack:0 pid:8937 tgid:8933 ppid:7505 task_flags:0x400040 flags:0x00000001
Call trace:
__switch_to+0x418/0x87c arch/arm64/kernel/process.c:741 (T)
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x13b0/0x2864 kernel/sched/core.c:6961
preempt_schedule_irq+0x80/0x188 kernel/sched/core.c:7288
arm64_preempt_schedule_irq+0x44/0x58 arch/arm64/kernel/entry-common.c:305
__el1_irq arch/arm64/kernel/entry-common.c:656 [inline]
el1_interrupt+0x3c/0x54 arch/arm64/kernel/entry-common.c:668
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:673
el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:592
rcu_is_watching+0xec/0x134 kernel/rcu/tree.c:753 (P)
mas_root lib/maple_tree.c:844 [inline]
mas_start+0x1e0/0x4e8 lib/maple_tree.c:1377
mas_state_walk lib/maple_tree.c:3629 [inline]
mas_walk+0x98/0x2a4 lib/maple_tree.c:4939
lock_vma_under_rcu+0x160/0x37c mm/mmap_lock.c:143
do_page_fault+0x3a4/0x13cc arch/arm64/mm/fault.c:625
do_translation_fault+0xc4/0x114 arch/arm64/mm/fault.c:789
do_mem_abort+0x70/0x194 arch/arm64/mm/fault.c:929
el0_da+0x64/0x164 arch/arm64/kernel/entry-common.c:697
el0t_64_sync_handler+0x90/0x12c arch/arm64/kernel/entry-common.c:901
el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:596
rcu: rcu_preempt kthread starved for 472 jiffies! g12341 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:0 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00000010
Call trace:
__switch_to+0x418/0x87c arch/arm64/kernel/process.c:741 (T)
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x13b0/0x2864 kernel/sched/core.c:6961
__schedule_loop kernel/sched/core.c:7043 [inline]
schedule+0xb4/0x230 kernel/sched/core.c:7058
schedule_timeout+0x128/0x270 kernel/time/sleep_timeout.c:99
rcu_gp_fqs_loop+0x2b8/0x14e8 kernel/rcu/tree.c:2083
rcu_gp_kthread+0xc0/0x2f8 kernel/rcu/tree.c:2285
kthread+0x5fc/0x75c kernel/kthread.c:463
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 4277 Comm: kworker/R-bat_e Not tainted 6.17.0-rc1-syzkaller-g8f5ae30d69d7 #0 PREEMPT
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2025
Workqueue: bat_events batadv_tt_purge
pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
pc : _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194
lr : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
lr : _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
sp : ffff800080016a00
x29: ffff800080016a00 x28: ffff0000b3c858b8 x27: 0000000000000038
x26: ffff8000977f9148 x25: 0000000000000001 x24: 0000000000000019
x23: 0000000000000000 x22: ffff0000b3c85000 x21: dfff800000000000
x20: ffff8000977f9150 x19: 0000000000000000 x18: 1fffe0003379be88
x17: 0000000000020010 x16: ffff8000805293e8 x15: 0000000000000001
x14: 1ffff00012eff22a x13: 0000000000000000 x12: 0000000000000000
x11: ffff800093306be8 x10: 0000000000000003 x9 : 0000000000000000
x8 : 00000000000000c0 x7 : ffff8000831252e8 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010
x2 : 0000000000000002 x1 : ffff80008edc258c x0 : ffff80010c5fd000
Call trace:
__daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P)
arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P)
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P)
_raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P)
__debug_check_no_obj_freed lib/debugobjects.c:1108 [inline]
debug_check_no_obj_freed+0x454/0x470 lib/debugobjects.c:1129
