rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P1694/1:b..l (detected by 0, t=10502 jiffies, g=129493, q=18) task:syz-executor.0 state:R running task stack:24464 pid: 1694 ppid: 6528 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0xb72/0x1460 kernel/sched/core.c:6287 preempt_schedule_common kernel/sched/core.c:6459 [inline] preempt_schedule+0x14d/0x190 kernel/sched/core.c:6484 preempt_schedule_thunk+0x16/0x18 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline] _raw_spin_unlock_irq+0x3c/0x40 kernel/locking/spinlock.c:202 spin_unlock_irq include/linux/spinlock.h:413 [inline] loop_queue_work drivers/block/loop.c:1066 [inline] loop_queue_rq+0x995/0xa70 drivers/block/loop.c:2177 __blk_mq_issue_directly block/blk-mq.c:1985 [inline] __blk_mq_try_issue_directly+0x4e8/0xc80 block/blk-mq.c:2041 blk_mq_try_issue_directly+0x11a/0x370 block/blk-mq.c:2072 blk_mq_submit_bio+0x1273/0x1dd0 __submit_bio+0x859/0x8b0 block/blk-core.c:929 __submit_bio_noacct_mq block/blk-core.c:1009 [inline] submit_bio_noacct+0x8c9/0xa90 block/blk-core.c:1039 submit_bio+0x2d7/0x560 block/blk-core.c:1101 submit_bh fs/buffer.c:3060 [inline] __bread_slow fs/buffer.c:1180 [inline] __bread_gfp+0x1b1/0x370 fs/buffer.c:1382 udf_read_tagged+0x11b/0xa80 fs/udf/misc.c:219 udf_load_sparable_map fs/udf/super.c:1358 [inline] udf_load_logicalvol+0x9e2/0x2a60 fs/udf/super.c:1449 udf_process_sequence+0xa86/0xd90 fs/udf/super.c:1765 udf_load_sequence fs/udf/super.c:1812 [inline] udf_check_anchor_block+0x3dd/0x6d0 fs/udf/super.c:1852 udf_scan_anchors+0x166/0x6b0 fs/udf/super.c:1885 udf_find_anchor fs/udf/super.c:1942 [inline] udf_load_vrs+0x1f8/0x770 fs/udf/super.c:2007 udf_fill_super+0x92c/0x1b40 fs/udf/super.c:2185 mount_bdev+0x26c/0x3a0 fs/super.c:1368 legacy_get_tree+0xea/0x180 fs/fs_context.c:610 vfs_get_tree+0x86/0x270 fs/super.c:1498 do_new_mount fs/namespace.c:2988 [inline] path_mount+0x1986/0x2c30 fs/namespace.c:3318 do_mount fs/namespace.c:3331 [inline] __do_sys_mount fs/namespace.c:3539 [inline] __se_sys_mount+0x308/0x3c0 fs/namespace.c:3516 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f6d404daf6a RSP: 002b:00007f6d3da2dfa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f6d404daf6a RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f6d3da2e000 RBP: 00007f6d3da2e040 R08: 00007f6d3da2e040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 R13: 0000000020000100 R14: 00007f6d3da2e000 R15: 0000000020000380 rcu: rcu_preempt kthread starved for 10502 jiffies! g129493 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:26544 pid: 14 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0xb72/0x1460 kernel/sched/core.c:6287 schedule+0x14b/0x210 kernel/sched/core.c:6366 schedule_timeout+0x1b9/0x300 kernel/time/timer.c:1881 rcu_gp_fqs_loop+0x1fd/0x770 kernel/rcu/tree.c:1957 rcu_gp_kthread+0xa5/0x350 kernel/rcu/tree.c:2130 kthread+0x453/0x480 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 1689 Comm: syz-executor.0 Not tainted 5.15.