rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	0-...!: (0 ticks this GP) idle=d72c/1/0x4000000000000000 softirq=67639/67639 fqs=0
rcu: 	(detected by 1, t=10502 jiffies, g=56133, q=86 ncpus=2)
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 968 Comm: kworker/0:2 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
Workqueue: usb_hub_wq hub_event
RIP: 0010:mark_lock+0x55/0xc60 kernel/locking/lockdep.c:4710
Code: 8a b5 41 48 8d 44 24 30 48 c7 44 24 38 08 3c 7b 8d 48 c1 e8 03 48 c7 44 24 40 d0 65 76 81 49 89 c7 48 01 d0 c7 00 f1 f1 f1 f1 <c7> 40 04 00 f2 f2 f2 c7 40 08 00 f2 f2 f2 c7 40 10 00 00 00 f3 c7
RSP: 0018:ffffc900000079f0 EFLAGS: 00000086
RAX: fffff52000000f44 RBX: ffff8880268ad472 RCX: 1ffffffff2de1941
RDX: dffffc0000000000 RSI: ffff8880268ad450 RDI: ffff8880268ac880
RBP: ffffc90000007b28 R08: 0000000000000000 R09: fffffbfff2dca1d4
R10: ffffffff96e50ea7 R11: 0000000000000007 R12: ffff8880268ad449
R13: ffff8880268ac880 R14: 0000000000000008 R15: 1ffff92000000f44
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f68f68eef98 CR3: 000000007a804000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 000000006632000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 mark_usage kernel/locking/lockdep.c:4670 [inline]
 __lock_acquire+0x9f1/0x3c40 kernel/locking/lockdep.c:5180
 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5849
 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
 _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
 spin_lock include/linux/spinlock.h:351 [inline]
 advance_sched+0xd8/0xc60 net/sched/sch_taprio.c:924
 __run_hrtimer kernel/time/hrtimer.c:1739 [inline]
 __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803
 hrtimer_interrupt+0x392/0x8e0 kernel/time/hrtimer.c:1865
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1038 [inline]
 __sysvec_apic_timer_interrupt+0x10f/0x400 arch/x86/kernel/apic/apic.c:1055
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x9f/0xc0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire.part.0+0x155/0x380 kernel/locking/lockdep.c:5814
Code: b8 ff ff ff ff 65 0f c1 05 90 c2 8b 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
RSP: 0018:ffffc90003e36fb8 EFLAGS: 00000206
RAX: 0000000000000046 RBX: 1ffff920007c6df8 RCX: ffffffff8175d0de
RDX: 0000000000000001 RSI: ffffffff8b6cdb60 RDI: ffffffff8bd1e920
RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dca1a7
R10: ffffffff96e50d3f R11: 0000000000000005 R12: 0000000000000000
R13: ffffffff8f4c6dc8 R14: 0000000000000000 R15: 0000000000000000
 __mutex_lock_common kernel/locking/mutex.c:585 [inline]
 __mutex_lock+0x19b/0xa60 kernel/locking/mutex.c:735
 class_mutex_constructor include/linux/mutex.h:201 [inline]
 usb_match_dynamic_id+0x27/0x1b0 drivers/usb/core/driver.c:235
 usb_device_match+0x1b2/0x200 drivers/usb/core/driver.c:907
 driver_match_device drivers/base/base.h:167 [inline]
 __device_attach_driver+0x90/0x310 drivers/base/dd.c:928
 bus_for_each_drv+0x157/0x1e0 drivers/base/bus.c:459
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17f/0x1c0 drivers/base/bus.c:534
 device_add+0x114b/0x1a70 drivers/base/core.c:3665
 usb_set_configuration+0x10cb/0x1c50 drivers/usb/core/message.c:2210
 usb_generic_driver_probe+0xb1/0x110 drivers/usb/core/generic.c:254
 usb_probe_device+0xec/0x3e0 drivers/usb/core/driver.c:291
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x23e/0xa90 drivers/base/dd.c:658
 __driver_probe_device+0x1de/0x440 drivers/base/dd.c:800
 driver_probe_device+0x4c/0x1b0 drivers/base/dd.c:830
 __device_attach_driver+0x1df/0x310 drivers/base/dd.c:958
 bus_for_each_drv+0x157/0x1e0 drivers/base/bus.c:459
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17f/0x1c0 drivers/base/bus.c:534
 device_add+0x114b/0x1a70 drivers/base/core.c:3665
 usb_new_device+0xd90/0x1a10 drivers/usb/core/hub.c:2651
 hub_port_connect drivers/usb/core/hub.c:5521 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5661 [inline]
 port_event drivers/usb/core/hub.c:5821 [inline]
 hub_event+0x2d9a/0x4e10 drivers/usb/core/hub.c:5903
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
 process_scheduled_works kernel/workqueue.c:3310 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: rcu_preempt kthread starved for 10502 jiffies! g56133 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28160 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_timeout+0x124/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:2045
 rcu_gp_kthread+0x271/0x380 kernel/rcu/tree.c:2247
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 17811 Comm: syz.4.2978 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
RIP: 0010:csd_lock_wait kernel/smp.c:340 [inline]
RIP: 0010:smp_call_function_many_cond+0x458/0x1300 kernel/smp.c:884
Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 ba 0e 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31
RSP: 0018:ffffc9000c2e7878 EFLAGS: 00000293
RAX: 0000000000000000 RBX: ffff8880b86469c0 RCX: ffffffff818e06bc
RDX: ffff88801ef2c880 RSI: ffffffff818e0696 RDI: 0000000000000005
RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10170c8d39
R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2f31fffc CR3: 000000000df7e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 </IRQ>
 <TASK>
 on_each_cpu_cond_mask+0x40/0x90 kernel/smp.c:1051
 __flush_tlb_multi arch/x86/include/asm/paravirt.h:91 [inline]
 flush_tlb_multi arch/x86/mm/tlb.c:939 [inline]
 flush_tlb_mm_range+0x289/0x330 arch/x86/mm/tlb.c:1025
 tlb_flush arch/x86/include/asm/tlb.h:20 [inline]
 tlb_flush_mmu_tlbonly include/asm-generic/tlb.h:465 [inline]
 tlb_flush_mmu_tlbonly include/asm-generic/tlb.h:455 [inline]
 tlb_flush_mmu mm/mmu_gather.c:372 [inline]
 tlb_finish_mmu+0x3c9/0x7b0 mm/mmu_gather.c:465
 exit_mmap+0x3df/0xb20 mm/mmap.c:1681
 __mmput+0x12a/0x4c0 kernel/fork.c:1353
 mmput+0x62/0x70 kernel/fork.c:1375
 exit_mm kernel/exit.c:570 [inline]
 do_exit+0x9bf/0x2d70 kernel/exit.c:925
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1087
 get_signal+0x24ed/0x26c0 kernel/signal.c:3017
 arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218
 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f68f5b85d29
Code: Unable to access opcode bytes at 0x7f68f5b85cff.
RSP: 002b:00007f68f68ef0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00007f68f5d75fa8 RCX: 00007f68f5b85d29
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f68f5d75fac
RBP: 00007f68f5d75fa0 R08: 00007f68f68f0000 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000246 R12: 00007f68f5d75fac
R13: 0000000000000000 R14: 00007ffe9d6bb220 R15: 00007ffe9d6bb308
 </TASK>