INFO: task syz-executor.1:28722 can't die for more than 143 seconds.
task:syz-executor.1  state:R  running task     stack:25928 pid:28722 ppid:  8382 flags:0x00004006
Call Trace:
 context_switch kernel/sched/core.c:4955 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6302
 preempt_schedule_irq+0x4e/0x90 kernel/sched/core.c:6702
 irqentry_exit+0x31/0x80 kernel/entry/common.c:427
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:slow_down_io arch/x86/include/asm/paravirt.h:55 [inline]
RIP: 0010:outb_p arch/x86/include/asm/io.h:334 [inline]
RIP: 0010:vga_io_w include/video/vga.h:209 [inline]
RIP: 0010:setsr drivers/video/fbdev/vga16fb.c:161 [inline]
RIP: 0010:vga_8planes_imageblit drivers/video/fbdev/vga16fb.c:1142 [inline]
RIP: 0010:vga_imageblit_expand drivers/video/fbdev/vga16fb.c:1203 [inline]
RIP: 0010:vga16fb_imageblit+0x192c/0x2200 drivers/video/fbdev/vga16fb.c:1260
Code: 00 00 00 fc ff df 48 8b 54 24 28 48 c1 ea 03 80 3c 02 00 0f 85 2f 04 00 00 ff 15 ff 10 71 07 ba cf 03 00 00 0f b6 44 24 4f ee <48> b8 00 00 00 00 00 fc ff df 48 8b 54 24 28 48 c1 ea 03 80 3c 02
RSP: 0018:ffffc9000a55ef70 EFLAGS: 00000246
RAX: 00000000000000ff RBX: dffffc0000000000 RCX: ffffc9000af6c000
RDX: 00000000000003cf RSI: ffffffff840e4d5c RDI: 0000000000000003
RBP: ffff8880000a0a88 R08: 0000000000000001 R09: 0000000000000001
R10: ffffffff840e4d4e R11: 0000000000000001 R12: 0000000000000001
R13: 0000000000000007 R14: 0000000000000001 R15: ffffc9000a55f0f8
 bit_putcs_unaligned drivers/video/fbdev/core/bitblit.c:139 [inline]
 bit_putcs+0x6e1/0xd20 drivers/video/fbdev/core/bitblit.c:188
 fbcon_putcs+0x35a/0x450 drivers/video/fbdev/core/fbcon.c:1296
 fbcon_redraw.constprop.0+0x41a/0x4b0 drivers/video/fbdev/core/fbcon.c:1672
 fbcon_scroll+0x1d7a/0x3580 drivers/video/fbdev/core/fbcon.c:1782
 con_scroll+0x5b9/0x6d0 drivers/tty/vt/vt.c:630
 lf+0x26b/0x2c0 drivers/tty/vt/vt.c:1507
 vc_con_write_normal drivers/tty/vt/vt.c:2851 [inline]
 do_con_write+0xf1c/0x1e40 drivers/tty/vt/vt.c:2955
 con_write+0x21/0x40 drivers/tty/vt/vt.c:3295
 process_output_block drivers/tty/n_tty.c:592 [inline]
 n_tty_write+0x410/0xfd0 drivers/tty/n_tty.c:2288
 do_tty_write drivers/tty/tty_io.c:1038 [inline]
 file_tty_write.constprop.0+0x526/0x910 drivers/tty/tty_io.c:1110
 call_write_iter include/linux/fs.h:2163 [inline]
 do_iter_readv_writev+0x472/0x750 fs/read_write.c:729
 do_iter_write+0x188/0x710 fs/read_write.c:855
 vfs_iter_write+0x70/0xa0 fs/read_write.c:896
 iter_file_splice_write+0x723/0xc70 fs/splice.c:689
 do_splice_from fs/splice.c:767 [inline]
 direct_splice_actor+0x110/0x180 fs/splice.c:936
 splice_direct_to_actor+0x34b/0x8c0 fs/splice.c:891
 do_splice_direct+0x1b3/0x280 fs/splice.c:979
 do_sendfile+0xae9/0x1240 fs/read_write.c:1249
 __do_sys_sendfile64 fs/read_write.c:1314 [inline]
 __se_sys_sendfile64 fs/read_write.c:1300 [inline]
 __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1300
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4665f9
RSP: 002b:00007f46b8bf8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665f9
RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004
RBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000
R10: 0800000080004103 R11: 0000000000000246 R12: 000000000056c038
R13: 00007ffe7e6245bf R14: 00007f46b8bf8300 R15: 0000000000022000

Showing all locks held in the system:
1 lock held by khungtaskd/26:
 #0: ffffffff8b97fce0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6446
1 lock held by in:imklog/6228:
 #0: ffff888072e10af0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:990
3 locks held by kworker/u4:19/13716:
5 locks held by syz-executor.1/28722:

=============================================

----------------
Code disassembly (best guess), 5 bytes skipped:
   0:	df 48 8b             	fisttps -0x75(%rax)
   3:	54                   	push   %rsp
   4:	24 28                	and    $0x28,%al
   6:	48 c1 ea 03          	shr    $0x3,%rdx
   a:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   e:	0f 85 2f 04 00 00    	jne    0x443
  14:	ff 15 ff 10 71 07    	callq  *0x77110ff(%rip)        # 0x7711119
  1a:	ba cf 03 00 00       	mov    $0x3cf,%edx
  1f:	0f b6 44 24 4f       	movzbl 0x4f(%rsp),%eax
  24:	ee                   	out    %al,(%dx)
* 25:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax <-- trapping instruction
  2c:	fc ff df
  2f:	48 8b 54 24 28       	mov    0x28(%rsp),%rdx
  34:	48 c1 ea 03          	shr    $0x3,%rdx
  38:	80                   	.byte 0x80
  39:	3c 02                	cmp    $0x2,%al