./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3528601404 <...> [ 138.309575][ T64] sched: DL replenish lagged too much Warning: Permanently added '10.128.0.170' (ED25519) to the list of known hosts. execve("./syz-executor3528601404", ["./syz-executor3528601404"], 0x7ffd91f9dcc0 /* 10 vars */) = 0 brk(NULL) = 0x555569ac5000 brk(0x555569ac5d00) = 0x555569ac5d00 arch_prctl(ARCH_SET_FS, 0x555569ac5380) = 0 set_tid_address(0x555569ac5650) = 5872 set_robust_list(0x555569ac5660, 24) = 0 rseq(0x555569ac5ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3528601404", 4096) = 28 getrandom("\x30\xa3\x64\xd7\x27\x6b\x55\x9a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555569ac5d00 brk(0x555569ae6d00) = 0x555569ae6d00 brk(0x555569ae7000) = 0x555569ae7000 mprotect(0x7fab911e0000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached [pid 5873] set_robust_list(0x555569ac5660, 24 [pid 5872] <... clone resumed>, child_tidptr=0x555569ac5650) = 5873 [pid 5873] <... set_robust_list resumed>) = 0 [pid 5873] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5872] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5874 attached [pid 5873] <... clone resumed>, child_tidptr=0x555569ac5650) = 5874 ./strace-static-x86_64: Process 5875 attached [pid 5874] set_robust_list(0x555569ac5660, 24 [pid 5872] <... clone resumed>, child_tidptr=0x555569ac5650) = 5875 [pid 5872] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5874] <... set_robust_list resumed>) = 0 [pid 5875] set_robust_list(0x555569ac5660, 24 [pid 5874] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5875] <... set_robust_list resumed>) = 0 [pid 5875] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5874] <... prctl resumed>) = 0 [pid 5874] setpgid(0, 0) = 0 [pid 5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5877 attached ./strace-static-x86_64: Process 5876 attached [pid 5877] set_robust_list(0x555569ac5660, 24 [pid 5876] set_robust_list(0x555569ac5660, 24 [pid 5872] <... clone resumed>, child_tidptr=0x555569ac5650) = 5877 [pid 5875] <... clone resumed>, child_tidptr=0x555569ac5650) = 5876 [pid 5874] <... openat resumed>) = 3 [pid 5872] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5877] <... set_robust_list resumed>) = 0 [pid 5876] <... set_robust_list resumed>) = 0 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5874] write(3, "1000", 4./strace-static-x86_64: Process 5878 attached [pid 5877] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5876] <... prctl resumed>) = 0 [pid 5874] <... write resumed>) = 4 [pid 5872] <... clone resumed>, child_tidptr=0x555569ac5650) = 5878 [pid 5874] close(3) = 0 ./strace-static-x86_64: Process 5879 attached executing program [pid 5878] set_robust_list(0x555569ac5660, 24 [pid 5876] setpgid(0, 0 [pid 5874] write(1, "executing program\n", 18 [pid 5878] <... set_robust_list resumed>) = 0 [pid 5877] <... clone resumed>, child_tidptr=0x555569ac5650) = 5879 [pid 5876] <... setpgid resumed>) = 0 [pid 5874] <... write resumed>) = 18 [pid 5879] set_robust_list(0x555569ac5660, 24) = 0 [pid 5878] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5874] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5879] setpgid(0, 0) = 0 [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5880 attached ) = 3 [pid 5880] set_robust_list(0x555569ac5660, 24 [pid 5876] <... openat resumed>) = 3 [pid 5874] <... openat resumed>) = 3 [pid 5878] <... clone resumed>, child_tidptr=0x555569ac5650) = 5880 [pid 5880] <... set_robust_list resumed>) = 0 [pid 5879] write(3, "1000", 4executing program [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5879] <... write resumed>) = 4 [pid 5876] write(3, "1000", 4 [pid 5874] ioctl(3, COMEDI_DEVCONFIG [pid 5879] close(3 [pid 5876] <... write resumed>) = 4 [pid 5880] <... prctl resumed>) = 0 [pid 5879] <... close resumed>) = 0 [pid 5876] close(3 [pid 5880] setpgid(0, 0 [pid 5879] write(1, "executing program\n", 18 [pid 5880] <... setpgid resumed>) = 0 [pid 5879] <... write