======================================
| [  313.969153][  T305] br0: port 2(eth1) entered forwarding state
| [  313.974036][    C3] ------------[ cut here ]------------
| [  313.974438][    C3] UBSAN: invalid-load in ./include/linux/skbuff.h:4267:9
| [  313.974852][    C3] load of value 107 is not a valid value for type '_Bool'
[  313.975703][    C3] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  313.976377][    C3] Workqueue: mld mld_ifc_work
[  313.976652][    C3] Call Trace:
[  313.976858][    C3]  <IRQ>
[ 313.977015][ C3] dump_stack_lvl (lib/dump_stack.c:107) 
[ 313.977266][ C3] __ubsan_handle_load_invalid_value (lib/ubsan.c:218 lib/ubsan.c:419) 
[ 313.977605][ C3] br_forward_finish.cold (./include/linux/skbuff.h:4267 net/bridge/br_forward.c:65) 
[ 313.977890][ C3] deliver_clone (net/bridge/br_forward.c:132) 
[ 313.978135][ C3] br_handle_frame_finish (net/bridge/br_input.c:215) 
[  313.978436][    C3]  ? __pfx_br_han
DETECTED CRASH, lowering timeout
dle_frame_finish+0x10/0x10 
[ 313.978756][ C3] ? __pfx_validate_chain (kernel/locking/lockdep.c:3825) 
[ 313.979038][ C3] ? mark_lock (kernel/locking/lockdep.c:4656 (discriminator 3)) 
[ 313.979274][ C3] ? kasan_save_stack (mm/kasan/common.c:48) 
[ 313.979545][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5137) 
[ 313.979813][ C3] ? do_idle (./arch/x86/include/asm/current.h:42 ./include/linux/sched/idle.h:31 kernel/sched/idle.c:255) 
[ 313.980049][ C3] br_handle_frame (net/bridge/br_input.c:417) 
[ 313.980319][ C3] ? __pfx_br_handle_frame (net/bridge/br_input.c:321) 
[ 313.980613][ C3] __netif_receive_skb_core.constprop.0 (net/core/dev.c:5448) 
[ 313.981015][ C3] ? mark_lock (kernel/locking/lockdep.c:4656 (discriminator 3)) 
[ 313.981257][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5137) 
[ 313.981585][ C3] ? __pfx___netif_receive_skb_core.constprop.0 (net/core/dev.c:5341) 
[ 313.981970][ C3] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5756) 
[ 313.982280][ C3] ? process_backlog (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/core/dev.c:5995) 
[ 313.982576][ C3] __netif_receive_skb_one_core (net/core/dev.c:5553) 
[ 313.982913][ C3] ? __pfx___netif_receive_skb_one_core (net/core/dev.c:5547) 
[ 313.983294][ C3] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5725) 
[ 313.983545][ C3] ? process_backlog (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/core/dev.c:5995) 
[ 313.983857][ C3] process_backlog (./include/linux/rcupdate.h:779 net/core/dev.c:5997) 
[ 313.984151][ C3] __napi_poll.constprop.0 (net/core/dev.c:6625) 
[ 313.984456][ C3] net_rx_action (net/core/dev.c:6694 net/core/dev.c:6827) 
[ 313.984744][ C3] ? __pfx_net_rx_action (net/core/dev.c:6791) 
[ 313.985078][ C3] ? lockdep_unlock (kernel/locking/lockdep.c:152 kernel/locking/lockdep.c:148) 
[ 313.985345][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4274) 
[ 313.985628][ C3] __do_softirq (kernel/softirq.c:553) 
[ 313.985906][ C3] ? __dev_queue_xmit (./include/linux/rcupdate.h:308 ./include/linux/rcupdate.h:818 net/core/dev.c:4364) 
[ 313.986182][ C3] do_softirq (kernel/softirq.c:454 kernel/softirq.c:441) 
[  313.986406][    C3]  </IRQ>
[  313.986564][    C3]  <TASK>
[ 313.986725][ C3] __local_bh_enable_ip (kernel/softirq.c:381) 
