rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P83/1:b..l P5173/1:b..l P5944/1:b..l P7581/1:b..l P7625/1:b..l P6424/1:b..l P6664/1:b..l P5992/1:b..l
rcu: (detected by 1, t=10504 jiffies, g=24461, q=558999 ncpus=2)
task:kworker/u8:11 state:R running task stack:21168 pid:5992 tgid:5992 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x20b/0x2e0 kernel/locking/lockdep.c:5872
Code: e9 30 ff ff ff e8 95 7e 0b 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 11 2c 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 e1 cc 6e ff cc 48 8d 3d ce 4f 73
RSP: 0018:ffffc900040f71f8 EFLAGS: 00000282
RAX: aec91597d7334100 RBX: 0000000000000246 RCX: 0000000000000046
RDX: 0000000045902815 RSI: ffffffff8e161281 RDI: ffffffff8c27a500
RBP: 0000000000000000 R08: ffffffff81767a45 R09: ffffffff8e7602e0
R10: dffffc0000000000 R11: ffffffff81b0a800 R12: 0000000000000002
R13: ffffffff8e7602e0 R14: 0000000000000000 R15: 0000000000000000
rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
rcu_read_lock include/linux/rcupdate.h:850 [inline]
class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0xc2/0x23c0 arch/x86/kernel/unwind_orc.c:495
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:57 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:584
poison_slab_object mm/kasan/common.c:253 [inline]
__kasan_slab_free+0x5c/0x80 mm/kasan/common.c:285
kasan_slab_free include/linux/kasan.h:235 [inline]
slab_free_hook mm/slub.c:2687 [inline]
slab_free mm/slub.c:6124 [inline]
kfree+0x1c1/0x630 mm/slub.c:6442
ieee80211_ibss_rx_queued_mgmt+0x1acf/0x2cd0 net/mac80211/ibss.c:-1
ieee80211_iface_process_skb net/mac80211/iface.c:1748 [inline]
ieee80211_iface_work+0x84e/0x1340 net/mac80211/iface.c:1802
cfg80211_wiphy_work+0x2ab/0x4a0 net/wireless/core.c:440
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
task:syz-executor state:R running task stack:22400 pid:6664 tgid:6664 ppid:1 task_flags:0x48054c flags:0x00080003
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x20b/0x2e0 kernel/locking/lockdep.c:5872
Code: e9 30 ff ff ff e8 95 7e 0b 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 11 2c 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 e1 cc 6e ff cc 48 8d 3d ce 4f 73
RSP: 0018:ffffc90003aa7038 EFLAGS: 00000282
RAX: 3c8419971f90aa00 RBX: 0000000000000246 RCX: 0000000000000046
RDX: 00000000fc13d4f6 RSI: ffffffff8e161281 RDI: ffffffff8c27a500
RBP: 0000000000000000 R08: ffffffff81767a45 R09: ffffffff8e7602e0
R10: dffffc0000000000 R11: ffffffff81b0a800 R12: 0000000000000002
R13: ffffffff8e7602e0 R14: 0000000000000000 R15: 0000000000000000
rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
rcu_read_lock include/linux/rcupdate.h:850 [inline]
class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0xc2/0x23c0 arch/x86/kernel/unwind_orc.c:495
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
save_stack+0x122/0x230 mm/page_owner.c:165
__reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
reset_page_owner include/linux/page_owner.h:25 [inline]
__free_pages_prepare mm/page_alloc.c:1432 [inline]
__free_frozen_pages+0xc00/0xd90 mm/page_alloc.c:2977
__slab_free+0x263/0x2b0 mm/slub.c:5532
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
