rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P18042/2:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=114377, q=2699 ncpus=2)
task:syz.6.2928      state:R  running task     stack:24056 pid:18042 tgid:18040 ppid:14051  task_flags:0x2040044c flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__ref_is_percpu include/linux/percpu-refcount.h:182 [inline]
RIP: 0010:percpu_ref_put_many include/linux/percpu-refcount.h:332 [inline]
RIP: 0010:percpu_ref_put include/linux/percpu-refcount.h:351 [inline]
RIP: 0010:blkg_put+0xdf/0x240 block/blk-cgroup.h:338
Code: e0 8b e8 84 95 f8 fc 49 bd 00 00 00 00 00 fc ff df 4c 89 f0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 f7 e8 f4 2c 7e fd 4d 8b 26 <4c> 89 e6 48 83 e6 03 31 ff e8 a3 c0 1a fd 4c 89 e0 48 83 e0 03 0f
RSP: 0018:ffffc9000ae9ec48 EFLAGS: 00000246
RAX: 1ffff11006013c07 RBX: ffffffff84a4f252 RCX: ffff888024813c00
RDX: 0000000000000000 RSI: ffffffff8be33960 RDI: ffffffff8be33920
RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff84a4f252
R10: dffffc0000000000 R11: ffffed1004ab2761 R12: 0000607ed9bf2df0
R13: dffffc0000000000 R14: ffff88803009e038 R15: ffff88803009e000
 bio_endio+0x824/0x8c0 block/bio.c:1645
 blk_update_request+0x57e/0xe60 block/blk-mq.c:989
 blk_mq_end_request+0x3e/0x70 block/blk-mq.c:1151
 nullb_complete_cmd drivers/block/null_blk/main.c:1402 [inline]
 null_handle_cmd drivers/block/null_blk/main.c:1454 [inline]
 null_queue_rq+0xbfe/0xe30 drivers/block/null_blk/main.c:1693
 null_queue_rqs+0x123/0x270 drivers/block/null_blk/main.c:1707
 __blk_mq_flush_list block/blk-mq.c:2828 [inline]
 blk_mq_dispatch_queue_requests+0x417/0x800 block/blk-mq.c:2873
 blk_mq_flush_plug_list+0x432/0x550 block/blk-mq.c:2961
 blk_add_rq_to_plug+0x175/0x450 block/blk-mq.c:1390
 blk_mq_submit_bio+0x1912/0x2440 block/blk-mq.c:3212
 __submit_bio+0x207/0x5a0 block/blk-core.c:635
 __submit_bio_noacct_mq block/blk-core.c:722 [inline]
 submit_bio_noacct_nocheck+0x4ab/0xb50 block/blk-core.c:751
 __block_write_full_folio+0x810/0xe10 fs/buffer.c:1933
 blkdev_writepages+0xd1/0x170 block/fops.c:484
 do_writepages+0x32e/0x550 mm/page-writeback.c:2634
 filemap_fdatawrite_wbc mm/filemap.c:386 [inline]
 __filemap_fdatawrite_range mm/filemap.c:419 [inline]
 filemap_write_and_wait_range+0x21f/0x320 mm/filemap.c:691
 filemap_write_and_wait include/linux/pagemap.h:68 [inline]
 sync_blockdev block/bdev.c:260 [inline]
 bdev_release+0x192/0x650 block/bdev.c:1126
 blkdev_release+0x15/0x20 block/fops.c:702
 __fput+0x44c/0xa70 fs/file_table.c:468
 task_work_run+0x1d1/0x260 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x6b5/0x2300 kernel/exit.c:961
 do_group_exit+0x21c/0x2d0 kernel/exit.c:1102
 get_signal+0x1286/0x1340 kernel/signal.c:3034
 arch_do_signal_or_restart+0x9a/0x750 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop+0x75/0x110 kernel/entry/common.c:40
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]
 do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f54e9d8eba9
RSP: 002b:00007f54eab65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: 000000000000000b RBX: 00007f54e9fd5fa0 RCX: 00007f54e9d8eba9
RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000004
RBP: 00007f54e9e11e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f54e9fd6038 R14: 00007f54e9fd5fa0 R15: 00007f54ea0ffa28
 </TASK>
rcu: rcu_preempt kthread starved for 793 jiffies! g114377 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27160 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 __schedule_loop kernel/sched/core.c:7043 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:7058
 schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
 rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
RIP: 0010:match_held_lock+0x78/0xc0 kernel/locking/lockdep.c:5337
Code: 00 00 48 c7 c2 10 73 49 93 48 29 d0 48 c1 f8 03 48 ba 29 5c 8f c2 f5 28 5c 8f 48 0f af d0 bb 01 00 00 00 48 39 ca 74 02 31 db <89> d8 5b 41 5e e9 4e dd 02 00 cc 90 e8 17 c5 4a f9 85 c0 74 22 83
RSP: 0018:ffffc90000a07f00 EFLAGS: 00000046
RAX: 0000000000000004 RBX: 0000000000000001 RCX: b1b3f2734e2c7400
RDX: 0000000000000001 RSI: ffffffff99d18020 RDI: ffff88801ceae568
RBP: ffff88801ceae568 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffff52000140fe0 R12: 0000000000000003
R13: 0000000000000003 R14: ffffffff99d18020 R15: ffff88801ceada00
FS:  0000000000000000(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000020000027b030 CR3: 000000004b0c2000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 find_held_lock kernel/locking/lockdep.c:5350 [inline]
 __lock_release kernel/locking/lockdep.c:5535 [inline]
 lock_release+0x127/0x3e0 kernel/locking/lockdep.c:5889
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:149 [inline]
 _raw_spin_unlock_irqrestore+0x70/0x110 kernel/locking/spinlock.c:194
 __debug_check_no_obj_freed lib/debugobjects.c:1108 [inline]
 debug_check_no_obj_freed+0x451/0x470 lib/debugobjects.c:1129
 slab_free_hook mm/slub.c:2353 [inline]
 slab_free mm/slub.c:4695 [inline]
 kmem_cache_free+0x113/0x400 mm/slub.c:4797
 skb_release_data+0x62d/0x7c0 net/core/skbuff.c:1086
 skb_release_all net/core/skbuff.c:1151 [inline]
 __kfree_skb net/core/skbuff.c:1165 [inline]
 consume_skb+0x9e/0xf0 net/core/skbuff.c:1397
 nft_synproxy_eval_v6+0x376/0x560 net/netfilter/nft_synproxy.c:91
 nft_synproxy_do_eval+0x3d7/0x570 net/netfilter/nft_synproxy.c:145
 expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]
 nft_do_chain+0x409/0x1920 net/netfilter/nf_tables_core.c:285
 nft_do_chain_inet+0x25d/0x340 net/netfilter/nft_chain_filter.c:161
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xc2/0x220 net/netfilter/core.c:623
 nf_hook include/linux/netfilter.h:273 [inline]
 NF_HOOK+0x206/0x3a0 include/linux/netfilter.h:316
 ip6_input+0x16a/0x270 net/ipv6/ip6_input.c:500
 NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318
 __netif_receive_skb_one_core net/core/dev.c:5991 [inline]
 __netif_receive_skb+0xd3/0x380 net/core/dev.c:6104
 process_backlog+0x60e/0x14f0 net/core/dev.c:6456
 __napi_poll+0xc4/0x360 net/core/dev.c:7506
 napi_poll net/core/dev.c:7569 [inline]
 net_rx_action+0x707/0xe30 net/core/dev.c:7696
 handle_softirqs+0x283/0x870 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:696
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1050
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82
Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 07 0e 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2
RAX: b1b3f2734e2c7400 RBX: ffffffff819683f8 RCX: b1b3f2734e2c7400
RDX: 0000000000000001 RSI: ffffffff8d9b94df RDI: ffffffff8be33980
RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3
R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fa3a130
R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039d5b40
 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
 default_idle+0x13/0x20 arch/x86/kernel/process.c:757
 default_idle_call+0x74/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:190 [inline]
 do_idle+0x1e8/0x510 kernel/sched/idle.c:330
 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:428
 start_secondary+0x101/0x110 arch/x86/kernel/smpboot.c:315
 common_startup_64+0x13e/0x147
 </TASK>