rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5886/1:b..l P6231/1:b..l P81/1:b..l P6/1:b..l P53/1:b..l P6241/1:b..l P5212/1:b..l P6735/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=17989, q=800 ncpus=2)
task:syz.8.211       state:R  running task     stack:26408 pid:6735  tgid:6734  ppid:6250   task_flags:0x400040 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x167/0x2f0 arch/x86/include/asm/irqflags.h:-1
Code: c7 44 24 10 00 00 00 00 9c 8f 44 24 10 f7 44 24 10 00 02 00 00 0f 85 fd 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 65 48 8b 45 00 <48> 3b 44 24 38 0f 85 72 01 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc9000525f1e8 EFLAGS: 00000206
RAX: 4e3678ba3f5a1600 RBX: ffffffff8ed3dfe0 RCX: 4e3678ba3f5a1600
RDX: 0000000000000000 RSI: ffffffff8e4fd5a1 RDI: ffffffff8ca1b6a0
RBP: ffffffff9368a020 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000002 R14: 0000000000000246 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xd5/0x23b0 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11e/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 save_stack+0xfc/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x76/0x1e0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0xde8/0x10a0 mm/page_alloc.c:2680
 discard_slab mm/slub.c:2720 [inline]
 __put_partials+0x160/0x1c0 mm/slub.c:3189
 put_cpu_partial+0x17e/0x250 mm/slub.c:3264
 __slab_free+0x294/0x390 mm/slub.c:4516
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x23/0x80 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4151 [inline]
 kmem_cache_alloc_bulk_noprof+0x4fe/0x7c0 mm/slub.c:5375
 __io_alloc_req_refill+0xa3/0x330 io_uring/io_uring.c:963
 io_alloc_req io_uring/io_uring.h:450 [inline]
 io_submit_sqes+0xc47/0x1ce0 io_uring/io_uring.c:2331
 __do_sys_io_uring_enter io_uring/io_uring.c:3402 [inline]
 __se_sys_io_uring_enter+0x2cd/0x3560 io_uring/io_uring.c:3336
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7866d8d169
RSP: 002b:00007f7867c4a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
RAX: ffffffffffffffda RBX: 00007f7866fa5fa0 RCX: 00007f7866d8d169
RDX: 000000000000fac7 RSI: 00000000000047bc RDI: 0000000000000004
RBP: 00007f7866e0e990 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f7866fa5fa0 R15: 00007f78670cfa28
 </TASK>
task:udevd           state:R  running task     stack:24480 pid:5212  tgid:5212  ppid:1      task_flags:0x400140 flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_notrace+0x103/0x140 kernel/sched/core.c:7040
 preempt_schedule_notrace_thunk+0x16/0x30 arch/x86/entry/thunk.S:13
 rcu_is_watching+0x7e/0xb0 kernel/rcu/tree.c:737
 trace_lock_acquire include/trace/events/lock.h:24 [inline]
 lock_acquire+0x5e/0x2f0 kernel/locking/lockdep.c:5829
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0xd5/0x23b0 arch/x86/kernel/unwind_orc.c:479
 __unwind_start+0x59a/0x740 arch/x86/kernel/unwind_orc.c:758
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xe7/0x150 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 save_stack+0xfc/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x76/0x1e0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0xde8/0x10a0 mm/page_alloc.c:2680
 discard_slab mm/slub.c:2720 [inline]
 __put_partials+0x160/0x1c0 mm/slub.c:3189
 put_cpu_partial+0x17e/0x250 mm/slub.c:3264
 __slab_free+0x294/0x390 mm/slub.c:4516
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x23/0xb0 mm/kasan/common.c:385
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4331 [inline]
 __kmalloc_noprof+0x28e/0x4d0 mm/slub.c:4343
 kmalloc_noprof include/linux/slab.h:909 [inline]
 tomoyo_realpath_from_path+0xcf/0x5e0 security/tomoyo/realpath.c:251
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_perm+0x2be/0x640 security/tomoyo/file.c:822