kasan_slab_alloc include/linux/kasan.h:253 [inline]
slab_post_alloc_hook mm/slub.c:4501 [inline]
slab_alloc_node mm/slub.c:4830 [inline]
__kmalloc_cache_noprof+0x2ba/0x660 mm/slub.c:5334
kmalloc_noprof include/linux/slab.h:962 [inline]
kzalloc_noprof include/linux/slab.h:1204 [inline]
kobject_uevent_env+0x28c/0x9e0 lib/kobject_uevent.c:540
device_del+0x750/0x8f0 drivers/base/core.c:3896
device_unregister+0x21/0xf0 drivers/base/core.c:3919
hci_conn_cleanup net/bluetooth/hci_conn.c:173 [inline]
hci_conn_del+0xc36/0x1230 net/bluetooth/hci_conn.c:1240
hci_conn_hash_flush+0x191/0x260 net/bluetooth/hci_conn.c:2645
hci_dev_close_sync+0x821/0x10e0 net/bluetooth/hci_sync.c:5358
hci_dev_do_close net/bluetooth/hci_core.c:502 [inline]
hci_unregister_dev+0x21a/0x5a0 net/bluetooth/hci_core.c:2716
vhci_release+0x152/0x1a0 drivers/bluetooth/hci_vhci.c:690
__fput+0x44f/0xa70 fs/file_table.c:469
task_work_run+0x1d9/0x270 kernel/task_work.c:233
exit_task_work include/linux/task_work.h:40 [inline]
do_exit+0x69b/0x2320 kernel/exit.c:971
do_group_exit+0x21b/0x2d0 kernel/exit.c:1112
get_signal+0x1284/0x1330 kernel/signal.c:3034
arch_do_signal_or_restart+0xbc/0x830 arch/x86/kernel/signal.c:337
__exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
exit_to_user_mode_loop+0x86/0x480 kernel/entry/common.c:98
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
do_syscall_64+0x32d/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7fbf75cece
RSP: 002b:00007ffc149f45c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: fffffffffffffe00 RBX: 000055555b283500 RCX: 00007f7fbf75cece
RDX: 0000000000000030 RSI: 00007ffc149f46c0 RDI: 00000000000000f9
RBP: 00007ffc149f466c R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018
R13: 0000000000000040 R14: 0000000000039256 R15: 00007ffc149f46c0
task:syz-executor state:R running task stack:24096 pid:6424 tgid:6424 ppid:5802 task_flags:0x40050c flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_common+0x82/0xd0 kernel/sched/core.c:7091
preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock include/linux/spinlock_api_smp.h:169 [inline]
_raw_spin_unlock+0x3f/0x50 kernel/locking/spinlock.c:186
spin_unlock include/linux/spinlock.h:389 [inline]
zap_pte_range mm/memory.c:1946 [inline]
zap_pmd_range mm/memory.c:2008 [inline]
zap_pud_range mm/memory.c:2036 [inline]
zap_p4d_range mm/memory.c:2057 [inline]
unmap_page_range+0x3b71/0x48f0 mm/memory.c:2078
unmap_single_vma mm/memory.c:2120 [inline]
unmap_vmas+0x3c0/0x5c0 mm/memory.c:2162
exit_mmap+0x261/0xdb0 mm/mmap.c:1277
__mmput+0x118/0x430 kernel/fork.c:1174
exit_mm+0x168/0x220 kernel/exit.c:581
do_exit+0x62e/0x2320 kernel/exit.c:959
do_group_exit+0x21b/0x2d0 kernel/exit.c:1112
get_signal+0x1284/0x1330 kernel/signal.c:3034
arch_do_signal_or_restart+0xbc/0x830 arch/x86/kernel/signal.c:337
__exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
exit_to_user_mode_loop+0x86/0x480 kernel/entry/common.c:98
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
do_syscall_64+0x32d/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4456757817
RSP: 002b:00007ffd055e65a0 EFLAGS: 00000202 ORIG_RAX: 000000000000003d
RAX: fffffffffffffe00 RBX: 0000555573194500 RCX: 00007f4456757817
