bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P4960/1:b..l P4699/1:b..l rcu: (detected by 1, t=10503 jiffies, g=296941, q=2439 ncpus=2) task:syz-executor state:R running task stack:22320 pid:4699 tgid:4699 ppid:4666 task_flags:0x400140 flags:0x00080000 Call Trace: context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1821/0x5740 kernel/sched/core.c:7189 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7513 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:539 [inline] irqentry_exit+0x14f/0x760 kernel/entry/common.c:164 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 RIP: 0010:unwind_next_frame+0x4a5/0x2550 arch/x86/kernel/unwind_orc.c:520 Code: e0 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 c2 19 00 00 4c 89 e8 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 d5 19 00 00 41 0f b6 44 24 01 <83> e0 07 0f 84 75 16 00 00 83 f8 01 4c 8b 7c 24 50 48 bd 00 00 00 RSP: 0018:ffffc90003b7f198 EFLAGS: 00000246 RAX: 0000000000000002 RBX: ffffffff90532b8c RCX: ffffffff90532b90 RDX: ffffffff90d3e280 RSI: ffffffff90d3e250 RDI: ffffffff8c28b600 RBP: dffffc0000000000 R08: 0000000000000009 R09: ffffffff8e95cca0 R10: ffffc90003b7f2b8 R11: ffffffff81b0f020 R12: ffffffff90d3e284 R13: ffffffff90d3e285 R14: ffffc90003b7f268 R15: ffffffff90532b8c arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122 save_stack+0x122/0x230 mm/page_owner.c:165 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320 reset_page_owner include/linux/page_owner.h:25 [inline] __free_pages_prepare mm/page_alloc.c:1402 [inline] __free_frozen_pages+0xbc7/0xd30 mm/page_alloc.c:2943 __slab_free+0x274/0x2c0 mm/slub.c:5612 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350 kasan_slab_alloc include/linux/kasan.h:253 [inline] slab_post_alloc_hook mm/slub.c:4569 [inline] slab_alloc_node mm/slub.c:4898 [inline] kmem_cache_alloc_noprof+0x2bc/0x650 mm/slub.c:4905 vm_area_dup+0x2b/0x680 mm/vma_init.c:123 dup_mmap+0x8b1/0x1d90 mm/mmap.c:1786 dup_mm kernel/fork.c:1534 [inline] copy_mm+0x13b/0x4a0 kernel/fork.c:1586 copy_process+0x1f1c/0x4440 kernel/fork.c:2264 kernel_clone+0x284/0x8f0 kernel/fork.c:2721 __do_sys_clone kernel/fork.c:2862 [inline] __se_sys_clone kernel/fork.c:2846 [inline] __x64_sys_clone+0x1b6/0x230 kernel/fork.c:2846 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fe1f5bc58d2 RSP: 002b:00007ffc89e70dd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007ffc89e70dd0 RCX: 00007fe1f5bc58d2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 00007ffc89e70f5c R08: 0000000000000000 R09: 0000000000000001 R10: 00005555567787d0 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000000927c0 R14: 000000000018ca80 R15: 00007ffc89e70fb0 task:jbd2/sda1-8 state:R running task stack:24928 pid:4960 tgid:4960 ppid:2 task_flags:0x240040 flags:0x00080000 Call Trace: context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1821/0x5740 kernel/sched/core.c:7189 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7513 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:539 [inline] irqentry_exit+0x14f/0x760 kernel/entry/common.c:164 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 RIP: 0010:debug_lockdep_rcu_enabled+0xd/0x40 kernel/rcu/update.c:320 Code: 8d 67 48 0f b9 3a 90 eb ca cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 31 c0 83 3d 63 8a 87 04 00 <74> 1d 83 3d 1a bc 87 04 00 74 14 65 48 8b 0d 58 45 90 07 31 c0 83 RSP: 0018:ffffc9000ff8f1b0 EFLAGS: 00000202 RAX: 0000000000000000 RBX: ffffffff90d66e01 RCX: ffffc9000ff8f7d8 RDX: ffffc9000ff8f201 RSI: dffffc0000000000 RDI: ffffc9000ff8f290 RBP: dffffc0000000000 R08: ffffc9000ff8f7c0 R09: 0000000000000000 R10: ffffc9000ff8f2d8 R11: fffff52001ff1e5d R12: ffffc9000ff8f7d0 R13: ffffc9000ff88000 R14: ffffc9000ff8f288 R15: ffffffff8176f256 rcu_read_unlock include/linux/rcupdate.h:867 [inline] class_rcu_destructor include/linux/rcupdate.h:1181 [inline] unwind_next_frame+0x1b6d/0x2550 arch/x86/kernel/unwind_orc.c:709 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122 save_stack+0x122/0x230 mm/page_owner.c:165 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320 reset_page_owner