rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: 1-...!: (0 ticks this GP) idle=2f5/1/0x4000000000000002 softirq=28080/28080 fqs=1272 (detected by 0, t=10502 jiffies, g=44129, q=1037) Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 15879 Comm: syz-executor.4 Not tainted 5.15.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:check_kcov_mode kernel/kcov.c:163 [inline] RIP: 0010:__sanitizer_cov_trace_pc+0x7/0x60 kernel/kcov.c:197 Code: fd ff ff b9 ff ff ff ff ba 08 00 00 00 4d 8b 03 48 0f bd ca 49 8b 45 00 48 63 c9 e9 64 ff ff ff 0f 1f 00 65 8b 05 c9 12 8b 7e <89> c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b 14 25 40 f0 01 00 a9 RSP: 0018:ffffc9000457f548 EFLAGS: 00000093 RAX: 0000000000000002 RBX: ffff8880b9d2c600 RCX: 0000000000000000 RDX: ffff88807b855580 RSI: ffffffff819427bd RDI: 0000000000000003 RBP: ffff8880b9d2c73c R08: 0000000000000000 R09: ffff8880b9d32a0b R10: ffffffff819427b3 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: ffffc9000457f650 FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000007278b000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: perf_swevent_get_recursion_context+0xfd/0x140 kernel/events/core.c:9406 perf_trace_buf_alloc+0x38/0x260 kernel/trace/trace_event_perf.c:406 perf_trace_preemptirq_template+0x128/0x460 include/trace/events/preemptirq.h:14 trace_irq_enable_rcuidle include/trace/events/preemptirq.h:40 [inline] trace_irq_enable_rcuidle include/trace/events/preemptirq.h:40 [inline] trace_hardirqs_on+0x156/0x1c0 kernel/trace/trace_preemptirq.c:44 asm_sysvec_irq_work+0x12/0x20 arch/x86/include/asm/idtentry.h:664 RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline] RIP: 0010:__rcu_read_unlock+0xc4/0x570 kernel/rcu/tree_plugin.h:425 Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e b6 01 00 00 8b 85 00 04 00 00 85 c0 75 54 <65> 48 8b 1c 25 40 f0 01 00 48 8d bb fc 03 00 00 48 b8 00 00 00 00 RSP: 0018:ffffc9000457f758 EFLAGS: 00000206 RAX: 0000000000000002 RBX: ffff8880b9d328c0 RCX: 1ffffffff1fa0d4a RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: ffffffff8b98a880 R08: 0000000000000001 R09: ffffffff8fcff9f7 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 R13: ffffea000124d100 R14: 0000000000000200 R15: 0000001b2d727000 rcu_read_unlock include/linux/rcupdate.h:719 [inline] __unlock_page_memcg mm/memcontrol.c:2025 [inline] unlock_page_memcg+0x152/0x2c0 mm/memcontrol.c:2036 zap_pte_range mm/memory.c:1362 [inline] zap_pmd_range mm/memory.c:1481 [inline] zap_pud_range mm/memory.c:1510 [inline] zap_p4d_range mm/memory.c:1531 [inline] unmap_page_range+0xed5/0x2a10 mm/memory.c:1552 unmap_single_vma+0x198/0x310 mm/memory.c:1597 unmap_vmas+0x16d/0x2f0 mm/memory.c:1629 exit_mmap+0x1d0/0x630 mm/mmap.c:3171 __mmput+0x122/0x4b0 kernel/fork.c:1115 mmput+0x58/0x60 kernel/fork.c:1136 exit_mm kernel/exit.c:501 [inline] do_exit+0xabc/0x2a30 kernel/exit.c:812 do_group_exit+0x125/0x310 kernel/exit.c:922 get_signal+0x47f/0x21d0 kernel/signal.c:2855 arch_do_signal_or_restart+0x2a9/0x1c40 arch/x86/kernel/signal.c:865 handle_signal_work kernel/entry/common.c:148 [inline] exit_to_user_mode_loop kernel/entry/common.c:172 [inline] exit_to_user_mode_prepare+0x17d/0x290 kernel/entry/common.c:207 __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fa91c01aa39 Code: Unable to access opcode bytes at RIP 0x7fa91c01aa0f. RSP: 002b:00007fa919590218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: 0000000000000000 RBX: 00007fa91c11df68 RCX: 00007fa91c01aa39 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa91c11df68 RBP: 00007fa91c11df60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa91c11df6c R13: 00007ffefe3faf5f R14: 00007fa919590300 R15: 0000000000022000 rcu: rcu_preempt kthread starved for 7951 jiffies! g44129 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:28144 pid: 14 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0xb44/0x5960 kernel/sched/core.c:6287 schedule+0xd3/0x270 kernel/sched/core.c:6366 schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1881 rcu_gp_fqs_loop+0x186/0x800 kernel/rcu/tree.c:1957 rcu_gp_kthread+0x1de/0x320 kernel/rcu/tree.c:2130 kthread+0x3e5/0x4d0 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 rcu: Stack dump where RCU GP kthread last ran: NMI backtrace for cpu 0 CPU: 0 PID: 14062 Comm: kworker/u4:13 Not tainted 5.15.