rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P2953/1:b..l P15715/1:b..l P8955/1:b..l (detected by 1, t=10502 jiffies, g=16709, q=561) task:kworker/0:6 state:R running task stack:27256 pid: 8955 ppid: 2 flags:0x00004000 Workqueue: events_power_efficient gc_worker Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0x908/0x26a0 kernel/sched/core.c:6287 preempt_schedule_irq+0x4e/0x90 kernel/sched/core.c:6687 irqentry_exit+0x31/0x80 kernel/entry/common.c:425 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:arch_local_irq_enable arch/x86/include/asm/irqflags.h:81 [inline] RIP: 0010:arch_local_irq_restore arch/x86/include/asm/irqflags.h:140 [inline] RIP: 0010:seqcount_lockdep_reader_access include/linux/seqlock.h:105 [inline] RIP: 0010:nf_conntrack_get_ht include/net/netfilter/nf_conntrack.h:326 [inline] RIP: 0010:gc_worker+0x5da/0xbd0 net/netfilter/nf_conntrack_core.c:1441 Code: c7 c7 e8 5f 49 8c ff 74 24 78 e8 91 a2 9a fa 48 8b b4 24 80 00 00 00 48 c7 c7 e8 5f 49 8c e8 6d 9b 9a fa e8 78 20 b7 fa fb 5e 9b fb ff ff 39 4c 24 08 0f 82 71 03 00 00 48 8b 44 24 30 48 8d RSP: 0018:ffffc9000cb6fca8 EFLAGS: 00000206 RAX: 00000000000372c9 RBX: 0000000000062e51 RCX: 1ffffffff1c41c8a RDX: 0000000000000000 RSI: ffffffff8143c7bf RDI: ffffffff88fd17a0 RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffffff8e1d5977 R10: fffffbfff1c3ab2e R11: 1ffffffff152df59 R12: ffffc9000cb6fdb8 R13: ffffffff8a60f180 R14: ffffffff8e894f80 R15: 0000000000000000 process_one_work+0x87f/0x1450 kernel/workqueue.c:2297 worker_thread+0x598/0x1040 kernel/workqueue.c:2444 kthread+0x38b/0x460 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 task:systemd-udevd state:R running task stack:28200 pid:15715 ppid: 2953 flags:0x00000000 Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0x908/0x26a0 kernel/sched/core.c:6287 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6459 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:35 __raw_spin_unlock include/linux/spinlock_api_smp.h:152 [inline] _raw_spin_unlock+0x36/0x40 kernel/locking/spinlock.c:186 spin_unlock include/linux/spinlock.h:403 [inline] filemap_map_pages+0xd2f/0x1350 mm/filemap.c:3338 do_fault_around mm/memory.c:4152 [inline] do_read_fault mm/memory.c:4167 [inline] do_fault mm/memory.c:4301 [inline] handle_pte_fault mm/memory.c:4559 [inline] __handle_mm_fault+0x1c81/0x41a0 mm/memory.c:4694 handle_mm_fault+0x21d/0x780 mm/memory.c:4792 do_user_addr_fault+0x2dc/0xcd0 arch/x86/mm/fault.c:1397 handle_page_fault arch/x86/mm/fault.c:1485 [inline] exc_page_fault+0x5a/0xc0 arch/x86/mm/fault.c:1541 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:568 RIP: 0033:0x7fb467c75da0 RSP: 002b:00007ffc75f47218 EFLAGS: 00010202 RAX: 0000000000000007 RBX: 0000557ef43c13e8 RCX: 00007fb467fbe840 RDX: 0000000000000000 RSI: 0000557ef43c2002 RDI: 0000000000000007 RBP: 0000557ef5328028 R08: 0000000000000020 R09: 0000000000000018 R10: 00007fb467cf82aa R11: 0000000000000246 R12: 0000557ef43c13e6 R13: 0000000000000000 R14: 0000000000000007 R15: 000000000000000e task:systemd-udevd state:R running task stack:23208 pid: 2953 ppid: 1 flags:0x00000000 Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0x908/0x26a0 kernel/sched/core.c:6287 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6459 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:35 __raw_spin_unlock include/linux/spinlock_api_smp.h:152 [inline] _raw_spin_unlock+0x36/0x40 kernel/locking/spinlock.c:186 spin_unlock include/linux/spinlock.h:403 [inline] __d_lookup+0x49e/0x580 fs/dcache.c:2439 lookup_fast+0x248/0x5b0 fs/namei.c:1615 walk_component+0xba/0x5f0 fs/namei.c:1966 link_path_walk.part.0+0x549/0x9d0 