./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3261713481 <...> Warning: Permanently added '10.128.1.214' (ED25519) to the list of known hosts. execve("./syz-executor3261713481", ["./syz-executor3261713481"], 0x7ffdde9dfbb0 /* 10 vars */) = 0 brk(NULL) = 0x55558326c000 brk(0x55558326cd00) = 0x55558326cd00 arch_prctl(ARCH_SET_FS, 0x55558326c380) = 0 set_tid_address(0x55558326c650) = 5851 set_robust_list(0x55558326c660, 24) = 0 rseq(0x55558326cca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3261713481", 4096) = 28 getrandom("\xde\xb4\x4e\x5a\xc9\xe1\x0d\xa2", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558326cd00 brk(0x55558328dd00) = 0x55558328dd00 brk(0x55558328e000) = 0x55558328e000 mprotect(0x7f0b4f5ca000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5852 attached [pid 5852] set_robust_list(0x55558326c660, 24 [pid 5851] <... clone resumed>, child_tidptr=0x55558326c650) = 5852 [pid 5852] <... set_robust_list resumed>) = 0 [pid 5851] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5852] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5853 attached [pid 5853] set_robust_list(0x55558326c660, 24) = 0 ./strace-static-x86_64: Process 5854 attached [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5854] set_robust_list(0x55558326c660, 24 [pid 5853] setpgid(0, 0 [pid 5852] <... clone resumed>, child_tidptr=0x55558326c650) = 5853 [pid 5851] <... clone resumed>, child_tidptr=0x55558326c650) = 5854 [pid 5854] <... set_robust_list resumed>) = 0 [pid 5853] <... setpgid resumed>) = 0 [pid 5851] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5854] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5855 attached ) = 3 ./strace-static-x86_64: Process 5856 attached [pid 5853] write(3, "1000", 4 [pid 5855] set_robust_list(0x55558326c660, 24 [pid 5854] <... clone resumed>, child_tidptr=0x55558326c650) = 5855 [pid 5853] <... write resumed>) = 4 [pid 5853] close(3 [pid 5855] <... set_robust_list resumed>) = 0 [pid 5853] <... close resumed>) = 0 [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5853] write(1, "executing program\n", 18executing program ) = 18 [pid 5856] set_robust_list(0x55558326c660, 24 [pid 5855] <... prctl resumed>) = 0 [pid 5853] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5851] <... clone resumed>, child_tidptr=0x55558326c650) = 5856 [pid 5856] <... set_robust_list resumed>) = 0 [pid 5855] setpgid(0, 0 [pid 5851] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5856] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5855] <... setpgid resumed>) = 0 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5853] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5857 attached ./strace-static-x86_64: Process 5858 attached [pid 5853] ioctl(3, COMEDI_DEVCONFIG [pid 5851] <... clone resumed>, child_tidptr=0x55558326c650) = 5857 [pid 5858] set_robust_list(0x55558326c660, 24 [pid 5857] set_robust_list(0x55558326c660, 24 [pid 5856] <... clone resumed>, child_tidptr=0x55558326c650) = 5858 [pid 5855] <... openat resumed>) = 3 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5855] write(3, "1000", 4) = 4 [pid 5858] <... prctl resumed>) = 0 [pid 5855] close(3 [pid 5858] setpgid(0, 0 [pid 5855] <... close resumed>) = 0 executing program [pid 5858] <... setpgid resumed>) = 0 [pid 5855] write(1, "executing program\n", 18 [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5855] <... write resumed>) = 18 [pid 5858] <... openat resumed>) = 3 [pid 5855] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND./strace-static-x86_64: Process 5859 attached [pid 5857] <... clone resumed>, child_tidptr=0x55558326c650) = 5859 [pid 5859] set_robust_list(0x55558326c660, 24 [pid 5858] write(3, "1000", 4 [pid 5859] <... set_robust_list resumed>) = 0 [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5858] <... write resumed>) = 4 [pid 5859] <... prctl resumed>) = 0 [pid 5858] close(3 [pid 5859] setpgid(0, 0 [pid 5858] <... close resumed>) = 0 executing program [pid 5858] write(1, "executing program\n", 18) = 18 [pid 5858] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5859] <... setpgid resumed>) = 0 [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5859] write(3, "1000", 4) = 4 [pid 5859] close(3) = 0 executing program [pid 5859] write(1, "executing program\n", 18) = 18 [pid 5859] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5854] kill(-5855, SIGKILL [pid 5852] kill(-5853, SIGKILL [pid 5854] <... kill resumed>) = 0 [pid 5852] <... kill resumed>) = 0 [pid 5852] kill(5853, SIGKILL [pid 5854] kill(5855, SIGKILL [pid 5852] <... kill resumed>) = 0 [pid 5854] <... kill resumed>) = 0 [pid 5856] kill(-5858, SIGKILL) = 0 [pid 5856] kill(5858, SIGKILL) = 0 [pid 5857] kill(-5859, SIGKILL) = 0 [pid 5857] kill(5859, SIGKILL) = 0 [pid 5854] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5854] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5854] getdents64(3, 0x55558326d6f0 /* 2 entries */, 32768) = 48 [pid 5852] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5854] getdents64(3, [pid 5852] <... openat resumed>) = 3 [pid 5854] <... getdents64 resumed>0x55558326d6f0 /* 0 entries */, 32768) = 0 [pid 5854] close(3 [pid 5852] newfstatat(3, "", [pid 5854] <... close resumed>) = 0 [pid 5852] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5857] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5856] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5852] getdents64(3, [pid 5857] newfstatat(3, "", [pid 5856] <... openat resumed>) = 3 [pid 5852] <... getdents64 resumed>0x55558326d6f0 /* 2 entries */, 32768) = 48 [pid 5857] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5856] newfstatat(3, "", [pid 5852] getdents64(3, [pid 5857] getdents64(3, [pid 5856] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5856] getdents64(3, [pid 5852] <... getdents64 resumed>0x55558326d6f0 /* 0 entries */, 32768) = 0 [pid 5857] <... getdents64 resumed>0x55558326d6f0 /* 2 entries */, 32768) = 48 [pid 5852] close(3 [pid 5857] getdents64(3, [pid 5852] <... close resumed>) = 0 [pid 5857] <... getdents64 resumed>0x55558326d6f0 /* 0 entries */, 32768) = 0 [pid 5857] close(3) = 0 [pid 5856] <... getdents64 resumed>0x55558326d6f0 /* 2 entries */, 32768) = 48 [pid 5856] getdents64(3, 0x55558326d6f0 /* 0 entries */, 32768) = 0 [pid 5856] close(3) = 0 [ 97.092485][ T24] cfg80211: failed to load regulatory.db [ 286.533196][ T31] INFO: task syz-executor326:5855 blocked for more than 143 seconds. [ 286.541990][ T31] Not tainted 6.16.0-next-20250731-syzkaller #0 [ 286.548795][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.557818][ T31] task:syz-executor326 state:D stack:27240 pid:5855 tgid:5855 ppid:5854 task_flags:0x400040 flags:0x00004006 [ 286.570877][ T31] Call Trace: [ 286.574215][ T31] [ 286.577190][ T31] __schedule+0x1798/0x4cc0 [ 286.581887][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.587058][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.592020][ T31] ? __pfx___schedule+0x10/0x10 [ 286.597090][ T31] ? schedule+0x91/0x360 [ 286.601557][ T31] schedule+0x165/0x360 [ 286.605923][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.611583][ T31] __mutex_lock+0x7e6/0x1360 [ 286.616397][ T31] ? __mutex_lock+0x5b6/0x1360 [ 286.621298][ T31] ? comedi_open+0xc0/0x590 [ 286.625849][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 286.631360][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 286.636219][ T31] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 286.641920][ T31] ? comedi_open+0x8b/0x590 [ 286.646698][ T31] comedi_open+0xc0/0x590 [ 