./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor344724953 <...> Warning: Permanently added '10.128.0.140' (ED25519) to the list of known hosts. execve("./syz-executor344724953", ["./syz-executor344724953"], 0x7ffc96915530 /* 10 vars */) = 0 brk(NULL) = 0x55558dc53000 brk(0x55558dc53d00) = 0x55558dc53d00 arch_prctl(ARCH_SET_FS, 0x55558dc53380) = 0 set_tid_address(0x55558dc53650) = 5860 set_robust_list(0x55558dc53660, 24) = 0 rseq(0x55558dc53ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor344724953", 4096) = 27 getrandom("\x0b\x64\x30\x7b\x2e\x2f\x62\x10", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558dc53d00 brk(0x55558dc74d00) = 0x55558dc74d00 brk(0x55558dc75000) = 0x55558dc75000 mprotect(0x7f9598ffb000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5861 attached [pid 5861] set_robust_list(0x55558dc53660, 24 [pid 5860] <... clone resumed>, child_tidptr=0x55558dc53650) = 5861 [pid 5861] <... set_robust_list resumed>) = 0 [pid 5861] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558dc53650) = 5862 ./strace-static-x86_64: Process 5863 attached ./strace-static-x86_64: Process 5862 attached [pid 5863] set_robust_list(0x55558dc53660, 24 [pid 5862] set_robust_list(0x55558dc53660, 24 [pid 5863] <... set_robust_list resumed>) = 0 [pid 5862] <... set_robust_list resumed>) = 0 [pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5862] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5861] <... clone resumed>, child_tidptr=0x55558dc53650) = 5863 [pid 5863] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5865 attached [pid 5863] setpgid(0, 0./strace-static-x86_64: Process 5864 attached ) = 0 [pid 5860] <... clone resumed>, child_tidptr=0x55558dc53650) = 5864 [pid 5864] set_robust_list(0x55558dc53660, 24 [pid 5865] set_robust_list(0x55558dc53660, 24 [pid 5864] <... set_robust_list resumed>) = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5862] <... clone resumed>, child_tidptr=0x55558dc53650) = 5865 [pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... set_robust_list resumed>) = 0 [pid 5863] <... openat resumed>) = 3 [pid 5863] write(3, "1000", 4./strace-static-x86_64: Process 5867 attached ./strace-static-x86_64: Process 5866 attached [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5860] <... clone resumed>, child_tidptr=0x55558dc53650) = 5867 [pid 5865] <... prctl resumed>) = 0 [pid 5863] <... write resumed>) = 4 [pid 5866] set_robust_list(0x55558dc53660, 24 [pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] set_robust_list(0x55558dc53660, 24 [pid 5866] <... set_robust_list resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x55558dc53650) = 5866 [pid 5865] setpgid(0, 0 [pid 5863] close(3 [pid 5867] <... set_robust_list resumed>) = 0 [pid 5866] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5868 attached [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... prctl resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5863] <... close resumed>) = 0 [pid 5860] <... clone resumed>, child_tidptr=0x55558dc53650) = 5868 [pid 5868] set_robust_list(0x55558dc53660, 24 [pid 5866] setpgid(0, 0 [pid 5863] write(1, "executing program\n", 18 [pid 5868] <... set_robust_list resumed>) = 0 executing program [pid 5865] <... openat resumed>) = 3 [pid 5866] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5869 attached [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5863] <... write resumed>) = 18 [pid 5865] write(3, "1000", 4./strace-static-x86_64: Process 5870 attached ) = 4 [pid 5865] close(3 [pid 5869] set_robust_list(0x55558dc53660, 24 [pid 5865] <... close resumed>) = 0 [pid 5863] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 5870] set_robust_list(0x55558dc53660, 24 [pid 5869] <... set_robust_list resumed>) = 0 [pid 5870] <... set_robust_list resumed>) = 0 [pid 5865] write(1, "executing program\n", 18 [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... clone resumed>, child_tidptr=0x55558dc53650) = 5870 executing program [pid 5866] <... openat resumed>) = 3 [pid 5863] <... socket resumed>) = 3 [pid 5870] <... prctl resumed>) = 0 [pid 5869] <... prctl resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x55558dc53650) = 5869 [pid 5866] write(3, "1000", 4 [pid 5865] <... write resumed>) = 18 [pid 5869] setpgid(0, 0 [pid 5866] <... write resumed>) = 4 [pid 5865] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 5869] <... setpgid resumed>) = 0 [pid 5870] setpgid(0, 0 [pid 5866] close(3 [pid 5865] <... socket resumed>) = 3 [pid 5863] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x25\x00\x01\x00\x2c\xbd\x70\x00\xfb\xdb\xdf\x25\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_OOB|MSG_EOR}, MSG_PROBE [pid 5870] <... setpgid resumed>) = 0 [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... close resumed>) = 0 executing program [pid 5866] write(1, "executing program\n", 18 [pid 5865] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x25\x00\x01\x00\x2c\xbd\x70\x00\xfb\xdb\xdf\x25\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_OOB|MSG_EOR}, MSG_PROBE [pid 5866] <... write resumed>) = 18 [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5869] <... openat resumed>) = 3 [pid 5866] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 5870] <... openat resumed>) = 3 [pid 5869] write(3, "1000", 4) = 4 [pid 5866] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x25\x00\x01\x00\x2c\xbd\x70\x00\xfb\xdb\xdf\x25\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_OOB|MSG_EOR}, MSG_PROBE [pid 5869] close(3 [pid 5870] write(3, "1000", 4executing program [pid 5869] <... close resumed>) = 0 [pid 5870] <... write resumed>) = 4 [pid 5869] write(1, "executing program\n", 18 [pid 5870] close(3 [pid 5869] <... write resumed>) = 18 [pid 5870] <... close resumed>) = 0 executing program [pid 5869] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 5870] write(1, "executing program\n", 18 [pid 5869] <... socket resumed>) = 3 [pid 5870] <... write resumed>) = 18 [pid 5870] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 5869] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x25\x00\x01\x00\x2c\xbd\x70\x00\xfb\xdb\xdf\x25\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_OOB|MSG_EOR}, MSG_PROBE [pid 5870] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x25\x00\x01\x00\x2c\xbd\x70\x00\xfb\xdb\xdf\x25\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_OOB|MSG_EOR}, MSG_PROBE [pid 5865] <... sendmsg resumed>) = 20 [pid 5865] socket(AF_NETLINK, SOCK_DGRAM, 0) = 4 [pid 5865] write(4, "\xfc\x00\x00\x00\x1c\x00\x07\x04\xab\x5b\x25\x09\xb8\x68\x03\x00\x02\xab\x08\x7a\x01\x00\x00\x00\x01\x48\x10\x93\x21\x00\x01\xc0\xf0\x03\x05\x84\x05\x00\x60\x10\x00\x00\x00\x00\x00\x03\x98\x15\xfa\x2c\x53\xc2\x86\x48\x00\x00\x00\xb9\xd9\x56\x62\x53\x7a\x00\xbc\x00\x0c\x00\xf0\xff\x7f\x00\x00\xb4\x00\x60\x00\x33\xd4\x40\x00\x04\x05\x60\x91\x6a\x00\x33\xf4\x36\x31\x30\x12\xda\xfd\x5a\x32\xe2\x73\xfc"..., 252) = 252 [pid 5865] exit_group(0) = ? [pid 5865] +++ exited with 0 +++ [pid 5862] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5862] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5862] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached , child_tidptr=0x55558dc53650) = 5873 [pid 5873] set_robust_list(0x55558dc53660, 24) = 0 [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 93.639268][ T5865] netlink: 'syz-executor344': attribute type 12 has an invalid length. [pid 5873] setpgid(0, 0) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5873] write(3, "1000", 4) = 4 [pid 5873] close(3) = 0 executing program [pid 5873] write(1, "executing program\n", 18) = 18 [pid 5873] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 5873] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x25\x00\x01\x00\x2c\xbd\x70\x00\xfb\xdb\xdf\x25\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_OOB|MSG_EOR}, MSG_PROBE [pid 5861] kill(-5863, SIGKILL) = 0 [pid 5861] kill(5863, SIGKILL) = 0 [pid 5864] kill(-5866, SIGKILL) = 0 [pid 5864] kill(5866, SIGKILL) = 0 [pid 5868] kill(-5870, SIGKILL) = 0 [pid 5868] kill(5870, SIGKILL) = 0 [pid 5867] kill(-5869, SIGKILL) = 0 [pid 5867] kill(5869, SIGKILL) = 0 [pid 5862] kill(-5873, SIGKILL) = 0 [pid 5862] kill(5873, SIGKILL) = 