[ 313.986998][ C3] ? __dev_queue_xmit (./include/linux/rcupdate.h:308 ./include/linux/rcupdate.h:818 net/core/dev.c:4364) 
[ 313.987270][ C3] __dev_queue_xmit (net/core/dev.c:4365) 
[ 313.987540][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4274) 
[ 313.987797][ C3] ? eth_header (net/ethernet/eth.c:100) 
[ 313.988042][ C3] ? __pfx___dev_queue_xmit (net/core/dev.c:4246) 
[ 313.988328][ C3] ? neigh_resolve_output (./include/linux/netdevice.h:3226 net/core/neighbour.c:1558 net/core/neighbour.c:1543) 
[ 313.988629][ C3] ip6_finish_output2 (./include/net/neighbour.h:542 net/ipv6/ip6_output.c:137) 
[ 313.988907][ C3] ip6_finish_output (net/ipv6/ip6_output.c:211 net/ipv6/ip6_output.c:222) 
[ 313.989177][ C3] ip6_output (./include/linux/netfilter.h:303 net/ipv6/ip6_output.c:243) 
[ 313.989413][ C3] ? __pfx_ip6_output (net/ipv6/ip6_output.c:230) 
[ 313.989719][ C3] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5756) 
[ 313.990013][ C3] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:228) 
[ 313.990311][ C3] ? __lock_release (kernel/locking/lockdep.c:353 kernel/locking/lockdep.c:5436) 
[ 313.990598][ C3] NF_HOOK.constprop.0 (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 ./include/linux/netfilter.h:238 ./include/linux/netfilter.h:312) 
[ 313.990892][ C3] ? __pfx_NF_HOOK.constprop.0 (./include/linux/netfilter.h:308) 
[ 313.991221][ C3] ? __pfx_xfrm_lookup_with_ifid (net/xfrm/xfrm_policy.c:3133) 
[ 313.991538][ C3] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:4300 kernel/locking/lockdep.c:4359) 
[ 313.991887][ C3] ? icmp6_dst_alloc (net/ipv6/route.c:3292) 
[ 313.992192][ C3] ? __local_bh_enable_ip (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:77 kernel/softirq.c:386) 
[ 313.992479][ C3] mld_sendpack (net/ipv6/mcast.c:1822) 
[ 313.992777][ C3] ? __pfx_mld_sendpack (net/ipv6/mcast.c:1779) 
[ 313.993081][ C3] ? mld_send_cr (net/ipv6/mcast.c:2096 (discriminator 11)) 
[ 313.993350][ C3] mld_ifc_work (net/ipv6/mcast.c:2652) 
[ 313.993593][ C3] process_one_work (kernel/workqueue.c:2633) 
[ 313.993901][ C3] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:228) 
[ 313.994174][ C3] ? __pfx_process_one_work (kernel/workqueue.c:2542) 
[ 313.994504][ C3] ? assign_work (kernel/workqueue.c:1101) 
[ 313.994778][ C3] worker_thread (kernel/workqueue.c:2700 kernel/workqueue.c:2787) 
[ 313.995062][ C3] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:4300 kernel/locking/lockdep.c:4359) 
[ 313.995451][ C3] ? __pfx_worker_thread (kernel/workqueue.c:2733) 
[ 313.995748][ C3] ? __pfx_worker_thread (kernel/workqueue.c:2733) 
[ 313.996021][ C3] kthread (kernel/kthread.c:388) 
[ 313.996252][ C3] ? __pfx_kthread (kernel/kthread.c:341) 
[ 313.996529][ C3] ret_from_fork (arch/x86/kernel/process.c:147) 
[ 313.996801][ C3] ? __pfx_kthread (kernel/kthread.c:341) 
[ 313.997079][ C3] ret_from_fork_asm (arch/x86/entry/entry_64.S:250) 
| [  313.997536][    C3] ---[ end trace ]---
| [  313.997798][    C3] ------------[ cut here ]------------
| [  313.998141][    C3] UBSAN: invalid-load in ./include/linux/skbuff.h:4267:9
| [  313.998546][    C3] load of value 107 is not a valid value for type '_Bool'
[  313.999418][    C3] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  314.000087][    C3] Workqueue: mld mld_ifc_work
