BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 174s!
BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=-20 stuck for 147s!
Showing busy workqueues and worker pools:
workqueue events: flags=0x100
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=10 refcnt=11
    pending: psi_avgs_work, nsim_dev_hwstats_traffic_work, psi_avgs_work, vmstat_shepherd, 4*ovs_dp_masks_rebalance, reg_todo, psi_avgs_work
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=10 refcnt=11
    pending: 4*nsim_dev_hwstats_traffic_work, 2*psi_avgs_work, 2*ovs_dp_masks_rebalance, bpf_prog_free_deferred, free_obj_work
workqueue events_long: flags=0x100
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=4 refcnt=5
    pending: 4*defense_work_handler
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: 2*defense_work_handler
workqueue events_unbound: flags=0x2
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=13 refcnt=14
    in-flight: 1002:nsim_dev_trap_report_work for 28s
    pending: 4*nsim_dev_trap_report_work, toggle_allocation_gate, flush_memcg_stats_dwork, 4*cfg80211_wiphy_work, crng_reseed
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=6 refcnt=7
    in-flight: 32:cfg80211_wiphy_work for 148s cfg80211_wiphy_work
    pending: 5*cfg80211_wiphy_work
workqueue events_freezable: flags=0x104
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: update_balloon_stats_func
workqueue events_power_efficient: flags=0x180
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    in-flight: 6309:gc_worker for 29s
    pending: nf_flow_offload_work_gc, wg_ratelimiter_gc_entries
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=8 refcnt=9
    pending: 2*neigh_managed_work, 2*neigh_periodic_work, do_cache_clean, 3*check_lifetime
workqueue rcu_gp: flags=0x108
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
    in-flight: 797:process_srcu for 178s ,10:process_srcu for 76s
workqueue mm_percpu_wq: flags=0x108
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: vmstat_update
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: vmstat_update
workqueue writeback: flags=0x4a
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
    pending: wb_workfn
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
    pending: wb_update_bandwidth_workfn
workqueue kblockd: flags=0x18
  pwq 7: cpus=1 node=0 flags=0x0 nice=-20 active=1 refcnt=2
    pending: blk_mq_requeue_work
workqueue ipv6_addrconf: flags=0x6000a
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=9
    in-flight: 329:addrconf_verify_work for 76s
    inactive: 5*addrconf_verify_work
workqueue krxrpcd: flags=0x2001a
  pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=9
    pending: rxrpc_peer_keepalive_worker
    inactive: 5*rxrpc_peer_keepalive_worker
workqueue bat_events: flags=0x6000a
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=43
    in-flight: 12:batadv_tt_purge for 29s
    inactive: 3*batadv_tt_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, 5*batadv_mcast_mla_update, 6*batadv_iv_send_outstanding_bat_ogm_packet, 4*batadv_purge_orig, 6*batadv_iv_send_outstanding_bat_ogm_packet, batadv_purge_orig, 3*batadv_iv_send_outstanding_bat_ogm_packet, batadv_dat_purge, batadv_bla_periodic_work, batadv_tt_purge
workqueue hci0: flags=0x20012
  pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
    in-flight: 5841:hci_cmd_sync_work for 76s
workqueue hci1: flags=0x20012
  pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
    in-flight: 5839:hci_cmd_sync_work for 76s
workqueue hci2: flags=0x20012
  pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
    in-flight: 51:hci_cmd_sync_work for 76s
workqueue hci3: flags=0x20012
  pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
    in-flight: 5835:hci_cmd_sync_work for 76s
workqueue hci4: flags=0x20012
  pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
    in-flight: 5145:hci_cmd_sync_work for 76s
workqueue wg-kex-wg0: flags=0x6
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_encrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker
workqueue wg-kex-wg0: flags=0x124
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
workqueue wg-kex-wg0: flags=0x6
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_encrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker
