rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	(detected by 1, t=10502 jiffies, g=193233, q=99 ncpus=2)
rcu: All QSes seen, last rcu_preempt kthread activity 10498 (4295199624-4295189126), jiffies_till_next_fqs=1, root ->qsmask 0x0
rcu: rcu_preempt kthread starved for 10498 jiffies! g193233 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:25272 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5256 [inline]
 __schedule+0x145f/0x5070 kernel/sched/core.c:6863
 __schedule_loop kernel/sched/core.c:6945 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:6960
 schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
 rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 1505 Comm: kworker/u8:11 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: writeback wb_workfn (flush-8:0)
RIP: 0010:check_kcov_mode kernel/kcov.c:185 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x40/0x80 kernel/kcov.c:217
Code: f3 0f 81 e6 00 00 ff 00 ba 00 01 00 00 23 91 7c 0b 00 00 89 d7 09 f7 74 11 85 f6 75 39 85 d2 74 35 83 b9 3c 16 00 00 00 74 2c <8b> 91 18 16 00 00 83 fa 02 75 21 48 8b 91 20 16 00 00 48 8b 32 48
RSP: 0018:ffffc90005406218 EFLAGS: 00000246
RAX: ffffffff81b4157f RBX: 1ffff11017108b21 RCX: ffff8880279dbc80
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90005406350 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffffff8175c840 R12: ffff8880b8845908
R13: dffffc0000000000 R14: ffff8880b893c8c0 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888126dee000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0ac8ca5d58 CR3: 000000003c308000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 csd_lock_wait kernel/smp.c:342 [inline]
 smp_call_function_many_cond+0xe8f/0x1250 kernel/smp.c:877
 on_each_cpu_cond_mask+0x3f/0x80 kernel/smp.c:1043
 __flush_tlb_multi arch/x86/include/asm/paravirt.h:91 [inline]
 flush_tlb_multi arch/x86/mm/tlb.c:1382 [inline]
 flush_tlb_mm_range+0x60a/0x1170 arch/x86/mm/tlb.c:1472
 flush_tlb_page arch/x86/include/asm/tlbflush.h:324 [inline]
 ptep_clear_flush+0x120/0x170 mm/pgtable-generic.c:103
 page_vma_mkclean_one+0x3f4/0x600 mm/rmap.c:1017
 page_mkclean_one+0x1c0/0x280 mm/rmap.c:1065
 __rmap_walk_file+0x467/0x620 mm/rmap.c:2927
 rmap_walk mm/rmap.c:2971 [inline]
 folio_mkclean+0x297/0x390 mm/rmap.c:1097
 folio_clear_dirty_for_io+0x1a5/0x700 mm/page-writeback.c:2932
 mpage_submit_folio+0x86/0x2b0 fs/ext4/inode.c:2068
 mpage_process_page_bufs+0x6d5/0x8e0 fs/ext4/inode.c:2198
 mpage_prepare_extent_to_map+0xdcc/0x1660 fs/ext4/inode.c:2737
 ext4_do_writepages+0xb77/0x44f0 fs/ext4/inode.c:2878
 ext4_writepages+0x203/0x350 fs/ext4/inode.c:3026
 do_writepages+0x32e/0x550 mm/page-writeback.c:2598
 __writeback_single_inode+0x133/0x1240 fs/fs-writeback.c:1737
 writeback_sb_inodes+0x8c8/0x1840 fs/fs-writeback.c:2030
 __writeback_inodes_wb+0x111/0x240 fs/fs-writeback.c:2107
 wb_writeback+0x43f/0xaa0 fs/fs-writeback.c:2218
 wb_check_old_data_flush fs/fs-writeback.c:2322 [inline]
 wb_do_writeback fs/fs-writeback.c:2375 [inline]
 wb_workfn+0xad7/0xee0 fs/fs-writeback.c:2403
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
watchdog: BUG: soft lockup - CPU#1 stuck for 234s! [kworker/u8:11:1505]
Modules linked in:
irq event stamp: 12109456
hardirqs last  enabled at (12109455): [<ffffffff8ad1ce38>] irqentry_exit+0x5e8/0x670 kernel/entry/common.c:219
hardirqs last disabled at (12109456): [<ffffffff8ad1b7be>] sysvec_apic_timer_interrupt+0xe/0xc0 arch/x86/kernel/apic/apic.c:1056
softirqs last  enabled at (12058428): [<ffffffff81850951>] __local_bh_enable_ip+0x1a1/0x2c0 kernel/softirq.c:305
softirqs last disabled at (12058422): [<ffffffff8a455b81>] local_bh_disable include/linux/bottom_half.h:20 [inline]
softirqs last disabled at (12058422): [<ffffffff8a455b81>] spin_lock_bh include/linux/spinlock_rt.h:87 [inline]
softirqs last disabled at (12058422): [<ffffffff8a455b81>] ieee80211_ibss_work+0xd1/0x1090 net/mac80211/ibss.c:1651
CPU: 1 UID: 0 PID: 1505 Comm: kworker/u8:11 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: writeback wb_workfn (flush-8:0)
RIP: 0010:csd_lock_wait kernel/smp.c:342 [inline]
RIP: 0010:smp_call_function_many_cond+0xe7c/0x1250 kernel/smp.c:877
Code: 89 ee 83 e6 01 31 ff e8 22 9c 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 5d 97 0b 00 eb 38 f3 90 42 0f b6 04 2b <84> c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 41 97 0b 00 eb e4 44