0 [pid 5864] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", [pid 5861] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5861] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 5861] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x55558dc546f0 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(3, 0x55558dc546f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 5861] getdents64(3, 0x55558dc546f0 /* 2 entries */, 32768) = 48 [pid 5864] <... close resumed>) = 0 [pid 5861] getdents64(3, [pid 5868] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5861] <... getdents64 resumed>0x55558dc546f0 /* 0 entries */, 32768) = 0 [pid 5861] close(3) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x55558dc546f0 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(3, 0x55558dc546f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5867] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x55558dc546f0 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(3, 0x55558dc546f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5862] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5862] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5862] getdents64(3, 0x55558dc546f0 /* 2 entries */, 32768) = 48 [pid 5862] getdents64(3, 0x55558dc546f0 /* 0 entries */, 32768) = 0 [pid 5862] close(3) = 0 [ 286.506349][ T31] INFO: task syz-executor344:5866 blocked for more than 143 seconds. [ 286.514648][ T31] Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 [ 286.522282][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.531209][ T31] task:syz-executor344 state:D stack:27048 pid:5866 tgid:5866 ppid:5864 task_flags:0x400140 flags:0x00004006 [ 286.544094][ T31] Call Trace: [ 286.547400][ T31] [ 286.550321][ T31] __schedule+0x16fd/0x4cf0 [ 286.554943][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.559810][ T31] ? schedule+0x165/0x360 [ 286.564371][ T31] ? __pfx___schedule+0x10/0x10 [ 286.569278][ T31] ? schedule+0x91/0x360 [ 286.573581][ T31] schedule+0x165/0x360 [ 286.577769][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.583343][ T31] __mutex_lock+0x724/0xe80 [ 286.587945][ T31] ? __mutex_lock+0x51b/0xe80 [ 286.592836][ T31] ? nfsd_nl_listener_set_doit+0x137/0x1690 [ 286.598800][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 286.603961][ T31] ? __asan_memset+0x22/0x50 [ 286.608570][ T31] ? ____sys_sendmsg+0x505/0x830 [ 286.613623][ T31] ? ___sys_sendmsg+0x21f/0x2a0 [ 286.618490][ T31] ? __x64_sys_sendmsg+0x19b/0x260 [ 286.623724][ T31] nfsd_nl_listener_set_doit+0x137/0x1690 [ 286.629492][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 286.635276][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 286.641469][ T31] ? __nla_parse+0x40/0x60 [ 286.646021][ T31] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 286.652464][ T31] genl_family_rcv_msg_doit+0x212/0x300 [ 286.658549][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 286.664715][ T31] ? bpf_lsm_capable+0x9/0x20 [ 286.669437][ T31] ? security_capable+0x7e/0x2e0 [ 286.674458][ T31] genl_rcv_msg+0x60e/0x790 [ 286.678999][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 286.684625][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 286.690819][ T31] netlink_rcv_skb+0x208/0x470 [ 286.695650][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.700530][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 286.705594][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 286.710895][ T31] ? down_read+0x1ad/0x2e0 [ 286.715394][ T31] genl_rcv+0x28/0x40 [ 286.719388][ T31] netlink_unicast+0x82f/0x9e0 [ 286.724284][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 286.729595][ T31] ? netlink_sendmsg+0x642/0xb30 [ 286.734587][ T31] ? skb_put+0x11b/0x210 [ 286.738848][ T31] netlink_sendmsg+0x805/0xb30 [ 286.743913][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 286.749217][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 286.754212][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 286.759505][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 286.765109][ T31] __sock_sendmsg+0x21c/0x270 [ 286.769806][ T31] ____sys_sendmsg+0x505/0x830 [ 286.774640][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 286.779953][ T31] ? import_iovec+0x74/0xa0 [ 286.784566][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 286.789259][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 286.794575][ T31] ? do_raw_spin_lock+0x121/0x290 [ 286.799717][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 286.804806][ T31] ? _raw_spin_unlock_irq+0x2e/0x50 [ 286.810123][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 286.815701][ T31] do_syscall_64+0xfa/0x3b0 [ 286.820218][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 286.825495][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.831686][ T31] ? clear_bhb_loop+0x60/0xb0 [ 286.836582][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.842552][ T31] RIP: 0033:0x7f9598f88ba9 [ 286.847012][ T31] RSP: 002b:00007ffdc6e18348 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 286.855621][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9598f88ba9 [ 286.863646][ T31] RDX: 0000000000000010 RSI: 0000200000001540 RDI: 0000000000000003 [ 286.871655][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.879711][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.887743][ T31] R13: 00007ffdc6e18568 R14: 00007ffdc6e18370 R15: 00007ffdc6e18360 [ 286.895900][ T31] [ 286.899059][ T31] INFO: task syz-executor344:5869 blocked for more than 143 seconds. [ 286.907357][ T31] Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 [ 286.915065][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.923957][ T31] task:syz-executor344 state:D stack:27048 pid:5869 tgid:5869 ppid:5867 task_flags:0x400140 flags:0x00004006 [ 286.935975][ T31] Call Trace: [ 286.939260][ T31] [ 286.942183][ T31] __schedule+0x16fd/0x4cf0 [ 286.946757][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.951661][ T31] ? schedule+0x165/0x360 [ 286.956213][ T31] ? __pfx___schedule+0x10/0x10 [ 286.961105][ T31] ? schedule+0x91/0x360 [ 286.965524][ T31] schedule+0x165/0x360 [ 286.969732][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.975331][ T31] __mutex_lock+0x724/0xe80 [ 286.979878][ T31] ? __mutex_lock+0x51b/0xe80 [ 286.984691][ T31] ? nfsd_nl_listener_set_doit+0x137/0x1690 [ 286.990609][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 286.995742][ T31] ? __asan_memset+0x22/0x50 [ 287.000342][ T31] ? ____sys_sendmsg+0x505/0x830 [ 287.005390][ T31] ? ___sys_sendmsg+0x21f/0x2a0 [ 287.010261][ T31] ? __x64_sys_sendmsg+0x19b/0x260 [ 287.015462][ T31] nfsd_nl_listener_set_doit+0x137/0x1690 [ 287.021201][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 287.027025][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 287.033263][ T31] ? __nla_parse+0x40/0x60 [ 287.037700][ T31] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 287.044144][ T31] genl_family_rcv_msg_doit+0x212/0x300 [ 287.049831][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 287.056046][ T31] ? bpf_lsm_capable+0x9/0x20 [ 287.060860][ T31] ? security_capable+0x7e/0x2e0 [ 287.065904][ T31] genl_rcv_msg+0x60e/0x790 [ 287.070448][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 287.075589][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 287.081873][ T31] netlink_rcv_skb+0x208/0x470 [ 287.086792][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.091661][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 287.096788][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 287.102094][ T31] ? down_read+0x1ad/0x2e0 [ 287.106683][ T31] genl_rcv+0x28/0x40 [ 287.110938][ T31] netlink_unicast+0x82f/0x9e0 [ 287.115810][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 287.121117][ T31] ? netlink_sendmsg+0x642/0xb30 [ 287.126104][ T31] ? skb_put+0x11b/0x210 [ 287.130355][ T31] netlink_sendmsg+0x805/0xb30 [ 287.135305][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 287.140614][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 287.145706][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 287.151013][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 287.156388][ T31] __sock_sendmsg+0x21c/0x270 [ 287.161081][ T31] ____sys_sendmsg+0x505/0x830 [ 287.166040][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 287.171373][ T31] ? import_iovec+0x74/0xa0 [ 287.175975][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 287.180673][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 287.185987][ T31] ? do_raw_spin_lock+0x121/0x290 [ 287.191079][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 287.196104][ T31] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.201314][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 287.206869][ T31] do_syscall_64+0xfa/0x3b0 [ 287.211471][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.216743][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.222872][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.227592][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.233572][ T31] RIP: 0033:0x7f9598f88ba9 [ 287.237990][ T31] RSP: 002b:00007ffdc6e18348 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 287.246451][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9598f88ba9 [ 287.254487][ T31] RDX: 0000000000000010 RSI: 0000200000001540 RDI: 0000000000000003 [ 287.262446][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.270458][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.278468][ T31] R13: 00007ffdc6e18568 R14: 00007ffdc6e18370 R15: 00007ffdc6e18360 [ 287.286519][ T31] [ 287.289627][ T31] INFO: task syz-executor344:5870 blocked for more than 144 seconds. [ 287.297780][ T31] Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 [ 287.305467][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.314250][ T31] task:syz-executor344 state:D stack:24536 pid:5870 tgid:5870 ppid:5868 task_flags:0x400140 flags:0x00004006 [ 287.326287][ T31] Call Trace: [ 287.329579][ T31] [ 287.332576][ T31] __schedule+0x16fd/0x4cf0 [ 287.337105][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.341969][ T31] ? schedule+0x165/0x360 [ 287.346400][ T31] ? __pfx___schedule+0x10/0x10 [ 287.351825][ T31] ? schedule+0x91/0x360 [ 287.356160][ T31] schedule+0x165/0x360 [ 287.360349][ T31] schedule_preempt_disabled+0x13/0x30 [ 287.366055][ T31] __mutex_lock+0x724/0xe80 [ 287.370587][ T31] ? __mutex_lock+0x51b/0xe80 [ 287.375456][ T31] ? nfsd_nl_listener_set_doit+0x137/0x1690 [ 287.381369][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 287.386483][ T31] ? __asan_memset+0x22/0x50 [ 287.391090][ T31] ? ____sys_sendmsg+0x505/0x830 [ 287.396125][ T31] ? ___sys_sendmsg+0x21f/0x2a0 [ 287.400982][ T31] ? __x64_sys_sendmsg+0x19b/0x260 [ 287.406175][ T31] nfsd_nl_listener_set_doit+0x137/0x1690 [ 287.411914][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 287.417747][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 287.423954][ T31] ? __nla_parse+0x40/0x60 [ 287.428390][ T31] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 287.434805][ T31] genl_family_rcv_msg_doit+0x212/0x300 [ 287.440381][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 287.446523][ T31] ? bpf_lsm_capable+0x9/0x20 [ 287.451226][ T31] ? security_capable+0x7e/0x2e0 [ 287.456265][ T31] genl_rcv_msg+0x60e/0x790 [ 287.460788][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 287.465870][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 287.472043][ T31] netlink_rcv_skb+0x208/0x470 [ 287.477052][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.481909][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 287.487083][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 287.492377][ T31] ? down_read+0x1ad/0x2e0 [ 287.496867][ T31] genl_rcv+0x28/0x40 [ 287.500856][ T31] netlink_unicast+0x82f/0x9e0 [ 287.505760][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 287.511055][ T31] ? netlink_sendmsg+0x642/0xb30 [ 287.516057][ T31] ? skb_put+0x11b/0x210 [ 287.520306][ T31] netlink_sendmsg+0x805/0xb30 [ 287.525171][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 287.530580][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 287.535615][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 287.540909][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 287.546446][ T31] __sock_sendmsg+0x21c/0x270 [ 287.551241][ T31] ____sys_sendmsg+0x505/0x830 [ 287.556080][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 287.561393][ T31] ? import_iovec+0x74/0xa0 [ 287.565967][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 287.570658][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 287.576025][ T31] ? do_raw_spin_lock+0x121/0x290 [ 287.581176][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 287.586261][ T31] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.591482][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 287.597152][ T31] do_syscall_64+0xfa/0x3b0 [ 287.601695][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.606981][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.613168][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.617850][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.623854][ T31] RIP: 0033:0x7f9598f88ba9 [ 287.628308][ T31] RSP: 002b:00007ffdc6e18348 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 287.636803][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9598f88ba9 [ 287.644827][ T31] RDX: 0000000000000010 RSI: 0000200000001540 RDI: 0000000000000003 [ 287.652942][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.660915][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.668933][ T31] R13: 00007ffdc6e18568 R14: 00007ffdc6e18370 R15: 00007ffdc6e18360 [ 287.677013][ T31] [ 287.680104][ T31] INFO: task syz-executor344:5873 blocked for more than 144 seconds. [ 287.688312][ T31] Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 [ 287.696003][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.704894][ T31] task:syz-executor344 state:D stack:24664 pid:5873 tgid:5873 ppid:5862 task_flags:0x400140 flags:0x00004006 [ 287.716874][ T31] Call Trace: [ 287.720155][ T31] [ 287.723121][ T31] __schedule+0x16fd/0x4cf0 [ 287.727730][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.732660][ T31] ? schedule+0x165/0x360 [ 287.737024][ T31] ? __pfx___schedule+0x10/0x10 [ 287.741892][ T31] ? schedule+0x91/0x360 [ 287.746223][ T31] schedule+0x165/0x360 [ 287.750485][ T31] schedule_preempt_disabled+0x13/0x30 [ 287.756050][ T31] __mutex_lock+0x724/0xe80 [ 287.760616][ T31] ? __mutex_lock+0x51b/0xe80 [ 287.765466][ T31] ? nfsd_nl_listener_set_doit+0x137/0x1690 [ 287.771489][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 287.776632][ T31] ? __asan_memset+0x22/0x50 [ 287.781243][ T31] ? ____sys_sendmsg+0x505/0x830 [ 287.786226][ T31] ? ___sys_sendmsg+0x21f/0x2a0 [ 287.791097][ T31] ? __x64_sys_sendmsg+0x19b/0x260 [ 287.796320][ T31] nfsd_nl_listener_set_doit+0x137/0x1690 [ 287.802057][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 287.807854][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 287.814086][ T31] ? __nla_parse+0x40/0x60 [ 287.818497][ T31] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 287.824949][ T31] genl_family_rcv_msg_doit+0x212/0x300 [ 287.830519][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 287.836692][ T31] ? bpf_lsm_capable+0x9/0x20 [ 287.841409][ T31] ? security_capable+0x7e/0x2e0 [ 287.846473][ T31] genl_rcv_msg+0x60e/0x790 [ 287.851542][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 287.856714][ T31] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 287.863069][ T31] netlink_rcv_skb+0x208/0x470 [ 287.867851][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.872763][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 287.877891][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 287.883283][ T31] ? down_read+0x1ad/0x2e0 [ 287.887760][ T31] genl_rcv+0x28/0x40 [ 287.891744][ T31] netlink_unicast+0x82f/0x9e0 [ 287.896611][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 287.901919][ T31] ? netlink_sendmsg+0x642/0xb30 [ 287.906918][ T31] ? skb_put+0x11b/0x210 [ 287.911170][ T31] netlink_sendmsg+0x805/0xb30 [ 287.916283][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 287.921579][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 287.926614][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 287.931915][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 287.937372][ T31] __sock_sendmsg+0x21c/0x270 [ 287.942065][ T31] ____sys_sendmsg+0x505/0x830 [ 287.947092][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 287.952397][ T31] ? import_iovec+0x74/0xa0 [ 287.957029][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 287.961728][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 287.966995][ T31] ? do_raw_spin_lock+0x121/0x290 [ 287.972079][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 287.977087][ T31] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.982319][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 287.987848][ T31] do_syscall_64+0xfa/0x3b0 [ 287.992358][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.997689][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.003844][ T31] ? clear_bhb_loop+0x60/0xb0 [ 288.008647][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.014649][ T31] RIP: 0033:0x7f9598f88ba9 [ 288.019181][ T31] RSP: 002b:00007ffdc6e18348 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 288.027675][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9598f88ba9 [ 288.036072][ T31] RDX: 0000000000000010 RSI: 0000200000001540 RDI: 0000000000000003 [ 288.044164][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 288.052266][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000016d55 [ 288.062043][ T31] R13: 00007ffdc6e1835c R14: 00007ffdc6e18370 R15: 00007ffdc6e18360 [ 288.070109][ T31] [ 288.073252][ T31] [ 288.073252][ T31] Showing all locks held in the system: [ 288.080990][ T31] 1 lock held by khungtaskd/31: [ 288.085884][ T31] #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 288.095849][ T31] 2 locks held by kworker/u8:4/59: [ 288.100966][ T31] #0: ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 288.110925][ T31] #1: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x314/0x6d0 [ 288.122458][ T31] 2 locks held by getty/5615: [ 288.127183][ T31] #0: ffff888030a3b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 288.137102][ T31] #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 288.147258][ T31] 2 locks held by syz-executor344/5863: [ 288.152953][ T31] #0: ffffffff8f5849f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 288.161154][ T31] #1: ffffffff8e41bd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 [ 288.171378][ T31] 2 locks held by syz-executor344/5866: [ 288.176989][ T31] #0: ffffffff8f5849f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 288.185306][ T31] #1: ffffffff8e41bd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 [ 288.195699][ T31] 2 locks held by syz-executor344/5869: [ 288.201294][ T31] #0: ffffffff8f5849f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 288.209861][ T31] #1: ffffffff8e41bd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 [ 288.220129][ T31] 2 locks held by syz-executor344/5870: [ 288.225715][ T31] #0: ffffffff8f5849f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 288.234029][ T31] #1: ffffffff8e41bd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 [ 288.244295][ T31] 2 locks held by syz-executor344/5873: [ 288.249850][ T31] #0: ffffffff8f5849f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 288.258129][ T31] #1: ffffffff8e41bd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 [ 288.268662][ T31] [ 288.270979][ T31] ============================================= [ 288.270979][ T31] [ 288.279642][ T31] NMI backtrace for cpu 1 [ 288.279664][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) [ 288.279683][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.279694][ T31] Call Trace: [ 288.279704][ T31] [ 288.279712][ T31] dump_stack_lvl+0x189/0x250 [ 288.279736][ T31] ? __wake_up_klogd+0xd9/0x110 [ 288.279764][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.279781][ T31] ? __pfx__printk+0x10/0x10 [ 288.279813][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 288.279844][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 288.279863][ T31] ? _printk+0xcf/0x120 [ 288.279888][ T31] ? __pfx__printk+0x10/0x10 [ 288.279908][ T31] ? debug_show_all_locks+0x2e/0x180 [ 