RDX: 0000000040000000 RSI: 00007ffd055e65fc RDI: ffffffffffffffff
RBP: 00007ffd055e65fc R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
R13: 0000000000000003 R14: 00007ffd055e6858 R15: 0000000000000000
task:syz.0.328 state:R running task stack:25728 pid:7625 tgid:7625 ppid:6436 task_flags:0x400040 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x2d7/0x3d0 kernel/locking/lockdep.c:5893
Code: 40 7a 11 00 00 00 00 eb b5 e8 55 4d 0b 0a f7 c3 00 02 00 00 74 b9 65 48 8b 05 d5 fa 79 11 48 3b 44 24 28 75 44 fb 48 83 c4 30 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 a5 9b 6e ff cc 48 8d 3d 02 22 73
RSP: 0000:ffffc90002ea7180 EFLAGS: 00000282
RAX: cbef8aaa35f7d500 RBX: 0000000000000202 RCX: 0000000000000046
RDX: 0000000000000003 RSI: ffffffff8e161281 RDI: ffffffff8c27a500
RBP: ffff888026d26650 R08: ffffc90002ea7a50 R09: ffffc90002ea72d8
R10: dffffc0000000000 R11: fffff520005d4e5d R12: 0000000000000003
R13: 0000000000000003 R14: ffffffff8e7602e0 R15: ffff888026d25ac0
rcu_lock_release include/linux/rcupdate.h:322 [inline]
rcu_read_unlock include/linux/rcupdate.h:881 [inline]
class_rcu_destructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0x1aaa/0x23c0 arch/x86/kernel/unwind_orc.c:695
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
save_stack+0x122/0x230 mm/page_owner.c:165
__reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
reset_page_owner include/linux/page_owner.h:25 [inline]
__free_pages_prepare mm/page_alloc.c:1432 [inline]
__free_frozen_pages+0xc00/0xd90 mm/page_alloc.c:2977
__slab_free+0x263/0x2b0 mm/slub.c:5532
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
kasan_slab_alloc include/linux/kasan.h:253 [inline]
slab_post_alloc_hook mm/slub.c:4501 [inline]
slab_alloc_node mm/slub.c:4830 [inline]
kmem_cache_alloc_noprof+0x2bc/0x650 mm/slub.c:4837
new_handle fs/jbd2/transaction.c:457 [inline]
jbd2__journal_start+0x145/0x5b0 fs/jbd2/transaction.c:484
__ext4_journal_start_sb+0x203/0x620 fs/ext4/ext4_jbd2.c:114
__ext4_journal_start fs/ext4/ext4_jbd2.h:242 [inline]
ext4_dirty_inode+0x93/0x110 fs/ext4/inode.c:6447
__mark_inode_dirty+0x3a4/0x1470 fs/fs-writeback.c:2609
generic_update_time fs/inode.c:2198 [inline]
file_update_time_flags+0x3ee/0x4a0 fs/inode.c:2428
ext4_page_mkwrite+0x219/0x11a0 fs/ext4/inode.c:6616
do_page_mkwrite+0x14d/0x310 mm/memory.c:3581
wp_page_shared mm/memory.c:3982 [inline]
do_wp_page+0x1a4b/0x5a00 mm/memory.c:4201
handle_pte_fault mm/memory.c:6324 [inline]
__handle_mm_fault mm/memory.c:6446 [inline]
handle_mm_fault+0x1520/0x3310 mm/memory.c:6615
do_user_addr_fault+0xa73/0x1340 arch/x86/mm/fault.c:1334
handle_page_fault arch/x86/mm/fault.c:1474 [inline]
exc_page_fault+0x6a/0xc0 arch/x86/mm/fault.c:1527
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:618
RIP: 0033:0x7f4456670e20
RSP: 002b:00007ffd055e6100 EFLAGS: 00010216
RAX: 0000001b2e823f64 RBX: ffffffffffffff64 RCX: 0000000000000006
RDX: 0000001b2e823f60 RSI: 0000000000000004 RDI: 00007f4457545720
RBP: 0000000000000000 R08: 00007f4456a00000 R09: 00007f4456a02000
R10: 00000000816bfeb8 R11: 0000000000000008 R12: 0000000000000000
R13: 000000000000a3cd R14: ffffffff816bfa2e R15: 00007f4457545720
