rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P12497/1:b..l P12576/1:b..l P12318/1:b..l P12565/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=60597, q=748 ncpus=2)
task:syz.2.1622      state:R  running task     stack:24584 pid:12565 tgid:12563 ppid:12180  task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0x1836/0x4ed0 kernel/sched/core.c:6871
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7198
 irqentry_exit+0x5b5/0x640 kernel/entry/common.c:216
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:sctp_bind_addr_state+0xd2/0x1b0 net/sctp/bind_addr.c:413
Code: f7 85 ed 74 3b 48 8b 04 24 80 3c 18 00 74 08 4c 89 e7 e8 21 15 8d f7 4d 8b 1c 24 49 8d 7f 20 48 8b 74 24 08 2e 2e 2e 41 ff d3 <89> c5 31 ff 89 c6 e8 63 7c 26 f7 85 ed 75 61 e8 1a 78 26 f7 eb 05
RSP: 0018:ffffc90002e67558 EFLAGS: 00000287
RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000002
RDX: ffff88802bf48000 RSI: 00000000191414ac RDI: 00000000101414ac
RBP: 0000000000000001 R08: ffff88802bf48000 R09: 0000000000000002
R10: 000000000000000a R11: ffffffff8a965150 R12: ffffffff8f4fa790
R13: ffff8880305270bd R14: ffff88801ef10088 R15: ffff888030527080
 sctp_copy_local_addr_list+0x2d4/0x4e0 net/sctp/protocol.c:165
 sctp_bind_addr_copy+0x189/0x3c0 net/sctp/bind_addr.c:68
 sctp_connect_new_asoc+0x2e0/0x690 net/sctp/socket.c:1096
 sctp_sendmsg_new_asoc net/sctp/socket.c:1692 [inline]
 sctp_sendmsg+0x155c/0x2840 net/sctp/socket.c:2003
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg+0x19c/0x270 net/socket.c:746
 ____sys_sendmsg+0x505/0x870 net/socket.c:2634
 ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2688
 __sys_sendmsg net/socket.c:2720 [inline]
 __do_sys_sendmsg net/socket.c:2725 [inline]
 __se_sys_sendmsg net/socket.c:2723 [inline]
 __x64_sys_sendmsg+0x19b/0x260 net/socket.c:2723
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f32c478f749
RSP: 002b:00007f32c570a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f32c49e5fa0 RCX: 00007f32c478f749
RDX: 0000000004000080 RSI: 0000200000000680 RDI: 0000000000000007
RBP: 00007f32c4813f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f32c49e6038 R14: 00007f32c49e5fa0 R15: 00007ffccf425b48
 </TASK>
task:syz-executor    state:R  running task     stack:21768 pid:12318 tgid:12318 ppid:12315  task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0x1836/0x4ed0 kernel/sched/core.c:6871
 preempt_schedule_notrace+0xd1/0x110 kernel/sched/core.c:7148
 preempt_schedule_notrace_thunk+0x16/0x30 arch/x86/entry/thunk.S:13
 rcu_is_watching+0x7f/0xb0 kernel/rcu/tree.c:752
 trace_notifier_run include/trace/events/notifier.h:59 [inline]
 notifier_call_chain+0x158/0x3d0 kernel/notifier.c:84
 atomic_notifier_call_chain+0xda/0x180 kernel/notifier.c:223
 ipv6_add_addr+0xda9/0x1090 net/ipv6/addrconf.c:1186
 inet6_addr_add+0x377/0xc00 net/ipv6/addrconf.c:3050
 inet6_rtm_newaddr+0x93d/0xd20 net/ipv6/addrconf.c:5059
 rtnetlink_rcv_msg+0x7cf/0xb70 net/core/rtnetlink.c:6958
 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2550
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x82f/0x9e0 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1894
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:746
 __sys_sendto+0x3bd/0x520 net/socket.c:2248
 __do_sys_sendto net/socket.c:2255 [inline]
 __se_sys_sendto net/socket.c:2251 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2251
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f8ef6f915dc
RSP: 002b:00007ffef0718720 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f8ef7d14620 RCX: 00007f8ef6f915dc
