watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.5:3829]
Modules linked in:
irq event stamp: 48124
hardirqs last  enabled at (48123): [<ffffffff84bbe1eb>] irqentry_exit+0x3b/0x90
hardirqs last disabled at (48124): [<ffffffff84bbce0f>] sysvec_apic_timer_interrupt+0xf/0x80
softirqs last  enabled at (48004): [<ffffffff813bafcc>] handle_softirqs+0x50c/0x770
softirqs last disabled at (47999): [<ffffffff813bb364>] __irq_exit_rcu+0xc4/0x100
CPU: 0 UID: 0 PID: 3829 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:smp_call_function_many_cond+0xa38/0x1110
Code: 31 ff 83 e5 01 89 ee e8 26 71 0b 00 85 ed 74 43 4d 89 ec 4c 89 ed 49 c1 ec 03 83 e5 07 4d 01 fc 83 c5 03 e8 da 75 0b 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 d5 04 00 00 8b 43 08 31
RSP: 0018:ffff88801649f988 EFLAGS: 00000293
RAX: 0000000000000000 RBX: ffff88806cf3c300 RCX: ffffffff816880fc
RDX: ffff88800f7e0000 RSI: ffffffff816880d6 RDI: 0000000000000005
RBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000001 R11: 1ffff1100d9c6bb1 R12: ffffed100d9e7861
R13: ffff88806cf3c308 R14: 0000000000000001 R15: dffffc0000000000
FS:  00005555742a1400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2d425000 CR3: 000000001e418000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 on_each_cpu_cond_mask+0x57/0xa0
 smp_text_poke_batch_finish+0x36b/0xb50
 arch_jump_label_transform_apply+0x1c/0x30
 jump_label_update+0x376/0x550
 static_key_disable_cpuslocked+0x15a/0x1c0
 static_key_disable+0x1a/0x20
 tracepoint_probe_unregister+0x711/0xc90
 trace_event_reg+0x185/0x350
 perf_trace_event_unreg.isra.0+0xae/0x1d0
 perf_trace_destroy+0xc8/0x1c0
 __free_event+0x255/0xc20
 perf_event_release_kernel+0x3ef/0x540
 perf_release+0x31/0x40
 __fput+0x401/0xb50
 fput_close_sync+0x10f/0x240
 __x64_sys_close+0x8f/0x120
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1b58e0672b
Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
RSP: 002b:00007ffe8f4a9c70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f1b58e0672b
RDX: 00007f1b58f6bbf0 RSI: 00007f1b58bcb888 RDI: 0000000000000003
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b2d42564c
R10: 0000000000001a85 R11: 0000000000000293 R12: 000000000001b06d
R13: 00000000000003e8 R14: 00007f1b58f66f60 R15: 000000000001b05b
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 283 Comm: syz-executor.4 Tainted: G        W           6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:__mm_cid_try_get.constprop.0+0x393/0x490
Code: 89 c3 89 c2 89 54 24 68 0f b6 55 00 84 d2 74 09 80 fa 03 0f 8e b0 00 00 00 41 8b 95 d8 00 00 00 39 da 0f 87 38 ff ff ff f3 90 <41> 80 3e 00 0f 85 ad 00 00 00 49 8b 04 24 48 83 f8 ff 75 ba ba 40
RSP: 0018:ffff8880199bf978 EFLAGS: 00000046
RAX: 0000000000000002 RBX: 0000000000000002 RCX: ffffffff814673ce
RDX: 0000000000000002 RSI: 0000000000000004 RDI: ffff888015d495c4
RBP: ffffed1002ba92bb R08: 0000000000000000 R09: ffffed1002ba92b8
R10: ffff888015d495c7 R11: 1ffff1100d9e6f7b R12: ffff888015d49ed0
R13: ffff888015d49500 R14: ffffed1002ba93da R15: ffff888015d495c4
FS:  0000555591a60400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fef1e254028 CR3: 000000001f0d9000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 mm_cid_get.isra.0+0x16a/0x570
 __schedule+0x1744/0x3590
 schedule+0xdb/0x390
 do_nanosleep+0x15e/0x560
 hrtimer_nanosleep+0x13a/0x340
 common_nsleep+0xaa/0xd0
 __x64_sys_clock_nanosleep+0x331/0x470
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd2112538e1
Code: Unable to access opcode bytes at 0x7fd2112538b7.
RSP: 002b:00007ffef1b9b5b0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007fd2112538e1
RDX: 00007ffef1b9b5f0 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007ffef1b9b67c R08: 0000000000000000 R09: 00007fd21131e000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
R13: 000000000001b051 R14: 0000000000000002 R15: 00007ffef1b9b6e0
 </TASK>
----------------
Code disassembly (best guess):
   0:	31 ff                	xor    %edi,%edi
   2:	83 e5 01             	and    $0x1,%ebp
   5:	89 ee                	mov    %ebp,%esi
   7:	e8 26 71 0b 00       	callq  0xb7132
   c:	85 ed                	test   %ebp,%ebp
   e:	74 43                	je     0x53
  10:	4d 89 ec             	mov    %r13,%r12
  13:	4c 89 ed             	mov    %r13,%rbp
  16:	49 c1 ec 03          	shr    $0x3,%r12
  1a:	83 e5 07             	and    $0x7,%ebp
  1d:	4d 01 fc             	add    %r15,%r12
  20:	83 c5 03             	add    $0x3,%ebp
  23:	e8 da 75 0b 00       	callq  0xb7602
  28:	f3 90                	pause
* 2a:	41 0f b6 04 24       	movzbl (%r12),%eax <-- trapping instruction
  2f:	40 38 c5             	cmp    %al,%bpl
  32:	7c 08                	jl     0x3c
  34:	84 c0                	test   %al,%al
  36:	0f 85 d5 04 00 00    	jne    0x511
  3c:	8b 43 08             	mov    0x8(%rbx),%eax
  3f:	31                   	.byte 0x31