 security_inode_getattr+0x130/0x330 security/security.c:2377
 vfs_getattr fs/stat.c:243 [inline]
 vfs_statx_path+0x23/0x2b0 fs/stat.c:283
 vfs_statx+0x13a/0x200 fs/stat.c:349
 vfs_fstatat+0xdc/0x150 fs/stat.c:368
 __do_sys_newfstatat fs/stat.c:532 [inline]
 __se_sys_newfstatat fs/stat.c:526 [inline]
 __x64_sys_newfstatat+0x11f/0x1a0 fs/stat.c:526
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6ea51165f4
RSP: 002b:00007fffb05b74e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
RAX: ffffffffffffffda RBX: 00005604d2c456d8 RCX: 00007f6ea51165f4
RDX: 00007fffb05b74f8 RSI: 00005604d2c35897 RDI: 00000000ffffff9c
RBP: 00005604ebff5448 R08: 000632766c824d07 R09: 7fffffffffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 000632766c824d07 R15: 00005604d2c39dca
 </TASK>
task:syz-executor    state:R  running task     stack:21256 pid:6241  tgid:6241  ppid:1      task_flags:0x40054c flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_release+0x244/0x3e0 arch/x86/include/asm/irqflags.h:-1
Code: 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 0f 85 c3 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 65 48 8b 03 <48> 3b 44 24 28 0f 85 82 01 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc9000413f320 EFLAGS: 00000206
RAX: d13e4f5b1b249900 RBX: ffffffff9368a020 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: ffffffff8e4fd5a1 RDI: ffffffff8ca1b6a0
RBP: ffff8880265746f0 R08: ffffc9000413f5e0 R09: 0000000000000000
R10: ffffc9000413f4b0 R11: fffff52000827e98 R12: 0000000000000000
R13: ffff888026573c00 R14: 0000000000000206 R15: ffffffff8ed3dfe0
 rcu_lock_release include/linux/rcupdate.h:341 [inline]
 rcu_read_unlock include/linux/rcupdate.h:871 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0x1a9f/0x23b0 arch/x86/kernel/unwind_orc.c:680
 arch_stack_walk+0x11e/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack+0x3f/0x60 mm/kasan/common.c:47
 kasan_record_aux_stack+0xbf/0xd0 mm/kasan/generic.c:548
 task_work_add+0xc1/0x490 kernel/task_work.c:65
 __fput_deferred+0xec/0x1f0 fs/file_table.c:526
 fput_close+0x1f2/0x270 fs/file_table.c:582
 filp_close+0x28/0x40 fs/open.c:1555
 close_files fs/file.c:479 [inline]
 put_files_struct+0x198/0x310 fs/file.c:494
 do_exit+0x9f2/0x27f0 kernel/exit.c:948
 do_group_exit+0x207/0x2c0 kernel/exit.c:1102
 get_signal+0x1696/0x1730 kernel/signal.c:3034
 arch_do_signal_or_restart+0x98/0x840 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xce/0x340 kernel/entry/common.c:218
 do_syscall_64+0x100/0x230 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f91739833d7
RSP: 002b:00007f9173ccfd80 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
RAX: fffffffffffffe00 RBX: 0000000000000033 RCX: 00007f91739833d7
RDX: 0000000040000000 RSI: 00007f9173ccfdec RDI: 00000000ffffffff
RBP: 00007f9173ccfdec R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000013
R13: 000055556e27c570 R14: 000000000002edbf R15: 00007f9173ccfe40
 </TASK>
task:kworker/u8:3    state:R  running task     stack:21432 pid:53    tgid:53    ppid:2      task_flags:0x4208160 flags:0x00004000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:orc_ip arch/x86/kernel/unwind_orc.c:80 [inline]
RIP: 0010:__orc_find arch/x86/kernel/unwind_orc.c:102 [inline]
RIP: 0010:orc_find arch/x86/kernel/unwind_orc.c:227 [inline]
RIP: 0010:unwind_next_frame+0x784/0x23b0 arch/x86/kernel/unwind_orc.c:494
Code: 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01 c8 48 83 e0 fe 49 8d 1c 46 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 <84> c0 75 27 48 63 03 48 01 d8 48 8d 4b 04 4c 39 e0 4c 0f 46 f1 48
RSP: 0018:ffffc90000be7468 EFLAGS: 00000a06
