rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P12/1:b..l P5960/1:b..l P6194/1:b..l P8626/1:b..l P8625/1:b..l
rcu: (detected by 1, t=10503 jiffies, g=32929, q=994 ncpus=2)
task:syz.8.382 state:R running task stack:26488 pid:8625 tgid:8616 ppid:6993 task_flags:0x40044c flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5258 [inline]
__schedule+0x150e/0x5070 kernel/sched/core.c:6866
preempt_schedule_common+0x83/0xd0 kernel/sched/core.c:7050
preempt_schedule+0xae/0xc0 kernel/sched/core.c:7074
preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
_raw_spin_unlock+0x3f/0x50 kernel/locking/spinlock.c:186
spin_unlock include/linux/spinlock.h:391 [inline]
zap_pte_range mm/memory.c:1884 [inline]
zap_pmd_range mm/memory.c:1946 [inline]
zap_pud_range mm/memory.c:1975 [inline]
zap_p4d_range mm/memory.c:1996 [inline]
unmap_page_range+0x3c17/0x44e0 mm/memory.c:2017
unmap_single_vma mm/memory.c:2059 [inline]
unmap_vmas+0x399/0x580 mm/memory.c:2101
exit_mmap+0x239/0xb10 mm/mmap.c:1277
__mmput+0x118/0x430 kernel/fork.c:1177
exit_mm+0x1da/0x2c0 kernel/exit.c:581
do_exit+0x850/0x25b0 kernel/exit.c:959
do_group_exit+0x21c/0x2d0 kernel/exit.c:1112
get_signal+0x1285/0x1340 kernel/signal.c:3034
arch_do_signal_or_restart+0x9a/0x7a0 arch/x86/kernel/signal.c:337
__exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
exit_to_user_mode_loop+0x87/0x4f0 kernel/entry/common.c:75
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
ret_from_fork+0x616/0xb30 arch/x86/kernel/process.c:167
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
task:syz-executor state:R running task stack:27216 pid:8626 tgid:8626 ppid:7235 task_flags:0x400040 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5258 [inline]
__schedule+0x150e/0x5070 kernel/sched/core.c:6866
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7193
irqentry_exit+0x5d8/0x660 kernel/entry/common.c:216
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:get_symbol_seq kernel/kallsyms.c:163 [inline]
RIP: 0010:kallsyms_lookup_names+0x140/0x1600 kernel/kallsyms.c:182
Code: 5c 24 30 01 d9 48 89 4c 24 38 44 8d 3c 49 49 8d 9f b8 bd 6e 8d 48 89 d8 48 c1 e8 03 48 ba 00 00 00 00 00 fc ff df 0f b6 04 10 <84> c0 0f 85 6b 05 00 00 44 89 74 24 50 44 0f b6 33 41 8d 47 01 48
RSP: 0018:ffffc9000438f2a0 EFLAGS: 00000a06
RAX: 0000000000000000 RBX: ffffffff8d8fd483 RCX: 00000000000b0799
RDX: dffffc0000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc9000438f5c8 R08: ffffc9000438f53f R09: 0000000000000000
R10: ffffc9000438f340 R11: fffff52000871ea8 R12: ffffc9000438f34c
R13: 0000000000000000 R14: 00000000000b0d7e R15: 00000000002116cb
kallsyms_lookup_name+0x6c/0x230 kernel/kallsyms.c:234
__find_trim+0x27f/0x440 net/core/dev.c:13374
trim_netdev_trace+0x2f9/0x3d0 net/core/dev.c:13409
save_netdev_trace_buffer+0xe1/0x5a0 net/core/dev.c:13436
__dev_hold include/linux/netdevice.h:4400 [inline]
netdev_hold include/linux/netdevice.h:4443 [inline]
dev_hold include/linux/netdevice.h:4466 [inline]
tun_get+0x157/0x2f0 drivers/net/tun.c:792
tun_chr_read_iter+0x63/0x260 drivers/net/tun.c:2198
new_sync_read fs/read_write.c:491 [inline]
vfs_read+0x55a/0xa30 fs/read_write.c:572
ksys_read+0x145/0x250 fs/read_write.c:715
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f211bd8e15c
RSP: 002b:00007fff8172b3b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007fff8172b3e0 RCX: 00007f211bd8e15c
RDX: 00000000000003e8 RSI: 00007fff8172b3e0 RDI: 00000000000000c8
RBP: 00007fff8172b81c R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000023
R13: 0000000000000050 R14: 000000000003a312 R15: 00007fff8172b870
task:kworker/u8:19 state:R running task stack:19448 pid:6194 tgid:6194 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
Call Trace:
context_switch kernel/sched/core.c:5258 [inline]
__schedule+0x150e/0x5070 kernel/sched/core.c:6866
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7193
irqentry_exit+0x5d8/0x660 kernel/entry/common.c:216
