rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	1-...!: (0 ticks this GP) idle=abb4/1/0x4000000000000000 softirq=6503/6503 fqs=0
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P4089/1:b..l P4093/1:b..l P4077/1:b..l
	(detected by 0, t=10502 jiffies, g=5257, q=209 ncpus=2)
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 144 Comm: kworker/1:2 Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
Workqueue: events p9_read_work
RIP: 0010:halt arch/x86/include/asm/irqflags.h:99 [inline]
RIP: 0010:kvm_wait+0xc1/0x100 arch/x86/kernel/kvm.c:1060
Code: f4 48 83 c4 10 c3 89 74 24 0c 48 89 3c 24 e8 56 db 4c 00 8b 74 24 0c 48 8b 3c 24 e9 6a ff ff ff eb 07 0f 00 2d 70 de b4 08 f4 <eb> bf 89 74 24 0c 48 89 3c 24 e8 00 cc 93 00 8b 74 24 0c 48 8b 3c
RSP: 0018:ffffc90002d8f998 EFLAGS: 00000046
RAX: 0000000000000003 RBX: 0000000000000000 RCX: dffffc0000000000
RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffff88807823c800
RBP: ffff88807823c800 R08: 0000000000000001 R09: ffff88807823c800
R10: ffffed100f047900 R11: 0000000000000004 R12: 0000000000000000
R13: ffffed100f047900 R14: 0000000000000001 R15: ffff8880b9b3ae00
FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020010000 CR3: 000000001dcf9000 CR4: 0000000000350ee0
Call Trace:
 <TASK>
 pv_wait arch/x86/include/asm/paravirt.h:603 [inline]
 pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:470 [inline]
 __pv_queued_spin_lock_slowpath+0x8c7/0xb50 kernel/locking/qspinlock.c:511
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:591 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x200/0x2a0 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x41/0x50 kernel/locking/spinlock.c:162
 p9_tag_remove net/9p/client.c:367 [inline]
 p9_req_put net/9p/client.c:375 [inline]
 p9_req_put+0xc6/0x250 net/9p/client.c:372
 p9_conn_cancel+0x640/0x970 net/9p/trans_fd.c:213
 p9_read_work+0x514/0x10b0 net/9p/trans_fd.c:403
 process_one_work+0x991/0x1610 kernel/workqueue.c:2289
 worker_thread+0x665/0x1080 kernel/workqueue.c:2436
 kthread+0x2e4/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
 </TASK>
task:syz-executor.3  state:R  running task     stack:26624 pid:4077  ppid:3636   flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5178 [inline]
 __schedule+0xadf/0x5270 kernel/sched/core.c:6490
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6659
 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:34
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:160 [inline]
 _raw_spin_unlock_irq+0x3c/0x40 kernel/locking/spinlock.c:202
 spin_unlock_irq include/linux/spinlock.h:400 [inline]
 loop_queue_work drivers/block/loop.c:898 [inline]
 loop_queue_rq+0x623/0x11f0 drivers/block/loop.c:1840
 __blk_mq_issue_directly block/blk-mq.c:2524 [inline]
 __blk_mq_try_issue_directly+0x53c/0x740 block/blk-mq.c:2577
 blk_mq_try_issue_directly+0x21/0xf0 block/blk-mq.c:2601
 blk_mq_submit_bio+0x12f9/0x1d20 block/blk-mq.c:2927
 __submit_bio+0x2b7/0x340 block/blk-core.c:591
 __submit_bio_noacct_mq block/blk-core.c:668 [inline]
 submit_bio_noacct_nocheck block/blk-core.c:685 [inline]
 submit_bio_noacct_nocheck+0x6c9/0x8a0 block/blk-core.c:674
 submit_bio_noacct+0xab5/0x1d10 block/blk-core.c:791
 submit_bio block/blk-core.c:827 [inline]
 submit_bio+0x8b/0x1c0 block/blk-core.c:815
 mpage_bio_submit fs/mpage.c:64 [inline]
 mpage_read_folio+0xe1/0x140 fs/mpage.c:381
 ntfs_read_folio+0x148/0x1e0 fs/ntfs3/inode.c:706
 filemap_read_folio+0xdb/0x2c0 mm/filemap.c:2399
 do_read_cache_folio+0x1df/0x510 mm/filemap.c:3526
 do_read_cache_page mm/filemap.c:3568 [inline]
 read_cache_page+0x59/0x2b0 mm/filemap.c:3577
 read_mapping_page include/linux/pagemap.h:756 [inline]
 ntfs_map_page fs/ntfs3/ntfs_fs.h:899 [inline]
 ntfs_fill_super+0x3002/0x37f0 fs/ntfs3/super.c:1210
 get_tree_bdev+0x440/0x760 fs/super.c:1323
 vfs_get_tree+0x89/0x2f0 fs/super.c:1530
 do_new_mount fs/namespace.c:3040 [inline]