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60 kernel/kcov.c:196 Code: 00 00 0f 1f 40 00 be 0d 00 00 00 48 c7 c7 40 93 95 8c e8 af 62 4b 00 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 8b 04 24 <65> 48 8b 0c 25 c0 ef 01 00 65 8b 15 d4 65 7e 7e f7 c2 00 01 ff 00 RSP: 0018:ffffc90000dc0e80 EFLAGS: 00000093 RAX: ffffffff817295cc RBX: 0000000000000000 RCX: ffff8880445f8000 RDX: ffff8880445f8000 RSI: 0000000000000000 RDI: 0000000000000009 RBP: 0000000000000000 R08: ffffffff817295bd R09: ffff88807915e4c8 R10: ffffed100f22bc9b R11: 0000000000000000 R12: ffff8880b9d22240 R13: 0000000000000003 R14: 7fffffffffffffff R15: dffffc0000000000 FS: 00007f6d3da4f700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6d3da2f000 CR3: 00000000937e8000 CR4: 00000000003506e0 Call Trace: __next_base kernel/time/hrtimer.c:496 [inline] __hrtimer_next_event_base kernel/time/hrtimer.c:510 [inline] __hrtimer_get_next_event kernel/time/hrtimer.c:587 [inline] hrtimer_update_next_event kernel/time/hrtimer.c:612 [inline] hrtimer_interrupt+0x83c/0x1040 kernel/time/hrtimer.c:1814 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline] __sysvec_apic_timer_interrupt+0xf9/0x270 arch/x86/kernel/apic/apic.c:1103 sysvec_apic_timer_interrupt+0x8c/0xb0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 RIP: 0010:on_stack arch/x86/include/asm/stacktrace.h:45 [inline] RIP: 0010:unwind_next_frame+0x134e/0x1fa0 arch/x86/kernel/unwind_orc.c:604 Code: 50 e8 06 f3 94 00 48 8b 54 24 10 49 8b 5d 38 49 8d 7d 08 48 89 f8 48 c1 e8 03 80 3c 28 00 74 0a e8 e7 f2 94 00 48 8b 54 24 10 <4d> 8b 75 08 49 8d 7d 10 48 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 RSP: 0018:ffffc9000a4cf140 EFLAGS: 00000246 RAX: 1ffff92001499e41 RBX: ffffc9000a4cf740 RCX: 0000000000000000 RDX: ffffc9000a4cf620 RSI: 0000000000000001 RDI: ffffc9000a4cf208 RBP: dffffc0000000000 R08: dffffc0000000000 R09: ffffc9000a4cf250 R10: fffff52001499e4c R11: 0000000000000000 R12: 1ffff92001499e47 R13: ffffc9000a4cf200 R14: dffffc0000000000 R15: 1ffff92001499e40 arch_stack_walk+0x112/0x140 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0x11b/0x1e0 kernel/stacktrace.c:121 kasan_save_stack mm/kasan/common.c:38 [inline] kasan_set_track mm/kasan/common.c:46 [inline] set_alloc_info mm/kasan/common.c:434 [inline] ____kasan_kmalloc+0xdc/0x110 mm/kasan/common.c:513 kasan_kmalloc include/linux/kasan.h:264 [inline] kmem_cache_alloc_trace+0x9f/0x310 mm/slub.c:3240 kmalloc include/linux/slab.h:591 [inline] tty_alloc_file drivers/tty/tty_io.c:187 [inline] tty_open+0x9e3/0xdd0 drivers/tty/tty_io.c:2140 chrdev_open+0x5fb/0x680 fs/char_dev.c:414 do_dentry_open+0x7cb/0x1020 fs/open.c:822 do_open fs/namei.c:3428 [inline] path_openat+0x28b4/0x3670 fs/namei.c:3561 do_filp_open+0x277/0x4f0 fs/namei.c:3588 do_sys_openat2+0x13b/0x500 fs/open.c:1200 do_sys_open fs/open.c:1216 [inline] __do_sys_openat fs/open.c:1232 [inline] __se_sys_openat fs/open.c:1227 [inline] __x64_sys_openat+0x243/0x290 fs/open.c:1227 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f6d404d9a39 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f6d3da4f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007f6d405dcf60 RCX: 00007f6d404d9a39 RDX: 0000000000000802 RSI: 0000000020000840 RDI: ffffffffffffff9c RBP: 00007f6d40533e8f R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc51accebf R14: 00007f6d3da4f300 R15: 0000000000022000 ---------------- Code disassembly (best guess): 0: 00 00 add %al,(%rax) 2: 0f 1f 40 00 nopl 0x0(%rax) 6: be 0d 00 00 00 mov $0xd,%esi b: 48 c7 c7 40 93 95 8c mov $0xffffffff8c959340,%rdi 12: e8 af 62 4b 00 callq 0x4b62c6 17: c3 retq 18: cc int3 19: cc int3 1a: cc int3 1b: cc int3 1c: cc int3 1d: cc int3 1e: cc int3 1f: cc int3 20: cc int3 21: cc int3 22: cc int3 23: cc int3 24: cc int3 25: cc int3 26: 48 8b 04 24 mov (%rsp),%rax * 2a: 65 48 8b 0c 25 c0 ef mov %gs:0x1efc0,%rcx <-- trapping instruction 31: 01 00 33: 65 8b 15 d4 65 7e 7e mov %gs:0x7e7e65d4(%rip),%edx # 0x7e7e660e 3a: f7 c2 00 01 ff 00 test $0xff0100,%edx