sched: DL replenish lagged too much
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5183/1:b..l P2/1:b..l P5489/1:b..l P5490/1:b..l P6031/1:b..l P5156/1:b..l P7167/1:b..l P5843/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=21377, q=1210 ncpus=2)
task:syz-executor    state:R  running task     stack:21576 pid:5843  tgid:5843  ppid:5823   task_flags:0x400140 flags:0x08080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__kasan_check_byte+0x2c/0x40 mm/kasan/common.c:578
Code: 40 d6 41 56 53 48 89 f3 49 89 fe e8 8e 15 00 00 84 c0 75 16 be 01 00 00 00 4c 89 f7 31 d2 48 89 d9 89 c3 e8 06 05 00 00 89 d8 <5b> 41 5e e9 fc 9f 81 09 cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90
RSP: 0000:ffffc90003cf6f48 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffffffff81767eb2 RCX: 0000000080000001
RDX: 0000000000000000 RSI: ffffffff81767eb2 RDI: 1ffffffff1cebca4
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: ffffc90003cf70f8 R11: ffffffff81b0c260 R12: 0000000000000002
R13: ffffffff8e75e520 R14: ffffffff8e75e520 R15: 0000000000000000
 kasan_check_byte include/linux/kasan.h:402 [inline]
 lock_acquire+0x79/0x2e0 kernel/locking/lockdep.c:5842
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0xc2/0x23c0 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 __do_kmalloc_node mm/slub.c:5259 [inline]
 __kvmalloc_node_noprof+0x4d7/0x8a0 mm/slub.c:6752
 translate_table+0x191/0x20b0 net/ipv6/netfilter/ip6_tables.c:695
 translate_compat_table+0x1d7a/0x2620 net/ipv6/netfilter/ip6_tables.c:1476
 compat_do_replace net/ipv6/netfilter/ip6_tables.c:1534 [inline]
 do_ip6t_set_ctl+0xa6c/0xe10 net/ipv6/netfilter/ip6_tables.c:1641
 nf_setsockopt+0x26f/0x290 net/netfilter/nf_sockopt.c:101
 do_sock_setsockopt+0x17c/0x1b0 net/socket.c:2322
 __sys_setsockopt+0xc1/0x130 net/socket.c:2347
 __do_compat_sys_socketcall net/compat.c:491 [inline]
 __se_compat_sys_socketcall net/compat.c:423 [inline]
 __ia32_compat_sys_socketcall+0x2f5/0xa10 net/compat.c:423
 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]
 __do_fast_syscall_32+0x20d/0x640 arch/x86/entry/syscall_32.c:307
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/syscall_32.c:332
 entry_SYSENTER_compat_after_hwframe+0x84/0x8e
RIP: 0023:0xf7f58f6c
RSP: 002b:00000000f753f660 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00000000f753f688
RDX: 00000000f753f820 RSI: 00000000f73e60b4 RDI: 00000000f73e2ff4
RBP: 00000000f73e605c R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
task:syz.0.340       state:R  running task     stack:22656 pid:7167  tgid:7165  ppid:5847   task_flags:0x40054c flags:0x08080003
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x20b/0x2e0 kernel/locking/lockdep.c:5872
Code: e9 30 ff ff ff e8 75 e6 0c 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 f1 a3 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 56 cc 0f 0a cc 48 8d 3d 2e 6b 73
RSP: 0018:ffffc900104072c8 EFLAGS: 00000282
RAX: 30beea453c3d9a00 RBX: 0000000000000246 RCX: 0000000000000046
RDX: 00000000bb0513b5 RSI: ffffffff8e168271 RDI: ffffffff8c27c200
RBP: 0000000000000000 R08: ffffffff823c1152 R09: ffffffff8e75e520
R10: dffffc0000000000 R11: fffff94000349a67 R12: 0000000000000002
R13: ffffffff8e75e520 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 page_ext_get+0x3e/0x2e0 mm/page_ext.c:531
 __reset_page_owner+0x28/0x1f0 mm/page_owner.c:306
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x22/0xb0 mm/kasan/common.c:406
