rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5723/1:b..l P5170/1:b..l P4506/1:b..l P5124/1:b..l P16729/1:b..l P5100/2:b..l P5060/1:b..l P5062/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=51797, q=267 ncpus=2)
task:syz-fuzzer      state:R  running task     stack:24128 pid:5062  tgid:5062  ppid:5060   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_irq+0x52/0x90 kernel/sched/core.c:7008
 irqentry_exit+0x36/0x80 kernel/entry/common.c:432
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645
RIP: 0010:__sanitizer_cov_trace_pc+0x34/0x60 kernel/kcov.c:207
Code: bc 03 00 65 8b 05 74 32 7c 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 35 8b 82 fc 15 00 00 85 c0 74 2b 8b 82 d8 15 00 00 <83> f8 02 75 20 48 8b 8a e0 15 00 00 8b 92 dc 15 00 00 48 8b 01 48
RSP: 0018:ffffc9000392f4e0 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff888015120d38 RCX: ffffffff81e720f1
RDX: ffff88805aa60000 RSI: ffffffff81e8945d RDI: ffff888015120d38
RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000001
R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000001
R13: 0000000000000000 R14: dffffc0000000000 R15: 000000841a52bdc1
 page_ext_put+0xd/0xd0 mm/page_ext.c:530
 __reset_page_owner+0x137/0x190 mm/page_owner.c:157
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1137 [inline]
 free_unref_page_prepare+0x4fa/0xaa0 mm/page_alloc.c:2347
 free_unref_page+0x33/0x3b0 mm/page_alloc.c:2487
 __unfreeze_partials+0x226/0x240 mm/slub.c:2655
 qlink_free mm/kasan/quarantine.c:168 [inline]
 qlist_free_all+0x6a/0x170 mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x18e/0x1d0 mm/kasan/quarantine.c:294
 ____kasan_kmalloc mm/kasan/common.c:340 [inline]
 __kasan_kmalloc+0x86/0xb0 mm/kasan/common.c:383
 kasan_kmalloc include/linux/kasan.h:198 [inline]
 __do_kmalloc_node mm/slab_common.c:1007 [inline]
 __kmalloc+0x59/0x90 mm/slab_common.c:1020
 kmalloc include/linux/slab.h:604 [inline]
 tomoyo_realpath_from_path+0xb9/0x710 security/tomoyo/realpath.c:251
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_check_open_permission+0x2a3/0x3b0 security/tomoyo/file.c:771
 tomoyo_file_open security/tomoyo/tomoyo.c:332 [inline]
 tomoyo_file_open+0xa8/0xd0 security/tomoyo/tomoyo.c:327
 security_file_open+0x6a/0xe0 security/security.c:2836
 do_dentry_open+0x583/0x18c0 fs/open.c:935
 do_open fs/namei.c:3622 [inline]
 path_openat+0x1e5a/0x2c50 fs/namei.c:3779
 do_filp_open+0x1de/0x430 fs/namei.c:3809
 do_sys_openat2+0x176/0x1e0 fs/open.c:1440
 do_sys_open fs/open.c:1455 [inline]
 __do_sys_openat fs/open.c:1471 [inline]
 __se_sys_openat fs/open.c:1466 [inline]
 __x64_sys_openat+0x175/0x210 fs/open.c:1466
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x403ace
RSP: 002b:000000c017b837d0 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: ffffffffffffff9c RCX: 0000000000403ace
RDX: 0000000000080000 RSI: 000000c005befc80 RDI: ffffffffffffff9c
RBP: 000000c017b83810 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000099 R14: 000000c00908e1a0 R15: 0000000001f3fd00
 </TASK>
task:sshd            state:R  running task     stack:24688 pid:5060  tgid:5060  ppid:4826   flags:0x00000002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 unwind_next_frame+0x1c80/0x2390 arch/x86/kernel/unwind_orc.c:672
 __unwind_start+0x5a4/0x880 arch/x86/kernel/unwind_orc.c:760
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xaf/0x170 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x96/0xd0 kernel/stacktrace.c:122
 save_stack+0x160/0x1f0 mm/page_owner.c:128
 __reset_page_owner+0x5a/0x190 mm/page_owner.c:149
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1137 [inline]
 free_unref_page_prepare+0x4fa/0xaa0 mm/page_alloc.c:2347
