watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [ksoftirqd/0:13]
Modules linked in:
irq event stamp: 11364481
hardirqs last  enabled at (11364480): [<ffffffff84400d06>] asm_sysvec_apic_timer_interrupt+0x16/0x20
hardirqs last disabled at (11364481): [<ffffffff8421c01b>] sysvec_apic_timer_interrupt+0xb/0xc0
softirqs last  enabled at (11318974): [<ffffffff8116cc51>] run_ksoftirqd+0x31/0x60
softirqs last disabled at (11318981): [<ffffffff8116cc51>] run_ksoftirqd+0x31/0x60
CPU: 0 PID: 13 Comm: ksoftirqd/0 Not tainted 6.0.0-rc2-next-20220824 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:__sanitizer_cov_trace_cmp4+0x4/0x20
Code: 00 00 00 00 66 90 48 8b 0c 24 0f b7 d6 0f b7 f7 bf 02 00 00 00 e9 3c ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 8b 0c 24 <89> f2 89 fe bf 04 00 00 00 e9 1e ff ff ff 66 66 2e 0f 1f 84 00 00
RSP: 0018:ffff888008667b70 EFLAGS: 00000246
RAX: 0000000000000007 RBX: 0000000000000005 RCX: ffffffff8217df2c
RDX: ffffed1001767a87 RSI: 0000000000000005 RDI: 0000000000000005
RBP: 0000000000000005 R08: 0000000000000000 R09: ffff88800bb3d437
R10: ffffed1001767a86 R11: 0000000000000001 R12: ffff88800bb3d410
R13: ffff8880087ae2c8 R14: ffff8880087ae280 R15: ffff88800bb3d434
FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2de26000 CR3: 000000001b9d8000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 __sbq_wake_up+0x19c/0x3d0
 sbitmap_queue_clear+0xad/0x210
 blk_mq_put_tag+0xd8/0x160
 __blk_mq_free_request+0x2e0/0x380
 blk_mq_free_request+0x35d/0x500
 __blk_mq_end_request+0x358/0x580
 scsi_end_request+0x472/0x9a0
 scsi_io_completion+0xbc/0x2070
 scsi_complete+0x114/0x560
 blk_complete_reqs+0xb2/0xf0
 __do_softirq+0x1c8/0x8d0
 run_ksoftirqd+0x31/0x60
 smpboot_thread_fn+0x66f/0xa10
 kthread+0x2ed/0x3a0
 ret_from_fork+0x22/0x30
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 298 Comm: syz-executor.4 Not tainted 6.0.0-rc2-next-20220824 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:hrtimer_interrupt+0x68/0x770
Code: 3c 11 00 0f 85 9e 06 00 00 4c 03 3c c5 a0 48 14 85 48 b8 00 00 00 00 00 fc ff df 4d 8d 6f 4c 4c 89 ea 48 c1 ea 03 0f b6 04 02 <4c> 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 75 05 00 00 41 0f b6 5f
RSP: 0018:ffff88806cf09b00 EFLAGS: 00000017
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 1ffffffff0a28915
RDX: 1ffff1100d9e54d1 RSI: 0000000000010102 RDI: ffffffff851448a8
RBP: ffff88806cf27140 R08: 0000000000000000 R09: ffffffff85af3b97
R10: fffffbfff0b5e772 R11: 0000000000000001 R12: 0000000000000000
R13: ffff88806cf2a68c R14: 0000000000000000 R15: ffff88806cf2a640
FS:  00005555557b5400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0524a3c3a4 CR3: 0000000008f2c000 CR4: 0000000000350ee0
Call Trace:
 <IRQ>
 __sysvec_apic_timer_interrupt+0x144/0x500
 sysvec_apic_timer_interrupt+0x3b/0xc0
 asm_sysvec_apic_timer_interrupt+0x16/0x20
RIP: 0010:__sanitizer_cov_trace_cmp4+0x4/0x20
Code: 00 00 00 00 66 90 48 8b 0c 24 0f b7 d6 0f b7 f7 bf 02 00 00 00 e9 3c ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 8b 0c 24 <89> f2 89 fe bf 04 00 00 00 e9 1e ff ff ff 66 66 2e 0f 1f 84 00 00
