Warning: Permanently added '10.128.1.81' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   36.513915][ T4308] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
[   36.531387][ T4310] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
[   36.542739][ T4312] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
[   36.553668][ T4313] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
[   36.594847][ T4315] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
[   36.604034][ T4316] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
[   36.616380][ T4317] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
[   36.625592][ T4318] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
[   36.634798][ T4320] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
executing program
executing program
executing program
[   36.660967][ T4321] netlink: 4 bytes leftover after parsing attributes in process `syz-executor302'.
[   36.669150][    C1] 
[   36.669741][    C1] ======================================================
[   36.671525][    C1] WARNING: possible circular locking dependency detected
[   36.673267][    C1] 6.1.16-syzkaller #0 Not tainted
[   36.674453][    C1] ------------------------------------------------------
[   36.676188][    C1] swapper/1/0 is trying to acquire lock:
[   36.677584][    C1] ffff0000cc485498 (&q->queue_lock){..-.}-{2:2}, at: throtl_pending_timer_fn+0x104/0xdcc
[   36.680018][    C1] 
[   36.680018][    C1] but task is already holding lock:
[   36.681887][    C1] ffff800008017c80 ((&sq->pending_timer)){+.-.}-{0:0}, at: call_timer_fn+0xd0/0xcf4
[   36.684289][    C1] 
[   36.684289][    C1] which lock already depends on the new lock.
[   36.684289][    C1] 
[   36.686830][    C1] 
[   36.686830][    C1] the existing dependency chain (in reverse order) is:
[   36.689003][    C1] 
[   36.689003][    C1] -> #2 ((&sq->pending_timer)){+.-.}-{0:0}:
[   36.690979][    C1]        del_timer_sync+0x9c/0x210
[   36.692234][    C1]        throtl_pd_free+0x20/0x48
[   36.693481][    C1]        blkcg_deactivate_policy+0x2d8/0x4bc
[   36.694933][    C1]        blk_throtl_exit+0x9c/0x13c
[   36.696213][    C1]        blkcg_exit_disk+0x4c/0x5c
[   36.697448][    C1]        disk_release+0x170/0x2d8
[   36.698730][    C1]        device_release+0x8c/0x1ac
[   36.700000][    C1]        kobject_put+0x2a8/0x41c
[   36.701226][    C1]        put_device+0x28/0x40
[   36.702367][    C1]        put_disk+0x4c/0x64
[   36.703525][    C1]        nbd_dev_remove_work+0x50/0xe8
[   36.704865][    C1]        process_one_work+0x868/0x16f4
[   36.706189][    C1]        worker_thread+0x8e4/0xfec
[   36.707513][    C1]        kthread+0x24c/0x2d4
[   36.708658][    C1]        ret_from_fork+0x10/0x20
[   36.709890][    C1] 
[   36.709890][    C1] -> #1 (&blkcg->lock){....}-{2:2}:
[   36.711806][    C1]        _raw_spin_lock+0x54/0x6c
[   36.713049][    C1]        blkg_create+0x9f4/0x1158
[   36.714288][    C1]        blkcg_init_disk+0xe4/0x32c
[   36.715567][    C1]        __alloc_disk_node+0x26c/0x484
[   36.716922][    C1]        __blk_alloc_disk+0x40/0xbc
[   36.718165][    C1]        brd_alloc+0x2ac/0x5c8
[   36.719356][    C1]        brd_init+0x108/0x1c4
[   36.720492][    C1]        do_one_initcall+0x310/0xda4
[   36.721829][    C1]        do_initcall_level+0x154/0x214
[   36.723162][    C1]        do_initcalls+0x58/0xac
[   36.724364][    C1]        do_basic_setup+0x8c/0xa0
[   36.725572][    C1]        kernel_init_freeable+0x3a4/0x528
[   36.726982][    C1]        kernel_init+0x24/0x29c
[   36.728172][    C1]        ret_from_fork+0x10/0x20
[   36.729378][    C1] 
[   36.729378][    C1] -> #0 (&q->queue_lock){..-.}-{2:2}:
[   36.731252][    C1]        __lock_acquire+0x3338/0x764c
[   36.732560][    C1]        lock_acquire+0x300/0x8e4