288.279924][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.279942][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 288.279968][ T31] watchdog+0xfee/0x1030 [ 288.279987][ T31] ? watchdog+0x1de/0x1030 [ 288.280011][ T31] kthread+0x70e/0x8a0 [ 288.280037][ T31] ? __pfx_watchdog+0x10/0x10 [ 288.280052][ T31] ? __pfx_kthread+0x10/0x10 [ 288.280075][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.280092][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.280109][ T31] ? __pfx_kthread+0x10/0x10 [ 288.280137][ T31] ret_from_fork+0x3fc/0x770 [ 288.280158][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 288.280186][ T31] ? __switch_to_asm+0x39/0x70 [ 288.280207][ T31] ? __switch_to_asm+0x33/0x70 [ 288.280226][ T31] ? __pfx_kthread+0x10/0x10 [ 288.280249][ T31] ret_from_fork_asm+0x1a/0x30 [ 288.280285][ T31] [ 288.280292][ T31] Sending NMI from CPU 1 to CPUs 0: [ 288.444037][ C0] NMI backtrace for cpu 0 [ 288.444056][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) [ 288.444074][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.444084][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 288.444105][ C0] Code: 93 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 ad 17 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 288.444118][ C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2 [ 288.444132][ C0] RAX: d29a366427478700 RBX: ffffffff81976a18 RCX: d29a366427478700 [ 288.444144][ C0] RDX: 0000000000000001 RSI: ffffffff8d99fd05 RDI: ffffffff8be28d80 [ 288.444155][ C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb [ 288.444166][ C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa23cf0 [ 288.444177][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50 [ 288.444187][ C0] FS: 0000000000000000(0000) GS:ffff888125c12000(0000) knlGS:0000000000000000 [ 288.444200][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 288.444210][ C0] CR2: 000055bb14b88168 CR3: 000000000df38000 CR4: 00000000003526f0 [ 288.444225][ C0] Call Trace: [ 288.444234][ C0] [ 288.444240][ C0] default_idle+0x13/0x20 [ 288.444259][ C0] default_idle_call+0x74/0xb0 [ 288.444277][ C0] do_idle+0x1e8/0x510 [ 288.444297][ C0] ? __pfx_do_idle+0x10/0x10 [ 288.444320][ C0] cpu_startup_entry+0x44/0x60 [ 288.444337][ C0] rest_init+0x2de/0x300 [ 288.444354][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 288.444383][ C0] start_kernel+0x47d/0x500 [ 288.444406][ C0] x86_64_start_reservations+0x24/0x30 [ 288.444424][ C0] x86_64_start_kernel+0x143/0x1c0 [ 288.444441][ C0] common_startup_64+0x13e/0x147 [ 288.444468][ C0] [ 288.445078][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 288.445093][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc7-syzkaller-01894-gfaa60990a541 #0 PREEMPT(full) [ 288.445115][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.445125][ T31] Call Trace: [ 288.445132][ T31] [ 288.445140][ T31] dump_stack_lvl+0x99/0x250 [ 288.445163][ T31] ? __asan_memcpy+0x40/0x70 [ 288.445184][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.445205][ T31] ? __pfx__printk+0x10/0x10 [ 288.445238][ T31] panic+0x2db/0x790 [ 288.445263][ T31] ? __pfx_panic+0x10/0x10 [ 288.445282][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 288.445305][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 288.445331][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 288.445363][ T31] watchdog+0x102d/0x1030 [ 288.445383][ T31] ? watchdog+0x1de/0x1030 [ 288.445407][ T31] kthread+0x70e/0x8a0 [ 288.445428][ T31] ? __pfx_watchdog+0x10/0x10 [ 288.445436][ T31] ? __pfx_kthread+0x10/0x10 [ 288.445450][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.445461][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.445475][ T31] ? __pfx_kthread+0x10/0x10 [ 288.445499][ T31] ret_from_fork+0x3fc/0x770 [ 288.445520][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 288.445544][ T31] ? __switch_to_asm+0x39/0x70 [ 288.445572][ T31] ? __switch_to_asm+0x33/0x70 [ 288.445592][ T31] ? __pfx_kthread+0x10/0x10 [ 288.445615][ T31] ret_from_fork_asm+0x1a/0x30 [ 288.445652][ T31] [ 288.775354][ T31] Kernel Offset: disabled [ 288.780017][ T31] Rebooting in 86400 seconds..