rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P13354/1:b..l P13352/1:b..l P6385/1:b..l P13278/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=60089, q=408 ncpus=2)
task:syz.5.1546      state:R  running task     stack:25032 pid:13278 tgid:13277 ppid:5865   task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:__kasan_check_byte+0x14/0x40 mm/kasan/common.c:567
Code: ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 56 53 48 89 f3 49 89 fe e8 5e 14 00 00 84 c0 <75> 16 be 01 00 00 00 4c 89 f7 31 d2 48 89 d9 89 c3 e8 c6 03 00 00
RSP: 0018:ffffc900043ef2e0 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffffffff8172d1b2 RCX: 004ad75a514abb00
RDX: 0000000000000000 RSI: ffffffff8172d1b2 RDI: 1ffffffff1c27424
RBP: ffffffff8172d195 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffffff81ac4860 R12: 0000000000000002
R13: ffffffff8e13a120 R14: ffffffff8e13a120 R15: 0000000000000000
 kasan_check_byte include/linux/kasan.h:399 [inline]
 lock_acquire+0x8d/0x360 kernel/locking/lockdep.c:5842
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xc2/0x2390 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:388 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:405
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4376 [inline]
 __kmalloc_noprof+0x27a/0x4f0 mm/slub.c:4388
 kmalloc_noprof include/linux/slab.h:909 [inline]
 io_cache_alloc_new+0x40/0x100 io_uring/alloc_cache.c:40
 io_cache_alloc io_uring/alloc_cache.h:59 [inline]
 io_uring_alloc_async_data io_uring/io_uring.h:246 [inline]
 io_rw_alloc_async io_uring/rw.c:202 [inline]
 __io_prep_rw+0x23f/0xe20 io_uring/rw.c:261
 io_prep_rw io_uring/rw.c:320 [inline]
 io_prep_rwv+0x8c/0x3d0 io_uring/rw.c:342
 io_init_req io_uring/io_uring.c:2197 [inline]
 io_submit_sqe io_uring/io_uring.c:2244 [inline]
 io_submit_sqes+0x917/0x1d30 io_uring/io_uring.c:2396
 __do_sys_io_uring_enter io_uring/io_uring.c:3463 [inline]
 __se_sys_io_uring_enter+0x2df/0x2b20 io_uring/io_uring.c:3397
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc130d8eec9
RSP: 002b:00007fc131b89038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
RAX: ffffffffffffffda RBX: 00007fc130fe5fa0 RCX: 00007fc130d8eec9
RDX: 0000000000000000 RSI: 00000000000847ba RDI: 000000000000000a
RBP: 00007fc130e11f91 R08: 0000000000000000 R09: 0000000000000000
R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000000
R13: 00007fc130fe6038 R14: 00007fc130fe5fa0 R15: 00007ffed25f27f8
 </TASK>
task:udevd           state:R  running task     stack:21896 pid:6385  tgid:6385  ppid:5230   task_flags:0x400140 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 preempt_schedule_common+0x83/0xd0 kernel/sched/core.c:7145
 preempt_schedule+0xae/0xc0 kernel/sched/core.c:7169
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
 _raw_spin_unlock_irqrestore+0xfd/0x110 kernel/locking/spinlock.c:194
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 __wake_up_common_lock+0x190/0x1f0 kernel/sched/wait.c:127
 sock_def_readable+0x1fb/0x550 net/core/sock.c:3542
 unix_dgram_sendmsg+0xe08/0x1850 net/unix/af_unix.c:2309
 sock_sendmsg_nosec net/socket.c:714 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:729
 sock_write_iter+0x258/0x330 net/socket.c:1179
 new_sync_write fs/read_write.c:593 [inline]
 vfs_write+0x5c9/0xb30 fs/read_write.c:686
 ksys_write+0x145/0x250 fs/read_write.c:738
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f64e8ca7407
RSP: 002b:00007ffe88b66f40 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f64e9346880 RCX: 00007f64e8ca7407
RDX: 0000000000000000 RSI: 00007ffe88b66fe7 RDI: 000000000000000a
RBP: 000000000000000a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 00007f64e93466e8
R13: 0000000000000000 R14: 0000000000000000 R15: 0000562d02741e20
 </TASK>
task:syz.8.1563      state:R  running task     stack:21672 pid:13352 tgid:13348 ppid:9449   task_flags:0x400140 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x175/0x360 kernel/locking/lockdep.c:5872
Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 1b 74 03 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc900048ce318 EFLAGS: 00000206
RAX: bbb01b161a44fc00 RBX: 0000000000000000 RCX: bbb01b161a44fc00
RDX: 0000000000000000 RSI: ffffffff8dba9bc5 RDI: ffffffff8be33f80
RBP: ffffffff8172d195 R08: 0000000000000000 R09: ffffffff8172d195
R10: dffffc0000000000 R11: ffffffff81ac4860 R12: 0000000000000002
R13: ffffffff8e13a120 R14: 0000000000000000 R15: 0000000000000246
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xc2/0x2390 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack+0x3e/0x60 mm/kasan/common.c:47
 kasan_record_aux_stack+0xbd/0xd0 mm/kasan/generic.c:548
 kvfree_call_rcu+0xbb/0x410 mm/slab_common.c:1962
 in6_ifa_put include/net/addrconf.h:456 [inline]
 addrconf_ifdown+0x110e/0x1880 net/ipv6/addrconf.c:3989
 addrconf_notify+0x1bc/0x1010 net/ipv6/addrconf.c:-1
 notifier_call_chain+0x1b6/0x3e0 kernel/notifier.c:85
