rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P27678/1:b..l P29348/1:b..l P29382/1:b..l
rcu: 	(detected by 1, t=10503 jiffies, g=222045, q=270 ncpus=2)
task:syz-executor.2  state:R  running task     stack:20312 pid:29382 tgid:29381 ppid:17441  flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x1796/0x4a00 kernel/sched/core.c:6746
 preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6925
 preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6949
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 zap_pte_range mm/memory.c:1674 [inline]
 zap_pmd_range mm/memory.c:1722 [inline]
 zap_pud_range mm/memory.c:1751 [inline]
 zap_p4d_range mm/memory.c:1772 [inline]
 unmap_page_range+0x3dac/0x4870 mm/memory.c:1793
 unmap_vmas+0x3cc/0x5f0 mm/memory.c:1883
 exit_mmap+0x2cb/0xd60 mm/mmap.c:3269
 __mmput+0x115/0x3c0 kernel/fork.c:1346
 exit_mm+0x220/0x310 kernel/exit.c:569
 do_exit+0x99e/0x27e0 kernel/exit.c:865
 do_group_exit+0x207/0x2c0 kernel/exit.c:1027
 get_signal+0x16a1/0x1740 kernel/signal.c:2911
 arch_do_signal_or_restart+0x96/0x860 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xc9/0x370 kernel/entry/common.c:218
 do_syscall_64+0x102/0x240 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f959667cee9
RSP: 002b:00007f9597472178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f95967abf88 RCX: 00007f959667cee9
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f95967abf88
RBP: 00007f95967abf80 R08: 00007f95974726c0 R09: 00007f95974726c0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95967abf8c
R13: 000000000000000b R14: 00007ffceaadc610 R15: 00007ffceaadc6f8
 </TASK>
task:syz-executor.1  state:R  running task     stack:24120 pid:29348 tgid:29347 ppid:27118  flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x1796/0x4a00 kernel/sched/core.c:6746
 preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6925
 preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6949
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
 unwind_next_frame+0x2124/0x2a00 arch/x86/kernel/unwind_orc.c:672
 arch_stack_walk+0x151/0x1b0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
 save_stack+0xfb/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x75/0x3f0 mm/page_owner.c:302
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1141 [inline]
 free_unref_page_prepare+0x97b/0xaa0 mm/page_alloc.c:2347
 free_unref_folios+0x1f2/0xc10 mm/page_alloc.c:2536
 folios_put_refs+0x93a/0xa60 mm/swap.c:1034
 folio_batch_release include/linux/pagevec.h:101 [inline]
 shmem_undo_range+0x6d9/0x1df0 mm/shmem.c:1005
 shmem_truncate_range mm/shmem.c:1114 [inline]
 shmem_evict_inode+0x29b/0xa60 mm/shmem.c:1242
 evict+0x2a8/0x630 fs/inode.c:667
 __dentry_kill+0x20d/0x630 fs/dcache.c:603
 dput+0x19f/0x2b0 fs/dcache.c:845
 __fput+0x678/0x8a0 fs/file_table.c:430
 __do_sys_close fs/open.c:1556 [inline]
 __se_sys_close fs/open.c:1541 [inline]
 __x64_sys_close+0x7f/0x110 fs/open.c:1541
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f358ba7bdda
RSP: 002b:00007f358c716e90 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f358ba7bdda
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000009600
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 00007f358c716f80 R14: 00007f358c716f40 R15: 00007f3581800000
 </TASK>
task:syz-executor.0  state:R  running task     stack:19728 pid:27678 tgid:27678 ppid:27663  flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x1796/0x4a00 kernel/sched/core.c:6746
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7068
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758
Code: 2b 00 74 08 4c 89 f7 e8 ea 7b 85 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
RSP: 0018:ffffc900030471c0 EFLAGS: 00000206
RAX: 0000000000000001 RBX: 1ffff92000608e44 RCX: 0000000000000001
RDX: dffffc0000000000 RSI: ffffffff8bcac740 RDI: ffffffff8c1ed7e0
RBP: ffffc90003047308 R08: ffffffff92f64587 R09: 1ffffffff25ec8b0
R10: dffffc0000000000 R11: fffffbfff25ec8b1 R12: 1ffff92000608e40
R13: dffffc0000000000 R14: ffffc90003047220 R15: 0000000000000246
 rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 rcu_read_lock include/linux/rcupdate.h:781 [inline]
 ext4_get_group_desc+0x133/0x4b0 fs/ext4/balloc.c:288
 ext4_read_block_bitmap_nowait+0x5d/0xaa0 fs/ext4/balloc.c:476