RSP: 0018:ffff88806cf09c88 EFLAGS: 00000246
RAX: 0000000000000007 RBX: 0000000000000005 RCX: ffffffff8217df2c
RDX: ffffed1001767a87 RSI: 0000000000000005 RDI: 0000000000000005
RBP: 0000000000000005 R08: 0000000000000000 R09: ffff88800bb3d437
R10: ffffed1001767a86 R11: 0000000000000001 R12: ffff88800bb3d410
R13: ffff8880087ae2c8 R14: ffff8880087ae280 R15: ffff88800bb3d434
 __sbq_wake_up+0x19c/0x3d0
 sbitmap_queue_clear+0xad/0x210
 blk_mq_put_tag+0xd8/0x160
 __blk_mq_free_request+0x2e0/0x380
 blk_mq_free_request+0x35d/0x500
 __blk_mq_end_request+0x358/0x580
 scsi_end_request+0x472/0x9a0
 scsi_io_completion+0xbc/0x2070
 scsi_complete+0x114/0x560
 blk_complete_reqs+0xb2/0xf0
 __do_softirq+0x1c8/0x8d0
 __irq_exit_rcu+0x11b/0x180
 irq_exit_rcu+0x5/0x20
 sysvec_call_function_single+0x8e/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_call_function_single+0x16/0x20
RIP: 0010:__kasan_check_read+0x0/0x10
Code: 39 c7 73 0f 0f 0b 48 83 c4 60 5b 5d 41 5c e9 d7 b3 e7 02 48 05 00 80 00 00 48 89 fb 48 39 c7 0f 82 aa 6c 9b 02 eb dd cc cc cc <48> 8b 0c 24 89 f6 31 d2 e9 b3 f9 ff ff 0f 1f 00 48 8b 0c 24 89 f6
RSP: 0018:ffff888018a5f730 EFLAGS: 00000293
RAX: 0000000000000000 RBX: ffff88800eef2780 RCX: 0000000000000000
RDX: ffff88800d961ac0 RSI: 0000000000000004 RDI: ffff88800eef2780
RBP: ffff888039ef3bf8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000008
R13: dffffc0000000000 R14: ffffea0000e05e40 R15: 00007f0522000000
 copy_page_range+0x1317/0x3d70
 dup_mmap+0xa4a/0xfc0
 dup_mm+0x91/0x380
 copy_process+0x5e27/0x6dd0
 kernel_clone+0xe7/0xa60
 __do_sys_clone+0xba/0x100
 do_syscall_64+0x3b/0x90
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f05239ee10b
Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
RSP: 002b:00007ffddc03f2b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f05239ee10b
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 0000000000000001 R08: 0000000000000000 R09: 00005555557b5400
R10: 00005555557b56d0 R11: 0000000000000246 R12: 0000000000000001
R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffddc03f390
 </TASK>
----------------
Code disassembly (best guess):
   0:	00 00                	add    %al,(%rax)
   2:	00 00                	add    %al,(%rax)
   4:	66 90                	xchg   %ax,%ax
   6:	48 8b 0c 24          	mov    (%rsp),%rcx
   a:	0f b7 d6             	movzwl %si,%edx
   d:	0f b7 f7             	movzwl %di,%esi
  10:	bf 02 00 00 00       	mov    $0x2,%edi
  15:	e9 3c ff ff ff       	jmpq   0xffffff56
  1a:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  21:	00 00 00 00
  25:	90                   	nop
  26:	48 8b 0c 24          	mov    (%rsp),%rcx
* 2a:	89 f2                	mov    %esi,%edx <-- trapping instruction
  2c:	89 fe                	mov    %edi,%esi
  2e:	bf 04 00 00 00       	mov    $0x4,%edi
  33:	e9 1e ff ff ff       	jmpq   0xffffff56
  38:	66                   	data16
  39:	66                   	data16
  3a:	2e                   	cs
  3b:	0f                   	.byte 0xf
  3c:	1f                   	(bad)
  3d:	84 00                	test   %al,(%rax)