rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6198/1:b..l
rcu: (detected by 1, t=10502 jiffies, g=11241, q=617 ncpus=2)
task:syz.3.95 state:R running task stack:25712 pid:6198 ppid:5762 flags:0x00004006
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5380 [inline]
__schedule+0x14d2/0x44d0 kernel/sched/core.c:6699
preempt_schedule_common+0x82/0xc0 kernel/sched/core.c:6866
preempt_schedule+0xab/0xc0 kernel/sched/core.c:6890
preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
unwind_next_frame+0x200f/0x2970 arch/x86/kernel/unwind_orc.c:672
arch_stack_walk+0x144/0x190 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
save_stack+0xf7/0x1f0 mm/page_owner.c:128
__reset_page_owner+0x4e/0x190 mm/page_owner.c:149
reset_page_owner include/linux/page_owner.h:24 [inline]
free_pages_prepare mm/page_alloc.c:1154 [inline]
free_unref_page_prepare+0x7ce/0x8e0 mm/page_alloc.c:2336
free_unref_page+0x32/0x2e0 mm/page_alloc.c:2429
__slab_free+0x35e/0x410 mm/slub.c:3736
qlink_free mm/kasan/quarantine.c:166 [inline]
qlist_free_all+0x75/0xe0 mm/kasan/quarantine.c:185
kasan_quarantine_reduce+0x143/0x160 mm/kasan/quarantine.c:292
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:305
kasan_slab_alloc include/linux/kasan.h:188 [inline]
slab_post_alloc_hook+0x6e/0x4d0 mm/slab.h:767
slab_alloc_node mm/slub.c:3495 [inline]
__kmem_cache_alloc_node+0x13e/0x260 mm/slub.c:3534
__do_kmalloc_node mm/slab_common.c:1006 [inline]
__kmalloc+0xa4/0x240 mm/slab_common.c:1020
kmalloc include/linux/slab.h:604 [inline]
kzalloc include/linux/slab.h:721 [inline]
cgroup_create kernel/cgroup/cgroup.c:5610 [inline]
cgroup_mkdir+0x3c5/0xde0 kernel/cgroup/cgroup.c:5758
kernfs_iop_mkdir+0x250/0x3d0 fs/kernfs/dir.c:1246
vfs_mkdir+0x296/0x440 fs/namei.c:4121
do_mkdirat+0x1d4/0x440 fs/namei.c:4144
__do_sys_mkdir fs/namei.c:4164 [inline]
__se_sys_mkdir fs/namei.c:4162 [inline]
__x64_sys_mkdir+0x6e/0x80 fs/namei.c:4162
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f0d2058f749
RSP: 002b:00007f0d213de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 00007f0d207e6090 RCX: 00007f0d2058f749
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
RBP: 00007f0d20613f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f0d207e6128 R14: 00007f0d207e6090 R15: 00007ffe962df6d8
</TASK>
rcu: rcu_preempt kthread starved for 2583 jiffies! g11241 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:27048 pid:17 ppid:2 flags:0x00004000
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5380 [inline]
__schedule+0x14d2/0x44d0 kernel/sched/core.c:6699
schedule+0xbd/0x170 kernel/sched/core.c:6773
schedule_timeout+0x160/0x280 kernel/time/timer.c:2168
rcu_gp_fqs_loop+0x302/0x1560 kernel/rcu/tree.c:1667
rcu_gp_kthread+0x99/0x380 kernel/rcu/tree.c:1866
kthread+0x2fa/0x390 kernel/kthread.c:388
ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:152
ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:293
</TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
NMI backtrace for cpu 0
CPU: 0 PID: 6185 Comm: syz.0.94 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:arch_atomic_read arch/x86/include/asm/atomic.h:23 [inline]
RIP: 0010:raw_atomic_read include/linux/atomic/atomic-arch-fallback.h:444 [inline]
RIP: 0010:rcu_dynticks_curr_cpu_in_eqs include/linux/context_tracking.h:122 [inline]
RIP: 0010:rcu_is_watching+0x5a/0xb0 kernel/rcu/tree.c:700
Code: f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 ac 64 6d 00 48 c7 c3 28 6b 03 00 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 2f 8b 03 65 ff 0d a1 1b 94 7e 74 0c 83 e0 04 c1 e8 02 5b