slab_free_hook mm/slub.c:2348 [inline]
slab_free mm/slub.c:4680 [inline]
kmem_cache_free+0x124/0x550 mm/slub.c:4782
__skb_ext_put+0xdc/0x178 net/core/skbuff.c:7153
skb_ext_put include/linux/skbuff.h:4892 [inline]
skb_release_head_state+0x1ec/0x28c net/core/skbuff.c:1143
skb_release_all net/core/skbuff.c:1149 [inline]
__kfree_skb net/core/skbuff.c:1165 [inline]
sk_skb_reason_drop+0x110/0x1b0 net/core/skbuff.c:1203
kfree_skb_reason include/linux/skbuff.h:1275 [inline]
kfree_skb include/linux/skbuff.h:1284 [inline]
ip6_mc_input+0x740/0xa14 net/ipv6/ip6_input.c:593
dst_input include/net/dst.h:471 [inline]
ip6_rcv_finish+0x1f0/0x21c net/ipv6/ip6_input.c:79
ip_sabotage_in+0x1a8/0x220 net/bridge/br_netfilter_hooks.c:993
nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
nf_hook_slow+0xb4/0x21c net/netfilter/core.c:623
nf_hook include/linux/netfilter.h:273 [inline]
NF_HOOK+0x1c8/0x358 include/linux/netfilter.h:316
ipv6_rcv+0x9c/0xbc net/ipv6/ip6_input.c:311
__netif_receive_skb_one_core net/core/dev.c:5979 [inline]
__netif_receive_skb+0xcc/0x2a8 net/core/dev.c:6092
netif_receive_skb_internal net/core/dev.c:6178 [inline]
netif_receive_skb+0x1e0/0x838 net/core/dev.c:6237
br_netif_receive_skb+0x144/0x18c net/bridge/br_input.c:30
NF_HOOK+0xa8/0x35c include/linux/netfilter.h:318
br_pass_frame_up+0x284/0x424 net/bridge/br_input.c:70
br_handle_frame_finish+0x1044/0x14c0 net/bridge/br_input.c:227
br_nf_hook_thresh+0x344/0x3d8 net/bridge/br_netfilter_hooks.c:-1
br_nf_pre_routing_finish_ipv6+0x87c/0xb98 net/bridge/br_netfilter_ipv6.c:-1
NF_HOOK include/linux/netfilter.h:318 [inline]
br_nf_pre_routing_ipv6+0x2c4/0x5ac net/bridge/br_netfilter_ipv6.c:184
br_nf_pre_routing+0x578/0x1130 net/bridge/br_netfilter_hooks.c:508
nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
nf_hook_bridge_pre net/bridge/br_input.c:283 [inline]
br_handle_frame+0x7b0/0x10b8 net/bridge/br_input.c:434
__netif_receive_skb_core+0xe34/0x3850 net/core/dev.c:5866
__netif_receive_skb_one_core net/core/dev.c:5977 [inline]
__netif_receive_skb+0x78/0x2a8 net/core/dev.c:6092
process_backlog+0x60c/0x10e4 net/core/dev.c:6444
__napi_poll+0xb4/0x310 net/core/dev.c:7489
napi_poll net/core/dev.c:7552 [inline]
net_rx_action+0x5f4/0xd58 net/core/dev.c:7679
handle_softirqs+0x328/0xc88 kernel/softirq.c:579
__do_softirq+0x14/0x20 kernel/softirq.c:613
____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:68
call_on_irq_stack+0x30/0x48 arch/arm64/kernel/entry.S:891
do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:73
do_softirq+0x90/0xf8 kernel/softirq.c:480
__local_bh_enable_ip+0x240/0x35c kernel/softirq.c:407
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x3c/0x4c kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
batadv_tt_global_purge net/batman-adv/translation-table.c:2250 [inline]
batadv_tt_purge+0x458/0x8ec net/batman-adv/translation-table.c:3510
process_one_work+0x7e8/0x155c kernel/workqueue.c:3236
process_scheduled_works kernel/workqueue.c:3319 [inline]
rescuer_thread+0x504/0xec8 kernel/workqueue.c:3496
kthread+0x5fc/0x75c kernel/kthread.c:463
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844
kworker/u8:8: page allocation failure: order:0, mode:0x40820(GFP_ATOMIC|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0
CPU: 0 UID: 0 PID: 2112 Comm: kworker/u8:8 Not tainted 6.17.0-rc1-syzkaller-g8f5ae30d69d7 #0 PREEMPT