fs/namei.c:2297 link_path_walk fs/namei.c:2220 [inline] path_lookupat+0x74/0x6b0 fs/namei.c:2448 filename_lookup+0x192/0x510 fs/namei.c:2478 user_path_at_empty+0x35/0x50 fs/namei.c:2801 user_path_at include/linux/namei.h:57 [inline] do_faccessat+0xc0/0x660 fs/open.c:421 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fb467cea9c7 RSP: 002b:00007ffc75f47808 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 RAX: ffffffffffffffda RBX: 0000557ef534af30 RCX: 00007fb467cea9c7 RDX: 00007ffc75f47833 RSI: 0000000000000000 RDI: 00007ffc75f47810 RBP: 00007ffc75f47880 R08: 000000000000ff08 R09: 7269762f73656369 R10: 00007fb467fa8b58 R11: 0000000000000246 R12: 0000557ef43c1856 R13: 0000557ef534ad90 R14: 00007ffc75f47810 R15: 0000557ef53490c0 rcu: rcu_preempt kthread timer wakeup didn't happen for 10498 jiffies! g16709 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 rcu: Possible timer handling issue on cpu=0 timer-softirq=7616 rcu: rcu_preempt kthread starved for 10499 jiffies! g16709 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:I stack:29144 pid: 13 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:4940 [inline] __schedule+0x908/0x26a0 kernel/sched/core.c:6287 schedule+0xd3/0x270 kernel/sched/core.c:6366 schedule_timeout+0x11d/0x250 kernel/time/timer.c:1881 rcu_gp_fqs_loop+0x186/0x800 kernel/rcu/tree.c:1957 rcu_gp_kthread+0x1de/0x320 kernel/rcu/tree.c:2130 kthread+0x38b/0x460 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 13005 Comm: syz-executor.2 Not tainted 5.15.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:rep_nop arch/x86/include/asm/vdso/processor.h:13 [inline] RIP: 0010:cpu_relax arch/x86/include/asm/vdso/processor.h:18 [inline] RIP: 0010:queued_write_lock_slowpath+0x135/0x2c0 kernel/locking/qrwlock.c:78 Code: b8 00 00 00 00 00 fc ff df 49 01 c7 41 83 c6 03 41 0f b6 07 41 38 c6 7c 08 84 c0 0f 85 3e 01 00 00 8b 03 3d 00 01 00 00 74 19 90 41 0f b6 07 41 38 c6 7c ec 84 c0 74 e8 48 89 df e8 24 4a 54 RSP: 0018:ffffc90003d7fa70 EFLAGS: 00000006 RAX: 0000000000000300 RBX: ffffffff8a60a080 RCX: ffffffff8153109f RDX: fffffbfff14c1411 RSI: 0000000000000004 RDI: ffffffff8a60a080 RBP: 1ffff920007aff4f R08: 0000000000000001 R09: ffffffff8a60a083 R10: fffffbfff14c1410 R11: 000000000000000c R12: ffffffff8a60a084 R13: 00000000000000ff R14: 0000000000000003 R15: fffffbfff14c1410 FS: 000000000197d400(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000014a53ad CR3: 000000005f984000 CR4: 0000000000350ef0 Call Trace: queued_write_lock include/asm-generic/qrwlock.h:97 [inline] do_raw_write_lock+0x1ce/0x280 kernel/locking/spinlock_debug.c:210 copy_process+0x2fc3/0x6960 kernel/fork.c:2313 kernel_clone+0xb8/0x7f0 kernel/fork.c:2584 __do_sys_clone+0xaf/0xf0 kernel/fork.c:2701 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4640eb Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 RSP: 002b:00007ffdfcd7cd60 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004640eb RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000197d400 R10: 000000000197d6d0 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffdfcd7ce30 ---------------- Code disassembly (best guess): 0: c7 c7 e8 5f 49 8c mov $0x8c495fe8,%edi 6: ff 74 24 78 pushq 0x78(%rsp) a: e8 91 a2 9a fa callq 0xfa9aa2a0 f: 48 8b b4 24 80 00 00 mov 0x80(%rsp),%rsi 16: 00 17: 48 c7 c7 e8 5f 49 8c mov $0xffffffff8c495fe8,%rdi 1e: e8 6d 9b 9a fa callq 0xfa9a9b90 23: e8 78 20 b7 fa callq 0xfab720a0 28: fb sti 29: 5e pop %rsi * 2a: e9 9b fb ff ff jmpq 0xfffffbca <-- trapping instruction 2f: 39 4c 24 08 cmp %ecx,0x8(%rsp) 33: 0f 82 71 03 00 00 jb 0x3aa 39: 48 8b 44 24 30 mov 0x30(%rsp),%rax 3e: 48 rex.W 3f: 8d .byte 0x8d