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 __do_kmalloc_node mm/slub.c:5260 [inline]
 __kmalloc_node_track_caller_noprof+0x4db/0x7b0 mm/slub.c:5368
 kmalloc_reserve net/core/skbuff.c:635 [inline]
 __alloc_skb+0x2c1/0x7d0 net/core/skbuff.c:713
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nlmsg_new include/net/netlink.h:1055 [inline]
 rtmsg_ifinfo_build_skb+0x84/0x260 net/core/rtnetlink.c:4407
 unregister_netdevice_many_notify+0x18f1/0x2370 net/core/dev.c:12417
 unregister_netdevice_many net/core/dev.c:12477 [inline]
 unregister_netdevice_queue+0x31f/0x360 net/core/dev.c:12291
 unregister_netdevice include/linux/netdevice.h:3409 [inline]
 __tun_detach+0x6d9/0x15d0 drivers/net/tun.c:621
 tun_detach drivers/net/tun.c:637 [inline]
 tun_chr_close+0x10a/0x1c0 drivers/net/tun.c:3436
 __fput+0x44f/0xa70 fs/file_table.c:469
 task_work_run+0x1d9/0x270 kernel/task_work.c:233
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x70f/0x23c0 kernel/exit.c:976
 do_group_exit+0x21b/0x2d0 kernel/exit.c:1118
 get_signal+0x1284/0x1330 kernel/signal.c:3034
 arch_do_signal_or_restart+0xbc/0x830 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
 exit_to_user_mode_loop+0x86/0x480 kernel/entry/common.c:98
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
 __do_fast_syscall_32+0x415/0x640 arch/x86/entry/syscall_32.c:310
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/syscall_32.c:332
 entry_SYSENTER_compat_after_hwframe+0x84/0x8e
RIP: 0023:0xf7f54f6c
RSP: 002b:00000000f53f55bc EFLAGS: 00000206 ORIG_RAX: 00000000000000f0
RAX: fffffffffffffe00 RBX: 00000000f7415020 RCX: 0000000000000080
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7415024
RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
task:jbd2/sda1-8     state:R  running task     stack:25328 pid:5156  tgid:5156  ppid:2      task_flags:0x240040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:check_kcov_mode kernel/kcov.c:185 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x30/0x70 kernel/kcov.c:217
Code: 04 24 65 48 8b 0d f8 8e 56 11 65 8b 15 19 8f 56 11 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 a4 16 00 00 00 74 2c <8b> 91 80 16 00 00 83 fa 02 75 21 48 8b 91 88 16 00 00 48 8b 32 48
RSP: 0000:ffffc900106bf508 EFLAGS: 00000246
RAX: ffffffff823c10ff RBX: 0000000000079612 RCX: ffff8880366bbd00
RDX: 0000000000000000 RSI: ffffffff8c27c1e0 RDI: 0000000000079612
RBP: dffffc0000000000 R08: ffffffff823c1a5a R09: ffffffff8e75e520
R10: dffffc0000000000 R11: ffffed100b2fd43c R12: 0000000000079612
R13: 0000000000079612 R14: 0000000000000000 R15: 0000000000000000
 _static_cpu_has arch/x86/include/asm/cpufeature.h:101 [inline]
 __nr_to_section include/linux/mmzone.h:1972 [inline]
 __pfn_to_section include/linux/mmzone.h:2114 [inline]
 lookup_page_ext mm/page_ext.c:255 [inline]
 page_ext_lookup+0x15f/0x180 mm/page_ext.c:513
 page_ext_iter_begin include/linux/page_ext.h:133 [inline]
 __page_table_check_zero+0x135/0x3e0 mm/page_table_check.c:139
 page_table_check_free include/linux/page_table_check.h:46 [inline]
 __free_pages_prepare mm/page_alloc.c:1434 [inline]
 __free_frozen_pages+0xc3b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 kmem_cache_alloc_noprof+0x2bc/0x650 mm/slub.c:4873
 alloc_buffer_head+0x2a/0x270 fs/buffer.c:3026
 jbd2_journal_write_metadata_buffer+0xc3/0x1060 fs/jbd2/journal.c:348
 jbd2_journal_commit_transaction+0x1689/0x5bf0 fs/jbd2/commit.c:663
 kjournald2+0x3e0/0x760 fs/jbd2/journal.c:201