 path_mount+0x1326/0x1e20 fs/namespace.c:3370
 do_mount fs/namespace.c:3383 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount fs/namespace.c:3568 [inline]
 __x64_sys_mount+0x27f/0x300 fs/namespace.c:3568
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f981928cada
RSP: 002b:00007f981a3e4f88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f981928cada
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f981a3e4fe0
RBP: 00007f981a3e5020 R08: 00007f981a3e5020 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
R13: 0000000020000100 R14: 00007f981a3e4fe0 R15: 0000000020003480
 </TASK>
task:syz-executor.4  state:R  running task     stack:27016 pid:4093  ppid:3635   flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5178 [inline]
 __schedule+0xadf/0x5270 kernel/sched/core.c:6490
 preempt_schedule_irq+0x4e/0x90 kernel/sched/core.c:6802
 irqentry_exit+0x31/0x80 kernel/entry/common.c:428
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:iowrite16+0x5c/0xb0 lib/iomap.c:196
Code: 97 78 fd e8 e6 97 78 fd 4c 89 e6 bf 00 00 01 00 e8 b9 94 78 fd 49 81 fc 00 00 01 00 76 14 e8 cb 97 78 fd 89 d8 44 89 e2 66 ef <5b> 41 5c e9 bc 97 78 fd e8 b7 97 78 fd 8b 1d 11 da 8a 08 31 ff 89
RSP: 0018:ffffc90005a46e10 EFLAGS: 00000216
RAX: 0000000000000002 RBX: 0000000000000002 RCX: ffffc9000d840000
RDX: 000000000001c010 RSI: ffffffff8402b275 RDI: 0000000000000007
RBP: ffff888140143e4b R08: 0000000000000007 R09: 0000000000010000
R10: 000000000001c010 R11: 0000000000000000 R12: 000000000001c010
R13: 0000000000000206 R14: ffff88814756d0b0 R15: 0000000000000033
 vp_notify+0x56/0x80 drivers/virtio/virtio_pci_common.c:45
 virtqueue_notify+0x7f/0x110 drivers/virtio/virtio_ring.c:2231
 virtscsi_add_cmd+0x10e/0x140 drivers/scsi/virtio_scsi.c:500
 virtscsi_queuecommand+0xa2a/0x10a0 drivers/scsi/virtio_scsi.c:590
 scsi_dispatch_cmd drivers/scsi/scsi_lib.c:1524 [inline]
 scsi_queue_rq+0x19dc/0x3870 drivers/scsi/scsi_lib.c:1760
 blk_mq_dispatch_rq_list+0x70c/0x23d0 block/blk-mq.c:1986
 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:173 [inline]
 blk_mq_do_dispatch_sched+0x96f/0xc30 block/blk-mq-sched.c:187
 __blk_mq_sched_dispatch_requests+0x26d/0x3e0 block/blk-mq-sched.c:313
 blk_mq_sched_dispatch_requests+0x106/0x190 block/blk-mq-sched.c:339
 __blk_mq_run_hw_queue+0xff/0x350 block/blk-mq.c:2104
 __blk_mq_delay_run_hw_queue+0x620/0x760 block/blk-mq.c:2180
 blk_mq_run_hw_queue+0x33b/0x490 block/blk-mq.c:2228
 blk_mq_sched_insert_requests+0x1d5/0x9a0 block/blk-mq-sched.c:493
 blk_mq_dispatch_plug_list block/blk-mq.c:2688 [inline]
 blk_mq_flush_plug_list+0x3ce/0xdd0 block/blk-mq.c:2730
 __blk_flush_plug block/blk-core.c:1138 [inline]
 blk_finish_plug block/blk-core.c:1162 [inline]
 blk_finish_plug+0xb7/0x160 block/blk-core.c:1159
 ext4_writepages+0x2814/0x3b60 fs/ext4/inode.c:2885
 do_writepages+0x1ab/0x690 mm/page-writeback.c:2469
 filemap_fdatawrite_wbc mm/filemap.c:388 [inline]
 filemap_fdatawrite_wbc+0x143/0x1b0 mm/filemap.c:378
 __filemap_fdatawrite_range+0xb4/0xf0 mm/filemap.c:421
 file_write_and_wait_range+0xb2/0x120 mm/filemap.c:773
 ext4_sync_file+0x218/0xfd0 fs/ext4/fsync.c:151
 vfs_fsync_range+0x13a/0x220 fs/sync.c:188
 generic_write_sync include/linux/fs.h:2873 [inline]
 generic_write_sync include/linux/fs.h:2870 [inline]
 ext4_buffered_write_iter+0x379/0x460 fs/ext4/file.c:292
 ext4_file_write_iter+0x8b8/0x16e0 fs/ext4/file.c:700
 call_write_iter include/linux/fs.h:2190 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x9e9/0xdd0 fs/read_write.c:584
 ksys_write+0x127/0x250 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fdc8228b5a9
RSP: 002b:00007fdc834a7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fdc823ac050 RCX: 00007fdc8228b5a9
RDX: 00000000000000bf RSI: 0000000020000100 RDI: 0000000000000006
RBP: 00007fdc822e6580 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc5b3bc27f R14: 00007fdc834a7300 R15: 0000000000022000