workqueue wg-crypt-wg1: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_encrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
workqueue wg-kex-wg1: flags=0x6
  pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg1: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_encrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker
workqueue wg-crypt-wg2: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_tx_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker
workqueue wg-kex-wg2: flags=0x124
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
workqueue wg-crypt-wg2: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_tx_worker, wg_packet_decrypt_worker
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_decrypt_worker
workqueue wg-kex-wg1: flags=0x124
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_tx_worker, wg_packet_decrypt_worker
workqueue wg-kex-wg0: flags=0x124
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
workqueue wg-kex-wg2: flags=0x124
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 6292 Comm: syz.3.114 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:lookup_chain_cache_add kernel/locking/lockdep.c:-1 [inline]
RIP: 0010:validate_chain kernel/locking/lockdep.c:3876 [inline]
RIP: 0010:__lock_acquire+0xafd/0x2cf0 kernel/locking/lockdep.c:5237
Code: 00 75 27 90 e8 84 3c 0a 03 85 c0 74 1c 83 3d 0d 4e 70 0e 00 75 13 48 8d 3d 60 6f 73 0e 48 c7 c6 6d 69 01 8e 67 48 0f b9 3a 90 <48> bb eb 83 b5 80 46 86 c8 61 48 0f af dd 48 c1 eb 2d 48 8b 04 dd
RSP: 0018:ffffc90000007228 EFLAGS: 00000007
RAX: 0000000000000056 RBX: 0000000073af3e20 RCX: 0000000000040000
RDX: 000000007995eda9 RSI: 000000003005c0d9 RDI: ffff888026b21e80
RBP: d5b862aa73af3e20 R08: ffffffff81b34237 R09: ffffffff9a2c0508
R10: dffffc0000000000 R11: fffff52000000e7c R12: ffff888026b22af0
R13: ffff888026b22af0 R14: ffff888026b21e80 R15: 0000000000000007
FS:  00007f10986006c0(0000) GS:ffff88812545a000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd41f416038 CR3: 0000000079240000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 lock_acquire+0xf0/0x2e0 kernel/locking/lockdep.c:5868
 seqcount_lockdep_reader_access+0x55/0x100 include/linux/seqlock.h:73
 ktime_get_update_offsets_now+0x67/0x3d0 kernel/time/timekeeping.c:2570
 hrtimer_update_base kernel/time/hrtimer.c:641 [inline]
 hrtimer_interrupt+0x132/0x1010 kernel/time/hrtimer.c:1893
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1045 [inline]
 __sysvec_apic_timer_interrupt+0x102/0x460 arch/x86/kernel/apic/apic.c:1062
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0x52/0xc0 arch/x86/kernel/apic/apic.c:1056
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x20b/0x2e0 kernel/locking/lockdep.c:5872
Code: e9 30 ff ff ff e8 45 45 0d 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 c1 d2 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d fe 7a 73
RSP: 0018:ffffc900000076a0 EFLAGS: 00000296
RAX: 12a3abbee94e7400 RBX: 0000000000000246 RCX: 0000000000000102
RDX: 0000000028e5176f RSI: ffffffff8e169d5a RDI: ffffffff8c27ca00
RBP: 0000000000000001 R08: ffffffff81a4aad3 R09: ffffffff8e6382d8
R10: dffffc0000000000 R11: fffffbfff1cc7028 R12: 0000000000000002
R13: ffffffff8e6382d8 R14: 0000000000000000 R15: 0000000000000000
 rcu_try_lock_acquire include/linux/rcupdate.h:317 [inline]
 srcu_read_lock_nmisafe include/linux/srcu.h:428 [inline]
 console_srcu_read_lock kernel/printk/printk.c:291 [inline]
 console_flush_one_record kernel/printk/printk.c:3246 [inline]
 console_flush_all+0x147/0xb20 kernel/printk/printk.c:3343
 __console_flush_and_unlock kernel/printk/printk.c:3373 [inline]
 console_unlock+0xd1/0x1c0 kernel/printk/printk.c:3413
 vprintk_emit+0x485/0x560 kernel/printk/printk.c:2479
 _printk+0xdd/0x130 kernel/printk/printk.c:2504
 show_one_workqueue+0x102/0x280 kernel/workqueue.c:6426
 show_all_workqueues+0x148/0x6d0 kernel/workqueue.c:6516
 wq_watchdog_timer_fn+0x4ff/0x7b0 kernel/workqueue.c:7720
 call_timer_fn+0x192/0x640 kernel/time/timer.c:1748
 expire_timers kernel/time/timer.c:1799 [inline]
 __run_timers kernel/time/timer.c:2373 [inline]
 __run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385
 run_timer_base kernel/time/timer.c:2394 [inline]
 run_timer_softirq+0x103/0x170 kernel/time/timer.c:2405