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:udevd           state:R  running task     stack:23328 pid:6031  tgid:6031  ppid:5194   task_flags:0x400140 flags:0x00080800
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:trace_lock_acquire include/trace/events/lock.h:24 [inline]
RIP: 0010:lock_acquire+0x57/0x2e0 kernel/locking/lockdep.c:5831
Code: 89 44 24 30 0f 1f 44 00 00 65 8b 05 c7 a5 7a 11 83 f8 08 0f 83 77 01 00 00 89 c0 48 0f a3 05 30 19 70 0e 73 0d e8 d9 29 09 00 <84> c0 0f 84 bc 01 00 00 83 3d 2a 4c 70 0e 00 0f 84 c3 00 00 00 48
RSP: 0018:ffffc900047df2a0 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffffffff823a36d2 RCX: 0000000080000001
RDX: 0000000000000000 RSI: ffffffff8c27c1e0 RDI: ffffffff8c27c1a0
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: ffffc900047df438 R11: ffffffff81b0c260 R12: 0000000000000002
R13: ffffffff8e75e520 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0xc2/0x23c0 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 __do_kmalloc_node mm/slub.c:5259 [inline]
 __kmalloc_noprof+0x316/0x760 mm/slub.c:5272
 kmalloc_noprof include/linux/slab.h:954 [inline]
 kzalloc_noprof include/linux/slab.h:1188 [inline]
 tomoyo_encode2 security/tomoyo/realpath.c:45 [inline]
 tomoyo_encode+0x28b/0x550 security/tomoyo/realpath.c:80
 tomoyo_realpath_from_path+0x58d/0x5d0 security/tomoyo/realpath.c:283
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path2_perm+0x2e7/0x760 security/tomoyo/file.c:928
 tomoyo_path_rename+0x14e/0x1b0 security/tomoyo/tomoyo.c:300
 security_path_rename+0x248/0x460 security/security.c:1518
 filename_renameat2+0x4c1/0x9c0 fs/namei.c:6139
 __do_sys_rename fs/namei.c:6188 [inline]
 __se_sys_rename+0x55/0x2c0 fs/namei.c:6184
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd2eb87acc7
RSP: 002b:00007ffc96ad4dc8 EFLAGS: 00000206 ORIG_RAX: 0000000000000052
RAX: ffffffffffffffda RBX: 00005641a4a127a0 RCX: 00007fd2eb87acc7
RDX: 00005641a49f5010 RSI: 00007ffc96ad4de0 RDI: 00007ffc96ad51e0
RBP: 00005641a4a2c4a0 R08: 00000000000001e0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffc96ad4de0
R13: 00007ffc96ad51e0 R14: 0000000000000000 R15: 000056419b1a59dd
 </TASK>
task:dhcpcd          state:R  running task     stack:21024 pid:5490  tgid:5490  ppid:5489   task_flags:0x400140 flags:0x00080800
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__read_once_word_nocheck+0x3/0x10 include/asm-generic/rwonce.h:67
Code: 00 48 ba 00 00 00 00 00 fc ff df e9 88 fc ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8b 07 <e9> 98 aa 3a 0a cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900035e7770 EFLAGS: 00000202
RAX: ffffffff81000130 RBX: ffffc900035e7f40 RCX: 1ffff920006bcf01
RDX: ffffffff914deb1a RSI: 0000000000000002 RDI: ffffc900035e7f40
RBP: 1ffff920006bcf0a R08: 0000000000000001 R09: ffffffff8e75e520
R10: ffffc900035e7898 R11: ffffffff81b0c260 R12: ffffc900035e8000
R13: 1ffff920006bcf0b R14: ffffc900035e7848 R15: ffffc900035e0000
 deref_stack_reg arch/x86/kernel/unwind_orc.c:422 [inline]
 unwind_next_frame+0xe52/0x23c0 arch/x86/kernel/unwind_orc.c:600
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 kmem_cache_alloc_noprof+0x2bc/0x650 mm/slub.c:4873
 alloc_empty_file+0x55/0x1d0 fs/file_table.c:237
 alloc_file fs/file_table.c:355 [inline]
 alloc_file_pseudo+0x155/0x240 fs/file_table.c:384
 sock_alloc_file+0xb8/0x2e0 net/socket.c:483
