INFO: task syz.3.2873:16607 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.2873      state:D stack:24456 pid:16607 tgid:16606 ppid:15795  task_flags:0x400140 flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 __schedule_loop kernel/sched/core.c:7043 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:7058
 io_schedule+0x80/0xd0 kernel/sched/core.c:7903
 bit_wait_io+0x11/0xd0 kernel/sched/wait_bit.c:250
 __wait_on_bit+0xb6/0x310 kernel/sched/wait_bit.c:52
 out_of_line_wait_on_bit+0x123/0x170 kernel/sched/wait_bit.c:67
 wait_on_buffer include/linux/buffer_head.h:420 [inline]
 ext4_read_bh+0x20d/0x260 fs/ext4/super.c:207
 ext4_read_bh_lock fs/ext4/super.c:220 [inline]
 __ext4_sb_bread_gfp+0x1c9/0x210 fs/ext4/super.c:242
 ext4_sb_bread_unmovable fs/ext4/super.c:265 [inline]
 ext4_load_super fs/ext4/super.c:5063 [inline]
 __ext4_fill_super fs/ext4/super.c:5267 [inline]
 ext4_fill_super+0x802/0x6090 fs/ext4/super.c:5728
 get_tree_bdev_flags+0x40b/0x4d0 fs/super.c:1692
 vfs_get_tree+0x8f/0x2b0 fs/super.c:1752
 do_new_mount+0x2a2/0xa30 fs/namespace.c:3810
 do_mount fs/namespace.c:4138 [inline]
 __do_sys_mount fs/namespace.c:4349 [inline]
 __se_sys_mount+0x317/0x410 fs/namespace.c:4326
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdcf798ebe9
RSP: 002b:00007fdcf874f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fdcf7bc5fa0 RCX: 00007fdcf798ebe9
RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000200000000100
RBP: 00007fdcf7a11e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fdcf7bc6038 R14: 00007fdcf7bc5fa0 R15: 00007ffca7e91c08
 </TASK>
INFO: task syz.3.2873:16608 blocked for more than 144 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.2873      state:D stack:27016 pid:16608 tgid:16606 ppid:15795  task_flags:0x400140 flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5357 [inline]
 __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961
 __schedule_loop kernel/sched/core.c:7043 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:7058
 super_lock+0x1c8/0x3b0 fs/super.c:115
 super_lock_excl fs/super.c:146 [inline]
 grab_super+0xad/0x350 fs/super.c:531
 sget_fc+0x2c2/0xa40 fs/super.c:801
 sget_dev fs/super.c:1406 [inline]
 get_tree_bdev_flags+0x203/0x4d0 fs/super.c:1678
 vfs_get_tree+0x8f/0x2b0 fs/super.c:1752
 do_new_mount+0x2a2/0xa30 fs/namespace.c:3810
 do_mount fs/namespace.c:4138 [inline]
 __do_sys_mount fs/namespace.c:4349 [inline]
 __se_sys_mount+0x317/0x410 fs/namespace.c:4326
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdcf798ebe9
RSP: 002b:00007fdcf872e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fdcf7bc6090 RCX: 00007fdcf798ebe9
RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000200000000100
RBP: 00007fdcf7a11e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fdcf7bc6128 R14: 00007fdcf7bc6090 R15: 00007ffca7e91c08
 </TASK>
INFO: lockdep is turned off.
