INFO: task udevd:31235 blocked for more than 144 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:udevd           state:D stack:22688 pid:31235 tgid:31235 ppid:5162   task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0x1553/0x5240 kernel/sched/core.c:6911
 __schedule_loop kernel/sched/core.c:6993 [inline]
 schedule+0x164/0x360 kernel/sched/core.c:7008
 schedule_timeout+0x158/0x2c0 kernel/time/sleep_timeout.c:99
 wait_for_reconnect drivers/block/nbd.c:1107 [inline]
 nbd_handle_cmd drivers/block/nbd.c:1149 [inline]
 nbd_queue_rq+0x857/0x1100 drivers/block/nbd.c:1207
 blk_mq_dispatch_rq_list+0xa77/0x1910 block/blk-mq.c:2148
 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:168 [inline]
 blk_mq_do_dispatch_sched block/blk-mq-sched.c:182 [inline]
 __blk_mq_sched_dispatch_requests+0xddb/0x1610 block/blk-mq-sched.c:307
 blk_mq_sched_dispatch_requests+0xda/0x1a0 block/blk-mq-sched.c:329
 blk_mq_run_hw_queue+0x368/0x520 block/blk-mq.c:2386
 blk_mq_dispatch_list+0xd1f/0xe20 include/linux/spinlock_rt.h:-1
 blk_mq_flush_plug_list+0x48d/0x570 block/blk-mq.c:2997
 __blk_flush_plug+0x3ed/0x4d0 block/blk-core.c:1230
 blk_finish_plug block/blk-core.c:1257 [inline]
 __submit_bio+0x28d/0x580 block/blk-core.c:649
 __submit_bio_noacct_mq block/blk-core.c:722 [inline]
 submit_bio_noacct_nocheck+0x2f4/0xa70 block/blk-core.c:753
 submit_bh fs/buffer.c:2826 [inline]
 block_read_full_folio+0x7b7/0x830 fs/buffer.c:2458
 filemap_read_folio+0x137/0x3b0 mm/filemap.c:2501
 do_read_cache_folio+0x2bf/0x560 mm/filemap.c:4106
 read_mapping_folio include/linux/pagemap.h:1017 [inline]
 read_part_sector+0xb8/0x2b0 block/partitions/core.c:723
 adfspart_check_ICS+0xa5/0xa40 block/partitions/acorn.c:360
 check_partition block/partitions/core.c:142 [inline]
 blk_add_partitions block/partitions/core.c:590 [inline]
 bdev_disk_changed+0x7ba/0x1550 block/partitions/core.c:694
 blkdev_get_whole+0x2e5/0x480 block/bdev.c:764
 bdev_open+0x31e/0xcc0 block/bdev.c:973
 blkdev_open+0x485/0x620 block/fops.c:697
 do_dentry_open+0x83d/0x13e0 fs/open.c:949
 vfs_open+0x3b/0x350 fs/open.c:1081
 do_open fs/namei.c:4677 [inline]
 path_openat+0x2e43/0x38a0 fs/namei.c:4836
 do_file_open+0x23e/0x4a0 fs/namei.c:4865
 do_sys_openat2+0x113/0x200 fs/open.c:1366
 do_sys_open fs/open.c:1372 [inline]
 __do_sys_openat fs/open.c:1388 [inline]
 __se_sys_openat fs/open.c:1383 [inline]
 __x64_sys_openat+0x138/0x170 fs/open.c:1383
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9e0abf2407
RSP: 002b:00007ffddd625570 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f9e0ab04880 RCX: 00007f9e0abf2407
RDX: 00000000000a0800 RSI: 000055aa857e64d0 RDI: ffffffffffffff9c
RBP: 000055aa857e5910 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000055aa8580b8d0
R13: 000055aa857f3190 R14: 0000000000000000 R15: 000055aa8580b8d0
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/0:0H/11:
8 locks held by ktimers/1/29:
1 lock held by khungtaskd/37:
 #0: ffffffff8ddcb980 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #0: ffffffff8ddcb980 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #0: ffffffff8ddcb980 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
2 locks held by getty/5556:
 #0: ffff88803780f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0 drivers/tty/n_tty.c:2211
2 locks held by kworker/0:9/5996:
5 locks held by syz-executor/29826:
3 locks held by udevd/31235:
 #0: ffff8880266a94c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xcc0 block/bdev.c:961
 #1: ffff888025e64098 (set->srcu){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:187 [inline]
