rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	1-....: (1 GPs behind) idle=2a04/1/0x4000000000000000 softirq=60623/60624 fqs=5248
rcu: 	         hardirqs   softirqs   csw/system
rcu: 	 number:     8712          0            0
rcu: 	cputime:      249      52238           36   ==> 52490(ms)
rcu: 	(t=10501 jiffies g=55477 q=2872 ncpus=2)
CPU: 1 UID: 0 PID: 5839 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: hci9 hci_cmd_timeout
RIP: 0010:__sanitizer_cov_trace_pc+0x5d/0x70 kernel/kcov.c:235
Code: 48 16 00 00 83 fa 02 75 21 48 8b 91 50 16 00 00 48 8b 32 48 8d 7e 01 8b 89 4c 16 00 00 48 39 cf 73 08 48 89 3a 48 89 44 f2 08 <c3> cc cc cc cc cc 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90
RSP: 0018:ffffc90000a08b38 EFLAGS: 00000246
RAX: ffffffff89721954 RBX: 0000000000000000 RCX: ffff8880217f3d00
RDX: 0000000000000100 RSI: 0000000000000010 RDI: 0000000000000008
RBP: 1ffff11005f1346a R08: ffffffff897172b6 R09: ffffffff8df41a20
R10: 0000000000000001 R11: ffffffff8964b5e0 R12: dffffc0000000000
R13: ffff88802f89a354 R14: 0000000000000010 R15: 0000000000000002
FS:  0000000000000000(0000) GS:ffff888125f35000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000000293b8000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 taprio_dequeue_tc_priority+0x284/0x750 net/sched/sch_taprio.c:801
 taprio_dequeue+0x186/0x550 net/sched/sch_taprio.c:-1
 dequeue_skb net/sched/sch_generic.c:297 [inline]
 qdisc_restart net/sched/sch_generic.c:402 [inline]
 __qdisc_run+0x23f/0x1510 net/sched/sch_generic.c:420
 qdisc_run+0xc7/0x300 include/net/pkt_sched.h:120
 net_tx_action+0x7ac/0x9f0 net/core/dev.c:5781
 handle_softirqs+0x27d/0x850 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:console_flush_one_record arch/x86/include/asm/irqflags.h:-1 [inline]
RIP: 0010:console_flush_all+0x846/0xb60 kernel/printk/printk.c:3289
Code: ff ff e8 ed 23 20 00 90 0f 0b 90 e9 53 fc ff ff e8 df 23 20 00 e8 9a 33 ba 09 48 85 db 74 c0 e8 d0 23 20 00 fb 48 8b 5c 24 10 <48> 8b 44 24 20 42 80 3c 20 00 4c 8b 74 24 18 74 08 4c 89 f7 e8 f1
RSP: 0018:ffffc9000421f4c0 EFLAGS: 00000293
RAX: ffffffff81a18e80 RBX: ffffc9000421f660 RCX: ffff8880217f3d00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc9000421f610 R08: ffffffff8f822077 R09: 1ffffffff1f0440e
R10: dffffc0000000000 R11: fffffbfff1f0440f R12: dffffc0000000000
R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff8e792260
 __console_flush_and_unlock kernel/printk/printk.c:3319 [inline]
 console_unlock+0xbb/0x190 kernel/printk/printk.c:3359
 vprintk_emit+0x4f8/0x5f0 kernel/printk/printk.c:2426
 _printk+0xcf/0x120 kernel/printk/printk.c:2451
 bt_err+0x10b/0x160 net/bluetooth/lib.c:296
 hci_cmd_timeout+0xd8/0x1e0 net/bluetooth/hci_core.c:1469
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5839 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: hci9 hci_cmd_timeout
RIP: 0010:qdisc_peek_head+0x0/0x40 include/net/sch_generic.h:1180
Code: 4c 89 ff e8 72 58 c3 f8 e9 95 fe ff ff 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 53 48 89 fb e8 63 fc 5c f8 48 81 c3 40 01 00 00 48 89
RSP: 0018:ffffc90000a08ad0 EFLAGS: 00000246
RAX: 1ffffffff1f05507 RBX: ffff88814da28800 RCX: 0000000000000100
RDX: ffff8880217f3d00 RSI: 0000000000000000 RDI: ffff88814da28800
RBP: ffff88802f89a000 R08: ffffffff897172b6 R09: ffffffff8df41a20