[   36.733825][    C1]        _raw_spin_lock_irq+0x70/0x9c
[   36.735084][    C1]        throtl_pending_timer_fn+0x104/0xdcc
[   36.736554][    C1]        call_timer_fn+0x270/0xcf4
[   36.737792][    C1]        __run_timers+0x554/0x718
[   36.739094][    C1]        run_timer_softirq+0x7c/0x114
[   36.740426][    C1]        __do_softirq+0x37c/0xff4
[   36.741647][    C1]        ____do_softirq+0x14/0x20
[   36.742875][    C1]        call_on_irq_stack+0x2c/0x54
[   36.744186][    C1]        do_softirq_own_stack+0x20/0x2c
[   36.745553][    C1]        __irq_exit_rcu+0x28c/0x534
[   36.746816][    C1]        irq_exit_rcu+0x14/0x84
[   36.747984][    C1]        el1_interrupt+0x38/0x68
[   36.749176][    C1]        el1h_64_irq_handler+0x18/0x24
[   36.750525][    C1]        el1h_64_irq+0x64/0x68
[   36.751697][    C1]        arch_local_irq_enable+0xc/0x18
[   36.753170][    C1]        default_idle_call+0x68/0xdc
[   36.754468][    C1]        do_idle+0x1e0/0x514
[   36.755613][    C1]        cpu_startup_entry+0x24/0x28
[   36.756938][    C1]        secondary_start_kernel+0x19c/0x1c4
[   36.758383][    C1]        __secondary_switched+0xb0/0xb4
[   36.759781][    C1] 
[   36.759781][    C1] other info that might help us debug this:
[   36.759781][    C1] 
[   36.762309][    C1] Chain exists of:
[   36.762309][    C1]   &q->queue_lock --> &blkcg->lock --> (&sq->pending_timer)
[   36.762309][    C1] 
[   36.765481][    C1]  Possible unsafe locking scenario:
[   36.765481][    C1] 
[   36.767388][    C1]        CPU0                    CPU1
[   36.768756][    C1]        ----                    ----
[   36.770053][    C1]   lock((&sq->pending_timer));
[   36.771219][    C1]                                lock(&blkcg->lock);
[   36.772843][    C1]                                lock((&sq->pending_timer));
[   36.774667][    C1]   lock(&q->queue_lock);
[   36.775777][    C1] 
[   36.775777][    C1]  *** DEADLOCK ***
[   36.775777][    C1] 
[   36.777807][    C1] 1 lock held by swapper/1/0:
[   36.778996][    C1]  #0: ffff800008017c80 ((&sq->pending_timer)){+.-.}-{0:0}, at: call_timer_fn+0xd0/0xcf4
[   36.781533][    C1] 
[   36.781533][    C1] stack backtrace:
[   36.782944][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.1.16-syzkaller #0
[   36.784814][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   36.787346][    C1] Call trace:
[   36.788141][    C1]  dump_backtrace+0x1c8/0x1f4
[   36.789271][    C1]  show_stack+0x2c/0x3c
[   36.790290][    C1]  dump_stack_lvl+0x108/0x170
[   36.791452][    C1]  dump_stack+0x1c/0x5c
[   36.792517][    C1]  print_circular_bug+0x150/0x1b8
[   36.793750][    C1]  check_noncircular+0x2cc/0x378
[   36.795024][    C1]  __lock_acquire+0x3338/0x764c
[   36.796276][    C1]  lock_acquire+0x300/0x8e4
[   36.797414][    C1]  _raw_spin_lock_irq+0x70/0x9c
[   36.798683][    C1]  throtl_pending_timer_fn+0x104/0xdcc
[   36.800204][    C1]  call_timer_fn+0x270/0xcf4
[   36.801333][    C1]  __run_timers+0x554/0x718
[   36.802411][    C1]  run_timer_softirq+0x7c/0x114
[   36.803737][    C1]  __do_softirq+0x37c/0xff4
[   36.804906][    C1]  ____do_softirq+0x14/0x20
[   36.806049][    C1]  call_on_irq_stack+0x2c/0x54
[   36.807220][    C1]  do_softirq_own_stack+0x20/0x2c
[   36.808446][    C1]  __irq_exit_rcu+0x28c/0x534
[   36.809656][    C1]  irq_exit_rcu+0x14/0x84
[   36.810792][    C1]  el1_interrupt+0x38/0x68
[   36.811980][    C1]  el1h_64_irq_handler+0x18/0x24
[   36.813242][    C1]  el1h_64_irq+0x64/0x68
[   36.814354][    C1]  arch_local_irq_enable+0xc/0x18
[   36.815677][    C1]  default_idle_call+0x68/0xdc
[   36.816941][    C1]  do_idle+0x1e0/0x514
[   36.818037][    C1]  cpu_startup_entry+0x24/0x28
[   36.819291][    C1]  secondary_start_kernel+0x19c/0x1c4
[   36.820739][    C1]  __secondary_switched+0xb0/0xb4