RAX: 0000000000000000 RBX: ffffffff90741d60 RCX: dffffc0000000000
RDX: ffffffff90ec87a8 RSI: ffffffff8ca1b680 RDI: ffffffff8ca1b640
RBP: ffffffff90741d60 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff818d9056
R13: ffffffff90741d60 R14: ffffffff90741d60 R15: ffffffff90741d60
 arch_stack_walk+0x11e/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:576
 poison_slab_object mm/kasan/common.c:247 [inline]
 __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264
 kasan_slab_free include/linux/kasan.h:233 [inline]
 slab_free_hook mm/slub.c:2389 [inline]
 slab_free mm/slub.c:4646 [inline]
 kmem_cache_free+0x197/0x410 mm/slub.c:4748
 skb_kfree_head net/core/skbuff.c:1056 [inline]
 skb_free_head net/core/skbuff.c:1070 [inline]
 skb_release_data+0x67a/0x8b0 net/core/skbuff.c:1097
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb net/core/skbuff.c:1176 [inline]
 sk_skb_reason_drop+0x1c9/0x380 net/core/skbuff.c:1214
 kfree_skb_reason include/linux/skbuff.h:1279 [inline]
 kfree_skb include/linux/skbuff.h:1288 [inline]
 ieee80211_iface_work+0x28b/0x1100 net/mac80211/iface.c:1678
 cfg80211_wiphy_work+0x2f0/0x490 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd50 kernel/workqueue.c:3400
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/R-kvfre state:R  running task     stack:27656 pid:6     tgid:6     ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__preempt_count_add kernel/rcu/tree.c:732 [inline]
RIP: 0010:rcu_is_watching+0x8/0xb0 kernel/rcu/tree.c:735
Code: 98 03 eb cd 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 41 56 <53> 65 ff 05 10 db bf 11 e8 3b 0a 88 0a 89 c3 83 f8 08 73 7a 49 bf
RSP: 0018:ffffc900000b7430 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffffc900000b7520 RCX: ffff88801ce99e00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900000b7528
RBP: dffffc0000000001 R08: ffffc900000b757f R09: 0000000000000000
R10: ffffc900000b7570 R11: fffff52000016eb0 R12: ffffc900000b7530
R13: dffffc0000000000 R14: ffffc900000b7f58 R15: ffffffff816e0bc8
 rcu_read_unlock include/linux/rcupdate.h:869 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0x1a5b/0x23b0 arch/x86/kernel/unwind_orc.c:680
 arch_stack_walk+0x11e/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:576
 poison_slab_object mm/kasan/common.c:247 [inline]
 __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264
 kasan_slab_free include/linux/kasan.h:233 [inline]
 slab_free_hook mm/slub.c:2389 [inline]
 slab_free_freelist_hook mm/slub.c:2418 [inline]
 slab_free_bulk mm/slub.c:4670 [inline]
 kmem_cache_free_bulk+0x2da/0x530 mm/slub.c:5247
 kfree_bulk include/linux/slab.h:794 [inline]
 kvfree_rcu_bulk+0xd3/0x1d0 mm/slab_common.c:1516
 kvfree_rcu_drain_ready mm/slab_common.c:1699 [inline]
 kfree_rcu_monitor+0x20c/0x2a0 mm/slab_common.c:1772
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 rescuer_thread+0x662/0x1020 kernel/workqueue.c:3496
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/u8:4    state:R  running task     stack:20968 pid:81    tgid:81    ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__sanitizer_cov_trace_cmp4+0x0/0x90 kernel/kcov.c:287
Code: 10 48 89 74 0a 18 4c 89 44 0a 20 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 08 a0 68 93 65 8b 05 e8 38
RSP: 0018:ffffc900015476d0 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffff8ba915e2 R09: ffffffff8504a539
R10: 000000000000000c R11: 0000000000000000 R12: dffffc0000000000
R13: 000000000000000f R14: ffff8880504fdc38 R15: 0000000000000005
 ieee80211_sta_get_rates+0x348/0x670 net/mac80211/util.c:1556
 ieee80211_update_sta_info net/mac80211/ibss.c:990 [inline]
 ieee80211_rx_bss_info net/mac80211/ibss.c:1100 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1581 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x1263/0x2e20 net/mac80211/ibss.c:1608