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: writeback wb_workfn (flush-8:0) Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 nmi_cpu_backtrace.cold+0x47/0x144 lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace+0x1ae/0x220 lib/nmi_backtrace.c:62 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline] rcu_check_gp_kthread_starvation.cold+0x1fb/0x200 kernel/rcu/tree_stall.h:481 print_other_cpu_stall kernel/rcu/tree_stall.h:586 [inline] check_cpu_stall kernel/rcu/tree_stall.h:729 [inline] rcu_pending kernel/rcu/tree.c:3880 [inline] rcu_sched_clock_irq+0x2125/0x2200 kernel/rcu/tree.c:2599 update_process_times+0x16d/0x200 kernel/time/timer.c:1785 tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:226 tick_sched_timer+0x1b0/0x2d0 kernel/time/tick-sched.c:1421 __run_hrtimer kernel/time/hrtimer.c:1685 [inline] __hrtimer_run_queues+0x1c0/0xe50 kernel/time/hrtimer.c:1749 hrtimer_interrupt+0x31c/0x790 kernel/time/hrtimer.c:1811 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline] __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103 sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:kvm_wait+0x98/0x100 arch/x86/kernel/kvm.c:893 Code: fa 83 e2 07 38 d0 7f 04 84 c0 75 63 0f b6 07 40 38 c6 74 35 48 83 c4 10 c3 c3 e8 f3 e0 49 00 eb 07 0f 00 2d 0a e2 55 08 fb f4 <48> 83 c4 10 c3 89 74 24 0c 48 89 3c 24 e8 b6 db 49 00 8b 74 24 0c RSP: 0018:ffffc9000469ebf0 EFLAGS: 00000202 RAX: 0000000000512083 RBX: 0000000000000000 RCX: 1ffffffff1fa0d4a RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: ffff888024b4f900 R08: 0000000000000001 R09: ffffffff8fcff9f7 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 R13: ffffed1004969f20 R14: 0000000000000001 R15: ffff8880b9c32840 pv_wait arch/x86/include/asm/paravirt.h:597 [inline] pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:470 [inline] __pv_queued_spin_lock_slowpath+0x8b8/0xb40 kernel/locking/qspinlock.c:508 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:585 [inline] queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline] queued_spin_lock include/asm-generic/qspinlock.h:85 [inline] do_raw_spin_lock+0x200/0x2b0 kernel/locking/spinlock_debug.c:115 spin_lock include/linux/spinlock.h:363 [inline] map_pte mm/page_vma_mapped.c:52 [inline] page_vma_mapped_walk+0xd83/0x24d0 mm/page_vma_mapped.c:261 page_mkclean_one+0x44e/0x8c0 mm/rmap.c:923 rmap_walk_file+0x3a5/0x6e0 mm/rmap.c:2352 rmap_walk+0x10d/0x190 mm/rmap.c:2370 page_mkclean+0x222/0x2c0 mm/rmap.c:1003 clear_page_dirty_for_io+0x325/0xa70 mm/page-writeback.c:2727 mpage_submit_page+0x80/0x2a0 fs/ext4/inode.c:2078 mpage_process_page_bufs+0x681/0x7a0 fs/ext4/inode.c:2212 mpage_prepare_extent_to_map+0x945/0xe50 fs/ext4/inode.c:2624 ext4_writepages+0x928/0x3ba0 fs/ext4/inode.c:2752 do_writepages+0x1ab/0x7b0 mm/page-writeback.c:2364 __writeback_single_inode+0x126/0xff0 fs/fs-writeback.c:1616 writeback_sb_inodes+0x53d/0xf00 fs/fs-writeback.c:1881 __writeback_inodes_wb+0xc6/0x280 fs/fs-writeback.c:1950 wb_writeback+0x7f8/0xc30 fs/fs-writeback.c:2055 wb_check_old_data_flush fs/fs-writeback.c:2155 [inline] wb_do_writeback fs/fs-writeback.c:2208 [inline] wb_workfn+0x8cf/0x12d0 fs/fs-writeback.c:2237 process_one_work+0x9bf/0x16b0 kernel/workqueue.c:2297 worker_thread+0x658/0x11f0 kernel/workqueue.c:2444 kthread+0x3e5/0x4d0 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 ---------------- Code disassembly (best guess), 3 bytes skipped: 0: b9 ff ff ff ff mov $0xffffffff,%ecx 5: ba 08 00 00 00 mov $0x8,%edx a: 4d 8b 03 mov (%r11),%r8 d: 48 0f bd ca bsr %rdx,%rcx 11: 49 8b 45 00 mov 0x0(%r13),%rax 15: 48 63 c9 movslq %ecx,%rcx 18: e9 64 ff ff ff jmpq 0xffffff81 1d: 0f 1f 00 nopl (%rax) 20: 65 8b 05 c9 12 8b 7e mov %gs:0x7e8b12c9(%rip),%eax # 0x7e8b12f0 * 27: 89 c1 mov %eax,%ecx <-- trapping instruction 29: 48 8b 34 24 mov (%rsp),%rsi 2d: 81 e1 00 01 00 00 and $0x100,%ecx 33: 65 48 8b 14 25 40 f0 mov %gs:0x1f040,%rdx 3a: 01 00 3c: a9 .byte 0xa9