rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6272/1:b..l P6309/1:b..l P6274/1:b..l P6304/1:b..l P6314/1:b..l
rcu: (detected by 0, t=10502 jiffies, g=11725, q=1410551 ncpus=2)
task:syz.4.98 state:R running task stack:25256 pid:6314 tgid:6314 ppid:5862 task_flags:0x400040 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_release+0x2b5/0x3e0 kernel/locking/lockdep.c:5893
Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 db e1 02 11 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc9000b146bd0 EFLAGS: 00000246
RAX: a508f78df51e3d00 RBX: ffffffff903e2001 RCX: a508f78df51e3d00
RDX: ffffc9000b146d01 RSI: ffffffff8be33660 RDI: ffffffff8be33620
RBP: dffffc0000000000 R08: ffffc9000b147e80 R09: 0000000000000000
R10: ffffc9000b146d58 R11: fffff52001628dad R12: ffffc9000b147e90
R13: ffffffff8172c195 R14: ffffffff8e139ea0 R15: ffffffff8172c195
rcu_lock_release include/linux/rcupdate.h:341 [inline]
rcu_read_unlock include/linux/rcupdate.h:871 [inline]
class_rcu_destructor include/linux/rcupdate.h:1155 [inline]
unwind_next_frame+0x19a9/0x2390 arch/x86/kernel/unwind_orc.c:680
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
save_stack+0xf5/0x1f0 mm/page_owner.c:156
__reset_page_owner+0x71/0x1f0 mm/page_owner.c:308
reset_page_owner include/linux/page_owner.h:25 [inline]
free_pages_prepare mm/page_alloc.c:1395 [inline]
__free_frozen_pages+0xbc4/0xd30 mm/page_alloc.c:2895
discard_slab mm/slub.c:2753 [inline]
__put_partials+0x156/0x1a0 mm/slub.c:3218
put_cpu_partial+0x17c/0x250 mm/slub.c:3293
__slab_free+0x2d5/0x3c0 mm/slub.c:4550
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x140 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:340
kasan_slab_alloc include/linux/kasan.h:250 [inline]
slab_post_alloc_hook mm/slub.c:4180 [inline]
kmem_cache_alloc_bulk_noprof+0x4e0/0x790 mm/slub.c:5411
mt_alloc_bulk lib/maple_tree.c:181 [inline]
mas_alloc_nodes+0x447/0x8e0 lib/maple_tree.c:1277
mas_node_count_gfp lib/maple_tree.c:1337 [inline]
mas_preallocate+0x3ad/0x6f0 lib/maple_tree.c:5537
vma_iter_prealloc mm/vma.h:462 [inline]
__split_vma+0x2fa/0xa00 mm/vma.c:528
vms_gather_munmap_vmas+0x2ea/0x12f0 mm/vma.c:1359
__mmap_prepare mm/vma.c:2359 [inline]
__mmap_region mm/vma.c:2651 [inline]
mmap_region+0x724/0x20c0 mm/vma.c:2739
do_mmap+0xc45/0x10d0 mm/mmap.c:558
vm_mmap_pgoff+0x2a6/0x4d0 mm/util.c:580
ksys_mmap_pgoff+0x51f/0x760 mm/mmap.c:604
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f03bb18ec23
RSP: 002b:00007f03bb4dfae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007f03bb3b6308 RCX: 00007f03bb18ec23
RDX: 0000000000000003 RSI: 0000000000400000 RDI: 00007f03b8ff6000
RBP: 00007f03bb3b6270 R08: 00000000000000db R09: 0000000000000000
R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000003
R13: 00007f03bb3b6270 R14: 00000000000015b3 R15: 0000000000000005
task:syz-executor state:R running task stack:24232 pid:6304 tgid:6304 ppid:5844 task_flags:0x400000 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:unwind_next_frame+0x10e/0x2390 include/linux/rcupdate.h:-1
Code: 85 1a 0e 00 75 1f c6 05 bf 85 1a 0e 01 48 c7 c7 e0 3e 88 8b be 4b 03 00 00 48 c7 c2 20 3f 88 8b e8 a7 c3 2a 00 4c 89 6c 24 70 <48> 89 5c 24 68 4d 8d 6e 50 4c 89 e8 48 c1 e8 03 48 89 44 24 38 80
