rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6593/3:b..l P6944/1:b..l
rcu: (detected by 0, t=10502 jiffies, g=12045, q=314098 ncpus=2)
task:syz.5.196 state:R running task stack:23104 pid:6944 tgid:6943 ppid:6589 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5328 [inline]
__schedule+0xe55/0x5740 kernel/sched/core.c:6690
preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7012
irqentry_exit+0x36/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:kasan_mem_to_shadow include/linux/kasan.h:61 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x39/0x1a0 mm/kasan/generic.c:189
Code: f8 41 54 44 0f b6 c2 48 01 f0 55 53 0f 82 c6 00 00 00 48 b8 ff ff ff ff ff 7f ff ff 48 39 f8 0f 83 b3 00 00 00 4c 8d 54 37 ff <48> 89 fd 48 b8 00 00 00 00 00 fc ff df 4d 89 d1 48 c1 ed 03 49 c1
RSP: 0018:ffffc90002eff428 EFLAGS: 00000283
RAX: ffff7fffffffffff RBX: ffffea00012b6d40 RCX: ffffffff81d32a45
RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffea00012b6d40
RBP: 0000018000000200 R08: 0000000000000001 R09: 0000000000000000
R10: ffffea00012b6d47 R11: 0000000000000000 R12: 1ffff920005dfe8f
R13: 0000000000000200 R14: ffff888040327048 R15: 00fff18000000201
instrument_atomic_read_write include/linux/instrumented.h:96 [inline]
lru_gen_refault mm/workingset.c:320 [inline]
workingset_refault+0xc25/0x1010 mm/workingset.c:548
filemap_add_folio+0x1b0/0x220 mm/filemap.c:987
page_cache_ra_unbounded+0x2d9/0x6c0 mm/readahead.c:268
do_page_cache_ra mm/readahead.c:320 [inline]
page_cache_ra_order+0x7d9/0xc90 mm/readahead.c:520
do_sync_mmap_readahead mm/filemap.c:3202 [inline]
filemap_fault+0x148d/0x2820 mm/filemap.c:3343
__do_fault+0x10a/0x490 mm/memory.c:4882
do_shared_fault mm/memory.c:5361 [inline]
do_fault mm/memory.c:5435 [inline]
do_pte_missing+0x1a8/0x3e70 mm/memory.c:3965
handle_pte_fault mm/memory.c:5766 [inline]
__handle_mm_fault+0x100a/0x2a10 mm/memory.c:5909
handle_mm_fault+0x3fa/0xaa0 mm/memory.c:6077
do_user_addr_fault+0x7a3/0x13f0 arch/x86/mm/fault.c:1389
handle_page_fault arch/x86/mm/fault.c:1481 [inline]
exc_page_fault+0x5c/0xc0 arch/x86/mm/fault.c:1539
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0010:rep_movs_alternative+0x33/0x70 arch/x86/lib/copy_user_64.S:58
Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
RSP: 0018:ffffc90002effc40 EFLAGS: 00050246
RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
RDX: fffff520005dff98 RSI: ffffc90002effcb8 RDI: 0000000020033d98
RBP: 0000000020033d98 R08: 0000000000000000 R09: fffff520005dff97
R10: ffffc90002effcbf R11: 0000000000000000 R12: ffffc90002effcb8
R13: 0000000020033da0 R14: 00007fffffffefff R15: 0000000000000000
copy_user_generic arch/x86/include/asm/uaccess_64.h:126 [inline]
raw_copy_to_user arch/x86/include/asm/uaccess_64.h:147 [inline]
_inline_copy_to_user include/linux/uaccess.h:197 [inline]
_copy_to_user+0xbb/0xd0 lib/usercopy.c:26
copy_to_user include/linux/uaccess.h:225 [inline]
msr_read+0x14f/0x250 arch/x86/kernel/msr.c:69
vfs_read+0x1df/0xbe0 fs/read_write.c:567
ksys_read+0x12f/0x260 fs/read_write.c:712
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f467e57e719
RSP: 002b:00007f467f395038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007f467e735f80 RCX: 00007f467e57e719
RDX: 0000000000019000 RSI: 0000000020032680 RDI: 0000000000000003
RBP: 00007f467e5f139e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f467e735f80 R15: 00007ffcbe0643c8