include/linux/page_owner.h:25 [inline] __free_pages_prepare mm/page_alloc.c:1402 [inline] __free_frozen_pages+0xbc7/0xd30 mm/page_alloc.c:2943 __slab_free+0x274/0x2c0 mm/slub.c:5612 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x99/0x100 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350 kasan_slab_alloc include/linux/kasan.h:253 [inline] slab_post_alloc_hook mm/slub.c:4569 [inline] slab_alloc_node mm/slub.c:4898 [inline] kmem_cache_alloc_noprof+0x2bc/0x650 mm/slub.c:4905 alloc_buffer_head+0x2a/0x270 fs/buffer.c:2941 folio_alloc_buffers+0x19b/0x640 fs/buffer.c:838 grow_dev_folio fs/buffer.c:979 [inline] grow_buffers fs/buffer.c:1020 [inline] __getblk_slow fs/buffer.c:1038 [inline] bdev_getblk+0x2cb/0x6e0 fs/buffer.c:1358 __getblk include/linux/buffer_head.h:380 [inline] jbd2_journal_get_descriptor_buffer+0x147/0x420 fs/jbd2/journal.c:976 jbd2_journal_commit_transaction+0x133b/0x5b00 fs/jbd2/commit.c:639 kjournald2+0x3e0/0x760 fs/jbd2/journal.c:201 kthread+0x389/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 rcu: rcu_preempt kthread starved for 10515 jiffies! g296941 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:27392 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 Call Trace: context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1821/0x5740 kernel/sched/core.c:7189 __schedule_loop kernel/sched/core.c:7268 [inline] schedule+0x164/0x360 kernel/sched/core.c:7283 schedule_timeout+0x158/0x2c0 kernel/time/sleep_timeout.c:99 rcu_gp_fqs_loop+0x312/0x11d0 kernel/rcu/tree.c:2095 rcu_gp_kthread+0x9e/0x2b0 kernel/rcu/tree.c:2297 kthread+0x389/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 rcu: Stack dump where RCU GP kthread last ran: CPU: 1 UID: 0 PID: 4907 Comm: kworker/R-wg-cr Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 Workqueue: wg-crypt-wg1 wg_packet_tx_worker RIP: 0010:lock_is_held_type+0x106/0x150 kernel/locking/lockdep.c:5945 Code: 19 00 00 b8 ff ff ff ff 65 0f c1 05 74 8d 90 07 83 f8 01 75 25 9c 58 a9 00 02 00 00 75 39 41 f7 c4 00 02 00 00 74 01 fb 89 d8 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 90 0f 0b 90 48 c7 RSP: 0018:ffffc90000a08348 EFLAGS: 00000206 RAX: 0000000000000001 RBX: 0000000000000001 RCX: 0000000080000101 RDX: ffff88807d433d80 RSI: ffffffff8e22036c RDI: ffffffff8c28b660 RBP: 00000000ffffffff R08: ffffc90000a08600 R09: ffffc90000a08610 R10: ffffc90000a08460 R11: fffff5200014108e R12: 0000000000000246 R13: ffff88807d433d80 R14: ffffffff8e95cca0 R15: 0000000000000002 FS: 0000000000000000(0000) GS:ffff888125387000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000200000006000 CR3: 000000000e74a000 CR4: 00000000003526f0 Call Trace: __find_rr_leaf+0x353/0x760 net/ipv6/route.c:833 find_rr_leaf net/ipv6/route.c:889 [inline] rt6_select net/ipv6/route.c:933 [inline] fib6_table_lookup+0x3b4/0xa80 net/ipv6/route.c:2251 ip6_pol_route+0x228/0x13d0 net/ipv6/route.c:2287 pol_lookup_func include/net/ip6_fib.h:667 [inline] fib6_rule_lookup+0x556/0x730 net/ipv6/fib6_rules.c:123 ip6_route_input_lookup net/ipv6/route.c:2356 [inline] ip6_route_input+0x730/0xad0 net/ipv6/route.c:2659 ip6_rcv_finish+0x141/0x280 net/ipv6/ip6_input.c:117 NF_HOOK+0x336/0x3c0 include/linux/netfilter.h:318 __netif_receive_skb_one_core net/core/dev.c:6202 [inline] __netif_receive_skb net/core/dev.c:6315 [inline] process_backlog+0x7dd/0x1950 net/core/dev.c:6666 __napi_poll+0xae/0x340 net/core/dev.c:7733 napi_poll net/core/dev.c:7796 [inline] net_rx_action+0x627/0xf70 net/core/dev.c:7953 handle_softirqs+0x22a/0x840 kernel/softirq.c:622 do_softirq+0x76/0xd0 kernel/softirq.c:523 __local_bh_enable_ip+0xf8/0x130 kernel/softirq.c:450 wg_packet_create_data_done drivers/net/wireguard/send.c:247 [inline] wg_packet_tx_worker+0x16b/0x7c0 drivers/net/wireguard/send.c:276 process_one_work kernel/workqueue.c:3314 [inline] process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3397 rescuer_thread+0x827/0x1130 kernel/workqueue.c:3621 kthread+0x389/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0) bridge0: received packet on veth1_to_bridge with own address as source address (addr:a2:1b:61:50:53:05, vlan:0)