RDX: 0000000000000040 RSI: 00007f8ef7d14670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffef0718774 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f8ef7d14670 R15: 0000000000000000
 </TASK>
task:syz.6.1655      state:R  running task     stack:26376 pid:12576 tgid:12575 ppid:12175  task_flags:0x400040 flags:0x00080001
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0x1836/0x4ed0 kernel/sched/core.c:6871
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7198
 irqentry_exit+0x5b5/0x640 kernel/entry/common.c:216
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x16c/0x350 kernel/locking/lockdep.c:5872
Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 14 ff d7 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc9000213f338 EFLAGS: 00000206
RAX: 6f2276db1336ac00 RBX: 0000000000000000 RCX: 6f2276db1336ac00
RDX: 0000000000000000 RSI: ffffffff8d9761d1 RDI: ffffffff8bbf80e0
RBP: ffffffff81741ff5 R08: 0000000000000000 R09: ffffffff81741ff5
R10: ffffc9000213f4f8 R11: ffffffff81ada5d0 R12: 0000000000000002
R13: ffffffff8df3d9c0 R14: 0000000000000000 R15: 0000000000000246
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:867 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1195 [inline]
 unwind_next_frame+0xc2/0x2390 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:56 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:77
 poison_kmalloc_redzone mm/kasan/common.c:397 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:414
 kasan_kmalloc include/linux/kasan.h:262 [inline]
 __kmalloc_cache_noprof+0x3e2/0x700 mm/slub.c:5771
 kmalloc_noprof include/linux/slab.h:957 [inline]
 kzalloc_noprof include/linux/slab.h:1094 [inline]
 genradix_alloc_node include/linux/generic-radix-tree.h:101 [inline]
 __genradix_ptr_alloc+0x352/0x4a0 lib/generic-radix-tree.c:69
 __genradix_prealloc+0x44/0x90 lib/generic-radix-tree.c:216
 sctp_stream_alloc_out net/sctp/stream.c:104 [inline]
 sctp_stream_init+0x14b/0x440 net/sctp/stream.c:149
 sctp_association_init net/sctp/associola.c:232 [inline]
 sctp_association_new+0x10dd/0x2630 net/sctp/associola.c:296
 sctp_connect_new_asoc+0x2c5/0x690 net/sctp/socket.c:1092
 __sctp_connect+0x5b5/0xda0 net/sctp/socket.c:1198
 sctp_getsockopt_connectx3+0x1fa/0x320 net/sctp/socket.c:1422
 sctp_getsockopt+0x984/0xb90 net/sctp/socket.c:8173
 do_sock_getsockopt+0x300/0x440 net/socket.c:2425
 __sys_getsockopt net/socket.c:2454 [inline]
 __do_sys_getsockopt net/socket.c:2461 [inline]
 __se_sys_getsockopt net/socket.c:2458 [inline]
 __x64_sys_getsockopt+0x1a5/0x250 net/socket.c:2458
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3be278f749
RSP: 002b:00007f3be3590038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00007f3be29e5fa0 RCX: 00007f3be278f749
RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000004
RBP: 00007f3be2813f91 R08: 0000200000000140 R09: 0000000000000000
R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f3be29e6038 R14: 00007f3be29e5fa0 R15: 00007ffc199f6468
 </TASK>
task:udevd           state:R  running task     stack:24264 pid:12497 tgid:12497 ppid:5203   task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0x1836/0x4ed0 kernel/sched/core.c:6871
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7198
 irqentry_exit+0x5b5/0x640 kernel/entry/common.c:216
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:check_region_inline mm/kasan/generic.c:-1 [inline]
RIP: 0010:kasan_check_range+0x26/0x2c0 mm/kasan/generic.c:200
Code: 90 90 90 90 0f 1f 40 d6 55 41 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 ba 01 00 00 4c 8d 04 37 49 39 f8 0f 82 82 02 00 00 <49> b9 00 00 00 00 00 80 ff ff eb 11 cc cc cc f3 0f 1e fa 49 b9 00
RSP: 0018:ffffc9000424f1e0 EFLAGS: 00000202