 __sys_socketpair+0x2da/0x560 net/socket.c:1834
 __do_sys_socketpair net/socket.c:1863 [inline]
 __se_sys_socketpair net/socket.c:1860 [inline]
 __x64_sys_socketpair+0x9b/0xb0 net/socket.c:1860
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc6ae41a73a
RSP: 002b:00007ffc0efe7618 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 000055c1b6ee51d0 RCX: 00007fc6ae41a73a
RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000001
RBP: 00007ffc0f007a40 R08: 0000000000000000 R09: 0000000000000001
R10: 00007ffc0efe7630 R11: 0000000000000246 R12: 00007ffc0efe7630
R13: 0000000000000001 R14: 0000000000000000 R15: 000055c190449ac0
 </TASK>
task:dhcpcd          state:R  running task     stack:25256 pid:5489  tgid:5489  ppid:1      task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:on_stack arch/x86/include/asm/stacktrace.h:56 [inline]
RIP: 0010:stack_access_ok arch/x86/kernel/unwind_orc.c:409 [inline]
RIP: 0010:deref_stack_reg arch/x86/kernel/unwind_orc.c:419 [inline]
RIP: 0010:unwind_next_frame+0xd20/0x23c0 arch/x86/kernel/unwind_orc.c:600
Code: 7c 24 68 48 89 9c 24 80 00 00 00 4d 8b 7e 08 49 8d 5e 10 49 89 dd 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 <74> 08 48 89 df e8 16 58 b9 00 48 89 5c 24 60 4c 89 64 24 18 49 8d
RSP: 0018:ffffc900035b6fd8 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: ffffc900035b70b8 RCX: ffffffff90832968
RDX: ffffffff912bde88 RSI: 0000000000000002 RDI: ffffffff8c27c1a0
RBP: 1ffff920006b6e16 R08: 0000000000000003 R09: ffffffff8e75e520
R10: ffffc900035b70f8 R11: ffffffff81b0c260 R12: ffffc900035b7b20
R13: 1ffff920006b6e17 R14: ffffc900035b70a8 R15: ffffc900035b0000
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 __do_kmalloc_node mm/slub.c:5259 [inline]
 __kmalloc_node_track_caller_noprof+0x493/0x7b0 mm/slub.c:5368
 kmalloc_reserve net/core/skbuff.c:635 [inline]
 __alloc_skb+0x2c1/0x7d0 net/core/skbuff.c:713
 alloc_skb include/linux/skbuff.h:1383 [inline]
 alloc_skb_with_frags+0xca/0x890 net/core/skbuff.c:6763
 sock_alloc_send_pskb+0x878/0x990 net/core/sock.c:2995
 unix_dgram_sendmsg+0x460/0x18e0 net/unix/af_unix.c:2127
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg net/socket.c:742 [inline]
 sock_write_iter+0x49b/0x4f0 net/socket.c:1195
 do_iter_readv_writev+0x619/0x8c0 fs/read_write.c:-1
 vfs_writev+0x33c/0x990 fs/read_write.c:1059
 do_writev+0x154/0x2e0 fs/read_write.c:1105
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc6ae39f407
RSP: 002b:00007ffc0f0076c0 EFLAGS: 00000202 ORIG_RAX: 0000000000000014
RAX: ffffffffffffffda RBX: 00007fc6ae315780 RCX: 00007fc6ae39f407
RDX: 0000000000000005 RSI: 00007ffc0f007720 RDI: 000000000000000a
RBP: 000055c1b6ec14b0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000055c1b6ec14b0
R13: 000000000000012c R14: 00000000ffffffff R15: 0000000000000000
 </TASK>
task:kthreadd        state:R  running task     stack:26560 pid:2     tgid:2     ppid:0      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x2d7/0x3d0 kernel/locking/lockdep.c:5893
Code: b8 7a 11 00 00 00 00 eb b5 e8 35 b5 0c 0a f7 c3 00 02 00 00 74 b9 65 48 8b 05 b5 72 7a 11 48 3b 44 24 28 75 44 fb 48 83 c4 30 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 1a 9b 0f 0a cc 48 8d 3d 62 3d 73
RSP: 0018:ffffc900000772a0 EFLAGS: 00000286
RAX: 107fb308f174b600 RBX: 0000000000000202 RCX: 0000000000000046
RDX: 0000000000000001 RSI: ffffffff8e168271 RDI: ffffffff8c27c200
RBP: ffff88801d694880 R08: ffffc90000077610 R09: 0000000000000000
