Re: [syzbot] [kernel?] INFO: task hung in nsim_bus_dev_del

[syzbot]

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
BUG: workqueue lockup

BUG: workqueue lockup - pool cpus=0 node=0 flags=0x0 nice=0 stuck for 51s!
Showing busy workqueues and worker pools:
workqueue events: flags=0x100
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=14 refcnt=15
    pending: psi_avgs_work, delayed_vfree_work, psi_avgs_work, vmstat_shepherd, rht_deferred_worker, 3*nsim_dev_hwstats_traffic_work, ovs_dp_masks_rebalance, psi_avgs_work, 2*ovs_dp_masks_rebalance, free_obj_work, ovs_dp_masks_rebalance
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=9 refcnt=10
    pending: 2*nsim_dev_hwstats_traffic_work, 6*ovs_dp_masks_rebalance, drm_fb_helper_damage_work
workqueue events_long: flags=0x100
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=7 refcnt=8
    in-flight: 4777:defense_work_handler for 51s
    pending: 6*defense_work_handler
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: 3*defense_work_handler
workqueue events_unbound: flags=0x2
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=2
    in-flight: 3589:call_usermodehelper_exec_work for 46s
workqueue events_unbound: flags=0x2
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=8 refcnt=9
    in-flight: 40:cfg80211_wiphy_work for 51s cfg80211_wiphy_work ,5470:cfg80211_wiphy_work for 25s ,14:cfg80211_wiphy_work for 39s cfg80211_wiphy_work
    pending: macvlan_process_broadcast, cfg80211_wiphy_work, crng_reseed
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=14 refcnt=15
    in-flight: 1284:cfg80211_wiphy_work for 52s cfg80211_wiphy_work ,908:cfg80211_wiphy_work for 52s cfg80211_wiphy_work ,12:cfg80211_wiphy_work for 52s cfg80211_wiphy_work
    pending: 2*nsim_dev_trap_report_work, flush_memcg_stats_dwork, 3*nsim_dev_trap_report_work, macvlan_process_broadcast, toggle_allocation_gate
workqueue events_power_efficient: flags=0x182
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=2
    in-flight: 3735:crda_timeout_work for 51s
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=6 refcnt=7
    pending: neigh_managed_work, gc_worker, do_cache_clean, wg_ratelimiter_gc_entries, neigh_managed_work, neigh_periodic_work
workqueue netns: flags=0x6000a
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=4
    in-flight: 3273:cleanup_net for 55s
workqueue mm_percpu_wq: flags=0x108
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: vmstat_update
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: vmstat_update
workqueue writeback: flags=0x4a
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=4 MAYDAY
    in-flight: 33(RESCUER):wb_workfn for 44s
workqueue mld: flags=0x40108
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=20
    pending: mld_dad_work
    inactive: 7*mld_ifc_work, mld_dad_work, 8*mld_ifc_work, 2*mld_dad_work
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=76
    in-flight: 856:mld_ifc_work for 10s
    inactive: 2*mld_ifc_work, 3*mld_dad_work, 4*mld_ifc_work, mld_dad_work, 2*mld_ifc_work, mld_dad_work, 5*mld_ifc_work, mld_dad_work, mld_ifc_work, 2*mld_dad_work, 13*mld_ifc_work, 2*mld_dad_work, mld_ifc_work, mld_dad_work, mld_ifc_work, 2*mld_dad_work, 2*mld_ifc_work, mld_dad_work, mld_ifc_work, mld_dad_work, 5*mld_ifc_work, 3*mld_dad_work, 2*mld_ifc_work, mld_dad_work, 2*mld_ifc_work, mld_dad_work, 3*mld_ifc_work, mld_dad_work, mld_ifc_work, mld_dad_work, 7*mld_ifc_work
workqueue ipv6_addrconf: flags=0x6000a
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=270
    in-flight: 3446:addrconf_dad_work for 53s
    inactive: 266*addrconf_dad_work
workqueue bat_events: flags=0x6000a
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=50 MAYDAY
    in-flight: 2819(RESCUER):batadv_tt_purge for 9s
    pending: mayday_cursor_func