R10: 0000000000000001 R11: ffffffff8964b5e0 R12: dffffc0000000000
R13: ffff888054cdc000 R14: ffff88814da28800 R15: ffffffff8f82a838
FS:  0000000000000000(0000) GS:ffff888125f35000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000000293b8000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 taprio_dequeue_from_txq+0x174/0x980 net/sched/sch_taprio.c:726
 taprio_dequeue_tc_priority+0x1ac/0x750 net/sched/sch_taprio.c:793
 taprio_dequeue+0x186/0x550 net/sched/sch_taprio.c:-1
 dequeue_skb net/sched/sch_generic.c:297 [inline]
 qdisc_restart net/sched/sch_generic.c:402 [inline]
 __qdisc_run+0x23f/0x1510 net/sched/sch_generic.c:420
 qdisc_run+0xc7/0x300 include/net/pkt_sched.h:120
 net_tx_action+0x7ac/0x9f0 net/core/dev.c:5781
 handle_softirqs+0x27d/0x850 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:console_flush_one_record arch/x86/include/asm/irqflags.h:-1 [inline]
RIP: 0010:console_flush_all+0x846/0xb60 kernel/printk/printk.c:3289
Code: ff ff e8 ed 23 20 00 90 0f 0b 90 e9 53 fc ff ff e8 df 23 20 00 e8 9a 33 ba 09 48 85 db 74 c0 e8 d0 23 20 00 fb 48 8b 5c 24 10 <48> 8b 44 24 20 42 80 3c 20 00 4c 8b 74 24 18 74 08 4c 89 f7 e8 f1
RSP: 0018:ffffc9000421f4c0 EFLAGS: 00000293
RAX: ffffffff81a18e80 RBX: ffffc9000421f660 RCX: ffff8880217f3d00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc9000421f610 R08: ffffffff8f822077 R09: 1ffffffff1f0440e
R10: dffffc0000000000 R11: fffffbfff1f0440f R12: dffffc0000000000
R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff8e792260
 __console_flush_and_unlock kernel/printk/printk.c:3319 [inline]
 console_unlock+0xbb/0x190 kernel/printk/printk.c:3359
 vprintk_emit+0x4f8/0x5f0 kernel/printk/printk.c:2426
 _printk+0xcf/0x120 kernel/printk/printk.c:2451
 bt_err+0x10b/0x160 net/bluetooth/lib.c:296
 hci_cmd_timeout+0xd8/0x1e0 net/bluetooth/hci_core.c:1469
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
watchdog: BUG: soft lockup - CPU#1 stuck for 267s! [kworker/u9:5:5839]
Modules linked in:
irq event stamp: 248327
hardirqs last  enabled at (248326): [<ffffffff8b5bcffd>] irqentry_exit+0x5dd/0x660 kernel/entry/common.c:219
hardirqs last disabled at (248327): [<ffffffff8b5bb86e>] sysvec_apic_timer_interrupt+0xe/0xc0 arch/x86/kernel/apic/apic.c:1056
softirqs last  enabled at (159504): [<ffffffff8a876f67>] spin_unlock_bh include/linux/spinlock.h:396 [inline]
softirqs last  enabled at (159504): [<ffffffff8a876f67>] rxrpc_peer_keepalive_dispatch net/rxrpc/peer_event.c:295 [inline]
softirqs last  enabled at (159504): [<ffffffff8a876f67>] rxrpc_peer_keepalive_worker+0xb37/0xdc0 net/rxrpc/peer_event.c:341
softirqs last disabled at (159537): [<ffffffff81858cca>] __do_softirq kernel/softirq.c:656 [inline]
softirqs last disabled at (159537): [<ffffffff81858cca>] invoke_softirq kernel/softirq.c:496 [inline]
softirqs last disabled at (159537): [<ffffffff81858cca>] __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:723
CPU: 1 UID: 0 PID: 5839 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: hci9 hci_cmd_timeout
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:27 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:183 [inline]
RIP: 0010:write_comp_data kernel/kcov.c:246 [inline]
RIP: 0010:__sanitizer_cov_trace_cmp4+0x11/0x90 kernel/kcov.c:288
Code: cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 14 25 08 b0 7e 92 <65> 8b 0d 08 fc bc 10 81 e1 00 01 ff 00 74 11 81 f9 00 01 00 00 75
