ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
watchdog: BUG: soft lockup - CPU#0 stuck for 225s! [kworker/u8:9:2895]
Modules linked in:
irq event stamp: 4609264
hardirqs last  enabled at (4609263): [<ffffffff8b76abfd>] irqentry_exit+0x1dd/0x8c0 kernel/entry/common.c:219
hardirqs last disabled at (4609264): [<ffffffff8b76984e>] sysvec_apic_timer_interrupt+0xe/0xc0 arch/x86/kernel/apic/apic.c:1056
softirqs last  enabled at (4609256): [<ffffffff817dd9d9>] __do_softirq kernel/softirq.c:656 [inline]
softirqs last  enabled at (4609256): [<ffffffff817dd9d9>] invoke_softirq kernel/softirq.c:496 [inline]
softirqs last  enabled at (4609256): [<ffffffff817dd9d9>] __irq_exit_rcu+0x109/0x170 kernel/softirq.c:723
softirqs last disabled at (4609209): [<ffffffff817dd9d9>] __do_softirq kernel/softirq.c:656 [inline]
softirqs last disabled at (4609209): [<ffffffff817dd9d9>] invoke_softirq kernel/softirq.c:496 [inline]
softirqs last disabled at (4609209): [<ffffffff817dd9d9>] __irq_exit_rcu+0x109/0x170 kernel/softirq.c:723
CPU: 0 UID: 0 PID: 2895 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:get_current arch/x86/include/asm/current.h:25 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 kernel/kcov.c:216
Code: e9 8d 26 5d 00 be 03 00 00 00 5b e9 b2 89 ec 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 d8 c9 f3 11 65 8b 05 e9 c9 f3 11 a9 00 01 ff 00 74 1d
RSP: 0018:ffffc9000b867800 EFLAGS: 00000202
RAX: 0000000000000000 RBX: ffff8880b8540e00 RCX: ffffffff81b27a71
RDX: ffff88802f05bd00 RSI: ffffffff81b27a4b RDI: 0000000000000005
RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: ffff88802f05c830 R12: dffffc0000000000
R13: ffffed10170a81c1 R14: 0000000000000001 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8881248f6000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b3071fff8 CR3: 000000000e184000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 native_pause arch/x86/include/asm/vdso/processor.h:13 [inline]
 cpu_relax arch/x86/include/asm/vdso/processor.h:18 [inline]
 csd_lock_wait kernel/smp.c:342 [inline]
 smp_call_function_many_cond+0xdfb/0x15e0 kernel/smp.c:877
 on_each_cpu_cond_mask+0x40/0x90 kernel/smp.c:1043
 on_each_cpu include/linux/smp.h:71 [inline]
 smp_text_poke_sync_each_cpu arch/x86/kernel/alternative.c:2711 [inline]
 smp_text_poke_batch_finish+0x27b/0xdb0 arch/x86/kernel/alternative.c:2921
 arch_jump_label_transform_apply+0x1c/0x30 arch/x86/kernel/jump_label.c:146
 jump_label_update+0x376/0x550 kernel/jump_label.c:919
 static_key_enable_cpuslocked+0x1b7/0x270 kernel/jump_label.c:210
 static_key_enable+0x1a/0x20 kernel/jump_label.c:223
 toggle_allocation_gate mm/kfence/core.c:874 [inline]
 toggle_allocation_gate+0xfa/0x280 mm/kfence/core.c:866
 process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
 process_scheduled_works kernel/workqueue.c:3340 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
 kthread+0x3c5/0x780 kernel/kthread.c:463
 ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:get_current arch/x86/include/asm/current.h:25 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 kernel/kcov.c:216
Code: e9 8d 26 5d 00 be 03 00 00 00 5b e9 b2 89 ec 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 d8 c9 f3 11 65 8b 05 e9 c9 f3 11 a9 00 01 ff 00 74 1d
RSP: 0018:ffffc90000a08e38 EFLAGS: 00000002
RAX: 0000000080010100 RBX: ffff8880b8528540 RCX: ffffffff81aab916
RDX: ffff88801d6e5b80 RSI: ffffffff81aac02a RDI: 0000000000000001
RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: ffff88801d6e66b0 R12: ffff8880b8528440
R13: 0000000000000001 R14: ffff888020b78300 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8881249f6000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f71cd186f98 CR3: 000000007efea000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 trace_hrtimer_expire_exit include/trace/events/timer.h:306 [inline]
 __run_hrtimer kernel/time/hrtimer.c:1780 [inline]
 __hrtimer_run_queues+0x9ba/0xc40 kernel/time/hrtimer.c:1841
 hrtimer_interrupt+0x397/0x8e0 kernel/time/hrtimer.c:1903
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1045 [inline]
 __sysvec_apic_timer_interrupt+0x10b/0x3c0 arch/x86/kernel/apic/apic.c:1062
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0x9f/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x62/0x330 kernel/locking/lockdep.c:5872
Code: b4 18 12 83 f8 07 0f 87 a2 02 00 00 89 c0 48 0f a3 05 72 fd ee 0e 0f 82 74 02 00 00 8b 35 ea 2d ef 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 89 b4 18 12 0f 85 ad 02 00 00 48 83 c4
RSP: 0018:ffffc900001d76c8 EFLAGS: 00000206
RAX: 0000000000000046 RBX: ffffffff8e3c9620 RCX: 000000007d3fa649
RDX: 0000000000000000 RSI: ffffffff8daa6050 RDI: ffffffff8bf2b580
RBP: 0000000000000002 R08: 0000000016843657 R09: 0000000071684365
R10: 0000000000000002 R11: ffff88801d6e66b0 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 rcu_read_lock include/linux/rcupdate.h:867 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1195 [inline]
 unwind_next_frame+0xd1/0x20b0 arch/x86/kernel/unwind_orc.c:495
 __unwind_start+0x45f/0x7f0 arch/x86/kernel/unwind_orc.c:773
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0x73/0x100 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0x8e/0xc0 kernel/stacktrace.c:122
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:56
 kasan_save_track+0x14/0x30 mm/kasan/common.c:77
 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:584
 poison_slab_object mm/kasan/common.c:252 [inline]
 __kasan_slab_free+0x5f/0x80 mm/kasan/common.c:284
 kasan_slab_free include/linux/kasan.h:234 [inline]
 slab_free_hook mm/slub.c:2540 [inline]
 slab_free_after_rcu_debug+0x10c/0x300 mm/slub.c:6727
 rcu_do_batch kernel/rcu/tree.c:2605 [inline]
 rcu_core+0x79c/0x15f0 kernel/rcu/tree.c:2857
 handle_softirqs+0x219/0x950 kernel/softirq.c:622
 run_ksoftirqd kernel/softirq.c:1063 [inline]
 run_ksoftirqd+0x3a/0x60 kernel/softirq.c:1055
 smpboot_thread_fn+0x3f7/0xae0 kernel/smpboot.c:160
 kthread+0x3c5/0x780 kernel/kthread.c:463
 ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>