rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P22497/2:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=123841, q=360 ncpus=2)
task:syz.3.4227      state:R  running task     stack:23608 pid:22497 tgid:22497 ppid:14291  task_flags:0x40014c flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5504 [inline]
 __schedule+0x1709/0x5530 kernel/sched/core.c:7228
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7552
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:539 [inline]
 irqentry_exit+0x14f/0x8f0 kernel/entry/common.c:167
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:674
RIP: 0010:its_return_thunk+0x0/0x10 arch/x86/lib/retpoline.S:417
Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <c3> cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 e9 5b a0 fe f5 cc
RSP: 0018:ffffc900045bf598 EFLAGS: 00000293
RAX: ffffffff821e18af RBX: ffffea00013e6440 RCX: ffff8880291d9f00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffff9400027cc89 R12: 0000000000000000
R13: 0000000000000000 R14: 1ffffd400027cc8b R15: ffffea00013e6440
 folio_remove_rmap_ptes+0x1bf/0x5a0 include/linux/page-flags.h:-1
 zap_present_folio_ptes mm/memory.c:1672 [inline]
 zap_present_ptes mm/memory.c:1730 [inline]
 do_zap_pte_range mm/memory.c:1832 [inline]
 zap_pte_range mm/memory.c:1934 [inline]
 zap_pmd_range mm/memory.c:2020 [inline]
 zap_pud_range mm/memory.c:2048 [inline]
 zap_p4d_range mm/memory.c:2069 [inline]
 __zap_vma_range+0x2224/0x49e0 mm/memory.c:2109
 unmap_vmas+0x390/0x550 mm/memory.c:2178
 exit_mmap+0x293/0x9f0 mm/mmap.c:1300
 __mmput+0xcb/0x3e0 kernel/fork.c:1182
 exit_mm+0x186/0x240 kernel/exit.c:610
 do_exit+0x6cd/0x2360 kernel/exit.c:992
 do_group_exit+0x22d/0x2f0 kernel/exit.c:1147
 __do_sys_exit_group kernel/exit.c:1158 [inline]
 __se_sys_exit_group kernel/exit.c:1156 [inline]
 __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1156
 x64_sys_call+0x221a/0x2240 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x174/0x580 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd92b5dce59
RSP: 002b:00007fff5ad79aa8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd92b5dce59
RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007fff5ad79b0c R08: 0000000000000000 R09: 00000000000927c0
R10: 0000000000000006 R11: 0000000000000246 R12: 000000000000019c
R13: 00000000000927c0 R14: 000000000018b93c R15: 00007fff5ad79b60
 </TASK>
rcu: rcu_preempt kthread timer wakeup didn't happen for 10450 jiffies! g123841 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
rcu: 	Possible timer handling issue on cpu=1 timer-softirq=68038
rcu: rcu_preempt kthread starved for 10451 jiffies! g123841 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:I stack:27688 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5504 [inline]
 __schedule+0x1709/0x5530 kernel/sched/core.c:7228
 __schedule_loop kernel/sched/core.c:7307 [inline]
 schedule+0x164/0x360 kernel/sched/core.c:7322
 schedule_timeout+0x152/0x2c0 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x30c/0x11c0 kernel/rcu/tree.c:2123
 rcu_gp_kthread+0x9e/0x2b0 kernel/rcu/tree.c:2325
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 22506 Comm: syz.9.4226 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
RIP: 0010:preempt_latency_start kernel/sched/core.c:5959 [inline]
RIP: 0010:preempt_count_add+0xb9/0x190 kernel/sched/core.c:5982
Code: 0d 00 85 c0 74 09 31 db 31 ff e8 12 b1 0d 00 65 4c 8b 35 e2 5b e1 10 49 81 c6 e8 15 00 00 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 7d 7d 9d 00 49 89 1e 5b 41 5e 41 5f e9 90 aa a0
RSP: 0018:ffffc900045ef1e8 EFLAGS: 00000046
RAX: 1ffff11006d2d2bd RBX: ffffffff8187a968 RCX: ffffffff99801500
RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff8187a968
RBP: 0000000000000001 R08: ffffffff8f8c5ff7 R09: 1ffffffff1f18bfe
R10: dffffc0000000000 R11: fffffbfff1f18bff R12: ffff888036968000
R13: 1ffff11006d2d17e R14: ffff8880369695e8 R15: dffffc0000000000
FS:  0000555569f89500(0000) GS:ffff888125fd3000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055556a55f7d0 CR3: 000000002a972000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 class_preempt_constructor include/linux/preempt.h:468 [inline]
 __migrate_enable include/linux/sched.h:2454 [inline]
 migrate_enable include/linux/sched.h:2505 [inline]
 __local_bh_enable+0xe8/0x2f0 kernel/softirq.c:250
 __local_bh_enable_ip+0x1a0/0x2b0 kernel/softirq.c:305
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 rt_spin_trylock_bh+0x1dd/0x2e0 kernel/locking/spinlock_rt.c:129
 tipc_sk_rcv+0x4a8/0x2c90 net/tipc/socket.c:2500
 tipc_node_xmit+0x218/0xf10 net/tipc/node.c:1701
 tipc_node_xmit_skb+0x139/0x1b0 net/tipc/node.c:1766
 __tipc_shutdown+0xeea/0x15a0 net/tipc/socket.c:597
 tipc_release+0x303/0x2500 net/tipc/socket.c:641
 __sock_release+0xa0/0x1f0 net/socket.c:714
 sock_close+0x1c/0x30 net/socket.c:1516
 __fput+0x42a/0xa80 fs/file_table.c:512
 task_work_run+0x1d9/0x270 kernel/task_work.c:233
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 __exit_to_user_mode_loop kernel/entry/common.c:70 [inline]
 exit_to_user_mode_loop+0x1fa/0x730 kernel/entry/common.c:101
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:230 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline]
 do_syscall_64+0x353/0x580 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5a0dddce59
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff227f2de8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00007f5a0e057da0 RCX: 00007f5a0dddce59
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f5a0e057da0 R08: 0000000000000006 R09: 0000000000000000
R10: 00007f5a0e057cb0 R11: 0000000000000246 R12: 000000000018c159
R13: 00007f5a0e05618c R14: 000000000018befe R15: 00007fff227f2ef0
 </TASK>