 free_unref_page+0x33/0x3b0 mm/page_alloc.c:2487
 __unfreeze_partials+0x226/0x240 mm/slub.c:2655
 qlink_free mm/kasan/quarantine.c:168 [inline]
 qlist_free_all+0x6a/0x170 mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x18e/0x1d0 mm/kasan/quarantine.c:294
 __kasan_slab_alloc+0x65/0x90 mm/kasan/common.c:305
 kasan_slab_alloc include/linux/kasan.h:188 [inline]
 slab_post_alloc_hook mm/slab.h:763 [inline]
 slab_alloc_node mm/slub.c:3478 [inline]
 kmem_cache_alloc_node+0x180/0x330 mm/slub.c:3523
 kmalloc_reserve+0x166/0x260 net/core/skbuff.c:560
 __alloc_skb+0x12b/0x330 net/core/skbuff.c:651
 alloc_skb_fclone include/linux/skbuff.h:1336 [inline]
 tcp_stream_alloc_skb+0x34/0x560 net/ipv4/tcp.c:871
 tcp_sendmsg_locked+0xeb2/0x3460 net/ipv4/tcp.c:1153
 tcp_sendmsg+0x2e/0x40 net/ipv4/tcp.c:1340
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:847
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0xd5/0x180 net/socket.c:745
 sock_write_iter+0x29b/0x3d0 net/socket.c:1158
 call_write_iter include/linux/fs.h:2020 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x64f/0xdf0 fs/read_write.c:584
 ksys_write+0x1f0/0x250 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f36a5316bf2
RSP: 002b:00007ffd0185f098 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000004454 RCX: 00007f36a5316bf2
RDX: 0000000000004454 RSI: 000055b101daf100 RDI: 0000000000000004
RBP: 000055b101d88de0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000055b1000a3aa4
R13: 0000000000000237 R14: 000055b1000a43e8 R15: 00007ffd0185f108
 </TASK>
task:syz-fuzzer      state:R  running task     stack:24816 pid:5100  tgid:5062  ppid:5060   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __local_bh_enable_ip+0x103/0x120 kernel/softirq.c:388
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 nf_conntrack_tcp_packet+0x23e6/0x6820 net/netfilter/nf_conntrack_proto_tcp.c:1292
 nf_conntrack_handle_packet net/netfilter/nf_conntrack_core.c:1923 [inline]
 nf_conntrack_in+0x2e9/0x1850 net/netfilter/nf_conntrack_core.c:2013
 ipv4_conntrack_local+0x160/0x260 net/netfilter/nf_conntrack_proto.c:229
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0xbb/0x1f0 net/netfilter/core.c:626
 nf_hook+0x386/0x6c0 include/linux/netfilter.h:269
 __ip_local_out+0x346/0x640 net/ipv4/ip_output.c:118
 ip_local_out net/ipv4/ip_output.c:127 [inline]
 __ip_queue_xmit+0x742/0x1a50 net/ipv4/ip_output.c:535
 __tcp_transmit_skb+0x1aa5/0x3d10 net/ipv4/tcp_output.c:1462
 tcp_transmit_skb net/ipv4/tcp_output.c:1480 [inline]
 tcp_write_xmit+0xfcb/0x7f10 net/ipv4/tcp_output.c:2792
 __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:2977
 tcp_push+0x22f/0x740 net/ipv4/tcp.c:736
 tcp_sendmsg_locked+0x2769/0x3460 net/ipv4/tcp.c:1308
 tcp_sendmsg+0x2e/0x40 net/ipv4/tcp.c:1340
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:847
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0xd5/0x180 net/socket.c:745
 sock_write_iter+0x29b/0x3d0 net/socket.c:1158
 call_write_iter include/linux/fs.h:2020 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x64f/0xdf0 fs/read_write.c:584
 ksys_write+0x1f0/0x250 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x403ace
RSP: 002b:000000c00eb990a0 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000403ace
RDX: 0000000000000015 RSI: 000000c00022c200 RDI: 0000000000000003
RBP: 000000c00eb990e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000000c00eb99220
R13: 0000000000000000 R14: 000000c0000061a0 R15: 000000c0000ae900
 </TASK>
task:syz-executor.2  state:R  running task     stack:26896 pid:16729 tgid:16729 ppid:5125   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 unwind_next_frame+0x1c80/0x2390 arch/x86/kernel/unwind_orc.c:672