RSP: 0018:ffffc900000068a0 EFLAGS: 00000806
RAX: 0000000000000000 RBX: ffff8880b8e36b28 RCX: 16955a2de927f500
RDX: ffff88802c008000 RSI: ffffffff8afc6f60 RDI: ffffffff8afc6f20
RBP: ffffc900000069c8 R08: dffffc0000000000 R09: 1ffffffff21b28a0
R10: dffffc0000000000 R11: fffffbfff21b28a1 R12: 1ffff92000000d1c
R13: ffff888020f4d550 R14: ffffffff8c7c8a30 R15: dffffc0000000000
FS: 00007fa0c66de6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2586a3c4e8 CR3: 000000002638d000 CR4: 00000000003506f0
DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
<IRQ>
rcu_read_lock include/linux/rcupdate.h:787 [inline]
__perf_event_output kernel/events/core.c:7970 [inline]
perf_event_output_forward+0xd2/0x3a0 kernel/events/core.c:7993
__perf_event_overflow+0x447/0x630 kernel/events/core.c:9718
perf_swevent_hrtimer+0x3bc/0x530 kernel/events/core.c:11188
__run_hrtimer kernel/time/hrtimer.c:1750 [inline]
__hrtimer_run_queues+0x4df/0xc40 kernel/time/hrtimer.c:1814
hrtimer_interrupt+0x3c9/0x9c0 kernel/time/hrtimer.c:1876
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1077 [inline]
__sysvec_apic_timer_interrupt+0xfb/0x3b0 arch/x86/kernel/apic/apic.c:1094
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1088 [inline]
sysvec_apic_timer_interrupt+0x51/0xc0 arch/x86/kernel/apic/apic.c:1088
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:687
RIP: 0010:console_trylock_spinning kernel/printk/printk.c:2008 [inline]
RIP: 0010:vprintk_emit+0x44f/0x600 kernel/printk/printk.c:2340
Code: 51 01 00 00 e8 52 55 1b 00 45 89 f7 48 85 db 48 8b 5c 24 08 75 07 e8 40 55 1b 00 eb 06 e8 39 55 1b 00 fb 48 c7 c7 40 42 d2 8c <31> f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00 45 31 c9 53 e8 59 bd
RSP: 0018:ffffc90000007020 EFLAGS: 00000246
RAX: ffffffff816a3b87 RBX: ffffffff816a3a41 RCX: ffff88802c008000
RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffff8cd24240
RBP: ffffc90000007110 R08: ffffffff90d9450f R09: 1ffffffff21b28a1
R10: dffffc0000000000 R11: fffffbfff21b28a2 R12: dffffc0000000000
R13: ffffc90000007180 R14: 000000000000006f R15: 000000000000006f
_printk+0xd0/0x110 kernel/printk/printk.c:2366
br_fdb_update+0x5c5/0x630 net/bridge/br_fdb.c:867
br_handle_frame_finish+0x5ce/0x1950 net/bridge/br_input.c:141
br_nf_hook_thresh+0x3b6/0x480 net/bridge/br_netfilter_hooks.c:1184
br_nf_pre_routing_finish_ipv6+0x9e3/0xd90 net/bridge/br_netfilter_ipv6.c:-1
NF_HOOK include/linux/netfilter.h:304 [inline]
br_nf_pre_routing_ipv6+0x34d/0x680 net/bridge/br_netfilter_ipv6.c:184
nf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]
nf_hook_bridge_pre net/bridge/br_input.c:277 [inline]
br_handle_frame+0x957/0x14c0 net/bridge/br_input.c:424
__netif_receive_skb_core+0xf6b/0x3ac0 net/core/dev.c:5502
__netif_receive_skb_one_core net/core/dev.c:5606 [inline]
__netif_receive_skb+0x74/0x290 net/core/dev.c:5722
process_backlog+0x380/0x6e0 net/core/dev.c:6050
__napi_poll+0xc0/0x460 net/core/dev.c:6612
napi_poll net/core/dev.c:6679 [inline]
net_rx_action+0x5ea/0xbf0 net/core/dev.c:6815
handle_softirqs+0x280/0x820 kernel/softirq.c:578
__do_softirq kernel/softirq.c:612 [inline]
invoke_softirq kernel/softirq.c:452 [inline]
__irq_exit_rcu+0xc7/0x190 kernel/softirq.c:661
irq_exit_rcu+0x9/0x20 kernel/softirq.c:673
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1088 [inline]
sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1088
</IRQ>
<TASK>
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:687
