watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [syz-executor.7:4833] Modules linked in: irq event stamp: 4659135 hardirqs last enabled at (4659134): [] _raw_spin_unlock_irqrestore+0x28/0x60 hardirqs last disabled at (4659135): [] sysvec_apic_timer_interrupt+0xb/0xc0 softirqs last enabled at (4632488): [] __irq_exit_rcu+0x11b/0x180 softirqs last disabled at (4632491): [] __irq_exit_rcu+0x11b/0x180 CPU: 0 PID: 4833 Comm: syz-executor.7 Not tainted 5.19.0-rc6-next-20220714 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 RIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x60 Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 ca 24 0b fd 48 89 ef e8 b2 a6 0b fd 80 e7 02 74 06 e8 78 84 2d fd fb bf 01 00 00 00 cd 73 01 fd 65 8b 05 76 10 e4 7b 85 c0 74 07 5b 5d e9 2b dc 21 RSP: 0018:ffff88806ce09e00 EFLAGS: 00000206 RAX: 00000000004717be RBX: 0000000000000282 RCX: ffffffff8128e51f RDX: 0000000000000000 RSI: 0000000000000102 RDI: 0000000000000001 RBP: ffff88806ce2a640 R08: 0000000000000001 R09: ffffffff86a937ef R10: fffffbfff0d526fd R11: 0000000000000001 R12: ffff88806ce2a640 R13: ffff88806ce2a8c0 R14: dffffc0000000000 R15: ffff88806ce2a640 FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcf0f333718 CR3: 0000000043bce000 CR4: 0000000000350ef0 Call Trace: __hrtimer_run_queues+0x51f/0xbd0 hrtimer_run_softirq+0x172/0x340 __do_softirq+0x1c8/0x8d0 __irq_exit_rcu+0x11b/0x180 irq_exit_rcu+0x5/0x20 sysvec_apic_timer_interrupt+0x8e/0xc0 asm_sysvec_apic_timer_interrupt+0x16/0x20 RIP: 0010:preempt_schedule_common+0x2a/0xc0 Code: 41 55 41 54 49 bc 00 00 00 00 00 fc ff df 55 53 65 48 8b 1c 25 c0 6e 02 00 48 89 dd 48 c1 ed 03 4c 01 e5 65 ff 05 46 6a e5 7b <65> 8b 05 3f 6a e5 7b 25 ff ff ff 7f 83 f8 01 74 36 bf 01 00 00 00 RSP: 0018:ffff88803bb2f638 EFLAGS: 00000202 RAX: 0000000000004008 RBX: ffff888044551ac0 RCX: ffffffff841d0469 RDX: ffffed10088aa359 RSI: 0000000000000008 RDI: ffff888044551ac0 RBP: ffffed10088aa358 R08: 0000000000000000 R09: ffff888044551ac7 R10: ffffed10088aa358 R11: 0000000000000001 R12: dffffc0000000000 R13: ffffffff841d0507 R14: 00007ff13a400000 R15: dffffc0000000000 __cond_resched+0x17/0x30 unmap_page_range+0x1037/0x2720 unmap_single_vma+0x190/0x350 unmap_vmas+0x21e/0x370 exit_mmap+0x154/0x680 mmput+0xd1/0x390 do_exit+0x9e0/0x27a0 do_group_exit+0xd2/0x2f0 get_signal+0x2205/0x24b0 arch_do_signal_or_restart+0x89/0x1be0 exit_to_user_mode_prepare+0x131/0x1a0 syscall_exit_to_user_mode+0x19/0x40 do_syscall_64+0x48/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7ff13c63ab19 Code: Unable to access opcode bytes at RIP 0x7ff13c63aaef. RSP: 002b:00007ff139bb0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 RAX: 0000000000000000 RBX: 00007ff13c74df60 RCX: 00007ff13c63ab19 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340 RBP: 00007ff13c694f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fff6c001fcf R14: 00007ff139bb0300 R15: 0000000000022000 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 skipped: idling at default_idle+0xb/0x10 ---------------- Code disassembly (best guess): 0: 48 83 c7 18 add $0x18,%rdi 4: 53 push %rbx 5: 48 89 f3 mov %rsi,%rbx 8: 48 8b 74 24 10 mov 0x10(%rsp),%rsi d: e8 ca 24 0b fd callq 0xfd0b24dc 12: 48 89 ef mov %rbp,%rdi 15: e8 b2 a6 0b fd callq 0xfd0ba6cc 1a: 80 e7 02 and $0x2,%bh 1d: 74 06 je 0x25 1f: e8 78 84 2d fd callq 0xfd2d849c 24: fb sti 25: bf 01 00 00 00 mov $0x1,%edi * 2a: e8 cd 73 01 fd callq 0xfd0173fc <-- trapping instruction 2f: 65 8b 05 76 10 e4 7b mov %gs:0x7be41076(%rip),%eax # 0x7be410ac 36: 85 c0 test %eax,%eax 38: 74 07 je 0x41 3a: 5b pop %rbx 3b: 5d pop %rbp 3c: e9 .byte 0xe9 3d: 2b dc sub %esp,%ebx 3f: 21 .byte 0x21