rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P18614/1:b..l P20316/1:b..l P4979/1:b..l P19143/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=126369, q=275 ncpus=2)
task:syz.2.3612      state:R  running task     stack:26376 pid:19143 tgid:19137 ppid:17131  task_flags:0x40044c flags:0x00080003
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7513
 irqentry_exit_to_kernel_mode_preempt include/linux/irq-entry-common.h:476 [inline]
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x205/0x7e0 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:rcu_is_watching+0x0/0xc0 kernel/rcu/tree.c:748
Code: 3a ff ff ff 48 89 df e8 fe 79 89 00 eb 81 e8 27 7a 89 00 e9 49 ff ff ff 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 53 65 ff 05 73 1c 1e 12 e8 3e c5 9d 09 48 c7 c3 a8
RSP: 0018:ffffc900053178b0 EFLAGS: 00000297
RAX: 0000000000000001 RBX: ffffffff8e7e5760 RCX: ffffffff82828b50
RDX: ffff888084bda500 RSI: ffffffff82828b23 RDI: ffffffff8e7e5760
RBP: ffffffff82828b23 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff88801e8a1a40
R13: 0000000000000001 R14: dffffc0000000000 R15: ffff88801e8a1a3c
 trace_lock_release include/trace/events/lock.h:69 [inline]
 lock_release+0x245/0x310 kernel/locking/lockdep.c:5879
 rcu_lock_release include/linux/rcupdate.h:310 [inline]
 rcu_read_unlock include/linux/rcupdate.h:869 [inline]
 __page_table_check_zero+0x338/0x410 mm/page_table_check.c:145
 page_table_check_free include/linux/page_table_check.h:46 [inline]
 __free_pages_prepare mm/page_alloc.c:1403 [inline]
 __free_frozen_pages+0x72a/0x1040 mm/page_alloc.c:2943
 vfree mm/vmalloc.c:3472 [inline]
 vfree+0x15f/0x8d0 mm/vmalloc.c:3436
 kcov_put kernel/kcov.c:442 [inline]
 kcov_put kernel/kcov.c:438 [inline]
 kcov_close+0x34/0x60 kernel/kcov.c:543
 __fput+0x3ff/0xb50 fs/file_table.c:510
 task_work_run+0x150/0x240 kernel/task_work.c:233
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x951/0x2af0 kernel/exit.c:976
 do_group_exit+0xd5/0x2a0 kernel/exit.c:1119
 get_signal+0x20ff/0x2210 kernel/signal.c:3037
 arch_do_signal_or_restart+0x91/0x7e0 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
 exit_to_user_mode_loop+0x8b/0x4f0 kernel/entry/common.c:98
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:238 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline]
 do_syscall_64+0x706/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe5b2b9ce59
RSP: 002b:00007fe5b3aa4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: 0000000000000400 RBX: 00007fe5b2e16090 RCX: 00007fe5b2b9ce59
RDX: 00000000000004ff RSI: 00002000000092c0 RDI: 0000000000000006
RBP: 00007fe5b2c32d6f R08: 0000000000000000 R09: 0000000000000000
R10: 000000000000f401 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe5b2e16128 R14: 00007fe5b2e16090 R15: 00007ffc562ce378
 </TASK>
task:udevd           state:R  running task     stack:23640 pid:4979  tgid:4979  ppid:1      task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_common+0x42/0xc0 kernel/sched/core.c:7370
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock include/linux/spinlock_api_smp.h:169 [inline]
 _raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:190
 spin_unlock include/linux/spinlock.h:390 [inline]
 fast_dput fs/dcache.c:915 [inline]
 dput.part.0+0x2d4/0x570 fs/dcache.c:972
 dput+0x1f/0x30 fs/dcache.c:968
 step_into_slowpath+0x670/0xf90 fs/namei.c:2114
 step_into fs/namei.c:2148 [inline]
 walk_component fs/namei.c:2284 [inline]
 link_path_walk+0xf28/0x1cc0 fs/namei.c:2652
 path_openat+0x1be/0x31a0 fs/namei.c:4854
 do_file_open+0x20e/0x430 fs/namei.c:4887
 do_sys_openat2+0x10d/0x1e0 fs/open.c:1364
 do_sys_open fs/open.c:1370 [inline]
 __do_sys_openat fs/open.c:1386 [inline]
 __se_sys_openat fs/open.c:1381 [inline]
 __x64_sys_openat+0x12d/0x210 fs/open.c:1381
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x10b/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f061d715c3a
RSP: 002b:00007fff6405c548 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 000055fbb194f2d0 RCX: 00007f061d715c3a
