watchdog: BUG: soft lockup - CPU#0 stuck for 70s! [syz.7.1244:10838]
Modules linked in:
irq event stamp: 2180
hardirqs last enabled at (2179): [<ffff8000867a1b28>] __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:840
hardirqs last disabled at (2180): [<ffff8000867a1b28>] __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:840
softirqs last enabled at (2178): [<ffff800080309080>] softirq_handle_end kernel/softirq.c:468 [inline]
softirqs last enabled at (2178): [<ffff800080309080>] handle_softirqs+0xbc4/0xd34 kernel/softirq.c:650
softirqs last disabled at (2173): [<ffff8000800204b0>] __do_softirq+0x14/0x20 kernel/softirq.c:656
CPU: 0 UID: 0 PID: 10838 Comm: syz.7.1244 Tainted: G L syzkaller #0 PREEMPT
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
pstate: 60001000 (nZCv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--)
pc : 0000ffff8f64c32c
lr : 0000ffff8f667f08
sp : 0000fffff8c58310
x29: 0000fffff8c58310 x28: 0000ffff8f9e0440 x27: ffff80008192fde8
x26: 0000ffff8f9f6448 x25: 000000000004356f x24: 0000ffff8f1ff008
x23: 0000ffff8f9e03b8 x22: 0000000000000001 x21: 0000000000000000
x20: 0000ffff8f9e0000 x19: ffff80008192fb38 x18: 0000ffff8f7d78c8
x17: 0000ffff8f767e80 x16: 0000ffff8f9c0010 x15: 000000233d3b39a3
x14: 0000000000006ed0 x13: 000000007fffffff x12: 0000ffff90715000
x11: 000000003b9ac9ff x10: 0000ffff8f9e2000 x9 : 0000ffff8f9e0000
x8 : 000000008192fb3c x7 : 0000ffff8f9e0530 x6 : 0000ffff8f9e2530
x5 : 0000000000001b38 x4 : 0000000000001b38 x3 : ffff80008192fb38
x2 : 000000008192fb39 x1 : ffff80008192fb38 x0 : 0000000000000004
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 4693 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
pc : __sanitizer_cov_trace_pc+0x8/0x5c kernel/kcov.c:210
lr : local_lock_release include/linux/local_lock_internal.h:60 [inline]
lr : __folio_batch_add_and_move+0x5c0/0xac0 mm/swap.c:201
sp : ffff8000985272f0
x29: ffff800098527320 x28: 1fffe00035c0e9b6 x27: 0000000000000000
x26: ffff80008e635000 x25: dfff800000000000 x24: ffff80008e635ce0
x23: fffffdffc3d659c8 x22: 0000000000000000 x21: ffff80008892edb0
x20: ffff0001ae0749a8 x19: ffff0001ae074980 x18: 0000000000000000
x17: 0000000000000002 x16: 0000000000000000 x15: 0000000000000000
x14: ffff0001fea577c0 x13: 0000000000000001 x12: 0000000000000004
x11: ffff700011cd19b0 x10: 0000000000ff0100 x9 : ffff0000dc5a8000
x8 : ffff0000dc5a8000 x7 : ffff800080938bd8 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800080938f94
x2 : 0000000000000000 x1 : ffff0000dc5a8000 x0 : 0000000000000000
Call trace:
__sanitizer_cov_trace_pc+0x8/0x5c kernel/kcov.c:210 (P)
folio_activate+0xf8/0x124 mm/swap.c:339
folio_mark_accessed+0x210/0x820 mm/swap.c:486
zap_present_folio_ptes mm/memory.c:1641 [inline]
zap_present_ptes mm/memory.c:1714 [inline]
do_zap_pte_range mm/memory.c:1816 [inline]
zap_pte_range mm/memory.c:1918 [inline]
zap_pmd_range mm/memory.c:2004 [inline]
zap_pud_range mm/memory.c:2032 [inline]
zap_p4d_range mm/memory.c:2053 [inline]
__zap_vma_range+0x168c/0x404c mm/memory.c:2093
unmap_vmas+0x2d4/0x438 mm/memory.c:2162
exit_mmap+0x1e8/0xaf8 mm/mmap.c:1300
__mmput+0xe4/0x2f0 kernel/fork.c:1178
mmput+0x70/0xa8 kernel/fork.c:1201
exit_mm+0x190/0x26c kernel/exit.c:582
do_exit+0x518/0x1a6c kernel/exit.c:964
do_group_exit+0x194/0x22c kernel/exit.c:1119
__do_sys_exit_group kernel/exit.c:1130 [inline]
__se_sys_exit_group kernel/exit.c:1128 [inline]
pid_child_should_wake+0x0/0x110 kernel/exit.c:1128
__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
invoke_syscall+0x98/0x244 arch/arm64/kernel/syscall.c:49
el0_svc_common+0xe8/0x23c arch/arm64/kernel/syscall.c:121
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:140
el0_svc+0x64/0x260 arch/arm64/kernel/entry-common.c:740
el0t_64_sync_handler+0x48/0x148 arch/arm64/kernel/entry-common.c:759
el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:594