hrtimer: interrupt took 31491 ns
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	1-...!: (1 ticks this GP) idle=a30c/1/0x4000000000000000 softirq=13817/13817 fqs=6
rcu: 	(detected by 0, t=10502 jiffies, g=8581, q=325 ncpus=2)
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 6024 Comm: syz.1.29 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:debug_spin_unlock kernel/locking/spinlock_debug.c:100 [inline]
RIP: 0010:do_raw_spin_unlock+0x26/0x240 kernel/locking/spinlock_debug.c:141
Code: 90 90 90 90 0f 1f 40 d6 55 41 57 41 56 41 55 41 54 53 48 89 fb 49 bc 00 00 00 00 00 fc ff df 4c 8d 77 04 4c 89 f0 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 84 01 00 00 41 81 3e ad 4e ad de 0f 85
RSP: 0000:ffffc900001df7c8 EFLAGS: 00000803
RAX: 1ffff11026cc4f58 RBX: ffff888136627ac0 RCX: 2ca79d4a0080bc00
RDX: 0000000000000002 RSI: ffffffff8dd8c8ae RDI: ffff888136627ac0
RBP: ffffc900001df898 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffff5200003bef0 R12: dffffc0000000000
R13: ffff888136627b40 R14: ffff888136627ac4 R15: 1ffff9200003bf00
FS:  00007f34b41fe6c0(0000) GS:ffff8881a3a03000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000100000000 CR3: 000000010e756000 CR4: 00000000000006f0
Call Trace:
 <IRQ>
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:150 [inline]
 _raw_spin_unlock_irqrestore+0x78/0x110 kernel/locking/spinlock.c:194
 unlock_hrtimer_base kernel/time/hrtimer.c:1013 [inline]
 hrtimer_try_to_cancel+0x3be/0x420 kernel/time/hrtimer.c:1360
 hrtimer_cancel+0x3b/0x50 kernel/time/hrtimer.c:1481
 perf_swevent_cancel_hrtimer kernel/events/core.c:11830 [inline]
 task_clock_event_stop+0xd9/0x170 kernel/events/core.c:11959
 __perf_event_overflow+0x580/0xe40 kernel/events/core.c:10346
 perf_swevent_hrtimer+0x3b8/0x500 kernel/events/core.c:11786
 __run_hrtimer kernel/time/hrtimer.c:1777 [inline]
 __hrtimer_run_queues+0x4e0/0xc60 kernel/time/hrtimer.c:1841
 hrtimer_interrupt+0x45b/0xaa0 kernel/time/hrtimer.c:1903
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1041 [inline]
 __sysvec_apic_timer_interrupt+0x10b/0x410 arch/x86/kernel/apic/apic.c:1058
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]
 sysvec_apic_timer_interrupt+0x52/0xc0 arch/x86/kernel/apic/apic.c:1052
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:memcmp+0x0/0x230 lib/string.c:674
Code: 8c 6c ff ff ff 4c 89 e7 e8 bd 7b ab f6 e9 5f ff ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 41 57 41 56 41 55 41 54 53 50 49 bf 00 00 00 00 00
RSP: 0000:ffffc900001e0038 EFLAGS: 00000282
RAX: ffffffff8ad9f7fa RBX: 0000000000000002 RCX: ffff888021249d00
RDX: 0000000000000006 RSI: ffff8880227d58bc RDI: ffffc900001e031c
RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffff5200003c02c R12: ffffc900001e031c
R13: dffffc0000000000 R14: ffff888107e01480 R15: ffff8880227d58bc
 memcmp include/linux/fortify-string.h:727 [inline]
 cmp_bss+0x4f8/0xe80 net/wireless/scan.c:1499
 rb_find_bss net/wireless/scan.c:1693 [inline]
 __cfg80211_bss_update+0xdb/0x2120 net/wireless/scan.c:1986
 cfg80211_inform_single_bss_data+0xba9/0x1ac0 net/wireless/scan.c:2381
 cfg80211_inform_bss_data+0x203/0x3b40 net/wireless/scan.c:3240
 cfg80211_inform_bss_frame_data+0x3d7/0x730 net/wireless/scan.c:3331
 ieee80211_bss_info_update+0x749/0x9e0 net/mac80211/scan.c:226
 ieee80211_scan_rx+0x593/0xa20 net/mac80211/scan.c:355
 __ieee80211_rx_handle_packet net/mac80211/rx.c:5194 [inline]
 ieee80211_rx_list+0x210c/0x2b90 net/mac80211/rx.c:5447
 ieee80211_rx_napi+0x1a8/0x3d0 net/mac80211/rx.c:5470
 ieee80211_rx include/net/mac80211.h:5214 [inline]
 ieee80211_handle_queued_frames+0xe8/0x1f0 net/mac80211/main.c:453
 tasklet_action_common+0x36c/0x580 kernel/softirq.c:925
 handle_softirqs+0x286/0x870 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:preempt_schedule_irq+0xb0/0x150 kernel/sched/core.c:7291
Code: 24 20 f6 44 24 21 02 74 0c 90 0f 0b 48 f7 03 10 00 00 00 74 64 bf 01 00 00 00 e8 1b 1f 11 f6 e8 b6 85 48 f6 fb bf 01 00 00 00 <e8> 5b ab ff ff 48 c7 44 24 40 00 00 00 00 9c 8f 44 24 40 8b 44 24
