rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P13071/1:b..l P5610/4:b..l P13048/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=85245, q=277 ncpus=2)
task:syz.4.1884      state:R  running task     stack:28744 pid:13048 tgid:13046 ppid:5610   task_flags:0x40044c flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7513
 irqentry_exit_to_kernel_mode_preempt include/linux/irq-entry-common.h:476 [inline]
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x205/0x7e0 kernel/entry/common.c:164
 asm_sysvec_call_function_single+0x1a/0x20 arch/x86/include/asm/idtentry.h:704
RIP: 0010:unwind_next_frame+0x14b/0x2090 arch/x86/kernel/unwind_orc.c:510
Code: 04 02 84 c0 74 08 3c 01 0f 8e 53 0a 00 00 41 f6 86 88 00 00 00 03 0f 85 3b 02 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8d 75 35 <4c> 89 f2 48 c1 ea 03 0f b6 04 02 4c 89 f2 83 e2 07 38 d0 7f 08 84
RSP: 0018:ffffc9000a23f670 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: 1ffff92001447ee6 RSI: ffffffff8c1c3780 RDI: ffffffff8e1d4920
RBP: ffffc9000a23f728 R08: 0000000086db7919 R09: 0000000000000007
R10: 0000000000000200 R11: 0000000000000000 R12: ffffc9000a23f730
R13: ffffc9000a23f6e0 R14: ffffc9000a23f715 R15: ffff888029880000
 arch_stack_walk+0x94/0xf0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 kasan_save_stack+0x30/0x50 mm/kasan/common.c:57
 kasan_save_track+0x14/0x30 mm/kasan/common.c:78
 unpoison_slab_object mm/kasan/common.c:340 [inline]
 __kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:366
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4569 [inline]
 slab_alloc_node mm/slub.c:4898 [inline]
 kmem_cache_alloc_noprof+0x241/0x6e0 mm/slub.c:4905
 taskstats_tgid_alloc kernel/taskstats.c:576 [inline]
 taskstats_exit+0x67b/0xc10 kernel/taskstats.c:615
 do_exit+0x65c/0x2a60 kernel/exit.c:945
 do_group_exit+0xd5/0x2a0 kernel/exit.c:1118
 get_signal+0x1ec7/0x21e0 kernel/signal.c:3037
 arch_do_signal_or_restart+0x91/0x7e0 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
 exit_to_user_mode_loop+0x8b/0x4f0 kernel/entry/common.c:98
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:238 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline]
 do_syscall_64+0x706/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f04d6f9caeb
RSP: 002b:00007f04d7daef00 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 00007f04d6f9caeb
RDX: 00007f04d7daffd0 RSI: 0000000080085502 RDI: 0000000000000003
RBP: 00007f04d7daffd0 R08: 00007f04d6e64ba7 R09: 00007f04d7daefc8
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000080085502
R13: 0000000800000000 R14: 0000000000000008 R15: 00007f04d70511e0
 </TASK>
task:syz-executor    state:R  running task     stack:23592 pid:5610  tgid:5610  ppid:5609   task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7513
 irqentry_exit_to_kernel_mode_preempt include/linux/irq-entry-common.h:476 [inline]
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x205/0x7e0 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:avc_search_node security/selinux/avc.c:530 [inline]
RIP: 0010:avc_lookup+0x143/0x240 security/selinux/avc.c:558
Code: 5a fd 48 85 db 0f 84 de 00 00 00 e8 17 cc 5a fd 48 89 d8 48 c1 e8 03 42 0f b6 04 20 84 c0 74 08 3c 03 0f 8e d2 00 00 00 8b 2b <44> 89 ef 89 ee e8 e3 c5 5a fd 41 39 ed 75 93 e8 e9 cb 5a fd 48 8d