R10: ffffc900000773f8 R11: fffff5200000ee81 R12: 0000000000000001
R13: 0000000000000001 R14: ffffffff8e75e520 R15: ffff88801d693d00
 rcu_lock_release include/linux/rcupdate.h:322 [inline]
 rcu_read_unlock include/linux/rcupdate.h:881 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0x1aaa/0x23c0 arch/x86/kernel/unwind_orc.c:695
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x22/0xb0 mm/kasan/common.c:406
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 __do_kmalloc_node mm/slub.c:5260 [inline]
 __kmalloc_noprof+0x35c/0x760 mm/slub.c:5272
 kmalloc_noprof include/linux/slab.h:954 [inline]
 kzalloc_noprof include/linux/slab.h:1188 [inline]
 lsm_blob_alloc security/security.c:192 [inline]
 lsm_cred_alloc security/security.c:209 [inline]
 security_prepare_creds+0x52/0x360 security/security.c:2763
 prepare_creds+0x57d/0x820 kernel/cred.c:215
 copy_creds+0x10e/0xa30 kernel/cred.c:286
 copy_process+0x904/0x3cd0 kernel/fork.c:2084
 kernel_clone+0x248/0x8e0 kernel/fork.c:2653
 kernel_thread+0x13f/0x1b0 kernel/fork.c:2714
 create_kthread kernel/kthread.c:459 [inline]
 kthreadd+0x4ec/0x6e0 kernel/kthread.c:817
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:klogd           state:R  running task     stack:23904 pid:5183  tgid:5183  ppid:1      task_flags:0x400100 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 preempt_schedule_notrace+0x57/0x90 kernel/sched/core.c:7188
 preempt_schedule_notrace_thunk+0x16/0x30 arch/x86/entry/thunk.S:13
 rcu_is_watching+0x7f/0xb0 kernel/rcu/tree.c:753
 rcu_read_lock_held_common kernel/rcu/update.c:109 [inline]
 rcu_read_lock_held+0x15/0x50 kernel/rcu/update.c:349
 lookup_page_ext mm/page_ext.c:258 [inline]
 page_ext_get+0x1b0/0x2e0 mm/page_ext.c:532
 __reset_page_owner+0x28/0x1f0 mm/page_owner.c:306
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x22/0xb0 mm/kasan/common.c:406
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 __do_kmalloc_node mm/slub.c:5260 [inline]
 __kmalloc_node_track_caller_noprof+0x4db/0x7b0 mm/slub.c:5368
 kmalloc_reserve net/core/skbuff.c:635 [inline]
 __alloc_skb+0x2c1/0x7d0 net/core/skbuff.c:713
 alloc_skb include/linux/skbuff.h:1383 [inline]
 alloc_skb_with_frags+0xca/0x890 net/core/skbuff.c:6763
 sock_alloc_send_pskb+0x878/0x990 net/core/sock.c:2995
 unix_dgram_sendmsg+0x460/0x18e0 net/unix/af_unix.c:2127
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg net/socket.c:742 [inline]
 __sys_sendto+0x672/0x710 net/socket.c:2206
 __do_sys_sendto net/socket.c:2213 [inline]
 __se_sys_sendto net/socket.c:2209 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2209
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f15deea5407
RSP: 002b:00007fffbecfcc70 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f15ded55c80 RCX: 00007f15deea5407
RDX: 0000000000000075 RSI: 00007fffbecfcdb0 RDI: 0000000000000003
RBP: 00007fffbecfd1e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000004000 R11: 0000000000000202 R12: 00007fffbecfd1f8
R13: 00007fffbecfcdb0 R14: 000000000000005a R15: 00007fffbecfcdb0
 </TASK>
rcu: rcu_preempt kthread starved for 10844 jiffies! g21377 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27200 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x15dd/0x52d0 kernel/sched/core.c:6911
 __schedule_loop kernel/sched/core.c:6993 [inline]
 schedule+0x164/0x360 kernel/sched/core.c:7008
 schedule_timeout+0x158/0x2c0 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x312/0x11d0 kernel/rcu/tree.c:2095
