BUG: workqueue lockup - pool cpus=0 node=0 flags=0x0 nice=0 stuck for 300s!
BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 300s!
Showing busy workqueues and worker pools:
workqueue events: flags=0x0
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=14/256 refcnt=15
    pending: psi_avgs_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, psi_avgs_work, psi_avgs_work, ovs_dp_masks_rebalance, ovs_dp_masks_rebalance, ovs_dp_masks_rebalance, kfree_rcu_monitor
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=16/256 refcnt=17
    pending: nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, nsim_dev_hwstats_traffic_work, psi_avgs_work, psi_avgs_work, psi_avgs_work, ovs_dp_masks_rebalance, ovs_dp_masks_rebalance, ovs_dp_masks_rebalance, kfree_rcu_monitor, rt6_probe_deferred, rt6_probe_deferred, switchdev_deferred_process_work, kvmclock_sync_fn, kvmclock_sync_fn, vmstat_shepherd
workqueue events_long: flags=0x0
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=4/256 refcnt=5
    pending: defense_work_handler, defense_work_handler, defense_work_handler, br_fdb_cleanup
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=6/256 refcnt=7
    pending: defense_work_handler, defense_work_handler, defense_work_handler, br_fdb_cleanup, br_multicast_gc_work, br_fdb_cleanup
workqueue events_unbound: flags=0x2
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=15/512 refcnt=18
    pending: toggle_allocation_gate, flush_memcg_stats_dwork, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, nsim_dev_trap_report_work, macvlan_process_broadcast, macvlan_process_broadcast, macvlan_process_broadcast
workqueue events_freezable: flags=0x4
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: update_balloon_stats_func
workqueue events_power_efficient: flags=0x80
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: gc_worker
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=8/256 refcnt=9
    pending: reg_check_chans_work, check_lifetime, wg_ratelimiter_gc_entries, neigh_managed_work, neigh_managed_work, neigh_periodic_work, neigh_periodic_work, do_cache_clean
workqueue rcu_gp: flags=0x8
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: process_srcu
workqueue mm_percpu_wq: flags=0x8
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: vmstat_update
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: vmstat_update
workqueue writeback: flags=0x4a
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wb_workfn
workqueue dm_bufio_cache: flags=0x8
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: work_fn
workqueue ipv6_addrconf: flags=0x40008
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=3
    pending: addrconf_verify_work
    inactive: addrconf_verify_work
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1 refcnt=5
    pending: addrconf_verify_work
    inactive: addrconf_verify_work, addrconf_verify_work, addrconf_verify_work
workqueue krxrpcd: flags=0x0
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=4
    pending: rxrpc_peer_keepalive_worker
    inactive: rxrpc_peer_keepalive_worker, rxrpc_peer_keepalive_worker
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1 refcnt=4
    pending: rxrpc_peer_keepalive_worker
    inactive: rxrpc_peer_keepalive_worker, rxrpc_peer_keepalive_worker
workqueue bat_events: flags=0xe000a
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=54
    in-flight: 20468:batadv_nc_worker
    inactive: batadv_nc_worker, batadv_nc_worker, batadv_nc_worker, batadv_nc_worker, batadv_nc_worker, batadv_mcast_mla_update, batadv_mcast_mla_update, batadv_mcast_mla_update, batadv_mcast_mla_update, batadv_mcast_mla_update, batadv_mcast_mla_update, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_purge_orig, batadv_purge_orig, batadv_purge_orig, batadv_purge_orig, batadv_purge_orig, batadv_purge_orig, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet
, batadv_iv_send_outstanding_bat_ogm_packet, batadv_tt_purge, batadv_tt_purge, batadv_tt_purge, batadv_tt_purge, batadv_tt_purge, batadv_dat_purge, batadv_bla_periodic_work, batadv_tt_purge, batadv_bla_periodic_work, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_bla_periodic_work, batadv_dat_purge, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_dat_purge
workqueue wg-kex-wg0: flags=0x24
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_handshake_receive_worker
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_handshake_receive_worker
workqueue wg-kex-wg0: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wg_packet_handshake_send_worker
workqueue wg-kex-wg1: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=3/256 refcnt=6
    pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker, wg_queued_expired_zero_key_material
workqueue wg-kex-wg2: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=5
    pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
workqueue phy41: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
workqueue wg-kex-wg0: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=5
    pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
workqueue wg-kex-wg1: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=5
    pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
workqueue wg-kex-wg2: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=5
    pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
workqueue phy47: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
workqueue phy48: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
workqueue wg-kex-wg0: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg0: flags=0x28
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue wg-kex-wg1: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg1: flags=0x28
