syzbot

rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5825/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=38621, q=176 ncpus=2)
task:syz-executor    state:R  running task     stack:22720 pid:5825  tgid:5825  ppid:5815   task_flags:0x400140 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0xf43/0x5890 kernel/sched/core.c:6765
 preempt_schedule_common+0x44/0xc0 kernel/sched/core.c:6944
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 copy_pte_range mm/memory.c:1201 [inline]
 copy_pmd_range mm/memory.c:1262 [inline]
 copy_pud_range mm/memory.c:1299 [inline]
 copy_p4d_range mm/memory.c:1323 [inline]
 copy_page_range+0x1e7f/0x5690 mm/memory.c:1421
 dup_mmap kernel/fork.c:748 [inline]
 dup_mm kernel/fork.c:1700 [inline]
 copy_mm kernel/fork.c:1752 [inline]
 copy_process+0x7ccb/0x8c50 kernel/fork.c:2403
 kernel_clone+0xfd/0x960 kernel/fork.c:2815
 __do_sys_clone+0xcf/0x120 kernel/fork.c:2958
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fbf09d839d3
RSP: 002b:00007fffe82d0778 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbf09d839d3
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
R10: 000055557a7ce7d0 R11: 0000000000000246 R12: 0000000000000000
R13: 00000000000927c0 R14: 000000000007e16a R15: 00007fffe82d0910
 </TASK>
rcu: rcu_preempt kthread starved for 10502 jiffies! g38621 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27072 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0xf43/0x5890 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6857
 schedule_timeout+0x124/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:2024
 rcu_gp_kthread+0x271/0x380 kernel/rcu/tree.c:2226
 kthread+0x3af/0x750 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.14.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: events_unbound nsim_dev_trap_report_work
RIP: 0010:taprio_set_budgets+0x1eb/0x310 net/sched/sch_taprio.c:666
Code: 44 89 33 44 8b 74 24 0c 89 ee 48 83 c5 01 83 c6 01 49 83 c5 08 48 83 c3 04 44 89 f7 e8 0e 00 50 f8 41 39 ee 7e 65 89 6c 24 08 <e8> c0 05 50 f8 48 63 f5 48 83 fe 0f 0f 87 a6 00 00 00 4c 89 e8 48
RSP: 0018:ffffc90000a18d10 EFLAGS: 00000002
RAX: 0000000080010002 RBX: ffff888079670884 RCX: ffffffff8969dbf2
RDX: ffff888143ad2440 RSI: 0000000000000002 RDI: 0000000000000004
RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000002
R10: 0000000000000001 R11: 0000000000000004 R12: 0000000000000000
R13: ffff888079670808 R14: 0000000000000002 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c3c3321 CR3: 0000000035b2c000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 advance_sched+0x5e1/0xc60 net/sched/sch_taprio.c:977
 __run_hrtimer kernel/time/hrtimer.c:1801 [inline]
 __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1865
 hrtimer_interrupt+0x392/0x8e0 kernel/time/hrtimer.c:1927
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1038 [inline]
 __sysvec_apic_timer_interrupt+0x10f/0x400 arch/x86/kernel/apic/apic.c:1055
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x9f/0xc0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:is_kfence_address include/linux/kfence.h:58 [inline]
RIP: 0010:obj_to_index mm/slab.h:351 [inline]
RIP: 0010:__memcg_slab_free_hook+0x105/0x5a0 mm/memcontrol.c:3017
Code: 49 83 c4 08 49 39 c4 0f 84 b2 02 00 00 4c 89 e0 48 c1 e8 03 80 3c 28 00 0f 85 88 03 00 00 48 8b 7c 24 08 49 8b 04 24 80 3f 00 <0f> 85 5b 03 00 00 48 8b 15 fe c9 3c 0e 48 89 c1 48 29 d1 48 81 f9
RSP: 0018:ffffc90000ab7a70 EFLAGS: 00000246
RAX: ffff88802a9bfc80 RBX: ffff88814168c8c0 RCX: 0000000000000001
RDX: ffffc90000ab7b10 RSI: ffffea0000aa6fc0 RDI: fffffbfff20c4c84
RBP: dffffc0000000000 R08: ffff88801b756980 R09: 0000000000000000
R10: ffff88814168c8e0 R11: 0000000000002ba2 R12: ffffc90000ab7b10
R13: 1ffffffff20c4c84 R14: ffffea0000aa6fc0 R15: ffffea0000aa6fc0
 memcg_slab_free_hook mm/slub.c:2178 [inline]
 slab_free mm/slub.c:4606 [inline]
 kmem_cache_free+0x443/0x4d0 mm/slub.c:4711
 kfree_skbmem+0x1a4/0x1f0 net/core/skbuff.c:1058
 __kfree_skb net/core/skbuff.c:1115 [inline]
 consume_skb net/core/skbuff.c:1346 [inline]
 consume_skb+0xcc/0x100 net/core/skbuff.c:1340
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:821 [inline]
 nsim_dev_trap_report_work+0x8cf/0xd00 drivers/net/netdevsim/dev.c:851
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3319 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3400
 kthread+0x3af/0x750 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>