 ieee80211_iface_process_skb net/mac80211/iface.c:1622 [inline]
 ieee80211_iface_work+0x933/0x1100 net/mac80211/iface.c:1676
 cfg80211_wiphy_work+0x2f0/0x490 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd50 kernel/workqueue.c:3400
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/u8:9    state:R  running task     stack:24064 pid:6231  tgid:6231  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:get_reg arch/x86/kernel/unwind_orc.c:452 [inline]
RIP: 0010:unwind_next_frame+0x174a/0x23b0 arch/x86/kernel/unwind_orc.c:643
Code: 00 41 0f b7 36 c1 ee 04 83 e6 0f 83 fe 04 0f 84 cd 00 00 00 83 fe 01 0f 84 24 01 00 00 85 f6 0f 85 b0 02 00 00 48 8b 44 24 40 <80> 3c 28 00 74 08 48 89 df e8 18 6b bf 00 48 8b 1b 48 85 db 0f 84
RSP: 0018:ffffc9000b3cf468 EFLAGS: 00000246
RAX: 1ffff92001679eb2 RBX: ffffc9000b3cf590 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000b3cf5a0
RBP: dffffc0000000000 R08: ffffc9000b3cf59f R09: 0000000000000000
R10: ffffc9000b3cf590 R11: fffff52001679eb4 R12: ffffc9000b3cf540
R13: ffffc9000b3d0000 R14: ffffffff90e9dd32 R15: ffffffff90e9dd2e
 arch_stack_walk+0x11e/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:576
 poison_slab_object mm/kasan/common.c:247 [inline]
 __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264
 kasan_slab_free include/linux/kasan.h:233 [inline]
 slab_free_hook mm/slub.c:2389 [inline]
 slab_free mm/slub.c:4646 [inline]
 kmem_cache_free+0x197/0x410 mm/slub.c:4748
 skb_kfree_head net/core/skbuff.c:1056 [inline]
 skb_free_head net/core/skbuff.c:1070 [inline]
 skb_release_data+0x67a/0x8b0 net/core/skbuff.c:1097
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb net/core/skbuff.c:1176 [inline]
 sk_skb_reason_drop+0x1c9/0x380 net/core/skbuff.c:1214
 kfree_skb_reason include/linux/skbuff.h:1279 [inline]
 kfree_skb include/linux/skbuff.h:1288 [inline]
 ieee80211_iface_work+0x28b/0x1100 net/mac80211/iface.c:1678
 cfg80211_wiphy_work+0x2f0/0x490 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd50 kernel/workqueue.c:3400
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/1:3     state:R  running task     stack:22952 pid:5886  tgid:5886  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_release+0x244/0x3e0 arch/x86/include/asm/irqflags.h:-1
Code: 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 0f 85 c3 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 65 48 8b 03 <48> 3b 44 24 28 0f 85 82 01 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
RSP: 0018:ffffc900043ded40 EFLAGS: 00000206
RAX: c380d826d118ea00 RBX: ffffffff9368a020 RCX: 0000000000000007
RDX: dffffc0000000000 RSI: ffffffff8e4fd5a1 RDI: ffffffff8ca1b6a0
RBP: ffff888031b4aa08 R08: ffffc900043df128 R09: 0000000000000000
R10: ffffc900043deed0 R11: fffff5200087bddc R12: 0000000000000007
R13: ffff888031b49e00 R14: 0000000000000206 R15: ffffffff8ed3dfe0
 rcu_lock_release include/linux/rcupdate.h:341 [inline]
 rcu_read_unlock include/linux/rcupdate.h:871 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1155 [inline]
 unwind_next_frame+0x1a9f/0x23b0 arch/x86/kernel/unwind_orc.c:680
 arch_stack_walk+0x11e/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 save_stack+0xfc/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x76/0x1e0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0xde8/0x10a0 mm/page_alloc.c:2680
 discard_slab mm/slub.c:2720 [inline]
 __put_partials+0x160/0x1c0 mm/slub.c:3189
 put_cpu_partial+0x17e/0x250 mm/slub.c:3264
 __slab_free+0x294/0x390 mm/slub.c:4516
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x23/0xb0 mm/kasan/common.c:385
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4331 [inline]
