GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P11926/1:b..l
rcu: (detected by 1, t=10503 jiffies, g=50029, q=363 ncpus=2)
task:syz.1.1624 state:R running task stack:24520 pid:11926 tgid:11925 ppid:5833 task_flags:0x400040 flags:0x00004006
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5397 [inline]
__schedule+0x16aa/0x4c90 kernel/sched/core.c:6786
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7109
irqentry_exit+0x6f/0x90 kernel/entry/common.c:307
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x175/0x360 kernel/locking/lockdep.c:5875
Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 6b 55 fe 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc900149deab8 EFLAGS: 00000206
RAX: a3060476318fb500 RBX: 0000000000000000 RCX: a3060476318fb500
RDX: 0000000000000000 RSI: ffffffff8db6fcc6 RDI: ffffffff8be1ba40
RBP: ffffffff8172aae5 R08: 0000000000000000 R09: ffffffff8172aae5
R10: ffffc900149dec78 R11: ffffffff81acfd40 R12: 0000000000000002
R13: ffffffff8e13f0e0 R14: 0000000000000000 R15: 0000000000000246
rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
rcu_read_lock include/linux/rcupdate.h:841 [inline]
class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
unwind_next_frame+0xc2/0x2390 arch/x86/kernel/unwind_orc.c:479
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
save_stack+0xf7/0x1f0 mm/page_owner.c:156
__set_page_owner+0x8d/0x4a0 mm/page_owner.c:329
set_page_owner include/linux/page_owner.h:32 [inline]
post_alloc_hook+0x240/0x2a0 mm/page_alloc.c:1704
prep_new_page mm/page_alloc.c:1712 [inline]
get_page_from_freelist+0x21d5/0x22b0 mm/page_alloc.c:3669
__alloc_frozen_pages_noprof+0x181/0x370 mm/page_alloc.c:4959
alloc_pages_mpol+0x232/0x4a0 mm/mempolicy.c:2419
folio_alloc_mpol_noprof+0x39/0x70 mm/mempolicy.c:2438
shmem_alloc_folio mm/shmem.c:1851 [inline]
shmem_alloc_and_add_folio+0x447/0xf60 mm/shmem.c:1890
shmem_get_folio_gfp+0x59d/0x1660 mm/shmem.c:2536
shmem_get_folio mm/shmem.c:2642 [inline]
shmem_fallocate+0x80f/0xde0 mm/shmem.c:3750
vfs_fallocate+0x6a0/0x830 fs/open.c:341
ioctl_preallocate fs/ioctl.c:290 [inline]
file_ioctl+0x611/0x780 fs/ioctl.c:-1
do_vfs_ioctl+0xe80/0x1990 fs/ioctl.c:886
__do_sys_ioctl fs/ioctl.c:905 [inline]
__se_sys_ioctl+0x82/0x170 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0d2518ebe9
RSP: 002b:00007f0d233f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f0d253b5fa0 RCX: 00007f0d2518ebe9
RDX: 0000200000000040 RSI: 0000000040305828 RDI: 0000000000000003
RBP: 00007f0d25211e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f0d253b6038 R14: 00007f0d253b5fa0 R15: 00007ffed700b358
</TASK>
rcu: rcu_preempt kthread starved for 9918 jiffies! g50029 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:27232 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5397 [inline]
__schedule+0x16aa/0x4c90 kernel/sched/core.c:6786
__schedule_loop kernel/sched/core.c:6864 [inline]
schedule+0x165/0x360 kernel/sched/core.c:6879
schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2054
rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2256
kthread+0x70e/0x8a0 kernel/kthread.c:464
ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
</TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 11911 Comm: syz.3.1617 Not tainted 6.16.0-syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
RIP: 0010:rcu_is_watching+0x3a/0xb0 kernel/rcu/tree.c:745
Code: e8 4b 77 bf 09 89 c3 83 f8 08 73 65 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 70 8c ba 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 2c e2 78 00 48 c7 c3 58 bf 9d 92 49 03 1e 48 89
RSP: 0018:ffffc9000eb07b18 EFLAGS: 00000246
RAX: 1ffffffff1b7518f RBX: 0000000000000001 RCX: 6410d00c3f30c000
RDX: 0000000000000000 RSI: ffffffff8be1ba20 RDI: ffffffff8be1b9e0
RBP: ffffc9000eb07cb0 R08: 0000000000000000 R09: ffffffff8208a560
R10: ffffc9000eb07c20 R11: fffff52001d60f87 R12: 1ffff92001d60f80
R13: ffffffff8208a560 R14: ffffffff8dba8c78 R15: dffffc0000000000
FS: 00007f429a7196c0(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c3b76e8 CR3: 00000000799de000 CR4: 00000000003526f0
Call Trace:
<TASK>
trace_lock_release include/trace/events/lock.h:69 [inline]
lock_release+0x4b/0x3e0 kernel/locking/lockdep.c:5882
_inline_copy_from_user include/linux/uaccess.h:162 [inline]
_copy_from_user+0x28/0xb0 lib/usercopy.c:18
copy_from_user include/linux/uaccess.h:212 [inline]
restore_altstack+0x9d/0x4b0 kernel/signal.c:4459
__ia32_sys_rt_sigreturn+0x1ac/0x7b0 arch/x86/kernel/signal_64.c:265
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f429992add9
Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
RSP: 002b:00007f429a718b40 EFLAGS: 00000206 ORIG_RAX: 000000000000000f
RAX: ffffffffffffffda RBX: 00007f4299bb6098 RCX: 00007f429992add9
RDX: 00007f429a718b40 RSI: 00007f429a718c70 RDI: 0000000000000021
RBP: 00007f4299bb6090 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 00007f4299bb6128 R14: 00007ffd84d28210 R15: 00007ffd84d282f8
</TASK>