RSP: 0018:ffffc90005406220 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 1ffff11017108b21 RCX: ffff8880279dbc80
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90005406350 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffffff8175c840 R12: ffff8880b8845908
R13: dffffc0000000000 R14: ffff8880b893c8c0 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888126dee000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0ac8ca5d58 CR3: 000000003c308000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 on_each_cpu_cond_mask+0x3f/0x80 kernel/smp.c:1043
 __flush_tlb_multi arch/x86/include/asm/paravirt.h:91 [inline]
 flush_tlb_multi arch/x86/mm/tlb.c:1382 [inline]
 flush_tlb_mm_range+0x60a/0x1170 arch/x86/mm/tlb.c:1472
 flush_tlb_page arch/x86/include/asm/tlbflush.h:324 [inline]
 ptep_clear_flush+0x120/0x170 mm/pgtable-generic.c:103
 page_vma_mkclean_one+0x3f4/0x600 mm/rmap.c:1017
 page_mkclean_one+0x1c0/0x280 mm/rmap.c:1065
 __rmap_walk_file+0x467/0x620 mm/rmap.c:2927
 rmap_walk mm/rmap.c:2971 [inline]
 folio_mkclean+0x297/0x390 mm/rmap.c:1097
 folio_clear_dirty_for_io+0x1a5/0x700 mm/page-writeback.c:2932
 mpage_submit_folio+0x86/0x2b0 fs/ext4/inode.c:2068
 mpage_process_page_bufs+0x6d5/0x8e0 fs/ext4/inode.c:2198
 mpage_prepare_extent_to_map+0xdcc/0x1660 fs/ext4/inode.c:2737
 ext4_do_writepages+0xb77/0x44f0 fs/ext4/inode.c:2878
 ext4_writepages+0x203/0x350 fs/ext4/inode.c:3026
 do_writepages+0x32e/0x550 mm/page-writeback.c:2598
 __writeback_single_inode+0x133/0x1240 fs/fs-writeback.c:1737
 writeback_sb_inodes+0x8c8/0x1840 fs/fs-writeback.c:2030
 __writeback_inodes_wb+0x111/0x240 fs/fs-writeback.c:2107
 wb_writeback+0x43f/0xaa0 fs/fs-writeback.c:2218
 wb_check_old_data_flush fs/fs-writeback.c:2322 [inline]
 wb_do_writeback fs/fs-writeback.c:2375 [inline]
 wb_workfn+0xad7/0xee0 fs/fs-writeback.c:2403
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 23357 Comm: syz.3.5054 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:_find_first_zero_bit+0x15/0xb0 lib/find_bit.c:-1
Code: ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 41 56 41 55 41 54 53 48 85 f6 74 46 48 89 f3 <49> 89 fe 49 bc 00 00 00 00 00 fc ff df 48 89 f8 48 c1 e8 03 42 80
RSP: 0018:ffffc9000584f278 EFLAGS: 00000002
RAX: 0000000000000000 RBX: 0000000000000002 RCX: 1ffff11004a592b4
RDX: 0000000000000002 RSI: 0000000000000002 RDI: ffff888035b94bd0
RBP: 0000000080000000 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffed1006b7294b R12: dffffc0000000000
R13: 1ffffffff1a03099 R14: 0000000080000000 R15: 0000000000000002
FS:  00007fa5867a46c0(0000) GS:ffff888126cee000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b31523ffc CR3: 00000000554f8000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 find_first_zero_bit include/linux/find.h:393 [inline]
 __mm_get_cid kernel/sched/sched.h:3744 [inline]
 mm_get_cid+0xc7/0x130 kernel/sched/sched.h:3759
 mm_cid_from_cpu kernel/sched/sched.h:3820 [inline]
 mm_cid_schedin kernel/sched/sched.h:3870 [inline]
 mm_cid_switch_to kernel/sched/sched.h:3886 [inline]
 context_switch kernel/sched/core.c:5245 [inline]
 __schedule+0x212a/0x5070 kernel/sched/core.c:6863
 preempt_schedule_common+0x83/0xd0 kernel/sched/core.c:7047
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
 _raw_spin_unlock_irqrestore+0x74/0x80 kernel/locking/spinlock.c:194
 unlock_rt_mutex_safe kernel/locking/rtmutex.c:344 [inline]
 rt_mutex_slowunlock+0x493/0x8a0 kernel/locking/rtmutex.c:1454
 spin_unlock_irqrestore include/linux/spinlock_rt.h:122 [inline]
 __skb_try_recv_datagram+0xa9/0x1b0 net/core/datagram.c:267
 __unix_dgram_recvmsg+0x2d4/0xd60 net/unix/af_unix.c:2576
 sock_recvmsg_nosec+0x186/0x1c0 net/socket.c:1078
 ____sys_recvmsg+0x3ab/0x470 net/socket.c:2810
 ___sys_recvmsg+0x1b5/0x510 net/socket.c:2854
 do_recvmmsg+0x30d/0x770 net/socket.c:2949
 __sys_recvmmsg net/socket.c:3023 [inline]
 __do_sys_recvmmsg net/socket.c:3046 [inline]
 __se_sys_recvmmsg net/socket.c:3039 [inline]
 __x64_sys_recvmmsg+0x190/0x240 net/socket.c:3039
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa58857f749
Code: Unable to access opcode bytes at 0x7fa58857f71f.
RSP: 002b:00007fa5867a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
RAX: ffffffffffffffda RBX: 00007fa5887d6180 RCX: 00007fa58857f749
RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
RBP: 00007fa588603f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fa5887d6218 R14: 00007fa5887d6180 R15: 00007ffc75b94038
 </TASK>