RSP: 0018:ffffc90003a97af8 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff888034df4068 RCX: ffffffff84addb21
RDX: ffff88807b9d2500 RSI: ffffffff84addac9 RDI: ffff888075f469e8
RBP: 0000000000000094 R08: 0000000000000002 R09: 0000000000000002
R10: 0000000000000008 R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000000000094 R14: 0000000000000002 R15: 0000000000000094
 avc_has_perm_noaudit+0x97/0x3b0 security/selinux/avc.c:1157
 avc_has_perm+0xbd/0x1e0 security/selinux/avc.c:1195
 security_task_kill+0xe2/0x260 security/security.c:3300
 check_kill_permission kernel/signal.c:832 [inline]
 check_kill_permission+0x2e4/0x550 kernel/signal.c:799
 group_send_sig_info+0xc2/0x300 kernel/signal.c:1413
 kill_pid_info_type+0x92/0x290 kernel/signal.c:1457
 kill_pid_info kernel/signal.c:1471 [inline]
 kill_proc_info+0x6f/0x1b0 kernel/signal.c:1478
 kill_something_info+0x2a0/0x310 kernel/signal.c:1575
 __do_sys_kill kernel/signal.c:3956 [inline]
 __se_sys_kill kernel/signal.c:3950 [inline]
 __x64_sys_kill+0x1c4/0x250 kernel/signal.c:3950
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x10b/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f04d6f3e3e7
RSP: 002b:00007ffc399a12c8 EFLAGS: 00000217 ORIG_RAX: 000000000000003e
RAX: ffffffffffffffda RBX: 00000000000004d9 RCX: 00007f04d6f3e3e7
RDX: 0000000000000bb8 RSI: 0000000000000009 RDI: 00000000000004d9
RBP: 00007ffc399a130c R08: 001413d023540356 R09: 0000000000000000
R10: 00000000000272d6 R11: 0000000000000217 R12: 0000000000000175
R13: 0000000000000064 R14: 00000000000caf6a R15: 00007ffc399a1360
 </TASK>
task:syz.3.1891      state:R  running task     stack:26472 pid:13071 tgid:13070 ppid:5613   task_flags:0x400140 flags:0x00080004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7513
 irqentry_exit_to_kernel_mode_preempt include/linux/irq-entry-common.h:476 [inline]
 irqentry_exit_to_kernel_mode include/linux/irq-entry-common.h:547 [inline]
 irqentry_exit+0x205/0x7e0 kernel/entry/common.c:164
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:av_hash security/selinux/include/hash.h:32 [inline]
RIP: 0010:avc_hash security/selinux/avc.c:128 [inline]
RIP: 0010:avc_search_node security/selinux/avc.c:527 [inline]
RIP: 0010:avc_lookup+0x21/0x240 security/selinux/avc.c:558
Code: 90 90 90 90 90 90 90 90 90 41 57 41 89 f7 41 56 41 89 d6 41 55 41 89 fd 41 54 55 53 89 d3 e8 26 cd 5a fd 65 ff 05 bf 6e 5e 0f <41> 69 c5 51 2d 9e cc c1 c0 0f 69 c0 93 35 87 1b c1 c0 0d 8d 94 80
RSP: 0018:ffffc9000b8af8b0 EFLAGS: 00000202
RAX: 0000000000080000 RBX: 000000000000004a RCX: ffffc90006df1000
RDX: 0000000000080000 RSI: ffffffff84add9ba RDI: 0000000000000094
RBP: 000000000000004a R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
R13: 0000000000000094 R14: 000000000000004a R15: 0000000000000094
 avc_has_perm_noaudit+0x97/0x3b0 security/selinux/avc.c:1157
 avc_has_perm+0xbd/0x1e0 security/selinux/avc.c:1195
 inode_has_perm+0x166/0x1d0 security/selinux/hooks.c:1692
 __file_has_perm+0x39c/0x460 security/selinux/hooks.c:1798
 file_has_perm security/selinux/hooks.c:1814 [inline]
 selinux_revalidate_file_permission security/selinux/hooks.c:3813 [inline]
 selinux_file_permission+0x4ac/0x6d0 security/selinux/hooks.c:3834
