INFO: task syz.5.17:527 blocked for more than 122 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.5.17        state:D stack:0     pid:527   tgid:526   ppid:485    flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5996 [inline]
 __schedule+0x134a/0x1dd0 kernel/sched/core.c:7842
 __schedule_loop kernel/sched/core.c:7923 [inline]
 schedule+0xc5/0x240 kernel/sched/core.c:7938
 schedule_preempt_disabled+0x14/0x30 kernel/sched/core.c:7995
 __mutex_lock_common kernel/locking/mutex.c:707 [inline]
 __mutex_lock+0x960/0x1bb0 kernel/locking/mutex.c:803
 __mutex_lock_slowpath+0xe/0x20 kernel/locking/mutex.c:1134
 mutex_lock+0x113/0x1d0 kernel/locking/mutex.c:285
 device_lock include/linux/device.h:911 [inline]
 usbdev_open+0x16b/0x800 drivers/usb/core/devio.c:1051
 chrdev_open+0x4dc/0x600 fs/char_dev.c:414
 do_dentry_open+0x978/0x1510 fs/open.c:960
 vfs_open+0x86/0x240 fs/open.c:1092
 do_open fs/namei.c:3782 [inline]
 path_openat+0x2bb1/0x34f0 fs/namei.c:3941
 do_filp_open+0x1f5/0x440 fs/namei.c:3968
 do_sys_openat2+0x134/0x1d0 fs/open.c:1440
 do_sys_open fs/open.c:1455 [inline]
 __do_sys_openat fs/open.c:1471 [inline]
 __se_sys_openat fs/open.c:1466 [inline]
 __x64_sys_openat+0x13a/0x170 fs/open.c:1466
 x64_sys_call+0xe69/0x2ee0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/common.c:47 [inline]
 do_syscall_64+0x57/0xf0 arch/x86/entry/common.c:78
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7f787e55af4e
RSP: 002b:00007f787f505b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f787f5066c0 RCX: 00007f787e55af4e
RDX: 0000000000000002 RSI: 00007f787f505c00 RDI: ffffffffffffff9c
RBP: 00007f787f505c00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
R13: 00007f787e806038 R14: 00007f787e805fa0 R15: 00007ffd4226c998
 </TASK>
INFO: task syz.1.18:530 blocked for more than 123 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.18        state:D stack:0     pid:530   tgid:529   ppid:486    flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5996 [inline]
 __schedule+0x134a/0x1dd0 kernel/sched/core.c:7842
 __schedule_loop kernel/sched/core.c:7923 [inline]
 schedule+0xc5/0x240 kernel/sched/core.c:7938
 schedule_preempt_disabled+0x14/0x30 kernel/sched/core.c:7995
 __mutex_lock_common kernel/locking/mutex.c:707 [inline]
 __mutex_lock+0x960/0x1bb0 kernel/locking/mutex.c:803
 __mutex_lock_slowpath+0xe/0x20 kernel/locking/mutex.c:1134
 mutex_lock+0x113/0x1d0 kernel/locking/mutex.c:285
 device_lock include/linux/device.h:911 [inline]
 usbdev_open+0x16b/0x800 drivers/usb/core/devio.c:1051
 chrdev_open+0x4dc/0x600 fs/char_dev.c:414
 do_dentry_open+0x978/0x1510 fs/open.c:960
 vfs_open+0x86/0x240 fs/open.c:1092
 do_open fs/namei.c:3782 [inline]
 path_openat+0x2bb1/0x34f0 fs/namei.c:3941
 do_filp_open+0x1f5/0x440 fs/namei.c:3968
 do_sys_openat2+0x134/0x1d0 fs/open.c:1440
 do_sys_open fs/open.c:1455 [inline]
 __do_sys_openat fs/open.c:1471 [inline]
 __se_sys_openat fs/open.c:1466 [inline]
 __x64_sys_openat+0x13a/0x170 fs/open.c:1466
 x64_sys_call+0xe69/0x2ee0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/common.c:47 [inline]
 do_syscall_64+0x57/0xf0 arch/x86/entry/common.c:78
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7fe7f735af4e
RSP: 002b:00007fe7f82adb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fe7f82ae6c0 RCX: 00007fe7f735af4e
RDX: 0000000000000002 RSI: 00007fe7f82adc00 RDI: ffffffffffffff9c
RBP: 00007fe7f82adc00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
R13: 00007fe7f7606038 R14: 00007fe7f7605fa0 R15: 00007ffd20c95fc8