 arch_stack_walk+0xfa/0x170 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x96/0xd0 kernel/stacktrace.c:122
 save_stack+0x160/0x1f0 mm/page_owner.c:128
 __reset_page_owner+0x5a/0x190 mm/page_owner.c:149
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1137 [inline]
 free_unref_page_prepare+0x4fa/0xaa0 mm/page_alloc.c:2347
 free_unref_page+0x33/0x3b0 mm/page_alloc.c:2487
 qlink_free mm/kasan/quarantine.c:168 [inline]
 qlist_free_all+0x6a/0x170 mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x18e/0x1d0 mm/kasan/quarantine.c:294
 __kasan_slab_alloc+0x65/0x90 mm/kasan/common.c:305
 kasan_slab_alloc include/linux/kasan.h:188 [inline]
 slab_post_alloc_hook mm/slab.h:763 [inline]
 slab_alloc_node mm/slub.c:3478 [inline]
 slab_alloc mm/slub.c:3486 [inline]
 __kmem_cache_alloc_lru mm/slub.c:3493 [inline]
 kmem_cache_alloc+0x15d/0x2f0 mm/slub.c:3502
 anon_vma_alloc mm/rmap.c:94 [inline]
 __anon_vma_prepare+0x2bf/0x550 mm/rmap.c:203
 anon_vma_prepare include/linux/rmap.h:159 [inline]
 do_anonymous_page mm/memory.c:4169 [inline]
 do_pte_missing mm/memory.c:3728 [inline]
 handle_pte_fault mm/memory.c:5038 [inline]
 __handle_mm_fault+0x374d/0x3d70 mm/memory.c:5179
 handle_mm_fault+0x47a/0xa10 mm/memory.c:5344
 do_user_addr_fault+0x3d1/0x1000 arch/x86/mm/fault.c:1413
 handle_page_fault arch/x86/mm/fault.c:1505 [inline]
 exc_page_fault+0x5d/0xc0 arch/x86/mm/fault.c:1561
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570
RIP: 0033:0x7f4371851da6
RSP: 002b:00007f4371abf9f0 EFLAGS: 00010246
RAX: 00007f437264d000 RBX: 00007f437266d6c0 RCX: 00007f437187cba7
RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f437266d6c0
RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
R10: 0000000000021000 R11: 0000000000000206 R12: 00007f4371abfc90
R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
 </TASK>
task:syz-executor.1  state:R  running task     stack:23072 pid:5124  tgid:5124  ppid:1      flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_read_unlock include/linux/rwlock_api_smp.h:233 [inline]
 _raw_read_unlock+0x3a/0x40 kernel/locking/spinlock.c:260
 zap_pid_ns_processes+0x26c/0x690 kernel/pid_namespace.c:210
 find_child_reaper kernel/exit.c:608 [inline]
 forget_original_parent kernel/exit.c:697 [inline]
 exit_notify kernel/exit.c:734 [inline]
 do_exit+0x238e/0x2ae0 kernel/exit.c:891
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f04532a7ef5
RSP: 002b:00007f04534bfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: 0000000000000000 RBX: 000000000000063c RCX: 00007f04532a7ef5
RDX: 00007f04534bfd30 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007f04534bfdbc R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000003c
R13: 0000000000076a0c R14: 0000000000075ef4 R15: 0000000000000008
 </TASK>
task:syslogd         state:R  running task     stack:25232 pid:4506  tgid:4506  ppid:1      flags:0x00000002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 unwind_next_frame+0x1c80/0x2390 arch/x86/kernel/unwind_orc.c:672
 __unwind_start+0x5a4/0x880 arch/x86/kernel/unwind_orc.c:760
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xaf/0x170 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x96/0xd0 kernel/stacktrace.c:122
 save_stack+0x160/0x1f0 mm/page_owner.c:128
 __reset_page_owner+0x5a/0x190 mm/page_owner.c:149
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1137 [inline]
 free_unref_page_prepare+0x4fa/0xaa0 mm/page_alloc.c:2347
 free_unref_page+0x33/0x3b0 mm/page_alloc.c:2487
 __unfreeze_partials+0x226/0x240 mm/slub.c:2655
 qlink_free mm/kasan/quarantine.c:168 [inline]
