rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5210/1:b..l P5199/1:b..l P2/1:b..l P12/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=17297, q=682238 ncpus=2)
task:kworker/u8:0    state:R  running task     stack:23256 pid:12    tgid:12    ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5351 [inline]
 __schedule+0x1737/0x4d30 kernel/sched/core.c:6954
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7281
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:196
 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:kasan_check_byte include/linux/kasan.h:399 [inline]
RIP: 0010:lock_acquire+0x85/0x360 kernel/locking/lockdep.c:5842
Code: d1 ef 08 00 84 c0 75 0d f6 05 d8 c8 ec 0d 01 0f 84 d7 01 00 00 83 3d a9 06 03 0e 00 0f 84 f0 00 00 00 48 8b b4 24 90 00 00 00 <4c> 89 ef e8 03 29 84 00 83 3d 8c 06 03 0e 00 0f 84 fa 00 00 00 65
RSP: 0018:ffffc900001169d8 EFLAGS: 00000202
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 240d8186694b4a00
RDX: 0000000000000000 RSI: ffffffff8172cd22 RDI: ffffffff8be2f5a0
RBP: ffffffff8172cd05 R08: 0000000000000000 R09: 0000000000000000
R10: ffffc90000116b98 R11: ffffffff81ac3f80 R12: 0000000000000002
R13: ffffffff8e13c520 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xc2/0x2390 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:377 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4328 [inline]
 __kmalloc_noprof+0x27a/0x4f0 mm/slub.c:4340
 kmalloc_noprof include/linux/slab.h:909 [inline]
 kzalloc_noprof include/linux/slab.h:1039 [inline]
 cfg80211_inform_single_bss_data+0x905/0x1ac0 net/wireless/scan.c:2339
 cfg80211_inform_bss_data+0x1fb/0x3b30 net/wireless/scan.c:3222
 cfg80211_inform_bss_frame_data+0x3d7/0x730 net/wireless/scan.c:3313
 ieee80211_bss_info_update+0x746/0x9e0 net/mac80211/scan.c:226
 ieee80211_rx_bss_info net/mac80211/ibss.c:1094 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1573 [inline]
 ieee80211_ibss_rx_queued_mgmt+0xa36/0x2ae0 net/mac80211/ibss.c:1600
 ieee80211_iface_process_skb net/mac80211/iface.c:1670 [inline]
 ieee80211_iface_work+0x806/0xfe0 net/mac80211/iface.c:1724
 cfg80211_wiphy_work+0x2df/0x460 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kthreadd        state:R  running task     stack:25016 pid:2     tgid:2     ppid:0      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5351 [inline]
 __schedule+0x1737/0x4d30 kernel/sched/core.c:6954
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7281
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:196
 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:memset_orig+0x25/0xb0 arch/x86/lib/memset_64.S:64
Code: 90 90 90 90 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01 48 0f af c1 41 89 f9 41 83 e1 07 75 74 48 89 d1 48 c1 e9 06 <74> 39 66 0f 1f 84 00 00 00 00 00 48 ff c9 48 89 07 48 89 47 08 48
RSP: 0018:ffffc90000076f50 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffc90000077060 RCX: 0000000000000000
RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90000077078
RBP: dffffc0000000000 R08: ffffc90000077087 R09: 0000000000000000
R10: ffffc90000077078 R11: fffff5200000ee11 R12: ffffc90000077350
R13: ffffc90000077078 R14: ffffc90000077028 R15: ffffc90000077070
 unwind_next_frame+0xc98/0x2390 arch/x86/kernel/unwind_orc.c:592
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 save_stack+0xf5/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1248 [inline]
 __free_frozen_pages+0xc71/0xe70 mm/page_alloc.c:2706
 __slab_free+0x326/0x400 mm/slub.c:4554
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4148 [inline]
 slab_alloc_node mm/slub.c:4197 [inline]
 kmem_cache_alloc_node_noprof+0x1bb/0x3c0 mm/slub.c:4249
 alloc_vmap_area+0x26a/0x1490 mm/vmalloc.c:2043
 __get_vm_area_node+0x1f8/0x300 mm/vmalloc.c:3187
 __vmalloc_node_range_noprof+0x301/0x12f0 mm/vmalloc.c:3853
 __vmalloc_node_noprof+0xc2/0x110 mm/vmalloc.c:3956
 alloc_thread_stack_node kernel/fork.c:317 [inline]
 dup_task_struct+0x3e7/0x860 kernel/fork.c:877
 copy_process+0x54b/0x3c00 kernel/fork.c:2003
 kernel_clone+0x21e/0x840 kernel/fork.c:2602
 kernel_thread+0x10c/0x160 kernel/fork.c:2664
 create_kthread kernel/kthread.c:487 [inline]
 kthreadd+0x575/0x770 kernel/kthread.c:847
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:klogd           state:R  running task     stack:24104 pid:5199  tgid:5199  ppid:1      task_flags:0x400100 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5351 [inline]
 __schedule+0x1737/0x4d30 kernel/sched/core.c:6954
 preempt_schedule_common+0x83/0xd0 kernel/sched/core.c:7138
 preempt_schedule+0xae/0xc0 kernel/sched/core.c:7162
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
 _raw_spin_unlock_irqrestore+0xfd/0x110 kernel/locking/spinlock.c:194
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 __wake_up_common_lock+0x190/0x1f0 kernel/sched/wait.c:109
 sock_def_readable+0x1fb/0x550 net/core/sock.c:3583