task:syz-executor state:R running task stack:23504 pid:6593 tgid:6593 ppid:6584 flags:0x00000000
Call Trace:
context_switch kernel/sched/core.c:5328 [inline]
__schedule+0xe55/0x5740 kernel/sched/core.c:6690
preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7012
irqentry_exit+0x36/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:26 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:183 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0xc/0x70 kernel/kcov.c:217
Code: cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 64 60 76 7e <65> 8b 05 65 60 76 7e a9 00 01 ff 00 48 8b 34 24 74 1d f6 c4 01 74
RSP: 0018:ffffc900045d7c58 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff8880700d2440 RCX: ffffffff81523091
RDX: ffff88802ec18000 RSI: ffffffff818ac0d5 RDI: ffff8880700d2440
RBP: ffff8880700d2440 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000009
R13: 0000000000000000 R14: ffffc900045d7e90 R15: ffffffff815397c1
rcu_read_lock include/linux/rcupdate.h:847 [inline]
auditd_test_task+0x12/0x2f0 kernel/audit.c:221
audit_signal_info+0x7c/0x190 kernel/audit.c:2398
check_kill_permission+0xb5/0x550 kernel/signal.c:841
group_send_sig_info+0xc3/0x300 kernel/signal.c:1445
kill_pid_info_type+0x92/0x2a0 kernel/signal.c:1489
kill_pid_info kernel/signal.c:1503 [inline]
kill_proc_info+0x6f/0x1b0 kernel/signal.c:1510
kill_something_info+0x2a2/0x310 kernel/signal.c:1607
__do_sys_kill kernel/signal.c:3838 [inline]
__se_sys_kill kernel/signal.c:3832 [inline]
__x64_sys_kill+0xdc/0x140 kernel/signal.c:3832
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f647091a2a7
RSP: 002b:00007ffdf27d69d8 EFLAGS: 00000217 ORIG_RAX: 000000000000003e
RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 00007f647091a2a7
RDX: 00000000000007a7 RSI: 0000000000000009 RDI: 0000000000000014
RBP: 00007ffdf27d6a0c R08: 0000000000007eaa R09: 00007f64717c9080
R10: 0000000000000001 R11: 0000000000000217 R12: 0000000000000064
R13: 0000000000029d23 R14: 00000000000293cc R15: 00007ffdf27d6a60
rcu: rcu_preempt kthread starved for 10582 jiffies! g12045 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:27120 pid:17 tgid:17 ppid:2 flags:0x00004000
Call Trace:
context_switch kernel/sched/core.c:5328 [inline]
__schedule+0xe55/0x5740 kernel/sched/core.c:6690
__schedule_loop kernel/sched/core.c:6767 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6782
schedule_timeout+0x136/0x2a0 kernel/time/timer.c:2615
rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:2045
rcu_gp_kthread+0x271/0x380 kernel/rcu/tree.c:2247
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 6959 Comm: syz.5.196 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
RIP: 0010:kasan_check_range+0x0/0x1a0 mm/kasan/generic.c:188
Code: 36 d4 ff ff 89 43 08 5b 5d 41 5c c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 48 85 f6 0f 84 50 01 00 00 48 89 f8 41 54 44 0f b6 c2
RSP: 0018:ffffc90002ebe4c8 EFLAGS: 00000046
RAX: ffffea0001f5a300 RBX: ffffea0001f5a300 RCX: ffffffff81c94108
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffea0001f5a300
RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0001f5a308
R13: ffffea0001f5a300 R14: 0000000000000001 R15: dffffc0000000000
FS: 00007f467f3536c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000200c0000 CR3: 000000002c104000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