 handle_softirqs+0x22a/0x870 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__schedule+0x4/0x52d0 kernel/sched/core.c:6765
Code: f8 89 d9 48 8b 5c 24 08 e9 ee fe ff ff cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <55> 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec c0 01
RSP: 0018:ffffc9000be67608 EFLAGS: 00000202
RAX: 0000000000b5e3fd RBX: 0000000000000000 RCX: 0000000000000001
RDX: 0000000000000007 RSI: ffffffff8def8e53 RDI: 0000000000000001
RBP: 0000000000000000 R08: ffffffff9011b4b7 R09: 1ffffffff2023696
R10: dffffc0000000000 R11: fffffbfff2023697 R12: 0000000000000000
R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000
 preempt_schedule_irq+0x4d/0xa0 kernel/sched/core.c:7238
 irqentry_exit+0x599/0x620 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:orc_ip arch/x86/kernel/unwind_orc.c:81 [inline]
RIP: 0010:__orc_find arch/x86/kernel/unwind_orc.c:103 [inline]
RIP: 0010:orc_find arch/x86/kernel/unwind_orc.c:238 [inline]
RIP: 0010:unwind_next_frame+0x51a/0x23c0 arch/x86/kernel/unwind_orc.c:510
Code: 83 e0 fe 4c 8d 3c 45 00 00 00 00 49 01 ef 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 27 49 63 07 <4c> 01 f8 49 8d 4f 04 4c 39 e0 48 0f 46 e9 49 8d 47 fc 48 0f 47 d8
RSP: 0018:ffffc9000be67738 EFLAGS: 00000246
RAX: fffffffff8f090ae RBX: ffffffff90834a54 RCX: dffffc0000000000
RDX: ffffffff90834a50 RSI: ffffffff912c0992 RDI: ffffffff8c27c9a0
RBP: ffffffff90834a50 R08: 0000000000000002 R09: ffffffff8e75e5e0
R10: ffffc9000be67858 R11: ffffffff81b0c390 R12: ffffffff8973db29
R13: ffffffff90834a50 R14: ffffc9000be67808 R15: ffffffff90834a50
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 save_stack+0x122/0x230 mm/page_owner.c:165
 __reset_page_owner+0x71/0x1f0 mm/page_owner.c:320
 reset_page_owner include/linux/page_owner.h:25 [inline]
 __free_pages_prepare mm/page_alloc.c:1433 [inline]
 __free_frozen_pages+0xc2b/0xdb0 mm/page_alloc.c:2978
 __slab_free+0x263/0x2b0 mm/slub.c:5573
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x100 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:350
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4538 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 __do_kmalloc_node mm/slub.c:5259 [inline]
 __kmalloc_noprof+0x316/0x760 mm/slub.c:5272
 kmalloc_noprof include/linux/slab.h:954 [inline]
 kzalloc_noprof include/linux/slab.h:1188 [inline]
 lsm_blob_alloc security/security.c:192 [inline]
 lsm_sock_alloc security/security.c:4375 [inline]
 security_sk_alloc+0x52/0x360 security/security.c:4391
 sk_prot_alloc+0x101/0x210 net/core/sock.c:2248
 sk_alloc+0x3a/0x390 net/core/sock.c:2301
 mctp_pf_create+0xce/0x2f0 net/mctp/af_mctp.c:820
 __sock_create+0x4b2/0x9d0 net/socket.c:1605
 sock_create net/socket.c:1663 [inline]
 __sys_socketpair+0x1c4/0x560 net/socket.c:1810
 __do_sys_socketpair net/socket.c:1863 [inline]
 __se_sys_socketpair net/socket.c:1860 [inline]
 __x64_sys_socketpair+0x9b/0xb0 net/socket.c:1860
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f109779c799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f1098600028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 00007f1097a16090 RCX: 00007f109779c799
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d
RBP: 00007f1097832c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1097a16128 R14: 00007f1097a16090 R15: 00007fff9577a8f8
 </TASK>
----------------
Code disassembly (best guess):
   0:	00 75 27             	add    %dh,0x27(%rbp)
   3:	90                   	nop
   4:	e8 84 3c 0a 03       	call   0x30a3c8d
   9:	85 c0                	test   %eax,%eax
   b:	74 1c                	je     0x29
   d:	83 3d 0d 4e 70 0e 00 	cmpl   $0x0,0xe704e0d(%rip)        # 0xe704e21
  14:	75 13                	jne    0x29
  16:	48 8d 3d 60 6f 73 0e 	lea    0xe736f60(%rip),%rdi        # 0xe736f7d
  1d:	48 c7 c6 6d 69 01 8e 	mov    $0xffffffff8e01696d,%rsi
  24:	67 48 0f b9 3a       	ud1    (%edx),%rdi
  29:	90                   	nop
* 2a:	48 bb eb 83 b5 80 46 	movabs $0x61c8864680b583eb,%rbx <-- trapping instruction
  31:	86 c8 61
  34:	48 0f af dd          	imul   %rbp,%rbx
  38:	48 c1 eb 2d          	shr    $0x2d,%rbx
  3c:	48                   	rex.W
  3d:	8b                   	.byte 0x8b
  3e:	04 dd                	add    $0xdd,%al