watchdog: BUG: soft lockup - CPU#0 stuck for 226s! [dhcpcd-run-hook:15424] Modules linked in: irq event stamp: 446068 hardirqs last enabled at (446067): [] irqentry_exit+0x3b/0x90 kernel/entry/common.c:310 hardirqs last disabled at (446068): [] sysvec_apic_timer_interrupt+0xe/0xc0 arch/x86/kernel/apic/apic.c:1050 softirqs last enabled at (446060): [] softirq_handle_end kernel/softirq.c:425 [inline] softirqs last enabled at (446060): [] handle_softirqs+0x5be/0x8e0 kernel/softirq.c:607 softirqs last disabled at (446011): [] __do_softirq kernel/softirq.c:613 [inline] softirqs last disabled at (446011): [] invoke_softirq kernel/softirq.c:453 [inline] softirqs last disabled at (446011): [] __irq_exit_rcu+0x109/0x170 kernel/softirq.c:680 CPU: 0 UID: 0 PID: 15424 Comm: dhcpcd-run-hook Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 RIP: 0010:csd_lock_wait kernel/smp.c:340 [inline] RIP: 0010:smp_call_function_many_cond+0xd9f/0x1510 kernel/smp.c:885 Code: 27 1f 0c 00 f3 90 41 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff 83 e0 01 89 c5 89 c6 e8 43 1a 0c 00 85 ed <75> d3 e8 fa 1e 0c 00 e8 f5 1e 0c 00 8b 6c 24 50 bf 07 00 00 00 83 RSP: 0018:ffffc90003c5f750 EFLAGS: 00000202 RAX: 0000000000000000 RBX: ffff8880b853ff60 RCX: ffffffff81b000ed RDX: ffff8880306a9e00 RSI: 0000000000000000 RDI: 0000000000000005 RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 R13: 0000000000000003 R14: ffffed10170a7fed R15: ffff8880b843b6c0 FS: 00007fe691837c80(0000) GS:ffff888124759000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 00000000542ae000 CR4: 0000000000350ef0 Call Trace: on_each_cpu_cond_mask+0x40/0x90 kernel/smp.c:1052 __flush_tlb_multi arch/x86/include/asm/paravirt.h:91 [inline] flush_tlb_multi arch/x86/mm/tlb.c:1361 [inline] flush_tlb_mm_range+0x4a0/0x1790 arch/x86/mm/tlb.c:1451 dup_mmap+0xfa2/0x21d0 mm/mmap.c:1877 dup_mm kernel/fork.c:1477 [inline] copy_mm kernel/fork.c:1529 [inline] copy_process+0x4081/0x76a0 kernel/fork.c:2169 kernel_clone+0xfc/0x960 kernel/fork.c:2599 __do_sys_clone+0xce/0x120 kernel/fork.c:2742 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fe6919d1636 Code: 89 df e8 6d e8 f6 ff 45 31 c0 31 d2 31 f6 64 48 8b 04 25 10 00 00 00 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 52 89 c5 85 c0 75 31 64 48 8b 04 25 10 00 00 RSP: 002b:00007ffdb4416cf0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007ffdb4416cf8 RCX: 00007fe6919d1636 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 000055770bdbec30 R08: 0000000000000000 R09: 00000000000000d0 R10: 00007fe691837f50 R11: 0000000000000246 R12: 000055770bdcd0b0 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 5196 Comm: udevd Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 RIP: 0010:hlock_id kernel/locking/lockdep.c:436 [inline] RIP: 0010:__lock_acquire+0x642/0x1c90 kernel/locking/lockdep.c:5228 Code: ef 89 4c 24 08 e8 9e ac ff ff 8b 4c 24 08 48 83 78 40 00 0f 84 a1 0a 00 00 0f b7 44 24 10 8b 74 24 18 44 8b 74 24 28 c1 e0 0d <66> 0b 04 24 98 29 f0 8b 74 24 20 31 f0 89 c2 41 29 c6 01 c8 c1 c2 RSP: 0018:ffffc90000a08c40 EFLAGS: 00000016 RAX: 0000000001e00000 