RAX: 1ffff92000849e01 RBX: 0000000000000010 RCX: ffffffff81742be8
RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc9000424f358
RBP: 0000000000000000 R08: ffffc9000424f368 R09: ffffffff81741ff5
R10: ffffc9000424f358 R11: ffffffff81ada5d0 R12: ffffc9000424fee0
R13: ffffc9000424f358 R14: ffffc9000424f358 R15: ffffc9000424f350
 __asan_memset+0x22/0x50 mm/kasan/shadow.c:84
 unwind_next_frame+0xc98/0x2390 arch/x86/kernel/unwind_orc.c:592
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:56 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:77
 kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:584
 poison_slab_object mm/kasan/common.c:252 [inline]
 __kasan_slab_free+0x5c/0x80 mm/kasan/common.c:284
 kasan_slab_free include/linux/kasan.h:234 [inline]
 slab_free_hook mm/slub.c:2540 [inline]
 slab_free mm/slub.c:6663 [inline]
 kmem_cache_free+0x197/0x640 mm/slub.c:6774
 anon_vma_chain_free mm/rmap.c:146 [inline]
 unlink_anon_vmas+0x2cc/0x670 mm/rmap.c:420
 anon_vma_merge include/linux/rmap.h:172 [inline]
 vma_complete+0x78d/0xae0 mm/vma.c:379
 commit_merge+0x642/0x700 mm/vma.c:760
 vma_merge_existing_range mm/vma.c:969 [inline]
 vma_modify+0x1248/0x1a70 mm/vma.c:1611
 vma_modify_flags+0x208/0x2e0 mm/vma.c:1654
 mprotect_fixup+0x43c/0xa30 mm/mprotect.c:756
 do_mprotect_pkey+0x8c5/0xcd0 mm/mprotect.c:930
 __do_sys_mprotect mm/mprotect.c:951 [inline]
 __se_sys_mprotect mm/mprotect.c:948 [inline]
 __x64_sys_mprotect+0x80/0x90 mm/mprotect.c:948
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0a94d1dfe7
RSP: 002b:00007ffcd73ff2f8 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
RAX: ffffffffffffffda RBX: 0000000000000200 RCX: 00007f0a94d1dfe7
RDX: 0000000000000001 RSI: 0000000000000200 RDI: 00007f0a9534e000
RBP: 000055753b9f4050 R08: 0000000000000000 R09: 0000000000000200
R10: 000055753b9f40b0 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000f86400 R14: 000055753ba03e48 R15: 00007f0a9548539c
 </TASK>
rcu: rcu_preempt kthread starved for 10604 jiffies! g60597 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26216 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0x1836/0x4ed0 kernel/sched/core.c:6871
 __schedule_loop kernel/sched/core.c:6953 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:6968
 schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
 rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82
Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 00 0d 00 f3 0f 1e fa fb f4 <e9> 48 f1 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff8dc07d80 EFLAGS: 000002c6
RAX: 7a6b0fe10a61fb00 RBX: ffffffff81978747 RCX: 7a6b0fe10a61fb00
RDX: 0000000000000001 RSI: ffffffff8d78f926 RDI: ffffffff8bbf80e0
RBP: ffffffff8dc07ea8 R08: ffff8880b86336db R09: 1ffff110170c66db
R10: dffffc0000000000 R11: ffffed10170c66dc R12: ffffffff8f7deb70
R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1b92a60
FS:  0000000000000000(0000) GS:ffff888125eb9000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b3160eff8 CR3: 0000000066e50000 CR4: 00000000003526f0
DR0: fffffffffffffff1 DR1: 64cd6b2aec9cee78 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
 default_idle+0x13/0x20 arch/x86/kernel/process.c:767
 default_idle_call+0x73/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:190 [inline]
 do_idle+0x1e7/0x510 kernel/sched/idle.c:330
 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:428
 rest_init+0x2de/0x300 init/main.c:757
 start_kernel+0x3a7/0x410 init/main.c:1206
 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310
 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291
 common_startup_64+0x13e/0x147
 </TASK>