[  314.000342][    C3] Call Trace:
[  314.000522][    C3]  <IRQ>
[ 314.000677][ C3] dump_stack_lvl (lib/dump_stack.c:107) 
[ 314.000925][ C3] __ubsan_handle_load_invalid_value (lib/ubsan.c:218 lib/ubsan.c:419) 
[ 314.001261][ C3] skb_scrub_packet.cold (./include/linux/skbuff.h:4267 net/core/skbuff.c:6030) 
[ 314.001543][ C3] __dev_forward_skb2 (./include/linux/netdevice.h:4115 net/core/dev.c:2135) 
[ 314.001818][ C3] veth_xmit (drivers/net/veth.c:319 drivers/net/veth.c:374) 
[ 314.002052][ C3] dev_hard_start_xmit (./include/linux/netdevice.h:4991 ./include/linux/netdevice.h:5005 net/core/dev.c:3530 net/core/dev.c:3546) 
[ 314.002334][ C3] __dev_queue_xmit (./include/linux/netdevice.h:3369 net/core/dev.c:4338) 
[ 314.002604][ C3] ? vprintk_emit (kernel/printk/printk.c:2313) 
[ 314.002859][ C3] ? _printk (kernel/printk/printk.c:2323) 
[ 314.003079][ C3] ? __pfx___dev_queue_xmit (net/core/dev.c:4246) 
[ 314.003381][ C3] br_dev_queue_push_xmit (net/bridge/br_forward.c:34) 
[ 314.003670][ C3] ? __pfx_br_dev_queue_push_xmit (net/bridge/br_forward.c:34) 
[ 314.003993][ C3] deliver_clone (net/bridge/br_forward.c:132) 
[ 314.004237][ C3] br_handle_frame_finish (net/bridge/br_input.c:215) 
[ 314.004554][ C3] ? __pfx_br_handle_frame_finish (net/bridge/br_input.c:75) 
[ 314.004911][ C3] ? __pfx_validate_chain (kernel/locking/lockdep.c:3825) 
[ 314.005210][ C3] ? mark_lock (kernel/locking/lockdep.c:4656 (discriminator 3)) 
[ 314.005464][ C3] ? kasan_save_stack (mm/kasan/common.c:48) 
[ 314.005762][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5137) 
[ 314.006039][ C3] ? do_idle (./arch/x86/include/asm/current.h:42 ./include/linux/sched/idle.h:31 kernel/sched/idle.c:255) 
[ 314.006306][ C3] br_handle_frame (net/bridge/br_input.c:417) 
[ 314.006588][ C3] ? __pfx_br_handle_frame (net/bridge/br_input.c:321) 
[ 314.006875][ C3] __netif_receive_skb_core.constprop.0 (net/core/dev.c:5448) 
[ 314.007265][ C3] ? mark_lock (kernel/locking/lockdep.c:4656 (discriminator 3)) 
[ 314.007505][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5137) 
[ 314.007811][ C3] ? __pfx___netif_receive_skb_core.constprop.0 (net/core/dev.c:5341) 
[ 314.008236][ C3] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5756) 
[ 314.008536][ C3] ? process_backlog (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/core/dev.c:5995) 
[ 314.008819][ C3] __netif_receive_skb_one_core (net/core/dev.c:5553) 
[ 314.009170][ C3] ? __pfx___netif_receive_skb_one_core (net/core/dev.c:5547) 
[ 314.009556][ C3] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5725) 
[ 314.009828][ C3] ? process_backlog (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/core/dev.c:5995) 
[ 314.010119][ C3] process_backlog (./include/linux/rcupdate.h:779 net/core/dev.c:5997) 
[ 314.010383][ C3] __napi_poll.constprop.0 (net/core/dev.c:6625) 
[ 314.010692][ C3] net_rx_action (net/core/dev.c:6694 net/core/dev.c:6827) 
[ 314.010988][ C3] ? __pfx_net_rx_action (net/core/dev.c:6791) 
[ 314.011298][ C3] ? lockdep_unlock (kernel/locking/lockdep.c:152 kernel/locking/lockdep.c:148) 
[ 314.011583][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4274) 
[ 314.011886][ C3] __do_softirq (kernel/softirq.c:553) 