RSP: 0018:ffffc90000a08b38 EFLAGS: 00000206
RAX: ffffffff897218dc RBX: 000000000000000c RCX: ffff8880217f3d00
RDX: ffff8880217f3d00 RSI: 000000000000000c RDI: 000000000000000a
RBP: 1ffff11005f1346a R08: ffffffff897172b6 R09: ffffffff8df41a20
R10: 0000000000000001 R11: ffffffff8964b5e0 R12: dffffc0000000000
R13: ffff88802f89a354 R14: 000000000000000a R15: 0000000000000008
FS:  0000000000000000(0000) GS:ffff888125f35000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000000293b8000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 taprio_next_tc_txq net/sched/sch_taprio.c:769 [inline]
 taprio_dequeue_tc_priority+0x20c/0x750 net/sched/sch_taprio.c:796
 taprio_dequeue+0x186/0x550 net/sched/sch_taprio.c:-1
 dequeue_skb net/sched/sch_generic.c:297 [inline]
 qdisc_restart net/sched/sch_generic.c:402 [inline]
 __qdisc_run+0x23f/0x1510 net/sched/sch_generic.c:420
 qdisc_run+0xc7/0x300 include/net/pkt_sched.h:120
 net_tx_action+0x7ac/0x9f0 net/core/dev.c:5781
 handle_softirqs+0x27d/0x850 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:console_flush_one_record arch/x86/include/asm/irqflags.h:-1 [inline]
RIP: 0010:console_flush_all+0x846/0xb60 kernel/printk/printk.c:3289
Code: ff ff e8 ed 23 20 00 90 0f 0b 90 e9 53 fc ff ff e8 df 23 20 00 e8 9a 33 ba 09 48 85 db 74 c0 e8 d0 23 20 00 fb 48 8b 5c 24 10 <48> 8b 44 24 20 42 80 3c 20 00 4c 8b 74 24 18 74 08 4c 89 f7 e8 f1
RSP: 0018:ffffc9000421f4c0 EFLAGS: 00000293
RAX: ffffffff81a18e80 RBX: ffffc9000421f660 RCX: ffff8880217f3d00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc9000421f610 R08: ffffffff8f822077 R09: 1ffffffff1f0440e
R10: dffffc0000000000 R11: fffffbfff1f0440f R12: dffffc0000000000
R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff8e792260
 __console_flush_and_unlock kernel/printk/printk.c:3319 [inline]
 console_unlock+0xbb/0x190 kernel/printk/printk.c:3359
 vprintk_emit+0x4f8/0x5f0 kernel/printk/printk.c:2426
 _printk+0xcf/0x120 kernel/printk/printk.c:2451
 bt_err+0x10b/0x160 net/bluetooth/lib.c:296
 hci_cmd_timeout+0xd8/0x1e0 net/bluetooth/hci_core.c:1469
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82
Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 93 90 0c 00 f3 0f 1e fa fb f4 <e9> c8 ed 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff8dc07d80 EFLAGS: 000002c6
RAX: 3718e04132a3fa00 RBX: ffffffff81978fda RCX: 3718e04132a3fa00
RDX: 0000000000000001 RSI: ffffffff8d7925e3 RDI: ffffffff8bc08360
RBP: ffffffff8dc07ea8 R08: ffff8880b86336db R09: 1ffff110170c66db
R10: dffffc0000000000 R11: ffffed10170c66dc R12: ffffffff8f822070
R13: 1ffffffff1b92a68 R14: 0000000000000000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888125e35000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffe7af77000 CR3: 000000000dd3a000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
 default_idle+0x13/0x20 arch/x86/kernel/process.c:767
 default_idle_call+0x73/0xb0 kernel/sched/idle.c:122
 cpuidle_idle_call kernel/sched/idle.c:191 [inline]
 do_idle+0x1ea/0x520 kernel/sched/idle.c:332
 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:430
 rest_init+0x2de/0x300 init/main.c:757
 start_kernel+0x3a7/0x400 init/main.c:1206
 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310
 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291
 common_startup_64+0x13e/0x147
 </TASK>