RBX: 0000000000000001 RCX: 00000000fffffffe RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff88807ccaa918 RBP: ffff88807cca9e00 R08: 0000000000000001 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807ccaa8f0 R13: ffff88807ccaa918 R14: 00000000ffffffff R15: 0000000000000003 FS: 00007fa728666880(0000) GS:ffff888124859000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6a8c5f6f98 CR3: 0000000031e18000 CR4: 0000000000350ef0 Call Trace: lock_acquire kernel/locking/lockdep.c:5871 [inline] lock_acquire+0x179/0x350 kernel/locking/lockdep.c:5828 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] advance_sched+0xd9/0xc80 net/sched/sch_taprio.c:924 __run_hrtimer kernel/time/hrtimer.c:1761 [inline] __hrtimer_run_queues+0x202/0xad0 kernel/time/hrtimer.c:1825 hrtimer_interrupt+0x397/0x8e0 kernel/time/hrtimer.c:1887 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline] __sysvec_apic_timer_interrupt+0x10b/0x3f0 arch/x86/kernel/apic/apic.c:1056 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline] sysvec_apic_timer_interrupt+0x9f/0xc0 arch/x86/kernel/apic/apic.c:1050 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:arch_stack_walk+0xa9/0x100 arch/x86/kernel/stacktrace.c:27 Code: 4c 89 ef 2e e8 28 54 1f 0a 84 c0 74 22 48 89 df e8 dc e2 08 00 8b 85 70 ff ff ff 85 c0 74 10 48 89 df e8 1a dd 08 00 48 89 c6 <48> 85 c0 75 d1 48 8b 45 d0 65 48 2b 05 de 8b 6a 12 75 31 48 83 c4 RSP: 0018:ffffc9000419f4b8 EFLAGS: 00000246 RAX: ffffffff894c5929 RBX: ffffc9000419f4b8 RCX: ffffc9000419f40c RDX: 1ffff92000833ea0 RSI: ffffffff894c5929 RDI: ffffffff894c5929 RBP: ffffc9000419f548 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000092439 R12: ffffffff81a78040 R13: ffffc9000419f578 R14: 0000000000000000 R15: ffff88807cca9e00 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:576 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:233 [inline] slab_free_hook mm/slub.c:2381 [inline] slab_free mm/slub.c:4643 [inline] kfree+0x2b4/0x4d0 mm/slub.c:4842 skb_kfree_head net/core/skbuff.c:1048 [inline] skb_free_head+0x114/0x210 net/core/skbuff.c:1060 skb_release_data+0x776/0x9c0 net/core/skbuff.c:1087 skb_release_all net/core/skbuff.c:1152 [inline] __kfree_skb net/core/skbuff.c:1166 [inline] consume_skb net/core/skbuff.c:1398 [inline] consume_skb+0xbf/0x100 net/core/skbuff.c:1392 __unix_dgram_recvmsg+0x77e/0xc50 net/unix/af_unix.c:2599 unix_dgram_recvmsg+0xd0/0x110 net/unix/af_unix.c:2616 sock_recvmsg_nosec net/socket.c:1017 [inline] sock_recvmsg+0x1f9/0x250 net/socket.c:1039 ____sys_recvmsg+0x218/0x6b0 net/socket.c:2786 ___sys_recvmsg+0x114/0x1a0 net/socket.c:2828 __sys_recvmsg+0x16a/0x220 net/socket.c:2861 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa727ea7407 Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff RSP: 002b:00007ffcce7ca8a0 EFLAGS: 00000202 ORIG_RAX: 000000000000002f RAX: ffffffffffffffda RBX: 00007fa728666880 RCX: 00007fa727ea7407 RDX: 0000000000000040 RSI: 00007ffcce7ca9c0 RDI: 0000000000000009 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 R13: 0000561c5de9e100 R14: 0000000000000000 R15: 0000000000000000