watchdog: BUG: soft lockup - CPU#0 stuck for 226s! [kworker/u8:1:12]
CPU#0 Utilization every 22s during lockup:
	#1: 100% system,	  1% softirq,	  1% hardirq,	  0% idle
	#2: 100% system,	  0% softirq,	  1% hardirq,	  0% idle
	#3: 100% system,	  1% softirq,	  1% hardirq,	  0% idle
	#4: 100% system,	  0% softirq,	  1% hardirq,	  0% idle
	#5: 100% system,	  1% softirq,	  1% hardirq,	  0% idle
Modules linked in:
CPU: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.9.0-syzkaller-08414-g7ee332c9f12b #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:csd_lock_wait kernel/smp.c:320 [inline]
RIP: 0010:smp_call_function_many_cond+0xade/0x1090 kernel/smp.c:855
Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 9b 33 0a 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 46 2f 0a 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 2a 2f
RSP: 0018:ffffc900000c77c0 EFLAGS: 00000293
RAX: ffffffff81741c66 RBX: 1ffff1103ee27bcd RCX: ffff88810226a200
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc900000c7918 R08: ffffffff81741c35 R09: 1ffff1103ee0758a
R10: ffffed103ee0758b R11: ffffffff8133ed60 R12: dffffc0000000000
R13: ffff8881f713de68 R14: ffff8881f703ac48 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb9de9dcd58 CR3: 00000000068a6000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 </IRQ>
 <TASK>
 on_each_cpu_cond_mask+0x40/0x80 kernel/smp.c:1023
 on_each_cpu include/linux/smp.h:71 [inline]
 text_poke_sync arch/x86/kernel/alternative.c:2069 [inline]
 text_poke_bp_batch+0x227/0x880 arch/x86/kernel/alternative.c:2279
 text_poke_flush arch/x86/kernel/alternative.c:2470 [inline]
 text_poke_finish+0x30/0x50 arch/x86/kernel/alternative.c:2477
 arch_jump_label_transform_apply+0x1a/0x30 arch/x86/kernel/jump_label.c:146
 __jump_label_update+0x36a/0x390 kernel/jump_label.c:483
 jump_label_update+0x3af/0x450 kernel/jump_label.c:882
 static_key_enable_cpuslocked+0x12f/0x250 kernel/jump_label.c:205
 static_key_enable+0x1a/0x30 kernel/jump_label.c:218
 toggle_allocation_gate+0xb1/0x240 mm/kfence/core.c:826
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0x7e6/0x1090 kernel/workqueue.c:3312
 worker_thread+0x969/0xe00 kernel/workqueue.c:3393
 kthread+0x2e3/0x380 kernel/kthread.c:389
 ret_from_fork+0x51/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 491 Comm: syz-executor.3 Not tainted 6.9.0-syzkaller-08414-g7ee332c9f12b #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
RIP: 0010:__kasan_check_write+0x14/0x20 mm/kasan/shadow.c:37
Code: 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 89 f6 48 8b 4d 08 ba 01 00 00 00 e8 bc e5 ff ff <5d> c3 cc cc cc cc 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900001d0c50 EFLAGS: 00000086
RAX: 0000000000000001 RBX: 1ffff9200003a18c RCX: dffffc0000000000
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff888102360930
RBP: ffffc900001d0c50 R08: ffff888102360933 R09: 1ffff1102046c126
R10: ffffed102046c127 R11: ffffed102046c127 R12: dffffc0000000000
R13: ffff888102360930 R14: 1ffff9200003a190 R15: ffffc900001d0c80
FS:  0000555563d5e480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f5b8c9a80c0 CR3: 0000000112a0a000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 instrument_atomic_read_write include/linux/instrumented.h:96 [inline]
 atomic_try_cmpxchg_acquire include/linux/atomic/atomic-instrumented.h:1300 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:111 [inline]
 do_raw_spin_lock include/linux/spinlock.h:187 [inline]
 __raw_spin_lock include/linux/spinlock_api_smp.h:134 [inline]
 _raw_spin_lock+0x97/0x1b0 kernel/locking/spinlock.c:154
 spin_lock include/linux/spinlock.h:351 [inline]
 class_spinlock_constructor include/linux/spinlock.h:561 [inline]
 snd_hrtimer_callback+0x1e0/0x370 sound/core/hrtimer.c:52
 __run_hrtimer kernel/time/hrtimer.c:1687 [inline]
 __hrtimer_run_queues+0x41e/0xae0 kernel/time/hrtimer.c:1751
 hrtimer_interrupt+0x40c/0xaa0 kernel/time/hrtimer.c:1813
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline]
 __sysvec_apic_timer_interrupt+0xc1/0x2d0 arch/x86/kernel/apic/apic.c:1049
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0xa8/0xd0 arch/x86/kernel/apic/apic.c:1043
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x56/0x80 kernel/locking/spinlock.c:194
Code: 2e 8e 86 e8 7c be 91 fc 48 83 3d b4 12 50 01 00 74 38 48 89 df e8 5a 11 00 00 90 41 f7 c6 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 15 29 18 fc 65 8b 05 d6 6e c5 7a 85 c0 74 09 5b 41 5e 5d c3 cc
RSP: 0018:ffffc90002fbfc28 EFLAGS: 00000206
RAX: 0000000000000001 RBX: ffff888102360930 RCX: dffffc0000000000
RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000001
RBP: ffffc90002fbfc38 R08: ffffffff84150bb3 R09: 0000000026415fa1
R10: 0000000000000030 R11: 0000000026415fa1 R12: ffff8881128ed600
R13: 0000000000000000 R14: 0000000000000246 R15: ffff8881023608b0
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 class_spinlock_irqsave_destructor include/linux/spinlock.h:574 [inline]
 snd_timer_stop1+0x7e1/0x930 sound/core/timer.c:634
 snd_timer_stop sound/core/timer.c:679 [inline]
 snd_timer_close_locked+0x23a/0x930 sound/core/timer.c:423
 snd_timer_close sound/core/timer.c:464 [inline]
 snd_timer_user_release+0x130/0x2e0 sound/core/timer.c:1468
 __fput+0x3d0/0x840 fs/file_table.c:422
 __fput_sync+0x54/0x70 fs/file_table.c:507
 __do_sys_close fs/open.c:1556 [inline]
 __se_sys_close+0x15e/0x1f0 fs/open.c:1541
 __x64_sys_close+0x38/0x40 fs/open.c:1541
 x64_sys_call+0x24eb/0x2cd0 arch/x86/include/generated/asm/syscalls_64.h:4
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x54/0x120 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7f7ae147cd9a
Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24
RSP: 002b:00007ffff43144b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f7ae147cd9a
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007f7ae15ad980 R08: 00007f7ae1400000 R09: 0000000000000001
R10: 0000000000000001 R11: 0000000000000293 R12: 000000000000be33
R13: 000000000000be01 R14: 00007ffff4314670 R15: 00007f7ae1434cb0
 </TASK>