    inactive: 3*batadv_tt_purge, 2*batadv_iv_send_outstanding_bat_ogm_packet, 2*batadv_purge_orig, 2*batadv_iv_send_outstanding_bat_ogm_packet, 3*batadv_purge_orig, batadv_mcast_mla_update, 11*batadv_iv_send_outstanding_bat_ogm_packet, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, batadv_dat_purge, batadv_bla_periodic_work, 5*batadv_mcast_mla_update, batadv_purge_orig, 2*batadv_tt_purge
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_decrypt_worker
workqueue wg-crypt-wg1: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_decrypt_worker, wg_packet_tx_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_decrypt_worker
workqueue wg-crypt-wg2: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_decrypt_worker, wg_packet_tx_worker
workqueue wg-kex-wg0: flags=0x124
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    in-flight: 4807:wg_packet_handshake_receive_worker for 12s
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker
workqueue wg-kex-wg1: flags=0x6
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg1: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_decrypt_worker, wg_packet_tx_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker
workqueue wg-kex-wg2: flags=0x124
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_receive_worker
workqueue wg-kex-wg2: flags=0x6
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg2: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_tx_worker
workqueue wg-kex-wg0: flags=0x6
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=2
    pending: wg_packet_handshake_send_worker
workqueue wg-crypt-wg0: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
  pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
    pending: wg_packet_encrypt_worker
workqueue wg-crypt-wg1: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
    pending: wg_packet_tx_worker, wg_packet_decrypt_worker, wg_packet_encrypt_worker
workqueue wg-kex-wg2: flags=0x6
  pwq 8: cpus=0-1 flags=0x6 nice=0 active=1 refcnt=2
    in-flight: 39:wg_packet_handshake_send_worker for 0s
workqueue wg-crypt-wg2: flags=0x128
  pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
    pending: wg_packet_tx_worker, wg_packet_encrypt_worker
pool 2: cpus=0 node=0 flags=0x0 nice=0 hung=51s workers=7 idle: 1482 1022 4703 10 5404 9
pool 6: cpus=1 node=0 flags=0x0 nice=0 hung=10s workers=6 idle: 24 5386 4814 26
pool 8: cpus=0-1 flags=0x6 nice=0 hung=0s workers=12 manager: 5472
Showing backtraces of busy workers in stalled worker pools:
pool 2:
task:kworker/0:5     state:R  running task     stack:0     pid:4777  tgid:4777  ppid:2      task_flags:0x4208060 flags:0x00000010
Workqueue: events_long defense_work_handler
Call trace:
 __switch_to+0x2b0/0x6e0 arch/arm64/kernel/process.c:810 (T)
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x1b74/0x2d24 kernel/sched/core.c:7188
 preempt_schedule_common+0xd4/0x190 kernel/sched/core.c:7369
 preempt_schedule+0x60/0x78 kernel/sched/core.c:7393
 __local_bh_enable_ip+0x20c/0x35c kernel/softirq.c:457
 local_bh_enable+0x28/0x34 include/linux/bottom_half.h:33
 update_defense_level+0x600/0x9ac net/netfilter/ipvs/ip_vs_ctl.c:210
 defense_work_handler+0x30/0xdc net/netfilter/ipvs/ip_vs_ctl.c:235
 process_one_work+0x78c/0x173c kernel/workqueue.c:3302
 process_scheduled_works+0xdc/0x13c kernel/workqueue.c:3385
 worker_thread+0x770/0xbd0 kernel/workqueue.c:3466
 kthread+0x2f0/0x3c0 kernel/kthread.c:436
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:842


Tested on:

commit:         5cbb61bf arm64/fpsimd: ptrace: zero target's fpsimd_st..
git tree:       git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=1608b02e580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=a834c6344141a58b
dashboard link: https://syzkaller.appspot.com/bug?extid=1cf303af03cf30b1275a
compiler:       Debian clang version 21.1.8 (++20251221033036+2078da43e25a-1~exp1~20251221153213.50), Debian LLD 21.1.8
userspace arch: arm64
patch:          https://syzkaller.appspot.com/x/patch.diff?x=173acd6a580000