syzbot

rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	1-...!: (1 GPs behind) idle=e18c/0/0x1 softirq=9715/9720 fqs=0
	(t=10500 jiffies g=9809 q=325 ncpus=2)
rcu: rcu_preempt kthread starved for 10500 jiffies! g9809 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27760 pid:16    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5245 [inline]
 __schedule+0x11d1/0x40e0 kernel/sched/core.c:6562
 schedule+0xb9/0x180 kernel/sched/core.c:6638
 schedule_timeout+0x184/0x2d0 kernel/time/timer.c:2168
 rcu_gp_fqs_loop+0x303/0x1340 kernel/rcu/tree.c:1706
 rcu_gp_kthread+0x99/0x3b0 kernel/rcu/tree.c:1905
 kthread+0x29d/0x330 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 4451 Comm: syz.2.3 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:variable_test_bit arch/x86/include/asm/bitops.h:228 [inline]
RIP: 0010:arch_test_bit arch/x86/include/asm/bitops.h:240 [inline]
RIP: 0010:_test_bit include/asm-generic/bitops/instrumented-non-atomic.h:142 [inline]
RIP: 0010:hlock_class kernel/locking/lockdep.c:228 [inline]
RIP: 0010:check_wait_context kernel/locking/lockdep.c:4724 [inline]
RIP: 0010:__lock_acquire+0x5f2/0x7d10 kernel/locking/lockdep.c:4999
Code: 0f 85 5b 62 00 00 41 8b 07 89 c3 81 e3 ff 1f 00 00 c1 e8 03 25 f8 03 00 00 48 8d b8 40 a2 af 90 be 08 00 00 00 e8 0e 3b 6f 00 <48> 0f a3 1d c6 48 4b 0f 73 1a 48 8d 04 5b c1 e0 06 48 8d 98 00 21
RSP: 0018:ffffc90004b8fb20 EFLAGS: 00000056
RAX: 0000000000000001 RBX: 000000000000002c RCX: ffffffff81645972
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90afa240
RBP: ffffc90004b8fd70 R08: ffffffff90afa247 R09: 1ffffffff215f448
R10: dffffc0000000000 R11: fffffbfff215f449 R12: ffff8880266a3b80
R13: 0000000000000000 R14: 0000000000000002 R15: ffff8880266a4680
FS:  00007fcef109b6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000058 CR3: 0000000024575000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 lock_acquire+0x1bb/0x4a0 kernel/locking/lockdep.c:5662
 rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 rcu_read_lock include/linux/rcupdate.h:791 [inline]
 __task_pid_nr_ns+0x44/0x460 kernel/pid.c:497
 task_tgid_vnr include/linux/sched.h:1631 [inline]
 __ia32_sys_getpid+0x19/0x20 kernel/sys.c:953
 do_syscall_x64 arch/x86/entry/common.c:46 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fcef0196bd7
Code: 8d 3d 3e 8a 0b 00 e8 58 1d fa ff e8 a3 87 00 00 0f 1f 00 b8 68 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 <c3> 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00
RSP: 002b:00007fcef109aa48 EFLAGS: 00000206 ORIG_RAX: 0000000000000027
RAX: ffffffffffffffda RBX: 00007fcef109abb0 RCX: 00007fcef0196bd7
RDX: 00007fcef109aa80 RSI: 00007fcef109abb0 RDI: 0000000000000021
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 00007fcef0416038 R14: 00007fcef0415fa0 R15: 00007ffcdbb307c8
 </TASK>
CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:default_idle+0xb/0x10 arch/x86/kernel/process.c:742
Code: 48 89 df e8 d7 a4 9b f7 e9 44 ff ff ff e8 3d 07 f6 ff 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 66 90 0f 00 2d a7 ba 4e 00 fb f4 <c3> 0f 1f 40 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48
RSP: 0018:ffffc90000177de8 EFLAGS: 000002c6
RAX: a8c5899448155400 RBX: ffffffff8a37f307 RCX: a8c5899448155400
RDX: 0000000000000001 RSI: ffffffff8a8c19a0 RDI: ffffffff8adf1ba0
RBP: ffffc90000177f20 R08: ffff8880b8f3580b R09: 1ffff110171e6b01
R10: dffffc0000000000 R11: ffffed10171e6b02 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff888017739dc0 R15: 1ffff9200002efc8
FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb3f3bea540 CR3: 000000001ebee000 CR4: 00000000003526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 default_idle_call+0x84/0xc0 kernel/sched/idle.c:109
 cpuidle_idle_call kernel/sched/idle.c:199 [inline]
 do_idle+0x250/0x680 kernel/sched/idle.c:323
 cpu_startup_entry+0x3f/0x60 kernel/sched/idle.c:422
 start_secondary+0xe4/0xf0 arch/x86/kernel/smpboot.c:281
 secondary_startup_64_no_verify+0xcf/0xdb
 </TASK>
vkms_vblank_simulate: vblank timer overrun