 qlist_free_all+0x6a/0x170 mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x18e/0x1d0 mm/kasan/quarantine.c:294
 __kasan_slab_alloc+0x65/0x90 mm/kasan/common.c:305
 kasan_slab_alloc include/linux/kasan.h:188 [inline]
 slab_post_alloc_hook mm/slab.h:763 [inline]
 slab_alloc_node mm/slub.c:3478 [inline]
 __kmem_cache_alloc_node+0x195/0x310 mm/slub.c:3517
 __do_kmalloc_node mm/slab_common.c:1006 [inline]
 __kmalloc+0x49/0x90 mm/slab_common.c:1020
 kmalloc include/linux/slab.h:604 [inline]
 tomoyo_realpath_from_path+0xb9/0x710 security/tomoyo/realpath.c:251
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_perm+0x26f/0x450 security/tomoyo/file.c:822
 security_inode_getattr+0xf1/0x150 security/security.c:2153
 vfs_getattr fs/stat.c:173 [inline]
 vfs_fstat+0x4f/0xc0 fs/stat.c:198
 vfs_fstatat+0x130/0x140 fs/stat.c:295
 __do_sys_newfstatat+0x98/0x110 fs/stat.c:463
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7fc2c8d735f4
RSP: 002b:00007ffd05b1c798 EFLAGS: 00000206 ORIG_RAX: 0000000000000106
RAX: ffffffffffffffda RBX: 000055a6e63ca910 RCX: 00007fc2c8d735f4
RDX: 00007ffd05b1c7c0 RSI: 00007fc2c8e10130 RDI: 0000000000000003
RBP: 00007ffd05b1c8a0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000001000 R11: 0000000000000206 R12: 000055a6e63cac50
R13: 00000000656e05cb R14: 0000000000000004 R15: 000055a6e63caa60
 </TASK>
task:kworker/0:8     state:R  running task     stack:25168 pid:5170  tgid:5170  ppid:2      flags:0x00004000
Workqueue: events_power_efficient gc_worker
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_irq+0x52/0x90 kernel/sched/core.c:7008
 irqentry_exit+0x36/0x80 kernel/entry/common.c:432
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645
RIP: 0010:lock_acquire+0x1ef/0x520 kernel/locking/lockdep.c:5722
Code: c1 05 bd 6c 9a 7e 83 f8 01 0f 85 b4 02 00 00 9c 58 f6 c4 02 0f 85 9f 02 00 00 48 85 ed 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
RSP: 0018:ffffc9000508fb00 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000a11f62 RCX: 000000009ed03f8e
RDX: 0000000000000001 RSI: ffffffff8accba40 RDI: ffffffff8b2f0c60
RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff23e35d0
R10: ffffffff91f1ae87 R11: 0000000000000002 R12: 0000000000000000
R13: 0000000000000000 R14: ffffffff8cfabbe0 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:301 [inline]
 rcu_read_lock include/linux/rcupdate.h:747 [inline]
 gc_worker+0x24d/0x17e0 net/netfilter/nf_conntrack_core.c:1488
 process_one_work+0x886/0x15d0 kernel/workqueue.c:2630
 process_scheduled_works kernel/workqueue.c:2703 [inline]
 worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784
 kthread+0x2c6/0x3a0 kernel/kthread.c:388
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
task:syz-executor.2  state:R  running task     stack:28128 pid:5723  tgid:5723  ppid:5125   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3a/0x40 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 zap_pte_range mm/memory.c:1534 [inline]
 zap_pmd_range mm/memory.c:1582 [inline]
 zap_pud_range mm/memory.c:1611 [inline]
 zap_p4d_range mm/memory.c:1632 [inline]
 unmap_page_range+0x13f0/0x2b50 mm/memory.c:1653
 unmap_single_vma+0x194/0x2b0 mm/memory.c:1699
 unmap_vmas+0x229/0x470 mm/memory.c:1743
 exit_mmap+0x1ad/0xa70 mm/mmap.c:3308
 __mmput+0x12a/0x4d0 kernel/fork.c:1349
 mmput+0x62/0x70 kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x9ad/0x2ae0 kernel/exit.c:858
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f43718a7ef5
RSP: 002b:00007f437266d010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: fffffffffffffdfc RBX: 00007f437199bf80 RCX: 00007f43718a7ef5
