INFO: task syz.2.16:4344 blocked for more than 143 seconds.
      Not tainted 6.8.0-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.16        state:D stack:13144 pid:4344  tgid:4342  ppid:4167   flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x661/0xa60 kernel/sched/core.c:6736
 __schedule_loop kernel/sched/core.c:6813 [inline]
 schedule+0xac/0x140 kernel/sched/core.c:6828
 schedule_preempt_disabled+0x32/0x60 kernel/sched/core.c:6885
 rwsem_down_write_slowpath+0x31c/0x730 kernel/locking/rwsem.c:1178
 __down_write_common kernel/locking/rwsem.c:1306 [inline]
 __down_write kernel/locking/rwsem.c:1315 [inline]
 down_write+0x61/0x90 kernel/locking/rwsem.c:1580
 mmap_write_lock include/linux/mmap_lock.h:108 [inline]
 exit_mmap+0x211/0x580 mm/mmap.c:3295
 __mmput+0x3d/0x110 kernel/fork.c:1345
 exit_mm+0xaa/0x110 kernel/exit.c:569
 do_exit+0x23b/0xac0 kernel/exit.c:865
 do_group_exit+0x86/0xa0 kernel/exit.c:1027
 get_signal+0x783/0x830 kernel/signal.c:2907
 arch_do_signal_or_restart+0x89/0x2a0 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:105 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:201 [inline]
 syscall_exit_to_user_mode+0x57/0x1d0 kernel/entry/common.c:212
 do_syscall_64+0xa4/0x180 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x6d/0x75
RIP: 0033:0x7f29c538e169
RSP: 002b:00007f29c4dff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f29c55b6088 RCX: 00007f29c538e169
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f29c55b6088
RBP: 00007f29c55b6080 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29c55b608c
R13: 0000000000000000 R14: 00007ffe6e790610 R15: 00007ffe6e7906f8
 </TASK>
INFO: lockdep is turned off.
NMI backtrace for cpu 0
CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.8.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x83/0xd0 lib/dump_stack.c:106
 nmi_cpu_backtrace+0x146/0x160 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x8e/0x140 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:222 [inline]
 watchdog+0x5db/0x600 kernel/hung_task.c:379
 kthread+0xea/0x100 kernel/kthread.c:388
 ret_from_fork+0x32/0x40 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 52 Comm: kworker/u8:3 Not tainted 6.8.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:arch_static_branch arch/x86/include/asm/jump_label.h:27 [inline]
RIP: 0010:static_key_false include/linux/jump_label.h:207 [inline]
RIP: 0010:native_write_msr arch/x86/include/asm/msr.h:162 [inline]
RIP: 0010:wrmsrl arch/x86/include/asm/msr.h:277 [inline]
RIP: 0010:native_x2apic_icr_write arch/x86/include/asm/apic.h:228 [inline]
RIP: 0010:__x2apic_send_IPI_dest arch/x86/kernel/apic/x2apic_phys.c:113 [inline]
RIP: 0010:x2apic_send_IPI+0x2d/0x50 arch/x86/kernel/apic/x2apic_phys.c:50
Code: fa 48 63 c7 48 8b 04 c5 d0 69 b5 83 8b 90 60 51 01 00 0f ae f0 0f ae e8 83 fe 02 b8 00 04 00 00 0f 45 c6 b9 30 08 00 00 0f 30 <66> 90 c3 cc cc cc cc f3 0f 1e fa 89 c0 48 c1 e2 20 48 09 c2 bf 30
RSP: 0018:ffffc900001cfc20 EFLAGS: 00000206
RAX: 00000000000000fb RBX: 0000000000000000 RCX: 0000000000000830
RDX: 0000000000000000 RSI: 00000000000000fb RDI: 0000000000000000
RBP: ffffffff810e2540 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000007 R11: ffffffff811128e0 R12: ffffffff810e2540
R13: ffff888237c386a0 R14: 0000000000000000 R15: ffff888237d32700
FS:  0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb8581d9f98 CR3: 0000000003ebc000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 arch_send_call_function_single_ipi arch/x86/include/asm/smp.h:93 [inline]
 send_call_function_single_ipi kernel/smp.c:117 [inline]
 smp_call_function_many_cond+0x57a/0xae0 kernel/smp.c:837
 on_each_cpu_cond_mask+0x3a/0x70 kernel/smp.c:1023
 text_poke_bp_batch+0x2c3/0x310 arch/x86/kernel/alternative.c:-1
 text_poke_flush arch/x86/kernel/alternative.c:2487 [inline]
 text_poke_finish+0x1a/0x30 arch/x86/kernel/alternative.c:2494
 arch_jump_label_transform_apply+0x17/0x30 arch/x86/kernel/jump_label.c:146
 static_key_enable_cpuslocked kernel/jump_label.c:205 [inline]
 static_key_enable+0x40/0x60 kernel/jump_label.c:218
 toggle_allocation_gate+0x3a/0x130 mm/kfence/core.c:826
 process_one_work kernel/workqueue.c:3254 [inline]
 process_scheduled_works+0x2cd/0x610 kernel/workqueue.c:3335
 worker_thread+0x23e/0x300 kernel/workqueue.c:3416
 kthread+0xea/0x100 kernel/kthread.c:388
 ret_from_fork+0x32/0x40 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243
 </TASK>