286.651156][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 286.656705][ T31] chrdev_open+0x4c9/0x5e0 [ 286.661250][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 286.666403][ T31] ? fsnotify_open_perm_and_set_mode+0x113/0x610 [ 286.673122][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 286.678151][ T31] do_dentry_open+0x953/0x13f0 [ 286.683735][ T31] vfs_open+0x3b/0x340 [ 286.688154][ T31] ? path_openat+0x2ecd/0x3830 [ 286.693020][ T31] path_openat+0x2ee5/0x3830 [ 286.697842][ T31] ? arch_stack_walk+0xfc/0x150 [ 286.702856][ T31] ? stack_depot_save_flags+0x40/0x860 [ 286.708659][ T31] ? __pfx_path_openat+0x10/0x10 [ 286.714031][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.720280][ T31] do_filp_open+0x1fa/0x410 [ 286.724843][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.729749][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 286.735157][ T31] ? _raw_spin_unlock+0x28/0x50 [ 286.740104][ T31] ? alloc_fd+0x64c/0x6c0 [ 286.744762][ T31] do_sys_openat2+0x121/0x1c0 [ 286.749511][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 286.754848][ T31] __x64_sys_openat+0x138/0x170 [ 286.759940][ T31] do_syscall_64+0xfa/0x3b0 [ 286.764535][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 286.770013][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.776222][ T31] ? clear_bhb_loop+0x60/0xb0 [ 286.781134][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.787081][ T31] RIP: 0033:0x7f0b4f557c29 [ 286.792391][ T31] RSP: 002b:00007ffc50c61388 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 286.801011][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0b4f557c29 [ 286.809022][ T31] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 286.817338][ T31] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 286.825414][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.833604][ T31] R13: 00007ffc50c615a8 R14: 00007ffc50c613b0 R15: 00007ffc50c613a0 [ 286.841719][ T31] [ 286.844918][ T31] INFO: task syz-executor326:5858 blocked for more than 143 seconds. [ 286.853071][ T31] Not tainted 6.16.0-next-20250731-syzkaller #0 [ 286.860014][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.868852][ T31] task:syz-executor326 state:D stack:26824 pid:5858 tgid:5858 ppid:5856 task_flags:0x400040 flags:0x00004006 [ 286.881054][ T31] Call Trace: [ 286.884508][ T31] [ 286.887501][ T31] __schedule+0x1798/0x4cc0 [ 286.892154][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.897309][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.902716][ T31] ? __pfx___schedule+0x10/0x10 [ 286.907742][ T31] ? schedule+0x91/0x360 [ 286.912103][ T31] schedule+0x165/0x360 [ 286.916526][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.922114][ T31] __mutex_lock+0x7e6/0x1360 [ 286.927173][ T31] ? __mutex_lock+0x5b6/0x1360 [ 286.932194][ T31] ? comedi_open+0xc0/0x590 [ 286.936919][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 286.942133][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 286.947101][ T31] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 286.952772][ T31] ? comedi_open+0x8b/0x590 [ 286.957316][ T31] comedi_open+0xc0/0x590 [ 286.961940][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 286.967206][ T31] chrdev_open+0x4c9/0x5e0 [ 286.971734][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 286.976934][ T31] ? fsnotify_open_perm_and_set_mode+0x113/0x610 [ 286.983440][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 286.988591][ T31] do_dentry_open+0x953/0x13f0 [ 286.993499][ T31] vfs_open+0x3b/0x340 [ 286.997616][ T31] ? path_openat+0x2ecd/0x3830 [ 287.002666][ T31] path_openat+0x2ee5/0x3830 [ 287.007337][ T31] ? arch_stack_walk+0xfc/0x150 [ 287.012929][ T31] ? stack_depot_save_flags+0x40/0x860 [ 287.019901][ T31] ? __pfx_path_openat+0x10/0x10 [ 287.024996][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.031368][ T31] do_filp_open+0x1fa/0x410 [ 287.035946][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.041005][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 287.046379][ T31] ? _raw_spin_unlock+0x28/0x50 [ 287.051354][ T31] ? alloc_fd+0x64c/0x6c0 [ 287.055911][ T31] do_sys_openat2+0x121/0x1c0 [ 287.060719][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.065996][ T31] __x64_sys_openat+0x138/0x170 [ 287.071140][ T31] do_syscall_64+0xfa/0x3b0 [ 287.075703][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.081037][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.087358][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.092152][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.098241][ T31] RIP: 0033:0x7f0b4f557c29 [ 287.102755][ T31] RSP: 002b:00007ffc50c61388 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.111442][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0b4f557c29 [ 287.119462][ T31] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 287.127546][ T31] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 287.136063][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.144150][ T31] R13: 00007ffc50c615a8 R14: 00007ffc50c613b0 R15: 00007ffc50c613a0 [ 287.152401][ T31] [ 287.155470][ T31] INFO: task syz-executor326:5859 blocked for more than 143 seconds. [ 287.163639][ T31] Not tainted 6.16.0-next-20250731-syzkaller #0 [ 287.170716][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.179528][ T31] task:syz-executor326 state:D stack:26024 pid:5859 tgid:5859 ppid:5857 task_flags:0x400040 flags:0x00004006 [ 287.191649][ T31] Call Trace: [ 287.195268][ T31] [ 287.198264][ T31] __schedule+0x1798/0x4cc0 [ 287.202990][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.208069][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.213025][ T31] ? __pfx___schedule+0x10/0x10 [ 287.218083][ T31] ? schedule+0x91/0x360 [ 287.222439][ T31] schedule+0x165/0x360 [ 287.226779][ T31] schedule_preempt_disabled+0x13/0x30 [ 287.232420][ T31] __mutex_lock+0x7e6/0x1360 [ 287.237243][ T31] ? __mutex_lock+0x5b6/0x1360 [ 287.242147][ T31] ? comedi_open+0xc0/0x590 [ 287.246695][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 287.252016][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 287.256847][ T31] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 287.262505][ T31] ? comedi_open+0x8b/0x590 [ 287.267358][ T31] comedi_open+0xc0/0x590 [ 287.271803][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 287.277065][ T31] chrdev_open+0x4c9/0x5e0 [ 287.281563][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.286791][ T31] ? fsnotify_open_perm_and_set_mode+0x113/0x610 [ 287.293246][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.298223][ T31] do_dentry_open+0x953/0x13f0 [ 287.303233][ T31] vfs_open+0x3b/0x340 [ 287.307515][ T31] ? path_openat+0x2ecd/0x3830 [ 287.312383][ T31] path_openat+0x2ee5/0x3830 [ 287.317207][ T31] ? arch_stack_walk+0xfc/0x150 [ 287.322198][ T31] ? stack_depot_save_flags+0x40/0x860 [ 287.327908][ T31] ? __pfx_path_openat+0x10/0x10 [ 287.332943][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.339069][ T31] do_filp_open+0x1fa/0x410 [ 287.343905][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.348809][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 287.353963][ T31] ? _raw_spin_unlock+0x28/0x50 [ 287.359053][ T31] ? alloc_fd+0x64c/0x6c0 [ 287.363504][ T31] do_sys_openat2+0x121/0x1c0 [ 287.368384][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.373715][ T31] __x64_sys_openat+0x138/0x170 [ 287.378776][ T31] do_syscall_64+0xfa/0x3b0 [ 287.383402][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.388642][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.394988][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.399722][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.405736][ T31] RIP: 0033:0x7f0b4f557c29 [ 287.410444][ T31] RSP: 002b:00007ffc50c61388 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.419352][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0b4f557c29 [ 287.427473][ T31] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 287.435735][ T31] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 287.443828][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.452057][ T31] R13: 00007ffc50c615a8 R14: 00007ffc50c613b0 R15: 00007ffc50c613a0 [ 287.460377][ T31] [ 287.463682][ T31] [ 287.463682][ T31] Showing all locks held in the system: [ 287.471743][ T31] 1 lock held by khungtaskd/31: [ 287.476635][ T31] #0: ffffffff8e539f20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 287.486697][ T31] 1 lock held by klogd/5208: [ 287.491723][ T31] #0: ffff8880b8739f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 287.501906][ T31] 2 locks held by getty/5605: [ 287.506783][ T31] #0: ffff88814d47b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.516730][ T31] #1: ffffc900036c32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 287.527126][ T31] 2 locks held by syz-executor326/5853: [ 287.532772][ T31] 1 lock held by syz-executor326/5855: [ 287.538399][ T31] #0: ffff88802e9e50f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x590 [ 287.547604][ T31] 1 lock held by syz-executor326/5858: [ 287.553358][ T31] #0: ffff88802e9e50f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x590 [ 287.562619][ T31] 1 lock held by syz-executor326/5859: [ 287.568295][ T31] #0: ffff88802e9e50f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x590 [ 287.577586][ T31] [ 287.580086][ T31] ============================================= [ 287.580086][ T31] [ 287.588590][ T31] NMI backtrace for cpu 0 [ 287.588618][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) [ 287.588642][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 287.588654][ T31] Call Trace: [ 287.588662][ T31] [ 287.588670][ T31] dump_stack_lvl+0x189/0x250 [ 287.588707][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.588735][ T31] ? __pfx__printk+0x10/0x10 [ 287.588777][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 287.588809][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.588841][ T31] ? __pfx__printk+0x10/0x10 [ 287.588876][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.588904][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 287.588935][ T31] watchdog+0xf93/0xfe0 [ 287.588962][ T31] ? watchdog+0x1de/0xfe0 [ 287.588988][ T31] kthread+0x70e/0x8a0 [ 287.589023][ T31] ? __pfx_watchdog+0x10/0x10 [ 287.589042][ T31] ? __pfx_kthread+0x10/0x10 [ 287.589083][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.589113][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.589143][ T31] ? __pfx_kthread+0x10/0x10 [ 287.589174][ T31] ret_from_fork+0x3fc/0x770 [ 287.589203][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 287.589236][ T31] ? __switch_to_asm+0x39/0x70 [ 287.589266][ T31] ? __switch_to_asm+0x33/0x70 [ 287.589295][ T31] ? __pfx_kthread+0x10/0x10 [ 287.589329][ T31] ret_from_fork_asm+0x1a/0x30 [ 287.589368][ T31] [ 287.589381][ T31] Sending NMI from CPU 0 to CPUs 1: [ 287.737538][ C1] NMI backtrace for cpu 1 [ 287.737557][ C1] CPU: 1 UID: 0 PID: 5853 Comm: syz-executor326 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) [ 287.737579][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 287.737590][ C1] RIP: 0010:multiq3_attach+0x641/0x950 [ 287.737619][ C1] Code: 00 74 08 48 89 df e8 fe 91 2a f9 8b 13 83 c2 0c 31 c0 ee 41 80 3c 2c 00 74 08 48 89 df e8 e7 91 2a f9 8b 13 83 c2 0e b0 18 ee <41> 80 3c 2c 00 74 08 48 89 df e8 d0 91 2a f9 8b 13 83 c2 0e b0 41 [ 287.737635][ C1] RSP: 