INFO: task syz.0.6778:20496 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.6778      state:D stack:26440 pid:20496 tgid:20495 ppid:6087   task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5263 [inline]
 __schedule+0x1836/0x4ed0 kernel/sched/core.c:6871
 __schedule_loop kernel/sched/core.c:6953 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:6968
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7025
 __mutex_lock_common kernel/locking/mutex.c:686 [inline]
 __mutex_lock+0x7e6/0x1350 kernel/locking/mutex.c:770
 nfsd_nl_listener_set_doit+0x137/0x1690 fs/nfsd/nfsctl.c:1880
 genl_family_rcv_msg_doit+0x215/0x300 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x60e/0x790 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x82f/0x9e0 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1894
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:746
 ____sys_sendmsg+0x505/0x870 net/socket.c:2634
 ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2688
 __sys_sendmsg net/socket.c:2720 [inline]
 __do_sys_sendmsg net/socket.c:2725 [inline]
 __se_sys_sendmsg net/socket.c:2723 [inline]
 __x64_sys_sendmsg+0x19b/0x260 net/socket.c:2723
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff809f8f749
RSP: 002b:00007ff80aed7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007ff80a1e5fa0 RCX: 00007ff809f8f749
RDX: 0000000020048000 RSI: 0000200000000000 RDI: 0000000000000003
RBP: 00007ff80a013f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ff80a1e6038 R14: 00007ff80a1e5fa0 R15: 00007fff9a25cfb8
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/0:1/10:
 #0: ffff88813fe55948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x841/0x15e0 kernel/workqueue.c:3236
 #1: ffffc900000f7b80 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x868/0x15e0 kernel/workqueue.c:3237
1 lock held by khungtaskd/31:
 #0: ffffffff8e33d9c0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #0: ffffffff8e33d9c0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:867 [inline]
 #0: ffffffff8e33d9c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
4 locks held by kworker/u8:9/3418:
1 lock held by udevd/5197:
 #0: ffff8880b873a718 (&rq->__lock){-.-.}-{2:2}
, at: raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:639
2 locks held by getty/5586:
 #0: ffff8880300ab0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 drivers/tty/n_tty.c:2222
2 locks held by syz-executor/6088:
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 drivers/net/tun.c:3436
 #1: ffffffff8e343478 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock kernel/rcu/tree_exp.h:311 [inline]
 #1: ffffffff8e343478 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730 kernel/rcu/tree_exp.h:957
5 locks held by kworker/0:5/6089:
 #0: ffff8880b863a718 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:639
 #1: ffff8880b8624588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880 kernel/sched/psi.c:933
 #2: ffff8880b86260d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base kernel/time/timer.c:1004 [inline]
 #2: ffff8880b86260d8 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x1ae/0xf30 kernel/time/timer.c:1085
 #3: ffffffff99f476d8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0xbb/0x420 lib/debugobjects.c:818
 #4: ffffffff8e33da20 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #4: ffffffff8e33da20 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:918 [inline]
 #4: ffffffff8e33da20 (rcu_read_lock_bh){....}-{1:3}, at: wg_packet_consume_data drivers/net/wireguard/receive.c:515 [inline]
 #4: ffffffff8e33da20 (rcu_read_lock_bh){....}-{1:3}, at: wg_packet_receive+0x11e9/0x25b0 drivers/net/wireguard/receive.c:576
2 locks held by kworker/1:8/7530:
 #0: ffff88813fe55948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x841/0x15e0 kernel/workqueue.c:3236
 #1: ffffc900033f7b80 (xfrm_state_gc_work){+.+.}-{0:0}, at: process_one_work+0x868/0x15e0 kernel/workqueue.c:3237
2 locks held by syz.2.5125/16546:
 #0: ffffffff8f75aef0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e62b128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 fs/nfsd/nfsctl.c:1880
2 locks held by syz.0.6778/20496:
 #0: ffffffff8f75aef0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e62b128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690 fs/nfsd/nfsctl.c:1880
1 lock held by syz-executor/21414:
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 drivers/net/tun.c:3436
1 lock held by syz.4.10771/30752:
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 drivers/net/tun.c:3436
1 lock held by syz.3.10773/30758:
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline]
 #0: ffffffff8f6f4f48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 drivers/net/tun.c:3436
1 lock held by dhcpcd/30759:
 #0: ffff88804c525848 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
 #0: ffff88804c525848 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: __sock_release net/socket.c:661 [inline]
 #0: ffff88804c525848 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: sock_close+0x9b/0x240 net/socket.c:1459

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x39e/0x3d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 __sys_info lib/sys_info.c:157 [inline]
 sys_info+0x135/0x170 lib/sys_info.c:165
 check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
 watchdog+0xfb5/0x1000 kernel/hung_task.c:515
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:pick_next_task_fair+0x4/0x2130 kernel/sched/fair.c:8919
Code: 01 00 00 e8 7e 1c 94 00 e9 78 fe ff ff 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <55> 41 57 41 56 41 55 41 54 53 48 81 ec 80 01 00 00 48 89 b4 24 00
RSP: 0018:ffffc90000197b40 EFLAGS: 00000046
RAX: 0000000000000000 RBX: ffffc90000197d50 RCX: 6e6ddf470546af00
RDX: ffffc90000197d50 RSI: ffff88801da9db80 RDI: ffff8880b873a700
RBP: 1ffff110170e7641 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffff52000032f5c R12: ffff88801da9db80
R13: ffff8880b873a7d4 R14: ffff8880b873b208 R15: ffff8880b873a700
FS:  0000000000000000(0000) GS:ffff888125b6f000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055f527bd3168 CR3: 000000000e138000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 __pick_next_task+0xeb/0x480 kernel/sched/core.c:5894
 pick_next_task kernel/sched/core.c:5987 [inline]
 __schedule+0x811/0x4ed0 kernel/sched/core.c:6813
 schedule_idle+0x52/0x90 kernel/sched/core.c:6994
 do_idle+0x4a7/0x510 kernel/sched/idle.c:358
 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:428
 start_secondary+0x101/0x110 arch/x86/kernel/smpboot.c:312
 common_startup_64+0x13e/0x147
 </TASK>