 #1: ffff888025e64098 (set->srcu){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:294 [inline]
 #1: ffff888025e64098 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x33e/0x520 block/blk-mq.c:2386
 #2: ffff88802674e170 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc6/0x1100 drivers/block/nbd.c:1199
2 locks held by syz.8.7840/4538:
1 lock held by syz.6.7844/4549:
 #0: ffff8880676637b0 (&mm->mmap_lock){++++}-{4:4}, at: mmap_write_lock_killable include/linux/mmap_lock.h:554 [inline]
 #0: ffff8880676637b0 (&mm->mmap_lock){++++}-{4:4}, at: vm_mmap_pgoff+0x237/0x4f0 mm/util.c:579
2 locks held by syz.6.7844/4554:
4 locks held by syz.7.7846/4551:
4 locks held by syz.0.7847/4556:

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x274/0x2d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
 __sys_info lib/sys_info.c:157 [inline]
 sys_info+0x135/0x170 lib/sys_info.c:165
 check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
 watchdog+0xfd9/0x1030 kernel/hung_task.c:515
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:__lock_acquire+0x87b/0x2cf0 kernel/locking/lockdep.c:5232
Code: 29 f1 89 f3 c1 c3 10 31 cb 01 d6 29 da 89 dd c1 c5 13 31 d5 01 f3 29 ee 01 eb c1 c5 04 31 f5 48 c1 e5 20 83 3d 99 49 ca 0d 00 <4d> 89 e5 0f 85 1f 02 00 00 48 83 7c 24 28 00 0f 84 b3 01 00 00 41
RSP: 0018:ffffc90000a3e9d8 EFLAGS: 00000046
RAX: 000000000e52e3a3 RBX: 000000000a375215 RCX: 00000000bd1290c7
RDX: 000000007218c2a7 RSI: 0000000013729f4f RDI: ffff88801d2b3d00
RBP: 54b8509400000000 R08: ffffffff81767a25 R09: ffffffff8ddcb980
R10: ffffc90000a3ecb8 R11: ffffffff81af8e10 R12: ffff88801d2b4980
R13: ffff88801d2b4980 R14: ffff88801d2b3d00 R15: 0000000000000005
FS:  0000000000000000(0000) GS:ffff888126432000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000001000 CR3: 00000000affe8000 CR4: 00000000003526f0
DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000002
DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 lock_acquire+0xf0/0x2e0 kernel/locking/lockdep.c:5868
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 class_rcu_constructor include/linux/rcupdate.h:1193 [inline]
 unwind_next_frame+0xc2/0x23c0 arch/x86/kernel/unwind_orc.c:495
 arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:57 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
 poison_kmalloc_redzone mm/kasan/common.c:398 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:415
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 __do_kmalloc_node mm/slub.c:5260 [inline]
 __kmalloc_noprof+0x3e7/0x7b0 mm/slub.c:5272
 kmalloc_noprof include/linux/slab.h:954 [inline]
 kzalloc_noprof include/linux/slab.h:1188 [inline]
 cfg80211_inform_single_bss_data+0x952/0x1bd0 net/wireless/scan.c:2344
 cfg80211_inform_bss_data+0x266/0x3c40 net/wireless/scan.c:3226
 cfg80211_inform_bss_frame_data+0x3c7/0x760 net/wireless/scan.c:3317
 ieee80211_bss_info_update+0x794/0xa40 net/mac80211/scan.c:230
 ieee80211_scan_rx+0x552/0xa40 net/mac80211/scan.c:364
 __ieee80211_rx_handle_packet net/mac80211/rx.c:5305 [inline]
 ieee80211_rx_list+0x29fe/0x3740 net/mac80211/rx.c:5588
 ieee80211_rx_napi+0x1b1/0x3e0 net/mac80211/rx.c:5611
 ieee80211_rx include/net/mac80211.h:5267 [inline]
 ieee80211_handle_queued_frames+0xe8/0x1e0 net/mac80211/main.c:452
 tasklet_action_common+0x2bf/0x540 kernel/softirq.c:925
 handle_softirqs+0x1de/0x6f0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 run_ktimerd+0x69/0x100 kernel/softirq.c:1138
 smpboot_thread_fn+0x541/0xa50 kernel/smpboot.c:160
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>