RDX: 0000000000090800 RSI: 000055fbb1949030 RDI: 00000000ffffff9c
RBP: 000055fbb1949030 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000206 R12: 000055fbaffe7170
R13: 00000000000000ff R14: 000055fb89f36be0 R15: 00007fff6405c7f0
 </TASK>
task:syz.5.3943      state:R  running task     stack:26776 pid:20316 tgid:20314 ppid:11564  task_flags:0x400040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7513
 irqentry_exit_to_kernel_mode_preempt include/linux/irq-entry-common.h:476 [inline]
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x205/0x7e0 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:unwind_next_frame+0x1453/0x2090 arch/x86/kernel/unwind_orc.c:532
Code: 4c 89 ef c6 05 9d 70 59 12 01 e8 e8 e8 ff ff e9 0f ef ff ff 48 b8 00 00 00 00 00 fc ff df 48 8b 14 24 48 c1 ea 03 80 3c 02 00 <0f> 85 a6 08 00 00 48 89 c8 4d 8b 7d 38 48 ba 00 00 00 00 00 fc ff
RSP: 0018:ffffc90004c1f0a8 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff918541bc
RDX: 1ffff92000983e2a RSI: 0000000000000001 RDI: ffffffff90f9b250
RBP: ffffc90004c1f160 R08: ffffffff918541c0 R09: 0000000000000007
R10: 0000000000000200 R11: 000000000001738a R12: ffffc90004c1f168
R13: ffffc90004c1f118 R14: 0000000000000003 R15: 0000000000000000
 arch_stack_walk+0x94/0xf0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 save_stack+0x162/0x1e0 mm/page_owner.c:165
 __set_page_owner+0x8c/0x540 mm/page_owner.c:341
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x153/0x170 mm/page_alloc.c:1858
 prep_new_page mm/page_alloc.c:1866 [inline]
 get_page_from_freelist+0x11a6/0x33b0 mm/page_alloc.c:3946
 __alloc_frozen_pages_noprof+0x27c/0x2bc0 mm/page_alloc.c:5226
 alloc_pages_mpol+0x1fb/0x540 mm/mempolicy.c:2490
 alloc_pages_noprof+0x1a/0x160 mm/mempolicy.c:2581
 get_free_pages_noprof+0x10/0xb0 mm/page_alloc.c:5285
 mmu_memory_cache_alloc_obj virt/kvm/kvm_main.c:358 [inline]
 __kvm_mmu_topup_memory_cache+0x278/0x5f0 virt/kvm/kvm_main.c:395
 mmu_topup_memory_caches arch/x86/kvm/mmu/mmu.c:611 [inline]
 mmu_topup_memory_caches+0xbc/0x170 arch/x86/kvm/mmu/mmu.c:596
 kvm_mmu_load+0xd6/0x23e0 arch/x86/kvm/mmu/mmu.c:6075
 kvm_mmu_reload arch/x86/kvm/mmu.h:123 [inline]
 vcpu_enter_guest arch/x86/kvm/x86.c:11365 [inline]
 vcpu_run+0x39f4/0x5ca0 arch/x86/kvm/x86.c:11765
 kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 arch/x86/kvm/x86.c:12120
 kvm_vcpu_ioctl+0x730/0x1720 virt/kvm/kvm_main.c:4469
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:597 [inline]
 __se_sys_ioctl fs/ioctl.c:583 [inline]
 __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x10b/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f60bcf9ce59
RSP: 002b:00007f60bde09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f60bd216090 RCX: 00007f60bcf9ce59
RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
RBP: 00007f60bd032d6f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f60bd216128 R14: 00007f60bd216090 R15: 00007ffcd11c8d48
 </TASK>
task:kworker/0:6     state:R  running task     stack:23128 pid:18614 tgid:18614 ppid:2      task_flags:0x4208160 flags:0x00080000
Workqueue: events_power_efficient gc_worker
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7513
 irqentry_exit_to_kernel_mode_preempt include/linux/irq-entry-common.h:476 [inline]
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x205/0x7e0 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__seqprop_spinlock_sequence include/linux/seqlock.h:228 [inline]
RIP: 0010:nf_conntrack_get_ht include/net/netfilter/nf_conntrack.h:343 [inline]
RIP: 0010:gc_worker+0x2bb/0x1630 net/netfilter/nf_conntrack_core.c:1545
Code: 00 00 48 c7 c7 c8 6e d8 90 e8 01 51 35 f8 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 7f 67 59 f8 58 48 85 db 0f 85 97 0f 00 00 <e8> 90 6c 59 f8 8b 1d 6a 3c 29 07 89 dd 31 ff 83 e5 01 89 ee e8 2c
RSP: 0018:ffffc9000472fb40 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff89af3ce6
RDX: ffff8880274da500 RSI: ffffffff89af3cf5 RDI: ffff8880274da500
RBP: 000000000003fe3b R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000000040000 R14: 000000000001ff1e R15: 0000000000001770