 unix_dgram_sendmsg+0xde2/0x1830 net/unix/af_unix.c:2258
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:727
 __sys_sendto+0x3bd/0x520 net/socket.c:2226
 __do_sys_sendto net/socket.c:2233 [inline]
 __se_sys_sendto net/socket.c:2229 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2229
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1a3a76a407
RSP: 002b:00007ffc150429e0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f1a3a61ac80 RCX: 00007f1a3a76a407
RDX: 000000000000006d RSI: 00007ffc15042b20 RDI: 0000000000000003
RBP: 00007ffc15042f50 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000004000 R11: 0000000000000202 R12: 00007ffc15042f68
R13: 00007ffc15042b20 R14: 0000000000000052 R15: 00007ffc15042b20
 </TASK>
task:udevd           state:R  running task     stack:24712 pid:5210  tgid:5210  ppid:1      task_flags:0x400140 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5351 [inline]
 __schedule+0x1737/0x4d30 kernel/sched/core.c:6954
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7281
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:196
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:26 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:109 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/irqflags.h:127 [inline]
RIP: 0010:lock_acquire+0xc9/0x360 kernel/locking/lockdep.c:5864
Code: fc 10 85 c0 0f 85 eb 00 00 00 65 48 8b 04 25 08 a0 99 92 83 b8 ec 0a 00 00 00 0f 85 d5 00 00 00 48 c7 44 24 30 00 00 00 00 9c <8f> 44 24 30 4c 89 74 24 10 4d 89 fe 4c 8b 7c 24 30 fa 48 c7 c7 c8
RSP: 0018:ffffc900032e7610 EFLAGS: 00000246
RAX: ffff88805927bc00 RBX: 0000000000000000 RCX: 3c4529e325e02400
RDX: 0000000000000000 RSI: ffffffff8172cd22 RDI: 1ffffffff1c278a4
RBP: ffffffff8172cd05 R08: 0000000000000000 R09: 0000000000000000
R10: ffffc900032e77d8 R11: ffffffff81ac3f80 R12: 0000000000000002
R13: ffffffff8e13c520 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xc2/0x2390 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 save_stack+0xf5/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1248 [inline]
 __free_frozen_pages+0xc71/0xe70 mm/page_alloc.c:2706
 discard_slab mm/slub.c:2717 [inline]
 __put_partials+0x161/0x1c0 mm/slub.c:3186
 put_cpu_partial+0x17c/0x250 mm/slub.c:3261
 __slab_free+0x2f7/0x400 mm/slub.c:4513
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4148 [inline]
 slab_alloc_node mm/slub.c:4197 [inline]
 kmem_cache_alloc_noprof+0x1c1/0x3c0 mm/slub.c:4204
 getname_flags+0xb8/0x540 fs/namei.c:146
 getname include/linux/fs.h:2916 [inline]
 getname_maybe_null include/linux/fs.h:2923 [inline]
 vfs_fstatat+0x43/0x170 fs/stat.c:370
 __do_sys_newfstatat fs/stat.c:542 [inline]
 __se_sys_newfstatat fs/stat.c:536 [inline]
 __x64_sys_newfstatat+0x116/0x190 fs/stat.c:536
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5ad1511b0a
RSP: 002b:00007ffeb5d5dde8 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
RAX: ffffffffffffffda RBX: 000056465a39f400 RCX: 00007f5ad1511b0a
RDX: 00007ffeb5d5ddf0 RSI: 000056465a38d296 RDI: 00000000ffffff9c
RBP: 00005646731be168 R08: 000000000ea318ca R09: 7fffffffffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007ffeb5d5ddf0 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
rcu: rcu_preempt kthread starved for 10645 jiffies! g17297 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27128 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5351 [inline]
 __schedule+0x1737/0x4d30 kernel/sched/core.c:6954
 __schedule_loop kernel/sched/core.c:7036 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:7051
 schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2054
 rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2256
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82
Code: 53 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 ef 18 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
RAX: b5a79d838ac02a00 RBX: ffffffff8196a648 RCX: b5a79d838ac02a00
RDX: 0000000000000001 RSI: ffffffff8d972dc6 RDI: ffffffff8be2f600
RBP: ffffffff8de07eb8 R08: ffff8880b8632f1b R09: 1ffff110170c65e3
R10: dffffc0000000000 R11: ffffed10170c65e4 R12: ffffffff8fa050f0
R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a18
FS:  0000000000000000(0000) GS:ffff888125c86000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbd89b1840b CR3: 0000000059b20000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
 default_idle+0x13/0x20 arch/x86/kernel/process.c:757
 default_idle_call+0x74/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:190 [inline]
 do_idle+0x1e8/0x510 kernel/sched/idle.c:330
 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:428
 rest_init+0x2de/0x300 init/main.c:744
 start_kernel+0x3a9/0x410 init/main.c:1097
 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:307
 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:288
 common_startup_64+0x13e/0x147
 </TASK>