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_release+0x2a6/0x3b0 kernel/locking/lockdep.c:5893
Code: 4d 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 52 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 2a 0f 01 11 <48> 3b 44 24 28 75 75 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d e9
RSP: 0018:ffffc9000bc6f818 EFLAGS: 00000206
RAX: 8f0b29209f3f3900 RBX: 0000000000000202 RCX: 8f0b29209f3f3900
RDX: 0000000000000003 RSI: ffffffff8db7ed49 RDI: ffffffff8be07960
RBP: ffff888077b56728 R08: ffffffff8b269940 R09: ffffffff8e13f2e0
R10: dffffc0000000000 R11: ffffed100acc3c17 R12: 0000000000000003
R13: 0000000000000003 R14: ffffffff8e13f2e0 R15: ffff888077b55b80
rcu_lock_release include/linux/rcupdate.h:341 [inline]
rcu_read_unlock include/linux/rcupdate.h:897 [inline]
batadv_iv_ogm_slide_own_bcast_window net/batman-adv/bat_iv_ogm.c:778 [inline]
batadv_iv_ogm_schedule_buff net/batman-adv/bat_iv_ogm.c:833 [inline]
batadv_iv_ogm_schedule+0x715/0xf00 net/batman-adv/bat_iv_ogm.c:873
batadv_iv_send_outstanding_bat_ogm_packet+0x6c6/0x7e0 net/batman-adv/bat_iv_ogm.c:1709
process_one_work+0x93a/0x15a0 kernel/workqueue.c:3279
process_scheduled_works kernel/workqueue.c:3362 [inline]
worker_thread+0x9b0/0xee0 kernel/workqueue.c:3443
kthread+0x711/0x8a0 kernel/kthread.c:463
ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
task:udevd state:R running task stack:23264 pid:5960 tgid:5960 ppid:5201 task_flags:0x20440140 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5258 [inline]
__schedule+0x150e/0x5070 kernel/sched/core.c:6866
preempt_schedule_common+0x83/0xd0 kernel/sched/core.c:7050
preempt_schedule+0xae/0xc0 kernel/sched/core.c:7074
preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:160 [inline]
_raw_spin_unlock_irq+0x45/0x50 kernel/locking/spinlock.c:202
spin_unlock_irq include/linux/spinlock.h:401 [inline]
loop_queue_work drivers/block/loop.c:864 [inline]
loop_queue_rq+0x9f8/0xb00 drivers/block/loop.c:1890
__blk_mq_issue_directly block/blk-mq.c:2715 [inline]
blk_mq_request_issue_directly+0x3c1/0x710 block/blk-mq.c:2802
blk_mq_issue_direct+0x2a0/0x660 block/blk-mq.c:2823
blk_mq_dispatch_queue_requests+0x6fe/0x800 block/blk-mq.c:2898
blk_mq_flush_plug_list+0x432/0x550 block/blk-mq.c:2981
__blk_flush_plug+0x3d3/0x4b0 block/blk-core.c:1225
blk_finish_plug+0x5e/0x90 block/blk-core.c:1252
read_pages+0x3b2/0x580 mm/readahead.c:176
page_cache_ra_unbounded+0x750/0x990 mm/readahead.c:302
do_page_cache_ra mm/readahead.c:332 [inline]
force_page_cache_ra mm/readahead.c:361 [inline]
page_cache_sync_ra+0x433/0xc40 mm/readahead.c:579
filemap_get_pages+0x468/0x1dc0 mm/filemap.c:2690
filemap_read+0x3f6/0x11a0 mm/filemap.c:2800
blkdev_read_iter+0x30a/0x440 block/fops.c:856
new_sync_read fs/read_write.c:491 [inline]
vfs_read+0x55a/0xa30 fs/read_write.c:572
ksys_read+0x145/0x250 fs/read_write.c:715
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5edb2a7407
RSP: 002b:00007ffd5960e0a0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007f5edb940880 RCX: 00007f5edb2a7407
RDX: 0000000000000200 RSI: 00007f5edb207000 RDI: 0000000000000009
RBP: 000055ad73d3b4d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
R13: 0000000000004000 R14: 000055ad73d35e48 R15: 00007f5edba6739c
task:kworker/u8:0 state:R running task stack:21696 pid:12 tgid:12 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: iou_exit io_ring_exit_work
Call Trace:
context_switch kernel/sched/core.c:5258 [inline]
__schedule+0x150e/0x5070 kernel/sched/core.c:6866
preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7193
irqentry_exit+0x5d8/0x660 kernel/entry/common.c:216
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:debug_lockdep_rcu_enabled+0x2d/0x40 kernel/rcu/update.c:320
Code: fa 31 c0 83 3d 17 78 44 04 00 74 1e 83 3d 2a a7 44 04 00 74 15 65 48 8b 0c 25 08 b0 9f 92 31 c0 83 b9 2c 0b 00 00 00 0f 94 c0 8e e3 02 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90
RSP: 0018:ffffc90000117270 EFLAGS: 00000246