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2025
Workqueue: events_unbound cfg80211_wiphy_work
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:499 (C)
__dump_stack+0x30/0x40 lib/dump_stack.c:94
dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
warn_alloc+0x1f8/0x30c mm/page_alloc.c:3932
__alloc_pages_slowpath+0xa28/0xac4 mm/page_alloc.c:4888
__alloc_frozen_pages_noprof+0x2c4/0x318 mm/page_alloc.c:5161
alloc_pages_mpol+0x1e4/0x460 mm/mempolicy.c:2416
alloc_frozen_pages_noprof+0xe0/0x210 mm/mempolicy.c:2487
alloc_slab_page mm/slub.c:2487 [inline]
allocate_slab+0x108/0x3d8 mm/slub.c:2663
new_slab mm/slub.c:2709 [inline]
___slab_alloc+0x770/0xf24 mm/slub.c:3891
__slab_alloc+0x74/0xd0 mm/slub.c:3981
__slab_alloc_node mm/slub.c:4056 [inline]
slab_alloc_node mm/slub.c:4217 [inline]
kmem_cache_alloc_noprof+0x2e0/0x3e8 mm/slub.c:4236
skb_clone+0x1b4/0x328 net/core/skbuff.c:2049
deliver_clone net/bridge/br_forward.c:125 [inline]
br_flood+0x380/0x5e8 net/bridge/br_forward.c:249
br_handle_frame_finish+0x1034/0x14c0 net/bridge/br_input.c:221
br_nf_hook_thresh+0x344/0x3d8 net/bridge/br_netfilter_hooks.c:-1
br_nf_pre_routing_finish_ipv6+0x87c/0xb98 net/bridge/br_netfilter_ipv6.c:-1
NF_HOOK include/linux/netfilter.h:318 [inline]
br_nf_pre_routing_ipv6+0x2c4/0x5ac net/bridge/br_netfilter_ipv6.c:184
br_nf_pre_routing+0x578/0x1130 net/bridge/br_netfilter_hooks.c:508
nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
nf_hook_bridge_pre net/bridge/br_input.c:283 [inline]
br_handle_frame+0x7b0/0x10b8 net/bridge/br_input.c:434
__netif_receive_skb_core+0xe34/0x3850 net/core/dev.c:5866
__netif_receive_skb_one_core net/core/dev.c:5977 [inline]
__netif_receive_skb+0x78/0x2a8 net/core/dev.c:6092
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
process_backlog+0x60c/0x10e4 net/core/dev.c:6444
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
__napi_poll+0xb4/0x310 net/core/dev.c:7489
node 0: slabs: 465203, objs: 7443248, free: 0
napi_poll net/core/dev.c:7552 [inline]
net_rx_action+0x5f4/0xd58 net/core/dev.c:7679
handle_softirqs+0x328/0xc88 kernel/softirq.c:579
__do_softirq+0x14/0x20 kernel/softirq.c:613
____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:68
call_on_irq_stack+0x30/0x48 arch/arm64/kernel/entry.S:891
do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:73
do_softirq+0x90/0xf8 kernel/softirq.c:480
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
__local_bh_enable_ip+0x240/0x35c kernel/softirq.c:407
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
node 0: slabs: 465203, objs: 7443248, free: 0
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
_raw_spin_unlock_bh+0x3c/0x4c kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:396 [inline]
cfg80211_put_bss+0x1d4/0x228 net/wireless/scan.c:3354
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
ieee80211_rx_bss_put+0x50/0x68 net/mac80211/scan.c:37
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
ieee80211_rx_bss_info net/mac80211/ibss.c:1166 [inline]
ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1573 [inline]
ieee80211_ibss_rx_queued_mgmt+0x152c/0x240c net/mac80211/ibss.c:1600
node 0: slabs: 465203, objs: 7443248, free: 0
ieee80211_iface_process_skb net/mac80211/iface.c:1699 [inline]
ieee80211_iface_work+0x754/0x106c net/mac80211/iface.c:1753