 security_file_permission+0x91/0x210 security/security.c:2392
 rw_verify_area+0xb8/0x6d0 fs/read_write.c:475
 io_write+0x3ce/0x1690 io_uring/rw.c:1165
 __io_issue_sqe+0xe8/0x7a0 io_uring/io_uring.c:1387
 io_issue_sqe+0x88/0x13e0 io_uring/io_uring.c:1410
 io_queue_sqe io_uring/io_uring.c:1636 [inline]
 io_submit_sqe io_uring/io_uring.c:1922 [inline]
 io_submit_sqes+0xafe/0x24b0 io_uring/io_uring.c:2045
 __do_sys_io_uring_enter+0xa88/0x1b50 io_uring/io_uring.c:2635
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x10b/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdfc1b9ce59
RSP: 002b:00007fdfc29b0028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
RAX: ffffffffffffffda RBX: 00007fdfc1e15fa0 RCX: 00007fdfc1b9ce59
RDX: 000000000000cf74 RSI: 0000000000002219 RDI: 0000000000000000
RBP: 00007fdfc1c32d6f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fdfc1e16038 R14: 00007fdfc1e15fa0 R15: 00007fff3b561df8
 </TASK>
rcu: rcu_preempt kthread starved for 10351 jiffies! g85245 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28216 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5388 [inline]
 __schedule+0x1295/0x67a0 kernel/sched/core.c:7189
 __schedule_loop kernel/sched/core.c:7268 [inline]
 schedule+0xdd/0x390 kernel/sched/core.c:7283
 schedule_timeout+0x127/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1a9/0x900 kernel/rcu/tree.c:2095
 rcu_gp_kthread+0x179/0x230 kernel/rcu/tree.c:2297
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x72b/0xd50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 12477 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:csd_lock_wait kernel/smp.c:342 [inline]
RIP: 0010:smp_call_function_many_cond+0x589/0x1700 kernel/smp.c:892
Code: b8 00 00 00 00 00 fc ff df 48 8b 54 24 08 49 89 d5 49 89 d4 49 c1 ed 03 41 83 e4 07 49 01 c5 41 83 c4 03 e8 79 83 0c 00 f3 90 <41> 0f b6 45 00 41 38 c4 7c 08 84 c0 0f 85 63 0f 00 00 8b 45 08 31
RSP: 0018:ffffc900054ff870 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81fc238d
RDX: ffff88802711ca00 RSI: ffffffff81fc2367 RDI: ffff88802711ca00
RBP: ffff8880b8443320 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003
R13: ffffed1017088665 R14: 0000000000000001 R15: ffff8880b853c5c0
FS:  0000000000000000(0000) GS:ffff888124472000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbf9f17bff8 CR3: 000000000e596000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 on_each_cpu_cond_mask+0x40/0x90 kernel/smp.c:1057
 on_each_cpu include/linux/smp.h:72 [inline]
 smp_text_poke_sync_each_cpu arch/x86/kernel/alternative.c:2773 [inline]
 smp_text_poke_batch_finish+0x337/0xc60 arch/x86/kernel/alternative.c:2983
 arch_jump_label_transform_apply+0x1c/0x30 arch/x86/kernel/jump_label.c:146
 jump_label_update+0x37a/0x550 kernel/jump_label.c:910
 static_key_enable_cpuslocked+0x1bc/0x270 kernel/jump_label.c:210
 static_key_enable+0x1a/0x20 kernel/jump_label.c:223
 toggle_allocation_gate mm/kfence/core.c:906 [inline]
 toggle_allocation_gate+0xfe/0x2d0 mm/kfence/core.c:898
 process_one_work+0xa0e/0x1980 kernel/workqueue.c:3302
 process_scheduled_works kernel/workqueue.c:3385 [inline]
 worker_thread+0x5ef/0xe50 kernel/workqueue.c:3466
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x72b/0xd50 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>