instrument_atomic_read include/linux/instrumented.h:68 [inline]
_test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
folio_test_locked include/linux/page-flags.h:509 [inline]
sort_folio mm/vmscan.c:4339 [inline]
scan_folios mm/vmscan.c:4421 [inline]
isolate_folios+0x5b8/0x35f0 mm/vmscan.c:4546
evict_folios+0x187/0x1970 mm/vmscan.c:4577
try_to_shrink_lruvec+0x612/0x9b0 mm/vmscan.c:4784
lru_gen_shrink_lruvec mm/vmscan.c:4926 [inline]
shrink_lruvec+0x2d5/0x2860 mm/vmscan.c:5681
shrink_node_memcgs mm/vmscan.c:5917 [inline]
shrink_node+0xf41/0x3a80 mm/vmscan.c:5957
shrink_zones mm/vmscan.c:6201 [inline]
do_try_to_free_pages+0x35f/0x1a30 mm/vmscan.c:6263
try_to_free_mem_cgroup_pages+0x31a/0x7a0 mm/vmscan.c:6595
try_charge_memcg+0x356/0xaf0 mm/memcontrol.c:2207
try_charge mm/memcontrol-v1.h:19 [inline]
charge_memcg mm/memcontrol.c:4468 [inline]
__mem_cgroup_charge+0x9b/0x280 mm/memcontrol.c:4483
mem_cgroup_charge include/linux/memcontrol.h:694 [inline]
filemap_add_folio+0x89/0x220 mm/filemap.c:967
page_cache_ra_unbounded+0x2d9/0x6c0 mm/readahead.c:268
do_page_cache_ra mm/readahead.c:320 [inline]
page_cache_ra_order+0x7d9/0xc90 mm/readahead.c:520
do_sync_mmap_readahead mm/filemap.c:3202 [inline]
filemap_fault+0x148d/0x2820 mm/filemap.c:3343
__do_fault+0x10a/0x490 mm/memory.c:4882
do_read_fault mm/memory.c:5297 [inline]
do_fault mm/memory.c:5431 [inline]
do_pte_missing+0xec5/0x3e70 mm/memory.c:3965
handle_pte_fault mm/memory.c:5766 [inline]
__handle_mm_fault+0x100a/0x2a10 mm/memory.c:5909
handle_mm_fault+0x3fa/0xaa0 mm/memory.c:6077
do_user_addr_fault+0x7a3/0x13f0 arch/x86/mm/fault.c:1389
handle_page_fault arch/x86/mm/fault.c:1481 [inline]
exc_page_fault+0x5c/0xc0 arch/x86/mm/fault.c:1539
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0010:rep_movs_alternative+0x30/0x70 arch/x86/lib/copy_user_64.S:57
Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08
RSP: 0018:ffffc90002ebfa38 EFLAGS: 00050206
RAX: 0000000000000001 RBX: 00000000200c0000 RCX: 0000000000000038
RDX: fffff520005d7f58 RSI: 00000000200c0000 RDI: ffffc90002ebfa88
RBP: 0000000000000038 R08: 0000000000000001 R09: fffff520005d7f57
R10: ffffc90002ebfabf R11: 0000000000000000 R12: 0000000000000000
R13: ffffc90002ebfa88 R14: ffffc90002ebfb70 R15: ffffc90002ebfa88
copy_user_generic arch/x86/include/asm/uaccess_64.h:126 [inline]
raw_copy_from_user arch/x86/include/asm/uaccess_64.h:141 [inline]
_inline_copy_from_user include/linux/uaccess.h:178 [inline]
_copy_from_user+0x9a/0xd0 lib/usercopy.c:18
copy_from_user include/linux/uaccess.h:212 [inline]
copy_msghdr_from_user+0x99/0x160 net/socket.c:2537
recvmsg_copy_msghdr net/socket.c:2792 [inline]
___sys_recvmsg+0xdc/0x1a0 net/socket.c:2864
do_recvmmsg+0x2ba/0x750 net/socket.c:2962
__sys_recvmmsg net/socket.c:3041 [inline]
__do_sys_recvmmsg net/socket.c:3064 [inline]
__se_sys_recvmmsg net/socket.c:3057 [inline]
__x64_sys_recvmmsg+0x239/0x290 net/socket.c:3057
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f467e57e719
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f467f353038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
RAX: ffffffffffffffda RBX: 00007f467e736130 RCX: 00007f467e57e719
RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000006
RBP: 00007f467e5f139e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 00007f467e736130 R15: 00007ffcbe0643c8
sched: DL replenish lagged too much