task:dhcpcd-run-hook state:R running task stack:23520 pid:7581 tgid:7581 ppid:5480 task_flags:0x400000 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__reset_page_owner+0x55/0x1f0 mm/page_owner.c:311
Code: 0f 84 52 01 00 00 48 8b 0d 98 1a 52 0c 48 8d 1c 08 48 83 c3 08 48 89 d9 48 c1 e9 03 48 ba 00 00 00 00 00 fc ff df 0f b6 0c 11 <84> c9 0f 85 49 01 00 00 8b 1b 48 89 c7 e8 f9 df 01 00 bf 00 20 00
RSP: 0018:ffffc900037ff780 EFLAGS: 00000212
RAX: ffff88801d2300f0 RBX: ffff88801d230100 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffff823bbbd2 R09: ffffffff8e7602e0
R10: dffffc0000000000 R11: fffff940002b801f R12: ffffea00015c00c0
R13: 0000000000000000 R14: ffffea00015c00c0 R15: 00000042b03483ff
reset_page_owner include/linux/page_owner.h:25 [inline]
__free_pages_prepare mm/page_alloc.c:1432 [inline]
__free_frozen_pages+0xc00/0xd90 mm/page_alloc.c:2977
__slab_free+0x263/0x2b0 mm/slub.c:5532
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
kasan_slab_alloc include/linux/kasan.h:253 [inline]
slab_post_alloc_hook mm/slub.c:4501 [inline]
slab_alloc_node mm/slub.c:4830 [inline]
kmem_cache_alloc_node_noprof+0x384/0x690 mm/slub.c:4882
alloc_task_struct_node kernel/fork.c:185 [inline]
dup_task_struct+0x57/0x9a0 kernel/fork.c:916
copy_process+0x508/0x3cf0 kernel/fork.c:2050
kernel_clone+0x248/0x8e0 kernel/fork.c:2654
__do_sys_clone kernel/fork.c:2795 [inline]
__se_sys_clone kernel/fork.c:2779 [inline]
__x64_sys_clone+0x1b6/0x230 kernel/fork.c:2779
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fafd5dcc636
RSP: 002b:00007ffe2f70afe0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007ffe2f70afe8 RCX: 00007fafd5dcc636
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 0000562111e03c30 R08: 0000000000000000 R09: 0000000000000030
R10: 00007fafd5c32f50 R11: 0000000000000246 R12: 0000562111e11290
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
task:kworker/1:6 state:R running task stack:25408 pid:5944 tgid:5944 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: events free_obj_work
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x2d7/0x3d0 kernel/locking/lockdep.c:5893
Code: 40 7a 11 00 00 00 00 eb b5 e8 55 4d 0b 0a f7 c3 00 02 00 00 74 b9 65 48 8b 05 d5 fa 79 11 48 3b 44 24 28 75 44 fb 48 83 c4 30 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 a5 9b 6e ff cc 48 8d 3d 02 22 73
RSP: 0018:ffffc90003f37500 EFLAGS: 00000286
RAX: a5ae2ec587a56400 RBX: 0000000000000202 RCX: 0000000000000046
RDX: 0000000000000002 RSI: ffffffff8e161281 RDI: ffffffff8c27a500
RBP: ffff88802ef8a9a8 R08: ffffc90003f37a10 R09: ffffc90003f37658
R10: dffffc0000000000 R11: fffff520007e6ecd R12: 0000000000000002
R13: 0000000000000002 R14: ffffffff8e7602e0 R15: ffff88802ef89e40
rcu_lock_release include/linux/rcupdate.h:322 [inline]
rcu_read_unlock include/linux/rcupdate.h:881 [inline]
class_rcu_destructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0x1aaa/0x23c0 arch/x86/kernel/unwind_orc.c:695
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:57 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:584
poison_slab_object mm/kasan/common.c:253 [inline]
__kasan_slab_free+0x5c/0x80 mm/kasan/common.c:285
kasan_slab_free include/linux/kasan.h:235 [inline]