cfg80211_wiphy_work+0x294/0x49c net/wireless/core.c:435
process_one_work+0x7e8/0x155c kernel/workqueue.c:3236
process_scheduled_works kernel/workqueue.c:3319 [inline]
worker_thread+0x958/0xed8 kernel/workqueue.c:3400
kthread+0x5fc/0x75c kernel/kthread.c:463
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
Mem-Info:
active_anon:399 inactive_anon:20566 isolated_anon:0
active_file:3231 inactive_file:4751 isolated_file:0
unevictable:768 dirty:317 writeback:28
slab_reclaimable:11778 slab_unreclaimable:1488761
mapped:36746 shmem:16516 pagetables:1277
sec_pagetables:0 bounce:0
kernel_misc_reclaimable:0
free:12759 free_pcp:24186 free_cma:7360
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
node 0: slabs: 465203, objs: 7443248, free: 0
Node 0 active_anon:1596kB inactive_anon:82264kB active_file:12924kB inactive_file:19004kB unevictable:3072kB isolated(anon):0kB isolated(file):0kB mapped:146984kB dirty:1268kB writeback:112kB shmem:66064kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10752kB pagetables:5108kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
Node 0 DMA free:45616kB boost:0kB min:20864kB low:26080kB high:31296kB reserved_highatomic:10240KB free_highatomic:3608KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145728kB managed:3080192kB mlocked:0kB bounce:0kB free_pcp:10684kB local_pcp:2288kB free_cma:29440kB
lowmem_reserve[]: 0
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
0 3492 3492
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
3492
node 0: slabs: 465203, objs: 7443248, free: 0
Node 0 Normal free:5420kB boost:54412kB min:78600kB low:84644kB high:90688kB reserved_highatomic:4096KB free_highatomic:352KB active_anon:1596kB inactive_anon:82264kB active_file:12924kB inactive_file:19004kB unevictable:3072kB writepending:1380kB present:5242880kB managed:3575940kB mlocked:0kB bounce:0kB free_pcp:86060kB local_pcp:77452kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
Node 0
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
DMA:
node 0: slabs: 465203, objs: 7443248, free: 0
0*4kB 1*8kB (H) 1*16kB
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
(H)
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
0*32kB 2*64kB
node 0: slabs: 465203, objs: 7443248, free: 0
(H) 2*128kB (UH) 2*256kB (HC) 1*512kB (C) 3*1024kB (H) 0*2048kB 10*4096kB (MC) = 45464kB
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
Node 0 Normal:
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
0*4kB
node 0: slabs: 465203, objs: 7443248, free: 0
0*8kB 1*16kB (M) 1*32kB (H) 2*64kB (MH)
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
22*128kB
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
(MH)
node 0: slabs: 465203, objs: 7443248, free: 0
9*256kB (M) 0*512kB 0*1024kB
SLUB: Unable to allocate memory on CPU 1 (of node 0) on node -1, gfp=0x820(GFP_ATOMIC)
0*2048kB
cache: skbuff_ext_cache, object size: 184, buffer size: 256, default order: 0, min order: 0
0*4096kB = 5296kB
node 0: slabs: 465203, objs: 7443248, free: 0
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=32768kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=64kB
24486 total pagecache pages
0 pages in swap cache
Free swap = 124996kB
Total swap = 124996kB
2097152 pages RAM
0 pages HighMem/MovableOnly
433119 pages reserved
8192 pages cma reserved
0 pages hwpoisoned