RAX: 0000000000000001 RBX: ffffffff81ad9cfc RCX: ffff88801d2d5b80
RDX: 00000000ae17045a RSI: ffffffff8db7ed49 RDI: ffffffff8be07960
RBP: dffffc0000000000 R08: ffffffff81742f85 R09: ffffffff8e13f2e0
R10: ffffc90000117398 R11: ffffffff81ad9d50 R12: 1ffff92000022e69
R13: ffffc90000117380 R14: ffffc90000117348 R15: ffffffff81742f85
rcu_read_lock include/linux/rcupdate.h:868 [inline]
class_rcu_constructor include/linux/rcupdate.h:1195 [inline]
unwind_next_frame+0xcb/0x23d0 arch/x86/kernel/unwind_orc.c:495
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
kasan_save_stack+0x3e/0x60 mm/kasan/common.c:57
kasan_record_aux_stack+0xbd/0xd0 mm/kasan/generic.c:556
__call_rcu_common kernel/rcu/tree.c:3119 [inline]
call_rcu+0x157/0x9c0 kernel/rcu/tree.c:3239
slab_free_hook mm/slub.c:2504 [inline]
slab_free mm/slub.c:6674 [inline]
kmem_cache_free+0x488/0x620 mm/slub.c:6785
__io_req_caches_free+0x1c1/0x270 io_uring/io_uring.c:2826
io_req_caches_free+0x21/0x60 io_uring/io_uring.c:2838
io_ring_exit_work+0x3b3/0x8d0 io_uring/io_uring.c:3024
process_one_work+0x93a/0x15a0 kernel/workqueue.c:3279
process_scheduled_works kernel/workqueue.c:3362 [inline]
worker_thread+0x9b0/0xee0 kernel/workqueue.c:3443
kthread+0x711/0x8a0 kernel/kthread.c:463
ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
rcu: rcu_preempt kthread starved for 10662 jiffies! g32929 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:27128 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5258 [inline]
__schedule+0x150e/0x5070 kernel/sched/core.c:6866
__schedule_loop kernel/sched/core.c:6948 [inline]
schedule+0x165/0x360 kernel/sched/core.c:6963
schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
kthread+0x711/0x8a0 kernel/kthread.c:463
ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 8627 Comm: syz.9.381 Tainted: G L syzkaller #0 PREEMPT(full)
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:arch_static_branch arch/x86/include/asm/jump_label.h:37 [inline]
RIP: 0010:native_write_msr arch/x86/include/asm/msr.h:139 [inline]
RIP: 0010:wrmsrq arch/x86/include/asm/msr.h:199 [inline]
RIP: 0010:native_apic_msr_write+0x39/0x50 arch/x86/include/asm/apic.h:212
Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 cc cc cc cc cc f3 0f 1e fa 89 f6 31 d2 e9 52 f8 56 03 66
RSP: 0018:ffffc900051efa28 EFLAGS: 00000046
RAX: 000000000000003e RBX: ffff8880b8623e40 RCX: 0000000000000838
RDX: 0000000000000000 RSI: 000000000000003e RDI: 0000000000000838
RBP: 000000000000003e R08: ffffffff81af64e5 R09: ffffffff99af4508
R10: 0000000000000003 R11: ffffffff81717b10 R12: ffff8880b8623e80
R13: ffff8880b8623e78 R14: 0000000000000020 R15: dffffc0000000000
FS: 00007f673b6b46c0(0000) GS:ffff888125c25000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f211bdb74e0 CR3: 0000000074b74000 CR4: 00000000003526f0
Call Trace:
apic_write arch/x86/include/asm/apic.h:409 [inline]
lapic_next_event+0x11/0x20 arch/x86/kernel/apic/apic.c:418
clockevents_program_min_delta+0x1b0/0x350 kernel/time/clockevents.c:248
hrtimer_start_range_ns+0xd8a/0x1080 kernel/time/hrtimer.c:1323
__posixtimer_deliver_signal kernel/time/posix-timers.c:321 [inline]
posixtimer_deliver_signal+0x1cf/0x410 kernel/time/posix-timers.c:347
dequeue_signal+0x24a/0x370 kernel/signal.c:660
get_signal+0x55e/0x1340 kernel/signal.c:2914
arch_do_signal_or_restart+0x9a/0x7a0 arch/x86/kernel/signal.c:337
__exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
exit_to_user_mode_loop+0x87/0x4f0 kernel/entry/common.c:75
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
do_syscall_64+0x2d0/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f673a78f747
Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
RSP: 002b:00007f673b6b40e8 EFLAGS: 00000246
RAX: 00000000000000ca RBX: 00007f673a9e6188 RCX: 00007f673a78f749
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f673a9e6188
RBP: 00007f673a9e6180 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f673a9e6218 R14: 00007ffc17433ec0 R15: 00007ffc17433fa8