RSP: 0018:ffffc9000b207298 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffffff82157474 RCX: 108970c652353f00
RDX: 0000000000000000 RSI: ffffffff8be33660 RDI: ffffffff8be33620
RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000000
R10: ffffc9000b2073b8 R11: ffffffff81ac3810 R12: 1ffff92001640e6d
R13: ffffc9000b2073a0 R14: ffffc9000b207368 R15: ffffffff8172c195
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
save_stack+0xf5/0x1f0 mm/page_owner.c:156
__reset_page_owner+0x71/0x1f0 mm/page_owner.c:308
reset_page_owner include/linux/page_owner.h:25 [inline]
free_pages_prepare mm/page_alloc.c:1395 [inline]
__free_frozen_pages+0xbc4/0xd30 mm/page_alloc.c:2895
discard_slab mm/slub.c:2753 [inline]
__put_partials+0x156/0x1a0 mm/slub.c:3218
put_cpu_partial+0x17c/0x250 mm/slub.c:3293
__slab_free+0x2d5/0x3c0 mm/slub.c:4550
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x140 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:340
kasan_slab_alloc include/linux/kasan.h:250 [inline]
slab_post_alloc_hook mm/slub.c:4180 [inline]
slab_alloc_node mm/slub.c:4229 [inline]
kmem_cache_alloc_node_noprof+0x1bb/0x3c0 mm/slub.c:4281
alloc_vmap_area+0x26a/0x1490 mm/vmalloc.c:2043
__get_vm_area_node+0x1f8/0x300 mm/vmalloc.c:3187
__vmalloc_node_range_noprof+0x301/0x12f0 mm/vmalloc.c:3853
__vmalloc_node_noprof mm/vmalloc.c:3956 [inline]
__vmalloc_area_node mm/vmalloc.c:3695 [inline]
__vmalloc_node_range_noprof+0x56a/0x12f0 mm/vmalloc.c:3893
vmalloc_user_noprof+0xad/0xf0 mm/vmalloc.c:4046
kcov_ioctl+0x55/0x640 kernel/kcov.c:716
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:598 [inline]
__se_sys_ioctl+0xfc/0x170 fs/ioctl.c:584
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdcc558e7eb
RSP: 002b:00007ffdcaca8840 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007fdcc558e7eb
RDX: 0000000000080000 RSI: ffffffff80086301 RDI: 00000000000000de
RBP: 00007fdcc57b65d8 R08: 00000000000000da R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
task:udevd state:R running task stack:26568 pid:6274 tgid:6274 ppid:5231 task_flags:0x400140 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__read_once_word_nocheck+0x0/0x10 include/asm-generic/rwonce.h:67
Code: e8 55 24 b0 00 48 ba 00 00 00 00 00 fc ff df e9 88 fc ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <48> 8b 07 c3 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90
RSP: 0018:ffffc9000b167710 EFLAGS: 00000202
RAX: ffffc9000b167b01 RBX: ffffc9000b167bc8 RCX: 1ffff9200162ce01
RDX: ffffffff9040908a RSI: 0000000000000002 RDI: ffffc9000b167bc8
RBP: 1ffff9200162cefe R08: 000000000000000c R09: 0000000000000000
R10: ffffc9000b167838 R11: ffffffff81ac3810 R12: ffffc9000b168000
R13: 1ffff9200162ceff R14: ffffc9000b1677e8 R15: ffffc9000b160000
deref_stack_reg arch/x86/kernel/unwind_orc.c:406 [inline]
unwind_next_frame+0xc3c/0x2390 arch/x86/kernel/unwind_orc.c:585
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
save_stack+0xf5/0x1f0 mm/page_owner.c:156
__reset_page_owner+0x71/0x1f0 mm/page_owner.c:308
reset_page_owner include/linux/page_owner.h:25 [inline]
free_pages_prepare mm/page_alloc.c:1395 [inline]