resumed>) = 18 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC executing program [pid 5879] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5876] <... close resumed>) = 0 [pid 5876] write(1, "executing program\n", 18) = 18 [pid 5876] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5880] <... openat resumed>) = 3 [pid 5880] write(3, "1000", 4) = 4 [pid 5880] close(3) = 0 executing program [pid 5880] write(1, "executing program\n", 18) = 18 [pid 5880] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY|O_APPEND [pid 5873] kill(-5874, SIGKILL) = 0 [pid 5873] kill(5874, SIGKILL) = 0 [pid 5875] kill(-5876, SIGKILL) = 0 [pid 5875] kill(5876, SIGKILL) = 0 [pid 5877] kill(-5879, SIGKILL) = 0 [pid 5877] kill(5879, SIGKILL) = 0 [pid 5878] kill(-5880, SIGKILL) = 0 [pid 5878] kill(5880, SIGKILL) = 0 [pid 5873] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5877] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5875] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] <... openat resumed>) = 3 [pid 5877] <... openat resumed>) = 3 [pid 5875] <... openat resumed>) = 3 [pid 5877] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5873] newfstatat(3, "", [pid 5875] newfstatat(3, "", [pid 5877] getdents64(3, [pid 5875] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5873] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5875] getdents64(3, [pid 5877] <... getdents64 resumed>0x555569ac66f0 /* 2 entries */, 32768) = 48 [pid 5873] getdents64(3, [pid 5878] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] <... getdents64 resumed>0x555569ac66f0 /* 2 entries */, 32768) = 48 [pid 5878] <... openat resumed>) = 3 [pid 5877] getdents64(3, [pid 5875] <... getdents64 resumed>0x555569ac66f0 /* 2 entries */, 32768) = 48 [pid 5873] getdents64(3, [pid 5878] newfstatat(3, "", [pid 5877] <... getdents64 resumed>0x555569ac66f0 /* 0 entries */, 32768) = 0 [pid 5875] getdents64(3, [pid 5873] <... getdents64 resumed>0x555569ac66f0 /* 0 entries */, 32768) = 0 [pid 5878] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5877] close(3 [pid 5875] <... getdents64 resumed>0x555569ac66f0 /* 0 entries */, 32768) = 0 [pid 5878] getdents64(3, [pid 5877] <... close resumed>) = 0 [pid 5875] close(3 [pid 5873] close(3 [pid 5875] <... close resumed>) = 0 [pid 5873] <... close resumed>) = 0 [pid 5878] <... getdents64 resumed>0x555569ac66f0 /* 2 entries */, 32768) = 48 [pid 5878] getdents64(3, 0x555569ac66f0 /* 0 entries */, 32768) = 0 [pid 5878] close(3) = 0 [ 286.869468][ T31] INFO: task syz-executor352:5876 blocked for more than 143 seconds. [ 286.877882][ T31] Not tainted 6.16.0-next-20250731-syzkaller #0 [ 286.886808][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.896026][ T31] task:syz-executor352 state:D stack:26008 pid:5876 tgid:5876 ppid:5875 task_flags:0x400040 flags:0x00004006 [ 286.908613][ T31] Call Trace: [ 286.912108][ T31] [ 286.915148][ T31] __schedule+0x1798/0x4cc0 [ 286.919935][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.924902][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.930046][ T31] ? __pfx___schedule+0x10/0x10 [ 286.935054][ T31] ? schedule+0x91/0x360 [ 286.939611][ T31] schedule+0x165/0x360 [ 286.943917][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.949862][ T31] __mutex_lock+0x7e6/0x1360 [ 286.954599][ T31] ? __mutex_lock+0x5b6/0x1360 [ 286.959868][ T31] ? comedi_open+0xc0/0x590 [ 286.964514][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 286.970026][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 286.974822][ T31] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 286.980610][ T31] ? comedi_open+0x8b/0x590 [ 286.985181][ T31] comedi_open+0xc0/0x590 [ 286.990210][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 286.995625][ T31] chrdev_open+0x4c9/0x5e0 [ 287.000665][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.006005][ T31] ? fsnotify_open_perm_and_set_mode+0x113/0x610 [ 287.012789][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.017755][ T31] do_dentry_open+0x953/0x13f0 [ 287.022977][ T31] vfs_open+0x3b/0x340 [ 287.027082][ T31] ? path_openat+0x2ecd/0x3830 [ 287.032116][ T31] path_openat+0x2ee5/0x3830 [ 287.036733][ T31] ? arch_stack_walk+0xfc/0x150 [ 287.041952][ T31] ? stack_depot_save_flags+0x40/0x860 [ 287.047531][ T31] ? __pfx_path_openat+0x10/0x10 [ 287.053033][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.059149][ T31] do_filp_open+0x1fa/0x410 [ 287.064246][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.069122][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 287.074506][ T31] ? _raw_spin_unlock+0x28/0x50 [ 287.080062][ T31] ? alloc_fd+0x64c/0x6c0 [ 287.084911][ T31] do_sys_openat2+0x121/0x1c0 [ 287.090733][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.096093][ T31] __x64_sys_openat+0x138/0x170 [ 287.101806][ T31] do_syscall_64+0xfa/0x3b0 [ 287.106635][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.112912][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.119548][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.124259][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.131178][ T31] RIP: 0033:0x7fab9116dc29 [ 287.135632][ T31] RSP: 002b:00007ffffb9ee4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.144549][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fab9116dc29 [ 287.152957][ T31] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 287.161402][ T31] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 287.170126][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.178140][ T31] R13: 00007ffffb9ee6c8 R14: 00007ffffb9ee4d0 R15: 00007ffffb9ee4c0 [ 287.186826][ T31] [ 287.190129][ T31] INFO: task syz-executor352:5879 blocked for more than 143 seconds. [ 287.198208][ T31] Not tainted 6.16.0-next-20250731-syzkaller #0 [ 287.205586][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.214798][ T31] task:syz-executor352 state:D stack:27816 pid:5879 tgid:5879 ppid:5877 task_flags:0x400040 flags:0x00004006 [ 287.228602][ T31] Call Trace: [ 287.232575][ T31] [ 287.235549][ T31] __schedule+0x1798/0x4cc0 [ 287.240977][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.246083][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.251661][ T31] ? __pfx___schedule+0x10/0x10 [ 287.256664][ T31] ? schedule+0x91/0x360 [ 287.261313][ T31] schedule+0x165/0x360 [ 287.265521][ T31] schedule_preempt_disabled+0x13/0x30 [ 287.271494][ T31] __mutex_lock+0x7e6/0x1360 [ 287.276204][ T31] ? __mutex_lock+0x5b6/0x1360 [ 287.281414][ T31] ? comedi_open+0xc0/0x590 [ 287.285940][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 287.291396][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 287.296559][ T31] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 287.303116][ T31] ? comedi_open+0x8b/0x590 [ 287.307782][ T31] comedi_open+0xc0/0x590 [ 287.312587][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 287.317917][ T31] chrdev_open+0x4c9/0x5e0 [ 287.322892][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.327945][ T31] ? fsnotify_open_perm_and_set_mode+0x113/0x610 [ 287.335074][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.340703][ T31] do_dentry_open+0x953/0x13f0 [ 287.345601][ T31] vfs_open+0x3b/0x340 [ 287.350135][ T31] ? path_openat+0x2ecd/0x3830 [ 287.355010][ T31] path_openat+0x2ee5/0x3830 [ 287.360036][ T31] ? arch_stack_walk+0xfc/0x150 [ 287.364982][ T31] ? stack_depot_save_flags+0x40/0x860 [ 287.370868][ T31] ? __pfx_path_openat+0x10/0x10 [ 287.375907][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.382717][ T31] do_filp_open+0x1fa/0x410 [ 287.387501][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.392803][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 287.397877][ T31] ? _raw_spin_unlock+0x28/0x50 [ 287.403164][ T31] ? alloc_fd+0x64c/0x6c0 [ 287.407885][ T31] do_sys_openat2+0x121/0x1c0 [ 287.412952][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.418220][ T31] __x64_sys_openat+0x138/0x170 [ 287.423598][ T31] do_syscall_64+0xfa/0x3b0 [ 287.428295][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.433921][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.440316][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.445114][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.452636][ T31] RIP: 0033:0x7fab9116dc29 [ 287.457171][ T31] RSP: 002b:00007ffffb9ee4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.466192][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fab9116dc29 [ 287.474431][ T31] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 287.482794][ T31] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 287.491100][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.499084][ T31] R13: 00007ffffb9ee6c8 R14: 00007ffffb9ee4d0 R15: 00007ffffb9ee4c0 [ 287.507634][ T31] [ 287.511071][ T31] INFO: task syz-executor352:5880 blocked for more than 144 seconds. [ 287.519660][ T31] Not tainted 6.16.0-next-20250731-syzkaller #0 [ 287.526634][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.536115][ T31] task:syz-executor352 state:D stack:27704 pid:5880 tgid:5880 ppid:5878 task_flags:0x400040 flags:0x00004006 [ 287.548683][ T31] Call Trace: [ 287.552424][ T31] [ 287.555394][ T31] __schedule+0x1798/0x4cc0 [ 287.560545][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.565432][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.570989][ T31] ? __pfx___schedule+0x10/0x10 [ 287.575883][ T31] ? schedule+0x91/0x360 [ 287.580522][ T31] schedule+0x165/0x360 [ 287.584789][ T31] schedule_preempt_disabled+0x13/0x30 [ 287.590865][ T31] __mutex_lock+0x7e6/0x1360 [ 287.595487][ T31] ? __mutex_lock+0x5b6/0x1360 [ 287.600821][ T31] ? comedi_open+0xc0/0x590 [ 287.605349][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 287.610954][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 287.616049][ T31] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 287.622446][ T31] ? comedi_open+0x8b/0x590 [ 287.627013][ T31] comedi_open+0xc0/0x590 [ 287.631848][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 287.637176][ T31] chrdev_open+0x4c9/0x5e0 [ 287.641964][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.647134][ T31] ? fsnotify_open_perm_and_set_mode+0x113/0x610 [ 287.654108][ T31] ? __pfx_chrdev_open+0x10/0x10 [ 287.659085][ T31] do_dentry_open+0x953/0x13f0 [ 287.664305][ T31] vfs_open+0x3b/0x340 [ 287.668432][ T31] ? path_openat+0x2ecd/0x3830 [ 287.673847][ T31] path_openat+0x2ee5/0x3830 [ 287.678462][ T31] ? arch_stack_walk+0xfc/0x150 [ 287.684234][ T31] ? stack_depot_save_flags+0x40/0x860 [ 287.690276][ T31] ? __pfx_path_openat+0x10/0x10 [ 287.695268][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.701919][ T31] do_filp_open+0x1fa/0x410 [ 287.706640][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.712163][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 287.717268][ T31] ? _raw_spin_unlock+0x28/0x50 [ 287.722527][ T31] ? alloc_fd+0x64c/0x6c0 [ 287.726906][ T31] do_sys_openat2+0x121/0x1c0 [ 287.732115][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.737359][ T31] __x64_sys_openat+0x138/0x170 [ 287.742775][ T31] do_syscall_64+0xfa/0x3b0 [ 287.747648][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.753835][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.760901][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.765634][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.772264][ T31] RIP: 0033:0x7fab9116dc29 [ 287.776726][ T31] RSP: 002b:00007ffffb9ee4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.785633][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fab9116dc29 [ 287.794693][ T31] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 287.803102][ T31] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 287.811521][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 287.819897][ T31] R13: 00007ffffb9ee6c8 R14: 00007ffffb9ee4d0 R15: 00007ffffb9ee4c0 [ 287.828251][ T31] [ 287.831901][ T31] [ 287.831901][ T31] Showing all locks held in the