 </TASK>
task:modprobe        state:R  running task     stack:28736 pid:4089  ppid:9      flags:0x00000000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5178 [inline]
 __schedule+0xadf/0x5270 kernel/sched/core.c:6490
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6659
 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:34
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x36/0x40 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:390 [inline]
 filemap_map_pages+0x147b/0x1e00 mm/filemap.c:3398
 do_fault_around mm/memory.c:4493 [inline]
 do_read_fault mm/memory.c:4519 [inline]
 do_fault mm/memory.c:4653 [inline]
 handle_pte_fault mm/memory.c:4917 [inline]
 __handle_mm_fault+0x210e/0x39b0 mm/memory.c:5059
 handle_mm_fault+0x1c8/0x780 mm/memory.c:5157
 do_user_addr_fault+0x475/0x1210 arch/x86/mm/fault.c:1407
 handle_page_fault arch/x86/mm/fault.c:1498 [inline]
 exc_page_fault+0x94/0x170 arch/x86/mm/fault.c:1554
 asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570
RIP: 0033:0x7fb95e54c48f
RSP: 002b:00007ffd7c3c2d30 EFLAGS: 00010202
RAX: 00007fb95e574000 RBX: 0000000000000000 RCX: 000000000000000a
RDX: 00007fb95e4739d0 RSI: 00007fb95e2d75a8 RDI: 00007fb95e5697ad
RBP: 00007ffd7c3c31a0 R08: 00007fb95e2bf3c0 R09: 0000000000000040
R10: ffff8046a1d40cbc R11: 0000000000000246 R12: 00007fb95e2bf390
R13: 00000000c0000002 R14: 00007fb95e2bf040 R15: 00007fb95e541500
 </TASK>
rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g5257 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
rcu: 	Possible timer handling issue on cpu=1 timer-softirq=8141
rcu: rcu_preempt kthread starved for 10502 jiffies! g5257 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:I stack:29320 pid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5178 [inline]
 __schedule+0xadf/0x5270 kernel/sched/core.c:6490
 schedule+0xda/0x1b0 kernel/sched/core.c:6566
 schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1935
 rcu_gp_fqs_loop+0x190/0x910 kernel/rcu/tree.c:1658
 rcu_gp_kthread+0x236/0x360 kernel/rcu/tree.c:1857
 kthread+0x2e4/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 144 Comm: kworker/1:2 Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
Workqueue: events p9_read_work
RIP: 0010:halt arch/x86/include/asm/irqflags.h:99 [inline]
RIP: 0010:kvm_wait+0xc1/0x100 arch/x86/kernel/kvm.c:1060
Code: f4 48 83 c4 10 c3 89 74 24 0c 48 89 3c 24 e8 56 db 4c 00 8b 74 24 0c 48 8b 3c 24 e9 6a ff ff ff eb 07 0f 00 2d 70 de b4 08 f4 <eb> bf 89 74 24 0c 48 89 3c 24 e8 00 cc 93 00 8b 74 24 0c 48 8b 3c
RSP: 0018:ffffc90002d8f998 EFLAGS: 00000046
RAX: 0000000000000003 RBX: 0000000000000000 RCX: dffffc0000000000
RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffff88807823c800
RBP: ffff88807823c800 R08: 0000000000000001 R09: ffff88807823c800
R10: ffffed100f047900 R11: 0000000000000004 R12: 0000000000000000
R13: ffffed100f047900 R14: 0000000000000001 R15: ffff8880b9b3ae00
FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020010000 CR3: 000000001dcf9000 CR4: 0000000000350ee0
Call Trace:
 <TASK>
 pv_wait arch/x86/include/asm/paravirt.h:603 [inline]
 pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:470 [inline]
 __pv_queued_spin_lock_slowpath+0x8c7/0xb50 kernel/locking/qspinlock.c:511
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:591 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x200/0x2a0 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x41/0x50 kernel/locking/spinlock.c:162
 p9_tag_remove net/9p/client.c:367 [inline]
 p9_req_put net/9p/client.c:375 [inline]
 p9_req_put+0xc6/0x250 net/9p/client.c:372
 p9_conn_cancel+0x640/0x970 net/9p/trans_fd.c:213
 p9_read_work+0x514/0x10b0 net/9p/trans_fd.c:403
 process_one_work+0x991/0x1610 kernel/workqueue.c:2289
 worker_thread+0x665/0x1080 kernel/workqueue.c:2436
 kthread+0x2e4/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
 </TASK>