slab_free_hook mm/slub.c:2687 [inline]
slab_free mm/slub.c:6124 [inline]
kmem_cache_free+0x187/0x630 mm/slub.c:6254
free_object_list lib/debugobjects.c:326 [inline]
free_obj_work+0x391/0x4c0 lib/debugobjects.c:513
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
task:klogd state:R running task stack:24096 pid:5173 tgid:5173 ppid:1 task_flags:0x400100 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:memset+0xf/0x20 arch/x86/lib/memset_64.S:38
Code: 44 88 1f e9 ee 29 63 f5 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 49 89 f9 40 88 f0 48 89 d1 aa 4c 89 c8 e9 c2 29 63 f5 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900035772b0 EFLAGS: 00000202
RAX: ffffc90003577800 RBX: ffffc900035773c0 RCX: 000000000000000f
RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc900035773d9
RBP: dffffc0000000000 R08: ffffc900035773e7 R09: ffffc900035773d8
R10: dffffc0000000000 R11: fffff520006aee7d R12: ffffc900035773d8
R13: 1ffff920006aee73 R14: ffffc90003577388 R15: ffffc900035773d0
unwind_next_frame+0xeae/0x23c0 arch/x86/kernel/unwind_orc.c:607
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
save_stack+0x122/0x230 mm/page_owner.c:165
__reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
reset_page_owner include/linux/page_owner.h:25 [inline]
__free_pages_prepare mm/page_alloc.c:1432 [inline]
__free_frozen_pages+0xc00/0xd90 mm/page_alloc.c:2977
__slab_free+0x263/0x2b0 mm/slub.c:5532
qlink_free mm/kasan/quarantine.c:163 [inline]
qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
__kasan_kmalloc+0x22/0xb0 mm/kasan/common.c:406
kasan_kmalloc include/linux/kasan.h:263 [inline]
__do_kmalloc_node mm/slub.c:5219 [inline]
__kmalloc_node_track_caller_noprof+0x4db/0x7b0 mm/slub.c:5327
kmalloc_reserve net/core/skbuff.c:635 [inline]
__alloc_skb+0x2c1/0x7d0 net/core/skbuff.c:713
alloc_skb include/linux/skbuff.h:1383 [inline]
alloc_skb_with_frags+0xca/0x890 net/core/skbuff.c:6750
sock_alloc_send_pskb+0x878/0x990 net/core/sock.c:2995
unix_dgram_sendmsg+0x460/0x18e0 net/unix/af_unix.c:2125
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x709/0x7a0 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc337c94407
RSP: 002b:00007ffe3bbd95c0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007fc337b44c80 RCX: 00007fc337c94407
RDX: 0000000000000055 RSI: 00007ffe3bbd9700 RDI: 0000000000000003
RBP: 00007ffe3bbd9b30 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000004000 R11: 0000000000000202 R12: 00007ffe3bbd9b48
R13: 00007ffe3bbd9700 R14: 000000000000003a R15: 00007ffe3bbd9700
task:kworker/u8:5 state:R running task stack:24088 pid:83 tgid:83 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7234
irqentry_exit+0x599/0x620 kernel/entry/common.c:239
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__preempt_count_add kernel/rcu/tree.c:748 [inline]
RIP: 0010:rcu_is_watching+0x6/0xb0 kernel/rcu/tree.c:751
Code: e8 7f ba 3f 03 eb cc 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 <41> 56 53 65 ff 05 d0 03 71 11 e8 3b 70 02 0a 89 c3 83 f8 08 73 65
RSP: 0018:ffffc9000256f548 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffffffff8223e547 RCX: ffff88801dbfdac0
RDX: 0000000045902815 RSI: ffffffff8e161281 RDI: ffffffff8c27a500