 __kmalloc_noprof+0x28e/0x4d0 mm/slub.c:4343
 kmalloc_noprof include/linux/slab.h:909 [inline]
 usb_alloc_urb+0x41/0x150 drivers/usb/core/urb.c:75
 usb_internal_control_msg drivers/usb/core/message.c:96 [inline]
 usb_control_msg+0x18b/0x4c0 drivers/usb/core/message.c:154
 set_port_feature drivers/usb/core/hub.c:464 [inline]
 hub_port_reset+0x4d4/0x1b30 drivers/usb/core/hub.c:3051
 hub_port_init+0x2ac/0x2730 drivers/usb/core/hub.c:4903
 hub_port_connect drivers/usb/core/hub.c:5460 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
 port_event drivers/usb/core/hub.c:5831 [inline]
 hub_event+0x281c/0x50f0 drivers/usb/core/hub.c:5913
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd50 kernel/workqueue.c:3400
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/u8:11   state:R  running task     stack:27728 pid:6764  tgid:6764  ppid:2      task_flags:0x4208060 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:unwind_next_frame+0x750/0x23b0 arch/x86/kernel/unwind_orc.c:-1
Code: 00 48 8b 44 24 50 42 80 3c 28 00 74 08 4c 89 f7 e8 35 7b bf 00 4c 89 7c 24 20 49 8b 06 48 89 44 24 08 e9 65 07 00 00 4d 89 fd <4d> 89 fe 48 89 e8 4c 29 f0 48 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01
RSP: 0018:ffffc900045af2e8 EFLAGS: 00000246
RAX: ffffffff9192fb4e RBX: ffffffff9194b428 RCX: ffffffff90eae40e
RDX: ffffffff90eae408 RSI: ffffffff8ca1b680 RDI: ffffffff8ca1b640
RBP: ffffffff907305a0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff816e3507
R13: ffffffff907305a0 R14: 00000000000b34b5 R15: ffffffff907305a0
 __unwind_start+0x59a/0x740 arch/x86/kernel/unwind_orc.c:758
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xe7/0x150 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x11a/0x1d0 kernel/stacktrace.c:122
 save_stack+0xfc/0x1f0 mm/page_owner.c:156
 __reset_page_owner+0x76/0x1e0 mm/page_owner.c:308
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0xde8/0x10a0 mm/page_alloc.c:2680
 discard_slab mm/slub.c:2720 [inline]
 __put_partials+0x160/0x1c0 mm/slub.c:3189
 put_cpu_partial+0x17e/0x250 mm/slub.c:3264
 __slab_free+0x294/0x390 mm/slub.c:4516
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286
 __kasan_kmalloc+0x23/0xb0 mm/kasan/common.c:385
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __kmalloc_cache_noprof+0x236/0x370 mm/slub.c:4362
 kmalloc_noprof include/linux/slab.h:905 [inline]
 __kthread_create_on_node+0xf4/0x3e0 kernel/kthread.c:511
 kthread_create_on_node+0xe0/0x130 kernel/kthread.c:588
 create_worker+0x2a8/0x730 kernel/workqueue.c:2802
 maybe_create_worker kernel/workqueue.c:3063 [inline]
 manage_workers kernel/workqueue.c:3115 [inline]
 worker_thread+0x318/0xd50 kernel/workqueue.c:3375
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/u8:8    state:R  running task     stack:21736 pid:4534  tgid:4534  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:get_current arch/x86/include/asm/current.h:25 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 kernel/kcov.c:216
Code: 8b 3d e4 1e b6 0c 48 89 de 5b e9 b3 b4 5e 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 a0 68 93 65 8b 15 a8 3a a5 11 81 e2 00 01 ff 00
RSP: 0018:ffffc9000e3f76d0 EFLAGS: 00000283
RAX: ffffffff8ba9164e RBX: 00000000000000b4 RCX: dffffc0000000000
RDX: ffff8880348bda00 RSI: 00000000000000b4 RDI: 0000000000000078
RBP: 0000000000000078 R08: ffffffff8ba915e2 R09: ffffffff8504a539
R10: 000000000000000c R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000000000015 R14: ffff888028b930d0 R15: 0000000000000007
 ieee80211_sta_get_rates+0x3ee/0x670 net/mac80211/util.c:1561
 ieee80211_update_sta_info net/mac80211/ibss.c:990 [inline]