system: [ 287.840012][ T31] 1 lock held by khungtaskd/31: [ 287.844942][ T31] #0: ffffffff8e539f20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 287.855173][ T31] 2 locks held by getty/5610: [ 287.860141][ T31] #0: ffff8880304030a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.870208][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 287.881024][ T31] 2 locks held by syz-executor352/5874: [ 287.886968][ T31] 1 lock held by syz-executor352/5876: [ 287.892939][ T31] #0: ffff88814c5a48f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x590 [ 287.903091][ T31] 1 lock held by syz-executor352/5879: [ 287.908940][ T31] #0: ffff88814c5a48f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x590 [ 287.919042][ T31] 1 lock held by syz-executor352/5880: [ 287.925049][ T31] #0: ffff88814c5a48f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x590 [ 287.934670][ T31] [ 287.937106][ T31] ============================================= [ 287.937106][ T31] [ 287.946910][ T31] NMI backtrace for cpu 0 [ 287.946927][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) [ 287.946947][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 287.946966][ T31] Call Trace: [ 287.946980][ T31] [ 287.946987][ T31] dump_stack_lvl+0x189/0x250 [ 287.947019][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.947043][ T31] ? __pfx__printk+0x10/0x10 [ 287.947078][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 287.947105][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.947136][ T31] ? __pfx__printk+0x10/0x10 [ 287.947177][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.947200][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 287.947224][ T31] watchdog+0xf93/0xfe0 [ 287.947247][ T31] ? watchdog+0x1de/0xfe0 [ 287.947287][ T31] kthread+0x70e/0x8a0 [ 287.947315][ T31] ? __pfx_watchdog+0x10/0x10 [ 287.947337][ T31] ? __pfx_kthread+0x10/0x10 [ 287.947369][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.947392][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.947414][ T31] ? __pfx_kthread+0x10/0x10 [ 287.947439][ T31] ret_from_fork+0x3fc/0x770 [ 287.947463][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 287.947489][ T31] ? __switch_to_asm+0x39/0x70 [ 287.947512][ T31] ? __switch_to_asm+0x33/0x70 [ 287.947535][ T31] ? __pfx_kthread+0x10/0x10 [ 287.947559][ T31] ret_from_fork_asm+0x1a/0x30 [ 287.947589][ T31] [ 287.947596][ T31] Sending NMI from CPU 0 to CPUs 1: [ 288.097688][ C1] NMI backtrace for cpu 1 [ 288.097706][ C1] CPU: 1 UID: 0 PID: 2995 Comm: kworker/u8:7 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) [ 288.097725][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.097735][ C1] Workqueue: events_unbound toggle_allocation_gate [ 288.097764][ C1] RIP: 0010:__lock_acquire+0x50c/0xd20 [ 288.097783][ C1] Code: 49 83 c7 28 41 89 c4 48 39 cb 0f 8d d6 00 00 00 48 83 fb 31 0f 83 92 00 00 00 41 8b 07 25 ff 1f 00 00 48 0f a3 05 04 7f 4b 12 <73> 10 48 69 c0 c8 00 00 00 48 8d 88 30 23 8a 93 eb 40 83 3d 6b 0e [ 288.097795][ C1] RSP: 0018:ffffc9000b5574d8 EFLAGS: 00000007 [ 288.097808][ C1] RAX: 0000000000000003 RBX: 0000000000000002 RCX: 0000000000000005 [ 288.097817][ C1] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88802f255a00 [ 288.097827][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff821029a9 [ 288.097836][ C1] R10: dffffc0000000000 R11: fffff94000010c31 R12: 00000000ffffff05 [ 288.097847][ C1] R13: 0000000000000001 R14: ffff88802f2565b8 R15: ffff88802f256560 [ 288.097858][ C1] FS: 0000000000000000(0000) GS:ffff88812590a000(0000) knlGS:0000000000000000 [ 288.097871][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 288.097881][ C1] CR2: 0000561e277c9168 CR3: 000000000e336000 CR4: 00000000003526f0 [ 288.097897][ C1] Call Trace: [ 288.097906][ C1] [ 288.097917][ C1] ? ___pte_offset_map+0x29/0x250 [ 288.097937][ C1] lock_acquire+0x120/0x360 [ 288.097951][ C1] ? ___pte_offset_map+0x29/0x250 [ 288.097974][ C1] ? __kmalloc_node_noprof+0xec/0x4e0 [ 288.097996][ C1] ___pte_offset_map+0x45/0x250 [ 288.098015][ C1] ? ___pte_offset_map+0x29/0x250 [ 288.098033][ C1] ? __pte_offset_map_lock+0x2d/0x210 [ 288.098053][ C1] ? __kmalloc_node_noprof+0xec/0x4e0 [ 288.098074][ C1] __pte_offset_map_lock+0x46/0x210 [ 288.098094][ C1] ? __kmalloc_node_noprof+0xec/0x4e0 [ 288.098115][ C1] ? __kmalloc_node_noprof+0xec/0x4e0 [ 288.098136][ C1] __text_poke+0x2e6/0xa10 [ 288.098160][ C1] ? __pfx_text_poke_memcpy+0x10/0x10 [ 288.098180][ C1] ? __kmalloc_node_noprof+0xec/0x4e0 [ 288.098201][ C1] ? __pfx___text_poke+0x10/0x10 [ 288.098220][ C1] ? rcu_is_watching+0x15/0xb0 [ 288.098236][ C1] ? trace_contention_end+0x39/0x120 [ 288.098258][ C1] smp_text_poke_batch_finish+0xd0f/0x1130 [ 288.098284][ C1] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 288.098307][ C1] ? arch_jump_label_transform_queue+0x97/0x110 [ 288.098327][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 288.098343][ C1] static_key_enable_cpuslocked+0x128/0x250 [ 288.098359][ C1] static_key_enable+0x1a/0x20 [ 288.098373][ C1] toggle_allocation_gate+0xad/0x240 [ 288.098402][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 288.098423][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 288.098443][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 288.098459][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 288.098475][ C1] process_scheduled_works+0xade/0x17b0 [ 288.098501][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 288.098523][ C1] worker_thread+0x8a0/0xda0 [ 288.098540][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 288.098565][ C1] ? __kthread_parkme+0x7b/0x200 [ 288.098585][ C1] kthread+0x70e/0x8a0 [ 288.098605][ C1] ? __pfx_worker_thread+0x10/0x10 [ 288.098622][ C1] ? __pfx_kthread+0x10/0x10 [ 288.098642][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.098660][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.098679][ C1] ? __pfx_kthread+0x10/0x10 [ 288.098699][ C1] ret_from_fork+0x3fc/0x770 [ 288.098717][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 288.098736][ C1] ? __switch_to_asm+0x39/0x70 [ 288.098756][ C1] ? __switch_to_asm+0x33/0x70 [ 288.098776][ C1] ? __pfx_kthread+0x10/0x10 [ 288.098796][ C1] ret_from_fork_asm+0x1a/0x30 [ 288.098814][ C1] [ 288.098822][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.133 msecs [ 288.492187][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 288.499246][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) [ 288.510382][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.520878][ T31] Call Trace: [ 288.524463][ T31] [ 288.527424][ T31] dump_stack_lvl+0x99/0x250 [ 288.532038][ T31] ? __asan_memcpy+0x40/0x70 [ 288.536682][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.542161][ T31] ? __pfx__printk+0x10/0x10 [ 288.546985][ T31] vpanic+0x281/0x750 [ 288.551061][ T31] ? __pfx_vpanic+0x10/0x10 [ 288.555836][ T31] ? preempt_schedule+0xae/0xc0 [ 288.560707][ T31] ? preempt_schedule_common+0x83/0xd0 [ 288.566307][ T31] panic+0xb9/0xc0 [ 288.570046][ T31] ? __pfx_panic+0x10/0x10 [ 288.574659][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 288.580155][ T31] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 288.586938][ T31] watchdog+0xfd2/0xfe0 [ 288.591112][ T31] ? watchdog+0x1de/0xfe0 [ 288.595458][ T31] kthread+0x70e/0x8a0 [ 288.599675][ T31] ? __pfx_watchdog+0x10/0x10 [ 288.604504][ T31] ? __pfx_kthread+0x10/0x10 [ 288.609212][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.614443][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.619764][ T31] ? __pfx_kthread+0x10/0x10 [ 288.624571][ T31] ret_from_fork+0x3fc/0x770 [ 288.629292][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 288.634973][ T31] ? __switch_to_asm+0x39/0x70 [ 288.639883][ T31] ? __switch_to_asm+0x33/0x70 [ 288.645067][ T31] ? __pfx_kthread+0x10/0x10 [ 288.649902][ T31] ret_from_fork_asm+0x1a/0x30 [ 288.654887][ T31] [ 288.658694][ T31] Kernel Offset: disabled [ 288.663040][ T31] Rebooting in 86400 seconds..