 ext4_read_block_bitmap+0x20/0x80 fs/ext4/balloc.c:600
 ext4_mb_mark_context+0x147/0xfb0 fs/ext4/mballoc.c:3986
 ext4_mb_clear_bb fs/ext4/mballoc.c:6455 [inline]
 ext4_free_blocks+0xda7/0x2420 fs/ext4/mballoc.c:6639
 ext4_remove_blocks fs/ext4/extents.c:2521 [inline]
 ext4_ext_rm_leaf fs/ext4/extents.c:2686 [inline]
 ext4_ext_remove_space+0x21a2/0x4e40 fs/ext4/extents.c:2934
 ext4_ext_truncate+0x159/0x2b0 fs/ext4/extents.c:4440
 ext4_truncate+0xa18/0x1180 fs/ext4/inode.c:4146
 ext4_evict_inode+0x90f/0xf50 fs/ext4/inode.c:258
 evict+0x2a8/0x630 fs/inode.c:667
 d_delete_notify include/linux/fsnotify.h:307 [inline]
 vfs_rmdir+0x38f/0x4c0 fs/namei.c:4227
 do_rmdir+0x3b5/0x580 fs/namei.c:4273
 __do_sys_unlinkat fs/namei.c:4449 [inline]
 __se_sys_unlinkat fs/namei.c:4443 [inline]
 __x64_sys_unlinkat+0xe0/0xf0 fs/namei.c:4443
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f852e27c6c7
RSP: 002b:00007ffdef3f18b8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f852e27c6c7
RDX: 0000000000000200 RSI: 00007ffdef3f2a60 RDI: 00000000ffffff9c
RBP: 00007f852e2c8336 R08: 000055558862499b R09: 0000000000000000
R10: 0000000000001000 R11: 0000000000000207 R12: 00007ffdef3f2a60
R13: 00007f852e2c8336 R14: 00000000001792b9 R15: 000000000000000a
 </TASK>
rcu: rcu_preempt kthread starved for 10613 jiffies! g222045 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26320 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x1796/0x4a00 kernel/sched/core.c:6746
 __schedule_loop kernel/sched/core.c:6823 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6838
 schedule_timeout+0x1be/0x310 kernel/time/timer.c:2582
 rcu_gp_fqs_loop+0x2df/0x1370 kernel/rcu/tree.c:2000
 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2202
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 2465 Comm: kworker/u8:7 Not tainted 6.9.0-syzkaller-07726-g3c999d1ae3c7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
Workqueue: events_unbound cfg80211_wiphy_work
RIP: 0010:unwind_next_frame+0xa3d/0x2a00 arch/x86/kernel/unwind_orc.c:521
Code: 1c 00 00 0f b6 1b 31 ff 89 de e8 ce 38 55 00 85 db 0f 84 3c 05 00 00 e8 c1 35 55 00 e9 61 05 00 00 e8 b7 35 55 00 48 8b 04 24 <48> 8d 58 40 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8
RSP: 0018:ffffc900098d6688 EFLAGS: 00000293
RAX: ffffc900098d6760 RBX: ffffc900098d6798 RCX: ffff888029f69e00
RDX: 0000000000000000 RSI: ffffffff8e1a1240 RDI: 0000000000000004
RBP: 0000000000000004 R08: 0000000000000005 R09: ffffffff8140f70e
R10: 0000000000000008 R11: ffff888029f69e00 R12: ffffffff8fbcc63c
R13: dffffc0000000000 R14: ffffc900098d67b0 R15: 1ffff9200131acec
FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffceaadb8dc CR3: 0000000023330000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 000000000000000a DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 arch_stack_walk+0x151/0x1b0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
 __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387
 kasan_kmalloc include/linux/kasan.h:211 [inline]
 __do_kmalloc_node mm/slub.c:4039 [inline]
 __kmalloc+0x233/0x4a0 mm/slub.c:4052
 kmalloc include/linux/slab.h:632 [inline]
 kzalloc include/linux/slab.h:749 [inline]
 ieee802_11_parse_elems_full+0xd5/0x2870 net/mac80211/parse.c:880
 ieee802_11_parse_elems_crc net/mac80211/ieee80211_i.h:2330 [inline]
 ieee802_11_parse_elems net/mac80211/ieee80211_i.h:2337 [inline]
 ieee80211_inform_bss+0x15f/0x1080 net/mac80211/scan.c:79
 rdev_inform_bss net/wireless/rdev-ops.h:418 [inline]
 cfg80211_inform_single_bss_data+0x1049/0x2330 net/wireless/scan.c:2277
 cfg80211_inform_bss_data+0x3dd/0x5a70 net/wireless/scan.c:3101
 cfg80211_inform_bss_frame_data+0x3bc/0x720 net/wireless/scan.c:3191
 ieee80211_bss_info_update+0x8a7/0xbc0 net/mac80211/scan.c:226
 ieee80211_rx_bss_info net/mac80211/ibss.c:1099 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1578 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x1962/0x2d70 net/mac80211/ibss.c:1605
 ieee80211_iface_process_skb net/mac80211/iface.c:1605 [inline]
 ieee80211_iface_work+0x8a3/0xf10 net/mac80211/iface.c:1659
 cfg80211_wiphy_work+0x221/0x260 net/wireless/core.c:437
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312
 worker_thread+0x86d/0xd70 kernel/workqueue.c:3393
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>