 ieee80211_rx_bss_info net/mac80211/ibss.c:1100 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1581 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x1263/0x2e20 net/mac80211/ibss.c:1608
 ieee80211_iface_process_skb net/mac80211/iface.c:1622 [inline]
 ieee80211_iface_work+0x933/0x1100 net/mac80211/iface.c:1676
 cfg80211_wiphy_work+0x2f0/0x490 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd50 kernel/workqueue.c:3400
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:kworker/u8:10   state:R  running task     stack:24168 pid:6757  tgid:6757  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events_unbound cfg80211_wiphy_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 preempt_schedule_irq+0xfe/0x1c0 kernel/sched/core.c:7090
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:get_current arch/x86/include/asm/current.h:25 [inline]
RIP: 0010:write_comp_data kernel/kcov.c:245 [inline]
RIP: 0010:__sanitizer_cov_trace_cmp4+0x8/0x90 kernel/kcov.c:288
Code: 44 0a 20 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 <65> 48 8b 14 25 08 a0 68 93 65 8b 05 e8 38 a5 11 25 00 01 ff 00 74
RSP: 0018:ffffc9000523f6d0 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 0000000000000078 RCX: dffffc0000000000
RDX: ffff88802d8f1e00 RSI: 0000000000000078 RDI: 0000000000000014
RBP: 0000000000000014 R08: ffffffff8ba915e2 R09: ffffffff8504a539
R10: 000000000000000c R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000000000012 R14: ffff88802ce1dc38 R15: 0000000000000006
 ieee80211_sta_get_rates+0x382/0x670 net/mac80211/util.c:1561
 ieee80211_update_sta_info net/mac80211/ibss.c:990 [inline]
 ieee80211_rx_bss_info net/mac80211/ibss.c:1100 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1581 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x1263/0x2e20 net/mac80211/ibss.c:1608
 ieee80211_iface_process_skb net/mac80211/iface.c:1622 [inline]
 ieee80211_iface_work+0x933/0x1100 net/mac80211/iface.c:1676
 cfg80211_wiphy_work+0x2f0/0x490 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac3/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd50 kernel/workqueue.c:3400
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: rcu_preempt kthread starved for 10805 jiffies! g17989 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26688 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x1b88/0x5240 kernel/sched/core.c:6767
 __schedule_loop kernel/sched/core.c:6845 [inline]
 schedule+0x163/0x360 kernel/sched/core.c:6860
 schedule_timeout+0x15b/0x2b0 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x2e1/0x1340 kernel/rcu/tree.c:2046
 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2248
 kthread+0x7b7/0x940 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:81
Code: cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 71 17 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90000197dc0 EFLAGS: 000002c6
RAX: b05b2919fd185100 RBX: ffffffff8197bf7e RCX: ffffffff8c30c95c
RDX: 0000000000000001 RSI: ffffffff8e69c726 RDI: ffffffff8ca1b6a0
RBP: ffffc90000197f20 R08: ffff8880b8732b5b R09: 1ffff110170e656b
R10: dffffc0000000000 R11: ffffed10170e656c R12: 1ffff92000032fd2
R13: 1ffff110039d7b40 R14: 0000000000000001 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff888125096000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000000532ae000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
 default_idle+0x13/0x20 arch/x86/kernel/process.c:748
 default_idle_call+0x74/0xb0 kernel/sched/idle.c:117
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x22e/0x5d0 kernel/sched/idle.c:325
 cpu_startup_entry+0x42/0x60 kernel/sched/idle.c:423
 start_secondary+0xfe/0x100 arch/x86/kernel/smpboot.c:315
 common_startup_64+0x13e/0x147
 </TASK>
raw-gadget.0 gadget.9: ignoring, device is not running