 rcu_gp_kthread+0x9e/0x2b0 kernel/rcu/tree.c:2297
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:unwind_get_return_address+0x68/0x90 arch/x86/kernel/unwind_orc.c:386
Code: 89 df e8 4b 66 b9 00 48 8b 3b e8 93 6d 19 00 85 c0 74 14 43 80 3c 37 00 74 08 48 89 df e8 30 66 b9 00 48 8b 03 eb 02 31 c0 5b <41> 5e 41 5f e9 8f db 3a 0a cc 89 d9 80 e1 07 80 c1 03 38 c1 7c a8
RSP: 0000:ffffc90000006e50 EFLAGS: 00000246
RAX: ffffffff819a900a RBX: ffffc90000006f20 RCX: 0000000080000100
RDX: 0000000000000001 RSI: ffffffff8e168271 RDI: ffffffff819a900a
RBP: ffffc90000006ef0 R08: ffffc90000006ec7 R09: 0000000000000000
R10: ffffc90000006eb8 R11: fffff52000000dd9 R12: ffffffff8e494ec0
R13: 00000000000000f0 R14: dffffc0000000000 R15: 1ffff92000000dd6
FS:  0000000000000000(0000) GS:ffff88812545d000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000080190018 CR3: 000000002aaaa000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 arch_stack_walk+0xfb/0x150 arch/x86/kernel/stacktrace.c:26
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:57 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
 unpoison_slab_object mm/kasan/common.c:340 [inline]
 __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 kmem_cache_alloc_node_noprof+0x384/0x690 mm/slub.c:4918
 __alloc_skb+0x1d0/0x7d0 net/core/skbuff.c:702
 alloc_skb include/linux/skbuff.h:1383 [inline]
 synproxy_send_client_synack+0x172/0xe30 net/netfilter/nf_synproxy_core.c:461
 nft_synproxy_eval_v4+0x34a/0x4e0 net/netfilter/nft_synproxy.c:60
 nft_synproxy_do_eval+0x305/0x580 net/netfilter/nft_synproxy.c:142
 expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]
 nft_do_chain+0x45e/0x1990 net/netfilter/nf_tables_core.c:285
 nft_do_chain_inet+0x29d/0x380 net/netfilter/nft_chain_filter.c:161
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xc5/0x220 net/netfilter/core.c:623
 nf_hook include/linux/netfilter.h:273 [inline]
 NF_HOOK+0x21f/0x3c0 include/linux/netfilter.h:316
 NF_HOOK+0x336/0x3c0 include/linux/netfilter.h:318
 __netif_receive_skb_one_core net/core/dev.c:6164 [inline]
 __netif_receive_skb net/core/dev.c:6277 [inline]
 process_backlog+0xaa3/0x1950 net/core/dev.c:6628
 __napi_poll+0xae/0x340 net/core/dev.c:7692
 napi_poll net/core/dev.c:7755 [inline]
 net_rx_action+0x627/0xf70 net/core/dev.c:7912
 handle_softirqs+0x22a/0x870 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:63
Code: 8e 6c 02 c3 cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 f2 1a 00 fb f4 <e9> fc e9 02 00 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
RSP: 0000:ffffffff8e407dc0 EFLAGS: 00000246
RAX: 0000000001e582c3 RBX: ffffffff819a900a RCX: 0000000080000001
RDX: 0000000000000001 RSI: ffffffff8def7890 RDI: ffffffff8c27c200
RBP: ffffffff8e407eb0 R08: ffff8880b863395b R09: 1ffff110170c672b
R10: dffffc0000000000 R11: ffffed10170c672c R12: 0000000000000000
R13: 1ffffffff1c929d8 R14: 0000000000000000 R15: 1ffffffff1c929d8
 arch_safe_halt arch/x86/kernel/process.c:766 [inline]
 default_idle+0x9/0x20 arch/x86/kernel/process.c:767
 default_idle_call+0x72/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:199 [inline]
 do_idle+0x36a/0x5f0 kernel/sched/idle.c:352
 cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:451
 rest_init+0x2de/0x300 init/main.c:760
 start_kernel+0x385/0x3d0 init/main.c:1210
 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310
 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291
 common_startup_64+0x13e/0x147
 </TASK>