rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P52/1:b..l P5821/2:b..l rcu: (detected by 0, t=10503 jiffies, g=41477, q=2901740 ncpus=2) task:syz-executor state:R running task stack:20528 pid:5821 tgid:5821 ppid:5819 flags:0x00004002 Call Trace: <TASK> context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7078 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:trace_lock_release include/trace/events/lock.h:69 [inline] RIP: 0010:lock_release+0xb8/0xa30 kernel/locking/lockdep.c:5860 Code: 08 0f 83 fe 05 00 00 89 c3 48 89 d8 48 c1 e8 06 48 8d 3c c5 f0 63 19 90 be 08 00 00 00 e8 80 00 8b 00 48 0f a3 1d c8 a2 9e 0e <73> 16 e8 51 38 0a 00 84 c0 75 0d 80 3d d9 d1 88 0e 00 0f 84 fc 05 RSP: 0018:ffffc90003a37560 EFLAGS: 00000257 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff817ac120 RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff901963f0 RBP: ffffc90003a37698 R08: ffffffff901963f7 R09: 1ffffffff2032c7e R10: dffffc0000000000 R11: fffffbfff2032c7f R12: 1ffff92000746eb8 R13: ffffffff81ae7436 R14: 0000000000000000 R15: dffffc0000000000 rcu_lock_release include/linux/rcupdate.h:347 [inline] rcu_read_unlock include/linux/rcupdate.h:880 [inline] is_bpf_text_address+0x280/0x2a0 kernel/bpf/core.c:770 kernel_text_address+0xa7/0xe0 kernel/extable.c:125 __kernel_text_address+0xd/0x40 kernel/extable.c:79 unwind_get_return_address+0x4d/0x90 arch/x86/kernel/unwind_orc.c:369 arch_stack_walk+0xfd/0x150 arch/x86/kernel/stacktrace.c:26 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122 save_stack+0xfb/0x1f0 mm/page_owner.c:156 __reset_page_owner+0x76/0x430 mm/page_owner.c:297 reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1127 [inline] free_unref_page+0xd3f/0x1010 mm/page_alloc.c:2657 discard_slab mm/slub.c:2673 [inline] __put_partials+0x160/0x1c0 mm/slub.c:3142 put_cpu_partial+0x17c/0x250 mm/slub.c:3217 __slab_free+0x290/0x380 mm/slub.c:4468 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286 __kasan_slab_alloc+0x23/0x80 mm/kasan/common.c:329 kasan_slab_alloc include/linux/kasan.h:250 [inline] slab_post_alloc_hook mm/slub.c:4104 [inline] slab_alloc_node mm/slub.c:4153 [inline] __kmalloc_cache_noprof+0x1d9/0x390 mm/slub.c:4309 kmalloc_noprof include/linux/slab.h:901 [inline] kzalloc_noprof include/linux/slab.h:1037 [inline] alloc_pipe_info+0xeb/0x4d0 fs/pipe.c:798 get_pipe_inode fs/pipe.c:890 [inline] create_pipe_files+0x87/0x700 fs/pipe.c:922 __do_pipe_flags+0x48/0x2d0 fs/pipe.c:973 do_pipe2+0xd4/0x310 fs/pipe.c:1024 __do_sys_pipe2 fs/pipe.c:1042 [inline] __se_sys_pipe2 fs/pipe.c:1040 [inline] __x64_sys_pipe2+0x5a/0x70 fs/pipe.c:1040 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa000584a39 RSP: 002b:00007ffd0f329c08 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 RAX: ffffffffffffffda RBX: 0000555584694620 RCX: 00007fa000584a39 RDX: 0000000000000005 RSI: 0000000000000000 RDI: 00007ffd0f329c28 RBP: 00007ffd0f329fd0 R08: 0000000000000007 R09: 000055558468fe10 R10: 81f2ec62a7d8de37 R11: 0000000000000246 R12: 0000555584693c50 R13: 0000555584695378 R14: 00007ffd0f329d50 R15: 00005555846934b8 </TASK> task:kworker/u8:3 state:R running task stack:20720 pid:52 tgid:52 ppid:2 flags:0x00004000 Workqueue: writeback wb_workfn (flush-8:0) Call Trace: <TASK> context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7078 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:kasan_check_range+0x1b8/0x290 mm/kasan/generic.c:189 Code: 4d 01 fb 48 8d 5d 07 48 85 ed 48 0f 49 dd 48 83 e3 f8 48 29 dd 74 12 41 80 3b 00 0f 85 a6 00 00 00 49 ff c3 48 ff cd 75 ee 5b <41> 5c 41 5e 41 5f 5d c3 cc cc cc cc 40 84 ed 75 5f f7 c5 00 ff 00 RSP: 0018:ffffc90000bc6908 EFLAGS: 00000256 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff82114bd2 RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88801d58339c RBP: 0000000000000000 R08: ffff88801d58339f R09: 1ffff11003ab0673 R10: dffffc0000000000 R11: ffffed1003ab0674 R12: ffff88801d583350 R13: 1ffffffff3482ddc R14: dffffc0000000001 R15: ffffed1003ab0674 instrument_atomic_read include/linux/instrumented.h:68 [inline] atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline] __page_table_check_zero+0x172/0x350 mm/page_table_check.c:157 page_table_check_free include/linux/page_table_check.h:41 [inline] free_pages_prepare mm/page_alloc.c:1128 [inline] free_unref_page+0xd53/0x1010 mm/page_alloc.c:2657 discard_slab mm/slub.c:2673 [inline] __put_partials+0x160/0x1c0 mm/slub.c:3142 put_cpu_partial+0x17c/0x250 mm/slub.c:3217 __slab_free+0x290/0x380 mm/slub.c:4468 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286 __kasan_slab_alloc+0x23/0x80 mm/kasan/common.c:329 kasan_slab_alloc include/linux/kasan.h:250 [inline] slab_post_alloc_hook mm/slub.c:4104 [inline] slab_alloc_node mm/slub.c:4153 [inline] kmem_cache_alloc_noprof+0x1d9/0x380 mm/slub.c:4160 ext4_init_io_end+0x29/0x130 fs/ext4/page-io.c:277 ext4_do_writepages+0xd1f/0x3df0 fs/ext4/inode.c:2700 ext4_writepages+0x213/0x3c0 fs/ext4/inode.c:2824 do_writepages+0x35f/0x880 mm/page-writeback.c:2702 __writeback_single_inode+0x14f/0x10d0 fs/fs-writeback.c:1680 writeback_sb_inodes+0x820/0x1360 fs/fs-writeback.c:1976 __writeback_inodes_wb+0x11b/0x260 fs/fs-writeback.c:2047 wb_writeback+0x427/0xb80 fs/fs-writeback.c:2158 wb_check_old_data_flush fs/fs-writeback.c:2262 [inline] wb_do_writeback fs/fs-writeback.c:2315 [inline] wb_workfn+0xb94/0x1080 fs/fs-writeback.c:2343 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> rcu: rcu_preempt kthread starved for 8483 jiffies! g41477 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:26264 pid:17 tgid:17 ppid:2 flags:0x00004000 Call Trace: <TASK> context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6848 schedule_timeout+0x15a/0x290 kernel/time/sleep_timeout.c:99 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2045 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2247 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc2-syzkaller-00146-g922b4b955a03 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 RIP: 0010:check_kcov_mode kernel/kcov.c:183 [inline] RIP: 0010:write_comp_data kernel/kcov.c:246 [inline] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x18/0x90 kernel/kcov.c:314 Code: 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 00 d6 03 00 65 8b 05 70 73 64 7e <25> 00 01 ff 00 74 10 3d 00 01 00 00 75 5b 83 ba 1c 16 00 00 00 74 RSP: 0018:ffffc900001e6bf8 EFLAGS: 00000246 RAX: 0000000080000100 RBX: 0000000000000001 RCX: 0000000080000100 RDX: ffff88801d2e0000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: ffff88807e8e3cb8 R08: ffffffff8a6e3da4 R09: ffffc900001e6f30 R10: ffffc900001e6f20 R11: fffff5200003cdb2 R12: ffff88805d297000 R13: ffff88807e8e3ccf R14: 1ffff1100fd1c799 R15: 1ffff1100fd1c797 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f4977ff2440 CR3: 000000000e736000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <NMI> </NMI> <TASK> __in6_dev_get include/net/addrconf.h:330 [inline] ip6_ignore_linkdown include/net/addrconf.h:421 [inline] find_match+0x104/0xc10 net/ipv6/route.c:747 __find_rr_leaf+0x275/0x8e0 net/ipv6/route.c:835 find_rr_leaf net/ipv6/route.c:856 [inline] rt6_select net/ipv6/route.c:900 [inline] fib6_table_lookup+0x413/0xbb0 net/ipv6/route.c:2195 ip6_pol_route+0x273/0x15d0 net/ipv6/route.c:2231 pol_lookup_func include/net/ip6_fib.h:616 [inline] __fib6_rule_action net/ipv6/fib6_rules.c:234 [inline] fib6_rule_action+0x655/0x7c0 net/ipv6/fib6_rules.c:272 fib_rules_lookup+0x62c/0xdb0 net/core/fib_rules.c:319 fib6_rule_lookup+0x1fd/0x790 net/ipv6/fib6_rules.c:109 ip6_route_input_lookup net/ipv6/route.c:2300 [inline] ip6_route_input+0x859/0xd90 net/ipv6/route.c:2596 ip6_rcv_finish+0x144/0x180 net/ipv6/ip6_input.c:77 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 __netif_receive_skb_one_core net/core/dev.c:5672 [inline] __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5785 process_backlog+0x662/0x15b0 net/core/dev.c:6117 __napi_poll+0xcb/0x490 net/core/dev.c:6883 napi_poll net/core/dev.c:6952 [inline] net_rx_action+0x89b/0x1240 net/core/dev.c:7074 handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561 run_ksoftirqd+0xca/0x130 kernel/softirq.c:950 smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> net_ratelimit: 693 callbacks suppressed IPVS: ovf: UDP 224.0.0.2:0 - no destination available IPVS: ovf: UDP 224.0.0.2:0 - no destination available bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) net_ratelimit: 682 callbacks suppressed bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)