rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: 1-...!: (1 ticks this GP) idle=4c2c/1/0x4000000000000000 softirq=11008/11008 fqs=1 rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5306/1:b..l rcu: (detected by 0, t=10502 jiffies, g=10609, q=593 ncpus=2) Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 2428 Comm: kworker/u4:5 Not tainted 6.4.0-rc6-next-20230613-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 Workqueue: netns cleanup_net RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:200 Code: 76 cf 90 02 66 0f 1f 44 00 00 f3 0f 1e fa 48 8b be b0 01 00 00 e8 b0 ff ff ff 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1e fa 65 8b 05 6d 44 7f 7e 89 c1 48 8b 34 24 81 e1 00 01 00 RSP: 0018:ffffc900001e0e38 EFLAGS: 00000002 RAX: 0000000000010000 RBX: ffff888028d0c340 RCX: ffffffff8173ce02 RDX: ffff88802781d940 RSI: 0000000000000000 RDI: 0000000000000001 RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001 R13: ffff8880b992ba00 R14: ffff8880b992b900 R15: 0000000000000001 FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f0ac22d56be CR3: 0000000041131000 CR4: 00000000003526e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: trace_hrtimer_expire_exit include/trace/events/timer.h:282 [inline] __run_hrtimer kernel/time/hrtimer.c:1688 [inline] __hrtimer_run_queues+0x84c/0xa40 kernel/time/hrtimer.c:1749 hrtimer_interrupt+0x320/0x7b0 kernel/time/hrtimer.c:1811 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1098 [inline] __sysvec_apic_timer_interrupt+0x14a/0x430 arch/x86/kernel/apic/apic.c:1115 sysvec_apic_timer_interrupt+0x92/0xc0 arch/x86/kernel/apic/apic.c:1109 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645 RIP: 0010:lock_acquire.part.0+0x156/0x370 kernel/locking/lockdep.c:5726 Code: b8 ff ff ff ff 65 0f c1 05 47 78 9c 7e 83 f8 01 0f 85 c7 01 00 00 9c 58 f6 c4 02 0f 85 da 01 00 00 48 85 ed 0f 85 ad 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7 RSP: 0018:ffffc9000b7cfa40 EFLAGS: 00000206 RAX: 0000000000000046 RBX: 1ffff920016f9f49 RCX: a9ab33631e9fea72 RDX: 1ffff11004f03c80 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff23083d0 R10: ffffffff91841e87 R11: 0000000000000001 R12: 0000000000000002 R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff8c9a2840 rcu_lock_acquire include/linux/rcupdate.h:302 [inline] rcu_read_lock include/linux/rcupdate.h:748 [inline] inet_twsk_purge+0x132/0x900 net/ipv4/inet_timewait_sock.c:292 ops_exit_list+0x125/0x170 net/core/net_namespace.c:175 cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:614 process_one_work+0xa34/0x16f0 kernel/workqueue.c:2594 worker_thread+0x67d/0x10c0 kernel/workqueue.c:2745 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 task:syz-executor.4 state:R running task stack:27744 pid:5306 ppid:5059 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5380 [inline] __schedule+0x1d15/0x5790 kernel/sched/core.c:6709 preempt_schedule_notrace+0x5f/0xd0 kernel/sched/core.c:6971 preempt_schedule_notrace_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:46 rcu_is_watching+0x86/0xb0 kernel/rcu/tree.c:700 rcu_read_lock include/linux/rcupdate.h:749 [inline] count_memcg_event_mm.part.0+0x1ec/0x330 include/linux/memcontrol.h:1107 count_memcg_event_mm include/linux/memcontrol.h:570 [inline] mm_account_fault mm/memory.c:5105 [inline] handle_mm_fault+0x3f6/0x9e0 mm/memory.c:5241 do_user_addr_fault+0x51a/0x1210 arch/x86/mm/fault.c:1440 handle_page_fault arch/x86/mm/fault.c:1534 [inline] exc_page_fault+0x98/0x170 arch/x86/mm/fault.c:1590 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570 RIP: 0010:rep_movs_alternative+0x4a/0xb0 arch/x86/lib/copy_user_64.S:71 Code: 75 f1 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 0f 1f 00 4c 8b 06 4c 8b 4e 08 4c 8b 56 10 4c 8b 5e 18 4c RSP: 0018:ffffc900052ff890 EFLAGS: 00050206 RAX: 0000000000000001 RBX: 0000000000008000 RCX: 0000000000004400 RDX: 0000000000000000 RSI: 000000002010c000 RDI: ffff88802f0d3c00 RBP: 0000000020108400 R08: 0000000000000001 R09: ffffed1005e1afff R10: ffff88802f0d7fff R11: 0000000000000000 R12: ffff88802f0d0000 R13: 0000000020110400 R14: 0000000000000000 R15: 0000000000008000 copy_user_generic arch/x86/include/asm/uaccess_64.h:112 [inline] raw_copy_from_user arch/x86/include/asm/uaccess_64.h:127 [inline] copyin.part.0+0x68/0x80 lib/iov_iter.c:193 copyin lib/iov_iter.c:390 [inline] _copy_from_iter+0x2cc/0x1290 lib/iov_iter.c:390 copy_from_iter include/linux/uio.h:202 [inline] copy_from_iter_full include/linux/uio.h:209 [inline] skb_do_copy_data_nocache include/net/sock.h:2258 [inline] skb_copy_to_page_nocache include/net/sock.h:2284 [inline] tcp_sendmsg_locked+0x13d8/0x3180 net/ipv4/tcp.c:1232 tcp_sendmsg+0x2f/0x50 net/ipv4/tcp.c:1367 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:830 sock_sendmsg_nosec net/socket.c:725 [inline] sock_sendmsg+0xde/0x190 net/socket.c:748 sock_write_iter+0x29b/0x3d0 net/socket.c:1129 call_write_iter include/linux/fs.h:1866 [inline] new_sync_write fs/read_write.c:491 [inline] vfs_write+0x960/0xd70 fs/read_write.c:584 ksys_write+0x1e3/0x250 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fbc27a8c199 RSP: 002b:00007fbc265dd168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fbc27bac050 RCX: 00007fbc27a8c199 RDX: 0000000100000530 RSI: 0000000020000400 RDI: 0000000000000004 RBP: 00007fbc27ae7ca1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fff3bc7509f R14: 00007fbc265dd300 R15: 0000000000022000 rcu: rcu_preempt kthread starved for 10500 jiffies! g10609 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:28376 pid:16 ppid:2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5380 [inline] __schedule+0x1d15/0x5790 kernel/sched/core.c:6709 schedule+0xde/0x1a0 kernel/sched/core.c:6785 schedule_timeout+0x14e/0x2b0 kernel/time/timer.c:2167 rcu_gp_fqs_loop+0x190/0x910 kernel/rcu/tree.c:1613 rcu_gp_kthread+0x23a/0x360 kernel/rcu/tree.c:1812 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 rcu: Stack dump where RCU GP kthread last ran: CPU: 0 PID: 5274 Comm: syz-executor.5 Not tainted 6.4.0-rc6-next-20230613-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 RIP: 0010:csd_lock_wait kernel/smp.c:289 [inline] RIP: 0010:smp_call_function_single+0x1fb/0x680 kernel/smp.c:626 Code: 00 00 00 66 44 89 ac 24 8e 00 00 00 4c 89 e6 e8 bb fa ff ff 41 89 c5 0f 1f 44 00 00 e8 de 2d 0b 00 eb 07 e8 d7 2d 0b 00 f3 90 <44> 8b a4 24 88 00 00 00 31 ff 41 83 e4 01 44 89 e6 e8 df 29 0b 00 RSP: 0018:ffffc90004eb7a00 EFLAGS: 00000293 RAX: 0000000000000000 RBX: 1ffff920009d6f44 RCX: 0000000000000000 RDX: ffff88801f719dc0 RSI: ffffffff817947f9 RDI: 0000000000000005 RBP: ffffc90004eb7b20 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001 R13: 0000000000000000 R14: 0000000000000001 R15: ffff88803000c7a8 FS: 0000555556184400(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fb84eb831b8 CR3: 0000000019be6000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: loaded_vmcs_clear arch/x86/kvm/vmx/vmx.c:793 [inline] vmx_vcpu_load_vmcs+0x3b3/0x7e0 arch/x86/kvm/vmx/vmx.c:1397 vmx_vcpu_load+0x1c/0x90 arch/x86/kvm/vmx/vmx.c:1464 kvm_arch_vcpu_load+0xbe/0x7f0 arch/x86/kvm/x86.c:4803 vcpu_load+0x55/0x90 arch/x86/kvm/../../../virt/kvm/kvm_main.c:216 kvm_unload_vcpu_mmu arch/x86/kvm/x86.c:12345 [inline] kvm_unload_vcpu_mmus arch/x86/kvm/x86.c:12357 [inline] kvm_arch_destroy_vm+0x182/0x4b0 arch/x86/kvm/x86.c:12464 kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:1295 [inline] kvm_put_kvm+0x4da/0xae0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1329 kvm_vcpu_release+0x51/0x70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3831 __fput+0x288/0xaa0 fs/file_table.c:321 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f2a8f03e04b Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 RSP: 002b:00007ffdf508a380 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000009 RCX: 00007f2a8f03e04b RDX: 0000001b2fb20000 RSI: 00007f2a8ec00000 RDI: 0000000000000008 RBP: 00007f2a8f1ad980 R08: 0000000000000000 R09: 00000000820f0faf R10: 00007ffdf5130090 R11: 0000000000000293 R12: 000000000002eb5d R13: 00007ffdf508a480 R14: 00007ffdf508a4a0 R15: 0000000000000032