RDX: 00007f437266d050 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007f43718c847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000000000b R14: 00007f437199bf80 R15: 00007f4371abfa48
 </TASK>
task:syz-executor.2  state:R  running task     stack:27824 pid:16278 tgid:16278 ppid:5125   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 unwind_next_frame+0x1c80/0x2390 arch/x86/kernel/unwind_orc.c:672
 arch_stack_walk+0xfa/0x170 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x96/0xd0 kernel/stacktrace.c:122
 save_stack+0x160/0x1f0 mm/page_owner.c:128
 __reset_page_owner+0x5a/0x190 mm/page_owner.c:149
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1137 [inline]
 free_unref_page_prepare+0x4fa/0xaa0 mm/page_alloc.c:2347
 free_unref_page_list+0xe6/0xb40 mm/page_alloc.c:2533
 release_pages+0x32a/0x14f0 mm/swap.c:1042
 tlb_batch_pages_flush+0x9a/0x190 mm/mmu_gather.c:98
 tlb_flush_mmu_free mm/mmu_gather.c:293 [inline]
 tlb_flush_mmu mm/mmu_gather.c:300 [inline]
 tlb_finish_mmu+0x14b/0x6f0 mm/mmu_gather.c:392
 exit_mmap+0x38b/0xa70 mm/mmap.c:3321
 __mmput+0x12a/0x4d0 kernel/fork.c:1349
 mmput+0x62/0x70 kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x9ad/0x2ae0 kernel/exit.c:858
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f43718a7ef5
RSP: 002b:00007f437262b010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: fffffffffffffdfc RBX: 00007f437199c120 RCX: 00007f43718a7ef5
RDX: 00007f437262b050 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007f43718c847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000000006e R14: 00007f437199c120 R15: 00007f4371abfa48
 </TASK>
task:syz-executor.2  state:R  running task     stack:23888 pid:5125  tgid:5125  ppid:1      flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_read_unlock include/linux/rwlock_api_smp.h:233 [inline]
 _raw_read_unlock+0x3a/0x40 kernel/locking/spinlock.c:260
 zap_pid_ns_processes+0x26c/0x690 kernel/pid_namespace.c:210
 find_child_reaper kernel/exit.c:608 [inline]
 forget_original_parent kernel/exit.c:697 [inline]
 exit_notify kernel/exit.c:734 [inline]
 do_exit+0x238e/0x2ae0 kernel/exit.c:891
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f43718a7ef5
RSP: 002b:00007f4371abfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: 0000000000000000 RBX: 000000000000076f RCX: 00007f43718a7ef5
RDX: 00007f4371abfd30 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007f4371abfdbc R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000007629b R14: 000000000007629b R15: 0000000000000000
 </TASK>
task:syz-executor.2  state:R  running task     stack:28144 pid:12161 tgid:12161 ppid:5125   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3a/0x40 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 zap_pte_range mm/memory.c:1534 [inline]
 zap_pmd_range mm/memory.c:1582 [inline]
 zap_pud_range mm/memory.c:1611 [inline]
 zap_p4d_range mm/memory.c:1632 [inline]
 unmap_page_range+0x13f0/0x2b50 mm/memory.c:1653
 unmap_single_vma+0x194/0x2b0 mm/memory.c:1699
 unmap_vmas+0x229/0x470 mm/memory.c:1743
 exit_mmap+0x1ad/0xa70 mm/mmap.c:3308
 __mmput+0x12a/0x4d0 kernel/fork.c:1349
 mmput+0x62/0x70 kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x9ad/0x2ae0 kernel/exit.c:858
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
task:syz-executor.2  state:R  running task     stack:28128 pid:11887 tgid:11887 ppid:5125   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3a/0x40 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 zap_pte_range mm/memory.c:1534 [inline]
 zap_pmd_range mm/memory.c:1582 [inline]
 zap_pud_range mm/memory.c:1611 [inline]
 zap_p4d_range mm/memory.c:1632 [inline]
 unmap_page_range+0x13f0/0x2b50 mm/memory.c:1653
 unmap_single_vma+0x194/0x2b0 mm/memory.c:1699