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x39e/0x3d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:332 [inline]
 watchdog+0xf60/0xfa0 kernel/hung_task.c:495
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x47c/0x820 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 3682 Comm: kworker/u8:11 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: writeback wb_workfn (flush-259:0)
RIP: 0010:__orc_find arch/x86/kernel/unwind_orc.c:100 [inline]
RIP: 0010:orc_find arch/x86/kernel/unwind_orc.c:227 [inline]
RIP: 0010:unwind_next_frame+0x12d9/0x2390 arch/x86/kernel/unwind_orc.c:494
Code: 18 e8 bb 84 b0 00 48 8b 44 24 18 48 8b 10 48 c7 c7 c0 3e a8 8b 89 de e8 45 b3 b3 ff e9 43 06 00 00 49 89 d5 48 89 d5 48 89 d8 <48> 29 e8 48 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01 c8 48 83 e0 fe 4c
RSP: 0018:ffffc9000c905ff8 EFLAGS: 00000297
RAX: ffffffff901d05cc RBX: ffffffff901d05cc RCX: 103c994f90561900
RDX: ffffffff901d05b0 RSI: ffffffff90abbabe RDI: ffffffff8c04e5a0
RBP: ffffffff901d05b0 R08: 0000000000000008 R09: 0000000000000000
R10: ffffc9000c906118 R11: ffffffff81ad6180 R12: ffffffff84ae692d
R13: ffffffff901d05b0 R14: ffffc9000c9060c8 R15: 000000000003ae69
FS:  0000000000000000(0000) GS:ffff8881258c4000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1b6eef56c0 CR3: 000000000e338000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack+0x3e/0x60 mm/kasan/common.c:56
 kasan_record_aux_stack+0xbd/0xd0 mm/kasan/generic.c:559
 slab_free_hook mm/slub.c:2378 [inline]
 slab_free mm/slub.c:4680 [inline]
 kmem_cache_free+0x2f6/0x400 mm/slub.c:4782
 blk_update_request+0x57e/0xe60 block/blk-mq.c:989
 blk_mq_end_request+0x3e/0x70 block/blk-mq.c:1151
 <kernel::block::mq::request::Request<rnull::NullBlkDevice>>::end_ok rust/kernel/block/mq/request.rs:129 [inline]
 <rnull::NullBlkDevice as kernel::block::mq::operations::Operations>::queue_rq drivers/block/rnull.rs:69 [inline]
 <kernel::block::mq::operations::OperationsVTable<rnull::NullBlkDevice>>::queue_rq_callback+0x1b6/0x2a0 rust/kernel/block/mq/operations.rs:94
 blk_mq_dispatch_rq_list+0x4bd/0x1900 block/blk-mq.c:2120
 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:168 [inline]
 blk_mq_do_dispatch_sched block/blk-mq-sched.c:182 [inline]
 __blk_mq_sched_dispatch_requests+0xda4/0x1570 block/blk-mq-sched.c:307
 blk_mq_sched_dispatch_requests+0xd7/0x190 block/blk-mq-sched.c:329
 blk_mq_run_hw_queue+0x404/0x4f0 block/blk-mq.c:2358
 blk_mq_dispatch_list+0xd0c/0xe00 include/linux/spinlock.h:-1
 blk_mq_flush_plug_list+0x469/0x550 block/blk-mq.c:2967
 blk_add_rq_to_plug+0x175/0x450 block/blk-mq.c:1390
 blk_mq_submit_bio+0xbcb/0x2520 block/blk-mq.c:3212
 __submit_bio+0x207/0x5a0 block/blk-core.c:635
 __submit_bio_noacct_mq block/blk-core.c:722 [inline]
 submit_bio_noacct_nocheck+0x4ab/0xb50 block/blk-core.c:751
 __block_write_full_folio+0x810/0xe10 fs/buffer.c:1933
 blkdev_writepages+0xd1/0x170 block/fops.c:483
 do_writepages+0x32e/0x550 mm/page-writeback.c:2634
 __writeback_single_inode+0x145/0xff0 fs/fs-writeback.c:1680
 writeback_sb_inodes+0x6c7/0x1010 fs/fs-writeback.c:1976
 __writeback_inodes_wb+0x111/0x240 fs/fs-writeback.c:2047
 wb_writeback+0x44f/0xaf0 fs/fs-writeback.c:2158
 wb_check_start_all fs/fs-writeback.c:2284 [inline]
 wb_do_writeback fs/fs-writeback.c:2310 [inline]
 wb_workfn+0x90b/0xef0 fs/fs-writeback.c:2343
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x47c/0x820 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>