bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P7313/2:b..l rcu: (detected by 1, t=10502 jiffies, g=8081, q=940 ncpus=2) task:syz.0.205 state:R running task stack:0 pid:7313 tgid:7312 ppid:6416 flags:0x0000000d Call trace: __switch_to+0x414/0x788 arch/arm64/kernel/process.c:701 (T) context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1744/0x27f0 kernel/sched/core.c:6756 preempt_schedule_irq+0x80/0x188 kernel/sched/core.c:7078 arm64_preempt_schedule_irq arch/arm64/kernel/entry-common.c:301 [inline] __el1_irq arch/arm64/kernel/entry-common.c:563 [inline] el1_interrupt+0x4c/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) lock_release+0x530/0x9e4 kernel/locking/lockdep.c:5873 (P) rcu_lock_release+0x1c/0x28 include/linux/rcupdate.h:347 rcu_read_unlock include/linux/rcupdate.h:880 [inline] percpu_ref_tryget_many include/linux/percpu-refcount.h:250 [inline] percpu_ref_tryget+0x170/0x2ac include/linux/percpu-refcount.h:266 css_tryget include/linux/cgroup_refcnt.h:45 [inline] get_mem_cgroup_from_mm+0x104/0x394 mm/memcontrol.c:948 __mem_cgroup_charge+0x24/0xa8 mm/memcontrol.c:4511 mem_cgroup_charge include/linux/memcontrol.h:646 [inline] shmem_alloc_and_add_folio+0x9cc/0x1564 mm/shmem.c:1843 shmem_get_folio_gfp+0x554/0x1790 mm/shmem.c:2355 shmem_get_folio mm/shmem.c:2461 [inline] shmem_write_begin+0x140/0x488 mm/shmem.c:3117 generic_perform_write+0x29c/0x868 mm/filemap.c:4055 shmem_file_write_iter+0x110/0x138 mm/shmem.c:3293 new_sync_write fs/read_write.c:586 [inline] vfs_write+0x920/0xcf4 fs/read_write.c:679 ksys_write+0x15c/0x26c fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __arm64_sys_write+0x7c/0x90 fs/read_write.c:739 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 rcu: rcu_preempt kthread starved for 10016 jiffies! g8081 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:0 pid:17 tgid:17 ppid:2 flags:0x00000008 Call trace: __switch_to+0x414/0x788 arch/arm64/kernel/process.c:701 (T) context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1744/0x27f0 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6848 schedule_timeout+0x164/0x290 kernel/time/sleep_timeout.c:99 rcu_gp_fqs_loop+0x2cc/0x16e8 kernel/rcu/tree.c:2045 rcu_gp_kthread+0xc0/0x308 kernel/rcu/tree.c:2247 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __sanitizer_cov_trace_pc+0x0/0x84 kernel/kcov.c:210 lr : __in6_dev_get include/net/addrconf.h:330 [inline] lr : ip6_ignore_linkdown include/net/addrconf.h:421 [inline] lr : find_match+0x104/0xae8 net/ipv6/route.c:747 sp : ffff800080006050 x29: ffff800080006080 x28: dfff800000000000 x27: 1fffe00018e8b717 x26: 0000000000000001 x25: ffff0000c745b8cf x24: ffff0000c745b8b8 x23: 0000000000000003 x22: 0000000000000001 x21: 000000000000000d x20: 1fffe00018e8b719 x19: ffff0000cf0ea000 x18: ffff800097a4e080 x17: 0000000000020010 x16: ffff80008069d39c x15: 0000000000000005 x14: 1ffff00010000c3c x13: 0000000000000000 x12: ffff700010000c34 x11: 1ffff00010000ca3 x10: 0000000000ff0100 x9 : 0000000000000000 x8 : ffff0000c19e1e40 x7 : ffff8000800063f0 x6 : 0000000000000003 x5 : ffff8000800063f0 x4 : ffff8000800063e0 x3 : 0000000000000003 x2 : 000000000000000d x1 : 0000000000000001 x0 : 0000000000000000 Call trace: __sanitizer_cov_trace_pc+0x0/0x84 kernel/audit_tree.c:174 (P) __find_rr_leaf+0x238/0x724 net/ipv6/route.c:835 find_rr_leaf