 unmap_vmas+0x229/0x470 mm/memory.c:1743
 exit_mmap+0x1ad/0xa70 mm/mmap.c:3308
 __mmput+0x12a/0x4d0 kernel/fork.c:1349
 mmput+0x62/0x70 kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x9ad/0x2ae0 kernel/exit.c:858
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f43718a7ef5
RSP: 002b:00007f437262b010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: fffffffffffffdfc RBX: 00007f437199c120 RCX: 00007f43718a7ef5
RDX: 00007f437262b050 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007f43718c847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000000006e R14: 00007f437199c120 R15: 00007f4371abfa48
 </TASK>
task:syz-executor.4  state:R  running task     stack:24080 pid:5123  tgid:5123  ppid:1      flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_read_unlock include/linux/rwlock_api_smp.h:233 [inline]
 _raw_read_unlock+0x3a/0x40 kernel/locking/spinlock.c:260
 zap_pid_ns_processes+0x26c/0x690 kernel/pid_namespace.c:210
 find_child_reaper kernel/exit.c:608 [inline]
 forget_original_parent kernel/exit.c:697 [inline]
 exit_notify kernel/exit.c:734 [inline]
 do_exit+0x238e/0x2ae0 kernel/exit.c:891
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021
 get_signal+0x23be/0x2790 kernel/signal.c:2904
 arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f0de30a7ef5
RSP: 002b:00007f0de32bfcf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: 0000000000000000 RBX: 00000000000007b9 RCX: 00007f0de30a7ef5
RDX: 00007f0de32bfd30 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007f0de32bfdbc R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000004c
R13: 0000000000076ad8 R14: 0000000000075e8c R15: 000000000000000f
 </TASK>
rcu: rcu_preempt kthread starved for 10304 jiffies! g51797 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27904 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xedb/0x5af0 kernel/sched/core.c:6688
 __schedule_loop kernel/sched/core.c:6763 [inline]
 schedule+0xe9/0x270 kernel/sched/core.c:6778
 schedule_timeout+0x137/0x290 kernel/time/timer.c:2167
 rcu_gp_fqs_loop+0x1ec/0xb10 kernel/rcu/tree.c:1631
 rcu_gp_kthread+0x24b/0x380 kernel/rcu/tree.c:1830
 kthread+0x2c6/0x3a0 kernel/kthread.c:388
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.7.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
RIP: 0010:native_irq_disable arch/x86/include/asm/irqflags.h:37 [inline]
RIP: 0010:arch_local_irq_disable arch/x86/include/asm/irqflags.h:72 [inline]
RIP: 0010:acpi_safe_halt+0x1b/0x20 drivers/acpi/processor_idle.c:113
Code: ed c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 65 48 8b 04 25 c0 bc 03 00 48 8b 00 a8 08 75 0c 66 90 0f 00 2d 77 34 ba 00 fb f4 <fa> c3 0f 1f 00 0f b6 47 08 3c 01 74 0b 3c 02 74 05 8b 7f 04 eb 9f
RSP: 0018:ffffc90000187d58 EFLAGS: 00000246
RAX: 0000000000004000 RBX: 0000000000000001 RCX: ffffffff8a7fe837
RDX: 0000000000000001 RSI: ffff888140ef8800 RDI: ffff888140ef8864
RBP: ffff888140ef8864 R08: 0000000000000001 R09: ffffed1017326dbd
R10: ffff8880b9936deb R11: 0000000000000000 R12: ffff888014bce000
R13: ffffffff8db1ca40 R14: 0000000000000001 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000011fa0c8 CR3: 000000007f8bd000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 </IRQ>
 <TASK>
 acpi_idle_enter+0xc5/0x160 drivers/acpi/processor_idle.c:707
 cpuidle_enter_state+0x83/0x500 drivers/cpuidle/cpuidle.c:267
 cpuidle_enter+0x4e/0xa0 drivers/cpuidle/cpuidle.c:388
 cpuidle_idle_call kernel/sched/idle.c:215 [inline]
 do_idle+0x319/0x400 kernel/sched/idle.c:282
 cpu_startup_entry+0x50/0x60 kernel/sched/idle.c:380
 start_secondary+0x20e/0x2a0 arch/x86/kernel/smpboot.c:336
 secondary_startup_64_no_verify+0x166/0x16b
 </TASK>