[ 314.012133][ C3] ? __dev_queue_xmit (./include/linux/rcupdate.h:308 ./include/linux/rcupdate.h:818 net/core/dev.c:4364) 
[ 314.012456][ C3] do_softirq (kernel/softirq.c:454 kernel/softirq.c:441) 
[  314.012708][    C3]  </IRQ>
[  314.012878][    C3]  <TASK>
[ 314.013038][ C3] __local_bh_enable_ip (kernel/softirq.c:381) 
[ 314.013351][ C3] ? __dev_queue_xmit (./include/linux/rcupdate.h:308 ./include/linux/rcupdate.h:818 net/core/dev.c:4364) 
[ 314.013668][ C3] __dev_queue_xmit (net/core/dev.c:4365) 
[ 314.013937][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4274) 
[ 314.014223][ C3] ? eth_header (net/ethernet/eth.c:100) 
[ 314.014471][ C3] ? __pfx___dev_queue_xmit (net/core/dev.c:4246) 
[ 314.014799][ C3] ? neigh_resolve_output (./include/linux/netdevice.h:3226 net/core/neighbour.c:1558 net/core/neighbour.c:1543) 
[ 314.015100][ C3] ip6_finish_output2 (./include/net/neighbour.h:542 net/ipv6/ip6_output.c:137) 
[ 314.015413][ C3] ip6_finish_output (net/ipv6/ip6_output.c:211 net/ipv6/ip6_output.c:222) 
[ 314.015683][ C3] ip6_output (./include/linux/netfilter.h:303 net/ipv6/ip6_output.c:243) 
[ 314.015950][ C3] ? __pfx_ip6_output (net/ipv6/ip6_output.c:230) 
[ 314.016224][ C3] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5756) 
[ 314.016541][ C3] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:228) 
[ 314.016823][ C3] ? __lock_release (kernel/locking/lockdep.c:353 kernel/locking/lockdep.c:5436) 
[ 314.017091][ C3] NF_HOOK.constprop.0 (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 ./include/linux/netfilter.h:238 ./include/linux/netfilter.h:312) 
[ 314.017388][ C3] ? __pfx_NF_HOOK.constprop.0 (./include/linux/netfilter.h:308) 
[ 314.017707][ C3] ? __pfx_xfrm_lookup_with_ifid (net/xfrm/xfrm_policy.c:3133) 
[ 314.018053][ C3] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:4300 kernel/locking/lockdep.c:4359) 
[ 314.018441][ C3] ? icmp6_dst_alloc (net/ipv6/route.c:3292) 
[ 314.018733][ C3] ? __local_bh_enable_ip (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:77 kernel/softirq.c:386) 
[ 314.019033][ C3] mld_sendpack (net/ipv6/mcast.c:1822) 
[ 314.019281][ C3] ? __pfx_mld_sendpack (net/ipv6/mcast.c:1779) 
[ 314.019577][ C3] ? mld_send_cr (net/ipv6/mcast.c:2096 (discriminator 11)) 
[ 314.019849][ C3] mld_ifc_work (net/ipv6/mcast.c:2652) 
[ 314.020108][ C3] process_one_work (kernel/workqueue.c:2633) 
[ 314.020406][ C3] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:228) 
[ 314.020652][ C3] ? __pfx_process_one_work (kernel/workqueue.c:2542) 
[ 314.020958][ C3] ? assign_work (kernel/workqueue.c:1101) 
[ 314.021212][ C3] worker_thread (kernel/workqueue.c:2700 kernel/workqueue.c:2787) 
[ 314.021467][ C3] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:4300 kernel/locking/lockdep.c:4359) 
[ 314.021823][ C3] ? __pfx_worker_thread (kernel/workqueue.c:2733) 
[ 314.022099][ C3] ? __pfx_worker_thread (kernel/workqueue.c:2733) 
[ 314.022372][ C3] kthread (kernel/kthread.c:388) 
[ 314.022591][ C3] ? __pfx_kthread (kernel/kthread.c:341) 
[ 314.022843][ C3] ret_from_fork (arch/x86/kernel/process.c:147) 
[ 314.023082][ C3] ? __pfx_kthread (kernel/kthread.c:341) 


Finger prints:
dump_stack_lvl:__ubsan_handle_load_invalid_value:deliver_clone:br_handle_frame_finish
dump_stack_lvl:__ubsan_handle_load_invalid_value:__dev_forward_skb2:veth_xmit