net/ipv6/route.c:856 [inline] rt6_select net/ipv6/route.c:900 [inline] fib6_table_lookup+0x36c/0x9c0 net/ipv6/route.c:2195 ip6_pol_route+0x228/0x1314 net/ipv6/route.c:2231 ip6_pol_route_input+0x74/0x94 net/ipv6/route.c:2288 pol_lookup_func include/net/ip6_fib.h:616 [inline] fib6_rule_lookup+0x1f8/0x510 net/ipv6/fib6_rules.c:117 ip6_route_input_lookup net/ipv6/route.c:2300 [inline] ip6_route_input+0x6b8/0xb34 net/ipv6/route.c:2596 ip6_rcv_finish_core+0x218/0x3c8 net/ipv6/ip6_input.c:66 ip6_rcv_finish+0x120/0x21c net/ipv6/ip6_input.c:77 ip_sabotage_in+0x1a8/0x220 net/bridge/br_netfilter_hooks.c:1021 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xc8/0x234 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK+0x22c/0x3d4 include/linux/netfilter.h:312 ipv6_rcv+0x9c/0xbc net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5672 [inline] __netif_receive_skb+0x18c/0x3c8 net/core/dev.c:5785 netif_receive_skb_internal net/core/dev.c:5871 [inline] netif_receive_skb+0x1f4/0x924 net/core/dev.c:5930 br_netif_receive_skb+0x148/0x19c net/bridge/br_input.c:30 NF_HOOK+0xa8/0x3e4 include/linux/netfilter.h:314 br_pass_frame_up+0x29c/0x430 net/bridge/br_input.c:70 br_handle_frame_finish+0x126c/0x18c4 net/bridge/br_input.c:221 br_nf_hook_thresh+0x38c/0x480 br_nf_pre_routing_finish_ipv6+0x890/0xbac NF_HOOK include/linux/netfilter.h:314 [inline] br_nf_pre_routing_ipv6+0x2d4/0x64c net/bridge/br_netfilter_ipv6.c:184 br_nf_pre_routing+0x42c/0x113c net/bridge/br_netfilter_hooks.c:536 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_bridge_pre net/bridge/br_input.c:277 [inline] br_handle_frame+0x80c/0x1124 net/bridge/br_input.c:424 __netif_receive_skb_core+0xff4/0x3848 net/core/dev.c:5566 __netif_receive_skb_one_core net/core/dev.c:5670 [inline] __netif_receive_skb+0x114/0x3c8 net/core/dev.c:5785 process_backlog+0x640/0x123c net/core/dev.c:6117 __napi_poll+0xb4/0x3fc net/core/dev.c:6883 napi_poll net/core/dev.c:6952 [inline] net_rx_action+0x6a8/0xf4c net/core/dev.c:7074 handle_softirqs+0x320/0xd34 kernel/softirq.c:561 __do_softirq+0x14/0x20 kernel/softirq.c:595 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86 do_softirq+0x90/0xf8 kernel/softirq.c:462 __local_bh_enable_ip+0x288/0x44c kernel/softirq.c:389 local_bh_enable+0x28/0x34 include/linux/bottom_half.h:33 put_cpu_fpsimd_context arch/arm64/kernel/fpsimd.c:244 [inline] kernel_neon_begin+0x298/0x468 arch/arm64/kernel/fpsimd.c:1943 poly1305_update_arch+0x16c/0x33c arch/arm64/crypto/poly1305-glue.c:149 poly1305_update include/crypto/poly1305.h:83 [inline] chacha20poly1305_crypt_sg_inplace+0xae4/0x10e0 lib/crypto/chacha20poly1305.c:302 chacha20poly1305_decrypt_sg_inplace+0x6c/0x94 lib/crypto/chacha20poly1305.c:351 decrypt_packet drivers/net/wireguard/receive.c:278 [inline] wg_packet_decrypt_worker+0x478/0x9cc drivers/net/wireguard/receive.c:501 process_one_work+0x7a8/0x15cc kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x97c/0xeec kernel/workqueue.c:3391 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 net_ratelimit: 39178 callbacks suppressed bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) net_ratelimit: 40540 callbacks suppressed bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) bridge0: received packet on veth0_to_bridge with own address as source address (addr:ee:13:f6:03:52:85, vlan:0)