RSP: 0000:ffffc90002f17dc0 EFLAGS: 00000282
RAX: 2ca79d4a0080bc00 RBX: 0000000000000000 RCX: 2ca79d4a0080bc00
RDX: 0000000000000000 RSI: ffffffff8db9e7a7 RDI: 0000000000000001
RBP: ffffc90002f17e60 R08: ffffffff8fc34277 R09: 1ffffffff1f8684e
R10: dffffc0000000000 R11: fffffbfff1f8684f R12: 0000000000000000
R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920005e2fb8
 irqentry_exit+0x6f/0x90 kernel/entry/common.c:211
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:exit_to_user_mode_loop kernel/entry/common.c:-1 [inline]
RIP: 0010:exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
RIP: 0010:irqentry_exit_to_user_mode+0x51/0x110 kernel/entry/common.c:73
Code: 07 85 c0 0f 85 c0 00 00 00 e8 ab 7f 2c f6 65 4c 8b 34 25 08 d0 c1 92 49 8b 3e f7 c7 37 03 00 00 74 50 49 89 ff e8 8f 7e 2c f6 <4c> 89 f8 a8 30 74 08 e8 93 19 01 00 4c 89 f8 a9 00 01 00 00 74 0b
RSP: 0000:ffffc90002f17f28 EFLAGS: 00000282
RAX: 2ca79d4a0080bc00 RBX: ffffc90002f17f48 RCX: 2ca79d4a0080bc00
RDX: 0000000000000000 RSI: ffffffff8db9e7a7 RDI: ffffffff8c03d4e0
RBP: 0000000000000000 R08: ffffffff8fc34277 R09: 1ffffffff1f8684e
R10: dffffc0000000000 R11: fffffbfff1f8684f R12: 0000000000000000
R13: 0000000000000000 R14: ffff888021249d00 R15: 0000000000000010
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0033:0x7f34b591caf3
Code: 41 89 fd 49 c1 e5 04 4b 8d 1c 2e 48 83 c3 28 49 b9 ff ff ff ff ff ff ff 7f 49 ba ff ff ff ff ff ff ff 3f 4d 8d 62 01 45 8b 3e <41> f6 c7 01 75 4d 41 8b 46 04 83 f8 01 75 56 0f ae e8 0f 31 48 c1
RSP: 002b:00007f34b41fdfd0 EFLAGS: 00000202
RAX: 0000000000000002 RBX: 00007f34b5916038 RCX: 0000000000000001
RDX: 00007f34b4c9ad60 RSI: 00007f34b41fe0b0 RDI: 0000000000000001
RBP: 00007f34b41fe040 R08: 0000000000000000 R09: 7fffffffffffffff
R10: 3fffffffffffffff R11: 0000000000000246 R12: 4000000000000000
R13: 0000000000000010 R14: 00007f34b5916000 R15: 0000000000003622
 </TASK>
rcu: rcu_preempt kthread starved for 10490 jiffies! g8581 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27224 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5360 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6964
 __schedule_loop kernel/sched/core.c:7046 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:7061
 schedule_timeout+0x12b/0x270 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x301/0x1540 kernel/rcu/tree.c:2083
 rcu_gp_kthread+0x99/0x390 kernel/rcu/tree.c:2285
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 2249 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:csd_lock_wait kernel/smp.c:342 [inline]
RIP: 0010:smp_call_function_many_cond+0xd4b/0x12d0 kernel/smp.c:877
Code: 00 00 00 00 fc ff df 75 07 e8 d1 6e 0b 00 eb 38 f3 90 42 0f b6 04 2b 84 c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 b5 6e 0b 00 <eb> e4 44 89 e1 80 e1 07 80 c1 03 38 c1 7c e2 4c 89 e7 e8 4e af 70
RSP: 0018:ffffc9000ae2f640 EFLAGS: 00000293
RAX: ffffffff81b4e79b RBX: 1ffff11026cc7ffd RCX: ffff88801fc30000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc9000ae2f7c0 R08: ffffffff8fc34277 R09: 1ffffffff1f8684e
R10: dffffc0000000000 R11: fffffbfff1f8684f R12: ffff88813663ffe8
R13: dffffc0000000000 R14: ffff88804b03b200 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880b8403000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c0081f7000 CR3: 000000000e138000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 on_each_cpu_cond_mask+0x3f/0x80 kernel/smp.c:1043
 on_each_cpu include/linux/smp.h:71 [inline]
 smp_text_poke_sync_each_cpu arch/x86/kernel/alternative.c:2713 [inline]
 smp_text_poke_batch_finish+0x5f9/0x1130 arch/x86/kernel/alternative.c:2923
 arch_jump_label_transform_apply+0x1c/0x30 arch/x86/kernel/jump_label.c:146
 static_key_enable_cpuslocked+0x128/0x250 kernel/jump_label.c:210
 static_key_enable+0x1a/0x20 kernel/jump_label.c:223
 toggle_allocation_gate+0xad/0x240 mm/kfence/core.c:852
 process_one_work kernel/workqueue.c:3263 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