 call_netdevice_notifiers_extack net/core/dev.c:2267 [inline]
 call_netdevice_notifiers net/core/dev.c:2281 [inline]
 __dev_notify_flags+0x18d/0x2e0 net/core/dev.c:-1
 netif_change_flags+0xe8/0x1a0 net/core/dev.c:9617
 do_setlink+0xc55/0x41c0 net/core/rtnetlink.c:3143
 rtnl_changelink net/core/rtnetlink.c:3761 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3920 [inline]
 rtnl_newlink+0x160b/0x1c70 net/core/rtnetlink.c:4057
 rtnetlink_rcv_msg+0x7cf/0xb70 net/core/rtnetlink.c:6946
 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552
 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]
 netlink_unicast+0x82f/0x9e0 net/netlink/af_netlink.c:1346
 netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896
 sock_sendmsg_nosec net/socket.c:714 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:729
 ____sys_sendmsg+0x505/0x830 net/socket.c:2614
 ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668
 __sys_sendmsg net/socket.c:2700 [inline]
 __do_sys_sendmsg net/socket.c:2705 [inline]
 __se_sys_sendmsg net/socket.c:2703 [inline]
 __x64_sys_sendmsg+0x19b/0x260 net/socket.c:2703
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3d34d8eec9
RSP: 002b:00007f3d35b76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f3d34fe5fa0 RCX: 00007f3d34d8eec9
RDX: 0000000000000040 RSI: 0000200000000280 RDI: 0000000000000005
RBP: 00007f3d34e11f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f3d34fe6038 R14: 00007f3d34fe5fa0 R15: 00007ffe421aa738
 </TASK>
task:cmp             state:R  running task     stack:24104 pid:13354 tgid:13354 ppid:13304  task_flags:0x400000 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 preempt_schedule_irq+0xb5/0x150 kernel/sched/core.c:7288
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:197
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:do_inode_permission fs/namei.c:524 [inline]
RIP: 0010:inode_permission+0x77/0x470 fs/namei.c:593
Code: 49 89 ec 49 c1 ec 03 43 0f b6 04 3c 84 c0 0f 85 0d 03 00 00 44 0f b7 7d 00 44 89 fe 83 e6 01 31 ff e8 ad ad 88 ff 41 83 e7 01 <0f> 84 8c 01 00 00 e8 fe a9 88 ff 49 bf 00 00 00 00 00 fc ff df 48
RSP: 0018:ffffc90003cbf8a0 EFLAGS: 00000202
RAX: ffffffff823710e3 RBX: 0000000000000081 RCX: 0000000000000000
RDX: ffff88802c3c1e00 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff88803152b26a R08: ffffffff8fa3a737 R09: 1ffffffff1f474e6
R10: dffffc0000000000 R11: fffffbfff1f474e7 R12: 1ffff110062a564d
R13: 0000000000000000 R14: ffff88803152b268 R15: 0000000000000001
 may_lookup fs/namei.c:1836 [inline]
 link_path_walk+0x232/0xea0 fs/namei.c:2445
 path_lookupat+0x97/0x430 fs/namei.c:2653
 filename_lookup+0x212/0x570 fs/namei.c:2683
 vfs_statx+0xf8/0x550 fs/stat.c:353
 vfs_fstatat+0x118/0x170 fs/stat.c:375
 __do_sys_newfstatat fs/stat.c:542 [inline]
 __se_sys_newfstatat fs/stat.c:536 [inline]
 __x64_sys_newfstatat+0x116/0x190 fs/stat.c:536
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4ad5c42eaa
RSP: 002b:00007fff673e0598 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
RAX: ffffffffffffffda RBX: 00007fff673e05ab RCX: 00007f4ad5c42eaa
RDX: 00007fff673e0650 RSI: 00007fff673e05a0 RDI: 00000000ffffff9c
RBP: 00007fff673e0710 R08: 00007fff673e0797 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022
R13: 00007f4ad5c17050 R14: 0000000000000001 R15: 0000000000000000
 </TASK>
rcu: rcu_preempt kthread starved for 10578 jiffies! g60089 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27160 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 __schedule_loop kernel/sched/core.c:7043 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:7058
 schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
 rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x439/0x7d0 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82
Code: 3e bd 95 f5 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 a9 0d 00 f3 0f 1e fa fb f4 <e9> 13 bd 95 f5 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
RAX: 25dea45d48d2d300 RBX: ffffffff81969528 RCX: 25dea45d48d2d300
RDX: 0000000000000001 RSI: ffffffff8d9ba5a7 RDI: ffffffff8be33f80
RBP: ffffffff8de07eb8 R08: ffff8880b8632f9b R09: 1ffff110170c65f3
R10: dffffc0000000000 R11: ffffed10170c65f4 R12: ffffffff8fa3a730
R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
FS:  0000000000000000(0000) GS:ffff888125c12000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f786ffb6c60 CR3: 0000000076231000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
 default_idle+0x13/0x20 arch/x86/kernel/process.c:757
 default_idle_call+0x74/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:190 [inline]
 do_idle+0x1e8/0x510 kernel/sched/idle.c:330
 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:428
 rest_init+0x2de/0x300 init/main.c:744
 start_kernel+0x3a9/0x410 init/main.c:1097
 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:307
 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:288
 common_startup_64+0x13e/0x147
 </TASK>