0018:ffffc900040f7a98 EFLAGS: 00000216 [ 287.737651][ C1] RAX: 0000000000000018 RBX: ffff88802e9e51d0 RCX: ffff88802a4d8000 [ 287.737664][ C1] RDX: 0000000000004f35 RSI: 0000000020000004 RDI: 0000000000000000 [ 287.737676][ C1] RBP: dffffc0000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 287.737688][ C1] R10: dffffc0000000000 R11: fffffbfff1fc6867 R12: 1ffff11005d3ca3a [ 287.737701][ C1] R13: 0000000001e8c5a0 R14: 1ffff11028097092 R15: 00000000003d18b5 [ 287.737714][ C1] FS: 000055558326c380(0000) GS:ffff88812590a000(0000) knlGS:0000000000000000 [ 287.737730][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.737742][ C1] CR2: 00007f07a09a2700 CR3: 0000000074236000 CR4: 00000000003526f0 [ 287.737758][ C1] Call Trace: [ 287.737765][ C1] [ 287.737775][ C1] comedi_device_attach+0x51c/0x720 [ 287.737806][ C1] comedi_unlocked_ioctl+0x5ff/0x1020 [ 287.737830][ C1] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 287.737859][ C1] ? _raw_spin_lock_irq+0xae/0xf0 [ 287.737899][ C1] ? __pfx_ptrace_notify+0x10/0x10 [ 287.737923][ C1] ? bpf_lsm_file_ioctl+0x9/0x20 [ 287.737949][ C1] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 287.737967][ C1] __se_sys_ioctl+0xfc/0x170 [ 287.737997][ C1] do_syscall_64+0xfa/0x3b0 [ 287.738013][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.738039][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.738057][ C1] ? clear_bhb_loop+0x60/0xb0 [ 287.738077][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.738095][ C1] RIP: 0033:0x7f0b4f557c29 [ 287.738111][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 287.738125][ C1] RSP: 002b:00007ffc50c61388 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 287.738142][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0b4f557c29 [ 287.738155][ C1] RDX: 0000200000000180 RSI: 0000000040946400 RDI: 0000000000000003 [ 287.738166][ C1] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.738177][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.738188][ C1] R13: 00007ffc50c615a8 R14: 00007ffc50c613b0 R15: 00007ffc50c613a0 [ 287.738209][ C1] [ 287.738603][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 288.015930][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) [ 288.026884][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.036953][ T31] Call Trace: [ 288.040246][ T31] [ 288.043194][ T31] dump_stack_lvl+0x99/0x250 [ 288.047817][ T31] ? __asan_memcpy+0x40/0x70 [ 288.052422][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.057635][ T31] ? __pfx__printk+0x10/0x10 [ 288.062264][ T31] vpanic+0x281/0x750 [ 288.066265][ T31] ? __pfx_vpanic+0x10/0x10 [ 288.070778][ T31] ? __x2apic_send_IPI_mask+0x1e4/0x260 [ 288.076344][ T31] ? preempt_schedule+0xae/0xc0 [ 288.081213][ T31] ? preempt_schedule_common+0x83/0xd0 [ 288.086710][ T31] panic+0xb9/0xc0 [ 288.090446][ T31] ? __pfx_panic+0x10/0x10 [ 288.094874][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 288.100292][ T31] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 288.106466][ T31] watchdog+0xfd2/0xfe0 [ 288.110636][ T31] ? watchdog+0x1de/0xfe0 [ 288.114986][ T31] kthread+0x70e/0x8a0 [ 288.119163][ T31] ? __pfx_watchdog+0x10/0x10 [ 288.123843][ T31] ? __pfx_kthread+0x10/0x10 [ 288.128450][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.133661][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.138871][ T31] ? __pfx_kthread+0x10/0x10 [ 288.143477][ T31] ret_from_fork+0x3fc/0x770 [ 288.148342][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 288.153815][ T31] ? __switch_to_asm+0x39/0x70 [ 288.158596][ T31] ? __switch_to_asm+0x33/0x70 [ 288.163374][ T31] ? __pfx_kthread+0x10/0x10 [ 288.167980][ T31] ret_from_fork_asm+0x1a/0x30 [ 288.172762][ T31] [ 288.176080][ T31] Kernel Offset: disabled [ 288.180413][ T31] Rebooting in 86400 seconds..