INFO: task syz.3.3446:19274 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.3446      state:D stack:28744 pid:19274 tgid:19273 ppid:16082  task_flags:0x400040 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5256 [inline]
 __schedule+0x1139/0x6150 kernel/sched/core.c:6863
 __schedule_loop kernel/sched/core.c:6945 [inline]
 schedule+0xe7/0x3a0 kernel/sched/core.c:6960
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7017
 __mutex_lock_common kernel/locking/mutex.c:692 [inline]
 __mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
 tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
 chrdev_open+0x234/0x6a0 fs/char_dev.c:414
 do_dentry_open+0x748/0x1590 fs/open.c:962
 vfs_open+0x82/0x3f0 fs/open.c:1094
 do_open fs/namei.c:4628 [inline]
 path_openat+0x2078/0x3140 fs/namei.c:4787
 do_filp_open+0x20b/0x470 fs/namei.c:4814
 do_sys_openat2+0x11f/0x280 fs/open.c:1430
 do_sys_open fs/open.c:1436 [inline]
 __do_sys_openat fs/open.c:1452 [inline]
 __se_sys_openat fs/open.c:1447 [inline]
 __x64_sys_openat+0x174/0x210 fs/open.c:1447
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe45b18f7c9
RSP: 002b:00007fe45c0d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fe45b3e5fa0 RCX: 00007fe45b18f7c9
RDX: 0000000000000102 RSI: 0000200000000800 RDI: ffffffffffffff9c
RBP: 00007fe45b213f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe45b3e6038 R14: 00007fe45b3e5fa0 R15: 00007ffcc872fa18
 </TASK>
INFO: task syz.4.3448:19288 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.4.3448      state:D stack:27528 pid:19288 tgid:19282 ppid:18660  task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5256 [inline]
 __schedule+0x1139/0x6150 kernel/sched/core.c:6863
 __schedule_loop kernel/sched/core.c:6945 [inline]
 schedule+0xe7/0x3a0 kernel/sched/core.c:6960
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7017
 __mutex_lock_common kernel/locking/mutex.c:692 [inline]
 __mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
 tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
 chrdev_open+0x234/0x6a0 fs/char_dev.c:414
 do_dentry_open+0x748/0x1590 fs/open.c:962
 vfs_open+0x82/0x3f0 fs/open.c:1094
 do_open fs/namei.c:4628 [inline]
 path_openat+0x2078/0x3140 fs/namei.c:4787
 do_filp_open+0x20b/0x470 fs/namei.c:4814
 do_sys_openat2+0x11f/0x280 fs/open.c:1430
 do_sys_open fs/open.c:1436 [inline]
 __do_sys_openat fs/open.c:1452 [inline]
 __se_sys_openat fs/open.c:1447 [inline]
 __x64_sys_openat+0x174/0x210 fs/open.c:1447
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa12738f7c9
RSP: 002b:00007fa12819d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fa1275e6180 RCX: 00007fa12738f7c9
RDX: 0000000000000201 RSI: 0000200000000000 RDI: ffffffffffffff9c
RBP: 00007fa127413f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fa1275e6218 R14: 00007fa1275e6180 R15: 00007ffed12538e8
 </TASK>
INFO: task syz.1.3457:19320 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.3457      state:D stack:27032 pid:19320 tgid:19318 ppid:15223  task_flags:0x400040 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5256 [inline]
 __schedule+0x1139/0x6150 kernel/sched/core.c:6863
 __schedule_loop kernel/sched/core.c:6945 [inline]
 schedule+0xe7/0x3a0 kernel/sched/core.c:6960
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7017
 __mutex_lock_common kernel/locking/mutex.c:692 [inline]
 __mutex_lock+0xc69/0x1ca0 kernel/locking/mutex.c:776
 tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
 chrdev_open+0x234/0x6a0 fs/char_dev.c:414
 do_dentry_open+0x748/0x1590 fs/open.c:962
 vfs_open+0x82/0x3f0 fs/open.c:1094
 do_open fs/namei.c:4628 [inline]
 path_openat+0x2078/0x3140 fs/namei.c:4787
 do_filp_open+0x20b/0x470 fs/namei.c:4814
 do_sys_openat2+0x11f/0x280 fs/open.c:1430
 do_sys_open fs/open.c:1436 [inline]
 __do_sys_openat fs/open.c:1452 [inline]
 __se_sys_openat fs/open.c:1447 [inline]
 __x64_sys_openat+0x174/0x210 fs/open.c:1447
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4062d8f7c9
RSP: 002b:00007f4063b7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f4062fe6090 RCX: 00007f4062d8f7c9