__free_frozen_pages+0xbc4/0xd30 mm/page_alloc.c:2895
__slab_free+0x303/0x3c0 mm/slub.c:4591
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x140 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:340
kasan_slab_alloc include/linux/kasan.h:250 [inline]
slab_post_alloc_hook mm/slub.c:4180 [inline]
slab_alloc_node mm/slub.c:4229 [inline]
__do_kmalloc_node mm/slub.c:4364 [inline]
__kmalloc_noprof+0x224/0x4f0 mm/slub.c:4377
kmalloc_noprof include/linux/slab.h:909 [inline]
kmalloc_array_noprof include/linux/slab.h:948 [inline]
security_inode_init_security+0x107/0x3f0 security/security.c:1829
shmem_symlink+0xd9/0x510 mm/shmem.c:4163
vfs_symlink+0x143/0x2f0 fs/namei.c:4730
do_symlinkat+0x1b1/0x3f0 fs/namei.c:4756
__do_sys_symlink fs/namei.c:4777 [inline]
__se_sys_symlink fs/namei.c:4775 [inline]
__x64_sys_symlink+0x7a/0x90 fs/namei.c:4775
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff03b715527
RSP: 002b:00007ffc5ef80528 EFLAGS: 00000202 ORIG_RAX: 0000000000000058
RAX: ffffffffffffffda RBX: 0000558199968e20 RCX: 00007ff03b715527
RDX: fffffffffffffe68 RSI: 00007ffc5ef80530 RDI: 00005581999651e0
RBP: 000000000000008e R08: 0000000000000064 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffc5ef80530
R13: 0000558199963190 R14: 0000000000000008 R15: 0000558199968e20
task:syz.0.96 state:R running task stack:24232 pid:6309 tgid:6309 ppid:5861 task_flags:0x400040 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
preempt_schedule_common+0x83/0xd0 kernel/sched/core.c:7145
preempt_schedule+0xae/0xc0 kernel/sched/core.c:7169
preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
_raw_spin_unlock+0x3f/0x50 kernel/locking/spinlock.c:186
spin_unlock include/linux/spinlock.h:391 [inline]
insert_page+0x189/0x2c0 mm/memory.c:2205
kcov_mmap+0xc2/0x120 kernel/kcov.c:506
vfs_mmap include/linux/fs.h:2289 [inline]
mmap_file mm/internal.h:167 [inline]
__mmap_new_file_vma mm/vma.c:2413 [inline]
__mmap_new_vma mm/vma.c:2476 [inline]
__mmap_region mm/vma.c:2669 [inline]
mmap_region+0x18ab/0x20c0 mm/vma.c:2739
do_mmap+0xc45/0x10d0 mm/mmap.c:558
vm_mmap_pgoff+0x2a6/0x4d0 mm/util.c:580
ksys_mmap_pgoff+0x51f/0x760 mm/mmap.c:604
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f81a158ec23
RSP: 002b:00007f81a18dfae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007f81a17b6308 RCX: 00007f81a158ec23
RDX: 0000000000000003 RSI: 0000000000400000 RDI: 00007f819f3f6000
RBP: 00007f81a17b6270 R08: 00000000000000db R09: 0000000000000000
R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000003
R13: 00007f81a17b6270 R14: 0000000000001a31 R15: 0000000000000003
task:syz.1.82 state:R running task stack:26656 pid:6272 tgid:6255 ppid:5871 task_flags:0x40044c flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:page_ext_invalid mm/page_ext.c:245 [inline]
RIP: 0010:lookup_page_ext mm/page_ext.c:261 [inline]
RIP: 0010:page_ext_lookup+0x10f/0x180 mm/page_ext.c:509
Code: 76 ff 89 c5 31 ff 89 c6 e8 be 7f 91 ff 85 ed 74 59 e8 75 7b 91 ff 48 85 db 40 0f 95 c5 48 89 de 48 83 e6 01 41 0f 94 c6 31 ff 3c 80 91 ff 44 84 f5 75 09 e8 52 7b 91 ff 31 db eb 10 e8 49 7b
RSP: 0018:ffffc9000b137828 EFLAGS: 00000246