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:19 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:89 [inline]
RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:131 [inline]
RIP: 0010:preempt_schedule_irq+0xb5/0x140 kernel/sched/core.c:7010
Code: 24 21 02 74 0b 0f 0b 48 f7 03 08 00 00 00 74 63 bf 01 00 00 00 e8 8b b3 eb f6 e8 26 3a 1c f7 fb bf 01 00 00 00 e8 db b5 ff ff <48> c7 44 24 40 00 00 00 00 9c 8f 44 24 40 8b 44 24 40 fa a9 00 02
RSP: 0018:ffffc900033dea80 EFLAGS: 00000246
RAX: 16955a2de927f500 RBX: ffff88802c008000 RCX: 16955a2de927f500
RDX: dffffc0000000000 RSI: ffffffff8aaabce0 RDI: ffff88802c0095f8
RBP: ffffc900033deb20 R08: ffffffff90d9450f R09: 1ffffffff21b28a1
R10: dffffc0000000000 R11: fffffbfff21b28a2 R12: 0000000000000000
R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff9200067bd50
irqentry_exit+0x67/0x70 kernel/entry/common.c:438
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:687
RIP: 0010:constant_test_bit arch/x86/include/asm/bitops.h:207 [inline]
RIP: 0010:arch_test_bit arch/x86/include/asm/bitops.h:239 [inline]
RIP: 0010:tif_need_resched include/linux/thread_info.h:184 [inline]
RIP: 0010:need_resched include/linux/sched.h:2260 [inline]
RIP: 0010:preempt_schedule_common+0x11/0xc0 kernel/sched/core.c:6874
Code: 15 00 00 00 eb d0 e8 2e bf f7 ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 57 41 56 53 49 bf 00 00 00 00 00 fc ff df eb 0d <48> f7 03 08 00 00 00 0f 84 99 00 00 00 65 ff 05 73 fe 93 75 65 8b
RSP: 0018:ffffc900033debe0 EFLAGS: 00000246
RAX: 1ffff11005801000 RBX: ffff88802c008000 RCX: 16955a2de927f500
RDX: dffffc0000000000 RSI: ffffffff8aaabce0 RDI: ffff88802c0095f8
RBP: ffffc900033dec78 R08: ffffffff90d9450f R09: 1ffffffff21b28a1
R10: dffffc0000000000 R11: fffffbfff21b28a2 R12: dffffc0000000000
R13: ffffc900033dee40 R14: ffff88802c0094c8 R15: dffffc0000000000
preempt_schedule+0xab/0xc0 kernel/sched/core.c:6890
preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
vprintk_emit+0x578/0x600 kernel/printk/printk.c:2342
_printk+0xd0/0x110 kernel/printk/printk.c:2366
__nla_validate_parse+0x272f/0x2fa0 lib/nlattr.c:647
__nla_parse+0x40/0x50 lib/nlattr.c:732
__nlmsg_parse include/net/netlink.h:756 [inline]
nlmsg_parse_deprecated include/net/netlink.h:797 [inline]
fib_nl_delrule+0x2cb/0x1d10 net/core/fib_rules.c:905
rtnetlink_rcv_msg+0x7c7/0xf10 net/core/rtnetlink.c:6472
netlink_rcv_skb+0x216/0x480 net/netlink/af_netlink.c:2545
netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]
netlink_unicast+0x751/0x8d0 net/netlink/af_netlink.c:1346
netlink_sendmsg+0x8c1/0xbe0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg net/socket.c:745 [inline]
sock_write_iter+0x2bb/0x3f0 net/socket.c:1160
call_write_iter include/linux/fs.h:2018 [inline]
new_sync_write fs/read_write.c:491 [inline]
vfs_write+0x43b/0x940 fs/read_write.c:584
ksys_write+0x147/0x250 fs/read_write.c:637
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fa0c578f749
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa0c66de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fa0c59e5fa0 RCX: 00007fa0c578f749
RDX: 0000000000033fe0 RSI: 0000200000000000 RDI: 0000000000000007
RBP: 00007fa0c5813f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fa0c59e6038 R14: 00007fa0c59e5fa0 R15: 00007fff78a54158
</TASK>
net_ratelimit: 4545 callbacks suppressed
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)
bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
bridge0: received packet on veth0_to_bridge with own address as source address (addr:42:a1:c3:aa:b4:c6, vlan:0)