RDX: 0000000000040741 RSI: 0000200000000000 RDI: ffffffffffffff9c
RBP: 00007f4062e13f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f4062fe6128 R14: 00007f4062fe6090 R15: 00007fff1aa816a8
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/31:
 #0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:867 [inline]
 #0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 kernel/locking/lockdep.c:6775
4 locks held by kworker/u8:11/3533:
4 locks held by kworker/u8:14/5992:
2 locks held by getty/17687:
 #0: ffff88814d3dd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc900043892f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 drivers/tty/n_tty.c:2211
2 locks held by syz.0.3249/18457:
 #0: ffffffff901e0090 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e8010a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1ae0 fs/nfsd/nfsctl.c:1880
4 locks held by syz.2.3443/19261:
1 lock held by syz.3.3446/19274:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.4.3448/19288:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.1.3457/19320:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.6.3462/19427:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.5.3463/19429:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.5.3463/19432:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.7.3470/19485:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.0.3480/19588:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.0.3480/19589:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.9.3483/19620:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.3.3518/19789:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
3 locks held by kworker/u8:34/19850:
 #0: ffff888031316948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
 #1: ffffc9000c977c90 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
 #2: ffffffff90139be8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
 #2: ffffffff90139be8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x120/0x14f0 net/ipv6/addrconf.c:4194
1 lock held by syz.4.3535/19863:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.1.3539/19875:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz.2.3547/19945:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
2 locks held by kworker/u8:39/19980:
 #0: ffff8881416c4148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 kernel/workqueue.c:3232
 #1: ffffc9000e167c90 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 kernel/workqueue.c:3233
1 lock held by syz.6.3546/20054:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
2 locks held by syz-executor/20055:
 #0: ffff88804ad1c0e0 (&type->s_umount_key#51){++++}-{4:4}, at: __super_lock fs/super.c:57 [inline]
 #0: ffff88804ad1c0e0 (&type->s_umount_key#51){++++}-{4:4}, at: __super_lock_excl fs/super.c:72 [inline]
 #0: ffff88804ad1c0e0 (&type->s_umount_key#51){++++}-{4:4}, at: deactivate_super fs/super.c:506 [inline]
 #0: ffff88804ad1c0e0 (&type->s_umount_key#51){++++}-{4:4}, at: deactivate_super+0xd6/0x100 fs/super.c:503
 #1: ffffffff8e8010a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 fs/nfsd/nfssvc.c:575
1 lock held by syz.7.3565/20075:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
3 locks held by kworker/u8:41/20082:
1 lock held by syz.5.3573/20135:
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open_by_driver drivers/tty/tty_io.c:2037 [inline]
 #0: ffffffff8f066ac8 (tty_mutex){+.+.}-{4:4}, at: tty_open+0x53d/0xf90 drivers/tty/tty_io.c:2120
1 lock held by syz-executor/20150:
 #0: ffffffff90139be8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
 #0: ffffffff90139be8 (rtnl_mutex){+.+.}-{4:4}, at: inet6_rtm_newaddr+0x4e4/0x1c50 net/ipv6/addrconf.c:5027

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 __sys_info lib/sys_info.c:157 [inline]
 sys_info+0x133/0x180 lib/sys_info.c:165
 check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
 watchdog+0xe66/0x1180 kernel/hung_task.c:515
 kthread+0x3c5/0x780 kernel/kthread.c:463
 ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>