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue wg-kex-wg2: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg2: flags=0x28
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue phy51: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
workqueue phy52: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
workqueue wg-kex-wg0: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg0: flags=0x28
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue wg-kex-wg1: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=5
    pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
workqueue wg-crypt-wg1: flags=0x28
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue wg-kex-wg2: flags=0x6
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=4
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg2: flags=0x28
  pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
  pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue phy53: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
workqueue phy54: flags=0xa0002
  pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=4
    pending: ieee80211_iface_work
pool 4: cpus=0-1 flags=0x4 nice=0 hung=302s workers=20 idle: 32 4454 11 4354 17403 15171 8506 17413 22303 15161 20336 4622 17418 4503 4506 9 4396 17407 4406
------------[ cut here ]------------
WARNING: CPU: 0 PID: 23955 at kernel/rcu/tree_stall.h:970 rcu_check_gp_start_stall+0x2dc/0x460 kernel/rcu/tree_stall.h:962
Modules linked in:
CPU: 0 PID: 23955 Comm: syz.8.5544 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 kernel/rcu/tree_stall.h:970
Code: ff ff ff 48 c7 c7 20 df c2 96 be 04 00 00 00 e8 fa 48 65 00 48 89 df b8 01 00 00 00 87 05 ec 39 57 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 40 ff b2 8c 74 47 48 c7 c0 24 a7 1f 8e 48 c1 e8 03
RSP: 0018:ffffc90000007b78 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffffffff8cb2ff40 RCX: ffffffff816ba526
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cb2ff40
RBP: ffffc90000007df0 R08: 0000000000000004 R09: 0000000000000003
R10: fffffbfff2d85be4 R11: 1ffffffff2d85be4 R12: 0000000000002904
R13: dffffc0000000000 R14: 0000000000000a06 R15: dffffc0000000000
FS:  00007faf3f4c06c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2e617ff8 CR3: 0000000066848000 CR4: 00000000003526f0
Call Trace:
 <IRQ>
 rcu_core+0x5d9/0x16a0 kernel/rcu/tree.c:2552
 handle_softirqs+0x2a1/0x920 kernel/softirq.c:596
 __do_softirq kernel/softirq.c:630 [inline]
 invoke_softirq kernel/softirq.c:470 [inline]
 __irq_exit_rcu+0x12f/0x220 kernel/softirq.c:679
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:691
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1118 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1118
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:691
RIP: 0010:clear_user_erms+0xc/0x10 arch/x86/lib/clear_page_64.S:185
Code: f3 48 ab 83 e2 07 74 04 89 d1 f3 aa 31 c0 c3 48 c1 e1 03 83 e2 07 48 01 d1 eb f1 90 90 90 48 83 f9 40 0f 82 76 ff ff ff f3 aa <31> c0 c3 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 74 24
RSP: 0018:ffffc90003a97ab8 EFLAGS: 00040246
RAX: 0000000000000000 RBX: ffff888024d5d940 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8a8c1480 RDI: 00007faf3f4bff40
RBP: ffffc90003a97cb0 R08: dffffc0000000000 R09: fffffbfff1c3ee4e
R10: fffffbfff1c3ee4e R11: 1ffffffff1c3ee4d R12: dffffc0000000000
R13: ffff888024d5f250 R14: 00007faf3f4bff00 R15: 00007faf3f4bfd00
 __clear_user arch/x86/include/asm/uaccess_64.h:103 [inline]
 copy_fpstate_to_sigframe+0x1b8/0xcb0 arch/x86/kernel/fpu/signal.c:216
 get_sigframe arch/x86/kernel/signal.c:297 [inline]
 __setup_rt_frame arch/x86/kernel/signal.c:472 [inline]
 setup_rt_frame arch/x86/kernel/signal.c:784 [inline]
 handle_signal arch/x86/kernel/signal.c:828 [inline]
 arch_do_signal_or_restart+0x610/0x1230 arch/x86/kernel/signal.c:873
 exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7faf3e58ebe7
Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
RSP: 002b:00007faf3f4c00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 00000000000000ca RBX: 00007faf3e7c5fa8 RCX: 00007faf3e58ebe9
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faf3e7c5fa8
RBP: 00007faf3e7c5fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007faf3e7c6038 R14: 00007ffee7c349d0 R15: 00007ffee7c34ab8
 </TASK>
----------------
Code disassembly (best guess):
   0:	f3 48 ab             	rep stos %rax,%es:(%rdi)
   3:	83 e2 07             	and    $0x7,%edx
   6:	74 04                	je     0xc
   8:	89 d1                	mov    %edx,%ecx
   a:	f3 aa                	rep stos %al,%es:(%rdi)
   c:	31 c0                	xor    %eax,%eax
   e:	c3                   	ret
   f:	48 c1 e1 03          	shl    $0x3,%rcx
  13:	83 e2 07             	and    $0x7,%edx
  16:	48 01 d1             	add    %rdx,%rcx
  19:	eb f1                	jmp    0xc
  1b:	90                   	nop
  1c:	90                   	nop
  1d:	90                   	nop
  1e:	48 83 f9 40          	cmp    $0x40,%rcx
  22:	0f 82 76 ff ff ff    	jb     0xffffff9e
  28:	f3 aa                	rep stos %al,%es:(%rdi)
* 2a:	31 c0                	xor    %eax,%eax <-- trapping instruction
  2c:	c3                   	ret
  2d:	00 55 41             	add    %dl,0x41(%rbp)
  30:	57                   	push   %rdi
  31:	41 56                	push   %r14
  33:	41 55                	push   %r13
  35:	41 54                	push   %r12
  37:	53                   	push   %rbx
  38:	48 83 ec 20          	sub    $0x20,%rsp
  3c:	48                   	rex.W
  3d:	89                   	.byte 0x89
  3e:	74 24                	je     0x64