 </TASK>
INFO: task syz.2.19:532 blocked for more than 123 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.19        state:D stack:0     pid:532   tgid:531   ppid:488    flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5996 [inline]
 __schedule+0x134a/0x1dd0 kernel/sched/core.c:7842
 __schedule_loop kernel/sched/core.c:7923 [inline]
 schedule+0xc5/0x240 kernel/sched/core.c:7938
 schedule_preempt_disabled+0x14/0x30 kernel/sched/core.c:7995
 __mutex_lock_common kernel/locking/mutex.c:707 [inline]
 __mutex_lock+0x960/0x1bb0 kernel/locking/mutex.c:803
 __mutex_lock_slowpath+0xe/0x20 kernel/locking/mutex.c:1134
 mutex_lock+0x113/0x1d0 kernel/locking/mutex.c:285
 device_lock include/linux/device.h:911 [inline]
 usbdev_open+0x16b/0x800 drivers/usb/core/devio.c:1051
 chrdev_open+0x4dc/0x600 fs/char_dev.c:414
 do_dentry_open+0x978/0x1510 fs/open.c:960
 vfs_open+0x86/0x240 fs/open.c:1092
 do_open fs/namei.c:3782 [inline]
 path_openat+0x2bb1/0x34f0 fs/namei.c:3941
 do_filp_open+0x1f5/0x440 fs/namei.c:3968
 do_sys_openat2+0x134/0x1d0 fs/open.c:1440
 do_sys_open fs/open.c:1455 [inline]
 __do_sys_openat fs/open.c:1471 [inline]
 __se_sys_openat fs/open.c:1466 [inline]
 __x64_sys_openat+0x13a/0x170 fs/open.c:1466
 x64_sys_call+0xe69/0x2ee0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/common.c:47 [inline]
 do_syscall_64+0x57/0xf0 arch/x86/entry/common.c:78
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7fe865f5af4e
RSP: 002b:00007fe866d82b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fe866d836c0 RCX: 00007fe865f5af4e
RDX: 0000000000000002 RSI: 00007fe866d82c00 RDI: ffffffffffffff9c
RBP: 00007fe866d82c00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
R13: 00007fe866206038 R14: 00007fe866205fa0 R15: 00007ffe90ff8488
 </TASK>
INFO: task syz.3.20:537 blocked for more than 124 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.20        state:D stack:0     pid:537   tgid:536   ppid:489    flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5996 [inline]
 __schedule+0x134a/0x1dd0 kernel/sched/core.c:7842
 __schedule_loop kernel/sched/core.c:7923 [inline]
 schedule+0xc5/0x240 kernel/sched/core.c:7938
 schedule_preempt_disabled+0x14/0x30 kernel/sched/core.c:7995
 __mutex_lock_common kernel/locking/mutex.c:707 [inline]
 __mutex_lock+0x960/0x1bb0 kernel/locking/mutex.c:803
 __mutex_lock_slowpath+0xe/0x20 kernel/locking/mutex.c:1134
 mutex_lock+0x113/0x1d0 kernel/locking/mutex.c:285
 device_lock include/linux/device.h:911 [inline]
 usbdev_open+0x16b/0x800 drivers/usb/core/devio.c:1051
 chrdev_open+0x4dc/0x600 fs/char_dev.c:414
 do_dentry_open+0x978/0x1510 fs/open.c:960
 vfs_open+0x86/0x240 fs/open.c:1092
 do_open fs/namei.c:3782 [inline]
 path_openat+0x2bb1/0x34f0 fs/namei.c:3941
 do_filp_open+0x1f5/0x440 fs/namei.c:3968
 do_sys_openat2+0x134/0x1d0 fs/open.c:1440
 do_sys_open fs/open.c:1455 [inline]
 __do_sys_openat fs/open.c:1471 [inline]
 __se_sys_openat fs/open.c:1466 [inline]
 __x64_sys_openat+0x13a/0x170 fs/open.c:1466
 x64_sys_call+0xe69/0x2ee0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/common.c:47 [inline]
 do_syscall_64+0x57/0xf0 arch/x86/entry/common.c:78
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7f399e95af4e
RSP: 002b:00007f399f75db28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f399f75e6c0 RCX: 00007f399e95af4e
RDX: 0000000000000002 RSI: 00007f399f75dc00 RDI: ffffffffffffff9c
RBP: 00007f399f75dc00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
R13: 00007f399ec06038 R14: 00007f399ec05fa0 R15: 00007ffd6422d9d8