 process_one_work+0xa0e/0x1980 kernel/workqueue.c:3314
 process_scheduled_works kernel/workqueue.c:3397 [inline]
 worker_thread+0x5ef/0xe50 kernel/workqueue.c:3478
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x72b/0xd50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: rcu_preempt kthread starved for 10498 jiffies! g126369 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27752 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 __schedule_loop kernel/sched/core.c:7268 [inline]
 schedule+0xdd/0x390 kernel/sched/core.c:7283
 schedule_timeout+0x127/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1a9/0x900 kernel/rcu/tree.c:2095
 rcu_gp_kthread+0x179/0x230 kernel/rcu/tree.c:2297
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x72b/0xd50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 20325 Comm: syz.0.3944 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:rb_link_node include/linux/rbtree.h:95 [inline]
RIP: 0010:__rb_add include/linux/rbtree.h:238 [inline]
RIP: 0010:rb_add_linked include/linux/rbtree.h:281 [inline]
RIP: 0010:timerqueue_linked_add+0x1b0/0x430 lib/timerqueue.c:96
Code: ea 03 80 3c 02 00 0f 85 48 02 00 00 4d 89 66 18 e8 25 2e 82 f6 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 e2 01 00 00 49 8d 7c 24 08 49 89 1c 24 48 b8 00 00 00 00 00
RSP: 0018:ffffc90000a08e20 EFLAGS: 00000046
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001
RDX: 1ffff11006d53460 RSI: ffffffff8b8670bb RDI: ffff8880b8528658
RBP: ffff8880b8528658 R08: 0000000000000005 R09: 000000000000001f
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888036a9a300
R13: ffff888036a9a318 R14: ffff8880b8528608 R15: ffff8880b8528658
FS:  00007f2b684036c0(0000) GS:ffff888124470000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2b68402ff8 CR3: 000000008676d000 CR4: 00000000003526f0
DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000081
DR3: ffffffffefffff14 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 enqueue_hrtimer+0x1ad/0x2f0 kernel/time/hrtimer.c:1117
 __run_hrtimer kernel/time/hrtimer.c:1946 [inline]
 __hrtimer_run_queues+0x73d/0xa00 kernel/time/hrtimer.c:1994
 hrtimer_interrupt+0x3e5/0x940 kernel/time/hrtimer.c:2113
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 __sysvec_apic_timer_interrupt+0x10b/0x460 arch/x86/kernel/apic/apic.c:1067
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1061 [inline]
 sysvec_apic_timer_interrupt+0x9e/0xc0 arch/x86/kernel/apic/apic.c:1061
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:179 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 kernel/locking/spinlock.c:198
Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 46 02 57 f6 48 89 df e8 1e 52 57 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 a5 1b 47 f6 65 8b 05 1e 7f 7d 08 85 c0 74 16 5b
RSP: 0018:ffffc900040a7d78 EFLAGS: 00000246
RAX: 0000000000000002 RBX: ffffffff9b1ab118 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8df215d0 RDI: ffffffff8c1c3800
RBP: 0000000000000287 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000007700000000 R12: 1ffff92000814fb6
R13: 000000000d2f14d5 R14: 000000000d2f14d5 R15: 0000000000000000
 class_raw_spinlock_irqsave_destructor include/linux/spinlock.h:571 [inline]
 do_settimeofday64+0x326/0x4d0 kernel/time/timekeeping.c:1584
 do_sys_settimeofday64+0x1dc/0x260 kernel/time/time.c:195
 __do_sys_clock_settime kernel/time/posix-timers.c:1124 [inline]
 __se_sys_clock_settime kernel/time/posix-timers.c:1108 [inline]
 __x64_sys_clock_settime+0x1c1/0x2a0 kernel/time/posix-timers.c:1108
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x10b/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f2b6759ce59
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f2b68403028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
RAX: ffffffffffffffda RBX: 00007f2b67816360 RCX: 00007f2b6759ce59
RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
RBP: 00007f2b67632d6f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f2b678163f8 R14: 00007f2b67816360 R15: 00007ffcdddac2d8
 </TASK>