RBP: dffffc0000000000 R08: ffffffff81767a45 R09: ffffffff8e7602e0
R10: dffffc0000000000 R11: ffffffff81b0a800 R12: 1ffff920004adec5
R13: ffffc9000256f660 R14: ffffc9000256f628 R15: ffffffff81767a45
rcu_read_lock include/linux/rcupdate.h:851 [inline]
class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0xd4/0x23c0 arch/x86/kernel/unwind_orc.c:495
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:57 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:584
poison_slab_object mm/kasan/common.c:253 [inline]
__kasan_slab_free+0x5c/0x80 mm/kasan/common.c:285
kasan_slab_free include/linux/kasan.h:235 [inline]
slab_free_hook mm/slub.c:2687 [inline]
slab_free mm/slub.c:6124 [inline]
kmem_cache_free+0x187/0x630 mm/slub.c:6254
ieee80211_iface_work+0xb8e/0x1340 net/mac80211/iface.c:1804
cfg80211_wiphy_work+0x2ab/0x4a0 net/wireless/core.c:440
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
rcu: rcu_preempt kthread starved for 10863 jiffies! g24461 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:27664 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
schedule_timeout+0x158/0x2c0 kernel/time/sleep_timeout.c:99
rcu_gp_fqs_loop+0x312/0x11d0 kernel/rcu/tree.c:2095
rcu_gp_kthread+0x9e/0x2b0 kernel/rcu/tree.c:2297
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 7626 Comm: syz.0.328 Tainted: G L syzkaller #0 PREEMPT(full)
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:get_current arch/x86/include/asm/current.h:25 [inline]
RIP: 0010:write_comp_data kernel/kcov.c:245 [inline]
RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x8/0x90 kernel/kcov.c:314
Code: 89 44 11 20 e9 04 b5 4a ff cc 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 15 d8 13 56 11 65 8b 0d f9 13 56 11 81 e1 00 01 ff 00 74
RSP: 0018:ffffc900038bf910 EFLAGS: 00000246
RAX: ffffffff81b82ead RBX: ffff88805761b100 RCX: ffffffff9a270400
RDX: ffffc90013f0f000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffff81b83440 R09: ffffffff8e7602e0
R10: dffffc0000000000 R11: fffff52000717f65 R12: ffff888077874640
R13: ffff888077874000 R14: ffff888077874000 R15: dffffc0000000000
FS: 00007f44576ed6c0(0000) GS:ffff888125566000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2e823f60 CR3: 000000007c4bd000 CR4: 0000000000350ef0
Call Trace:
futex_ref_get kernel/futex/core.c:1685 [inline]
futex_private_hash_get+0x5d/0x190 kernel/futex/core.c:147
futex_hash+0x121/0x2d0 kernel/futex/core.c:312
class_hb_constructor kernel/futex/futex.h:240 [inline]
futex_wait_setup+0xde/0x560 kernel/futex/waitwake.c:623
__futex_wait+0x173/0x420 kernel/futex/waitwake.c:682
futex_wait+0x119/0x380 kernel/futex/waitwake.c:715
do_futex+0x333/0x420 kernel/futex/syscalls.c:130
__do_sys_futex kernel/futex/syscalls.c:207 [inline]
__se_sys_futex+0x3a8/0x450 kernel/futex/syscalls.c:188
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f445679c629
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f44576ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: ffffffffffffffda RBX: 00007f4456a15fa8 RCX: 00007f445679c629
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4456a15fa8
RBP: 00007f4456a15fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f4456a16038 R14: 00007ffd055e5fd0 R15: 00007ffd055e60b8