 </TASK>
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Not tainted syzkaller #0 43471e021e585ff4e16b581c6174822f8464b0b8
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
 <TASK>
 __dump_stack+0x21/0x30 lib/dump_stack.c:94
 dump_stack_lvl+0x140/0x1c0 lib/dump_stack.c:120
 dump_stack+0x19/0x20 lib/dump_stack.c:129
 nmi_cpu_backtrace+0x2ba/0x2d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x142/0x2c0 lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:41
 trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:267 [inline]
 watchdog+0xdad/0xf00 kernel/hung_task.c:423
 kthread+0x2c6/0x370 kernel/kthread.c:389
 ret_from_fork+0x67/0xa0 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 43471e021e585ff4e16b581c6174822f8464b0b8
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:arch_static_branch arch/x86/include/asm/jump_label.h:36 [inline]
RIP: 0010:static_key_false include/linux/jump_label.h:230 [inline]
RIP: 0010:native_write_msr arch/x86/include/asm/msr.h:149 [inline]
RIP: 0010:wrmsr arch/x86/include/asm/msr.h:256 [inline]
RIP: 0010:native_apic_msr_write+0x42/0x60 arch/x86/include/asm/apic.h:212
Code: 75 17 5d c3 cc cc cc cc cc 81 ff d0 00 00 00 74 f1 81 ff e0 00 00 00 74 e9 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 eb d4 89 f6 31 d2 e8 d1 36 a3 01 5d c3 cc cc cc cc cc 66 2e
RSP: 0018:ffffc90000230df8 EFLAGS: 00000046
RAX: 00000000014481fb RBX: ffff8881f6f28380 RCX: 0000000000000838
RDX: 0000000000000000 RSI: 00000000014481fb RDI: 0000000000000838
RBP: ffffc90000230df8 R08: ffff88810366a600 R09: 0000000000000002
R10: 0000000000000000 R11: ffffffff81427f00 R12: 0000000000000020
R13: dffffc0000000000 R14: 000000000ffffe52 R15: 00000000014481fb
FS:  0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000555556c4e4e8 CR3: 0000000114d86000 CR4: 00000000003526b0
Call Trace:
 <IRQ>
 apic_write arch/x86/include/asm/apic.h:405 [inline]
 lapic_next_event+0x15/0x20 arch/x86/kernel/apic/apic.c:415
 clockevents_program_event+0x1dd/0x350 kernel/time/clockevents.c:334
 tick_program_event+0x9b/0x120 kernel/time/tick-oneshot.c:44
 hrtimer_interrupt+0xa66/0xf00 kernel/time/hrtimer.c:1892
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1038 [inline]
 __sysvec_apic_timer_interrupt+0x8e/0x2a0 arch/x86/kernel/apic/apic.c:1055
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x7d/0x90 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:702
RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:106
Code: cc cc cc cc cc cc cc b8 92 95 02 29 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 4c 49 00 55 48 89 e5 fb f4 <5d> c3 cc cc cc cc cc cc cc cc cc cc cc b8 00 00 00 00 90 90 90 90
RSP: 0018:ffffc900001a7e00 EFLAGS: 000002c2
RAX: ffff8881f6f00000 RBX: ffff88810366a600 RCX: ffffffff859e0a4d
RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000d509ac
RBP: ffffc900001a7e00 R08: ffff8881f6f39733 R09: 1ffff1103ede72e6
R10: dffffc0000000000 R11: ffffed103ede72e7 R12: 1ffff110206cd4c0
R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff87ebaca8
 arch_safe_halt arch/x86/include/asm/paravirt.h:112 [inline]
 default_idle+0x17/0x30 arch/x86/kernel/process.c:754
 arch_cpu_idle+0xd/0x20 arch/x86/kernel/process.c:791
 default_idle_call+0x3e/0x80 kernel/sched/idle.c:117
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x19f/0x4b0 kernel/sched/idle.c:326
 cpu_startup_entry+0x47/0x60 kernel/sched/idle.c:424
 start_secondary+0x12e/0x140 arch/x86/kernel/smpboot.c:314
 common_startup_64+0x13b/0x157
 </TASK>