RAX: ffffffff822e2fbb RBX: ffff88801ba00000 RCX: ffff88802c61da00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffed100efb779a R12: 0000000000064f0a
R13: dffffc0000000000 R14: ffff88813fffa501 R15: 0000000000001000
page_ext_iter_begin include/linux/page_ext.h:132 [inline]
__page_table_check_zero+0x18f/0x530 mm/page_table_check.c:139
page_table_check_free include/linux/page_table_check.h:43 [inline]
free_pages_prepare mm/page_alloc.c:1396 [inline]
__free_frozen_pages+0xbd7/0xd30 mm/page_alloc.c:2895
vfree+0x25a/0x400 mm/vmalloc.c:3434
kcov_put kernel/kcov.c:439 [inline]
kcov_close+0x28/0x50 kernel/kcov.c:535
__fput+0x44c/0xa70 fs/file_table.c:468
task_work_run+0x1d4/0x260 kernel/task_work.c:227
exit_task_work include/linux/task_work.h:40 [inline]
do_exit+0x6b5/0x2300 kernel/exit.c:961
do_group_exit+0x21c/0x2d0 kernel/exit.c:1102
get_signal+0x1286/0x1340 kernel/signal.c:3034
arch_do_signal_or_restart+0x9a/0x750 arch/x86/kernel/signal.c:337
exit_to_user_mode_loop+0x75/0x110 kernel/entry/common.c:40
exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]
do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7faa9118ebe9
RSP: 002b:00007faa91f87038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
RAX: 0000000000010106 RBX: 00007faa913b6270 RCX: 00007faa9118ebe9
RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000008
RBP: 00007faa91211e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
R13: 00007faa913b6308 R14: 00007faa913b6270 R15: 00007faa914dfa28
rcu: rcu_preempt kthread starved for 9797 jiffies! g11725 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:28040 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000
Call Trace:
context_switch kernel/sched/core.c:5357 [inline]
__schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
__schedule_loop kernel/sched/core.c:7043 [inline]
schedule+0x165/0x360 kernel/sched/core.c:7058
schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
kthread+0x70e/0x8a0 kernel/kthread.c:463
ret_from_fork+0x3f9/0x770 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82
Code: 53 e7 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d f3 b6 0e 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
RAX: 54c2f8c764949800 RBX: ffffffff819683b8 RCX: 54c2f8c764949800
RDX: 0000000000000001 RSI: ffffffff8be33660 RDI: ffffffff819683b8
RBP: ffffffff8de07eb8 R08: ffff8880b8632f9b R09: 1ffff110170c65f3
R10: dffffc0000000000 R11: ffffed10170c65f4 R12: ffffffff8fa38330
R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
FS: 0000000000000000(0000) GS:ffff888125c1b000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff08b02bfce CR3: 000000007463a000 CR4: 00000000003526f0
Call Trace:
arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
default_idle+0x13/0x20 arch/x86/kernel/process.c:757
default_idle_call+0x74/0xb0 kernel/sched/idle.c:122
cpuidle_idle_call kernel/sched/idle.c:190 [inline]
do_idle+0x1e8/0x510 kernel/sched/idle.c:330
cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:428
rest_init+0x2de/0x300 init/main.c:744
start_kernel+0x3a9/0x410 init/main.c:1097
x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:307
x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:288
common_startup_64+0x13e/0x147