------------[ cut here ]------------
WARNING: CPU: 1 PID: 3 at kernel/workqueue.c:2257 __queue_work+0xcd3/0xf50 kernel/workqueue.c:2256
Modules linked in:
CPU: 1 UID: 0 PID: 3 Comm: pool_workqueue_ Not tainted 6.14.0-rc3-syzkaller-ga2598045ead9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:__queue_work+0xcd3/0xf50 kernel/workqueue.c:2256
Code: ff e8 e1 af 38 00 90 0f 0b 90 e9 b2 fe ff ff e8 d3 af 38 00 eb 13 e8 cc af 38 00 eb 0c e8 c5 af 38 00 eb 05 e8 be af 38 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
RSP: 0018:ffffc90000a18b08 EFLAGS: 00010046
RAX: ffffffff818915cd RBX: 0000000000000100 RCX: ffff888140eb3c00
RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
RBP: 0000000000010000 R08: ffffffff818909f8 R09: 1ffffffff207a0ae
R10: dffffc0000000000 R11: ffffffff81891e00 R12: ffff888064c2b000
R13: ffff888064c2b1c0 R14: dffffc0000000000 R15: 0000000000000008
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f77598d56c0 CR3: 000000005b268000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 call_timer_fn+0x187/0x650 kernel/time/timer.c:1789
 expire_timers kernel/time/timer.c:1835 [inline]
 __run_timers kernel/time/timer.c:2414 [inline]
 __run_timer_base+0x695/0x8e0 kernel/time/timer.c:2426
 run_timer_base kernel/time/timer.c:2435 [inline]
 run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2445
 handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561
 __do_softirq kernel/softirq.c:595 [inline]
 invoke_softirq kernel/softirq.c:435 [inline]
 __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lockdep_unregister_key+0x56d/0x610 kernel/locking/lockdep.c:6595
Code: 4f 94 48 c7 c6 a0 0f 9d 81 e8 2f 31 0a 00 e8 fa 3b 0a 00 e9 e5 fb ff ff e8 60 bf 6b 0a 41 f7 c7 00 02 00 00 74 d0 fb 45 84 f6 <75> cf eb e0 90 0f 0b 90 45 31 f6 e9 62 ff ff ff 90 0f 0b 90 e9 a1
RSP: 0018:ffffc90000087c20 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: 1ffff92000010f8c RCX: ffffffff9a653903
RDX: 0000000000000001 RSI: ffffffff8c2ab240 RDI: ffffffff8c810bc0
RBP: ffffc90000087cf8 R08: ffffffff944fd897 R09: 1ffffffff289fb12
R10: dffffc0000000000 R11: fffffbfff289fb13 R12: ffffc90000087c60
R13: 1ffff92000010f88 R14: 0000000000000000 R15: 0000000000000207
 wq_unregister_lockdep kernel/workqueue.c:4814 [inline]
 pwq_release_workfn+0x6d1/0x800 kernel/workqueue.c:5110
 kthread_worker_fn+0x4f7/0xb70 kernel/kthread.c:1010
 kthread+0x7a9/0x920 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
----------------
Code disassembly (best guess):
   0:	4f 94                	rex.WRXB xchg %rax,%r12
   2:	48 c7 c6 a0 0f 9d 81 	mov    $0xffffffff819d0fa0,%rsi
   9:	e8 2f 31 0a 00       	call   0xa313d
   e:	e8 fa 3b 0a 00       	call   0xa3c0d
  13:	e9 e5 fb ff ff       	jmp    0xfffffbfd
  18:	e8 60 bf 6b 0a       	call   0xa6bbf7d
  1d:	41 f7 c7 00 02 00 00 	test   $0x200,%r15d
  24:	74 d0                	je     0xfffffff6
  26:	fb                   	sti
  27:	45 84 f6             	test   %r14b,%r14b
* 2a:	75 cf                	jne    0xfffffffb <-- trapping instruction
  2c:	eb e0                	jmp    0xe
  2e:	90                   	nop
  2f:	0f 0b                	ud2
  31:	90                   	nop
  32:	45 31 f6             	xor    %r14d,%r14d
  35:	e9 62 ff ff ff       	jmp    0xffffff9c
  3a:	90                   	nop
  3b:	0f 0b                	ud2
  3d:	90                   	nop
  3e:	e9                   	.byte 0xe9
  3f:	a1                   	.byte 0xa1