INFO: task hung in rds_conn

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
e0c0122d-38a6-4645-8ced-d14b8350a2f0	assessment-security	DenialOfService: ✅ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ✅ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌	❓	INFO: task hung in rds_conn_destroy	2026/05/26 07:19	2026/05/26 07:19	2026/05/26 08:29	c69befb30ac10e158cc9d1557b508ee3f0eca1de

INFO: task kworker/u10:1:15509 blocked for more than 143 seconds. Tainted: G U W L XTNJ syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u10:1 state:D stack:24072 pid:15509 tgid:15509 ppid:2 task_flags:0x4208060 flags:0x00080000 Workqueue: netns cleanup_net Call Trace: <TASK> context_switch kernel/sched/core.c:5298 [inline] __schedule+0xfee/0x6120 kernel/sched/core.c:6911 __schedule_loop kernel/sched/core.c:6993 [inline] schedule+0xdd/0x390 kernel/sched/core.c:7008 schedule_timeout+0x1b2/0x280 kernel/time/sleep_timeout.c:75 do_wait_for_common kernel/sched/completion.c:100 [inline] __wait_for_common+0x2e7/0x4c0 kernel/sched/completion.c:121 __flush_work+0x7c7/0xcb0 kernel/workqueue.c:4328 rds_conn_path_destroy net/rds/connection.c:480 [inline] rds_conn_destroy+0x23d/0x960 net/rds/connection.c:533 rds_tcp_kill_sock net/rds/tcp.c:629 [inline] rds_tcp_exit_net+0x460/0x870 net/rds/tcp.c:636 ops_exit_list net/core/net_namespace.c:199 [inline] ops_undo_list+0x2ee/0xab0 net/core/net_namespace.c:252 cleanup_net+0x499/0x920 net/core/net_namespace.c:704 process_one_work+0xa23/0x19a0 kernel/workqueue.c:3276 process_scheduled_works kernel/workqueue.c:3359 [inline] worker_thread+0x5ef/0xe50 kernel/workqueue.c:3440 kthread+0x370/0x450 kernel/kthread.c:436 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> Showing all locks held in the system: 1 lock held by khungtaskd/30: #0: ffffffff8e7e7660 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline] #0: ffffffff8e7e7660 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline] #0: ffffffff8e7e7660 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 kernel/locking/lockdep.c:6775 2 locks held by getty/5590: #0: ffff888037f590a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243 #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 drivers/tty/n_tty.c:2211 3 locks held by kworker/u10:1/15509: #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0 kernel/workqueue.c:3251 #1: ffffc90003bc7d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0 kernel/workqueue.c:3252 #2: ffffffff905fc1d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 net/core/net_namespace.c:675 3 locks held by kworker/u10:2/15514: #0: ffff88813fea4148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0 kernel/workqueue.c:3251 #1: ffffc900048cfd08 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0 kernel/workqueue.c:3252 #2: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 net/core/link_watch.c:313 1 lock held by syz-executor/16087: #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline] #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 drivers/net/tun.c:3436 1 lock held by syz-executor/17033: #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline] #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 drivers/net/tun.c:3436 1 lock held by syz.3.3152/20016: #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline] #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 drivers/net/tun.c:3436 1 lock held by syz.2.3153/20019: #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_detach drivers/net/tun.c:634 [inline] #0: ffffffff90614a28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 drivers/net/tun.c:3436 ============================================= NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x100/0x190 lib/dump_stack.c:120 nmi_cpu_backtrace.cold+0x12d/0x151 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x1d7/0x230 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline] __sys_info lib/sys_info.c:157 [inline] sys_info+0x141/0x190 lib/sys_info.c:165 check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline] watchdog+0xd25/0x1050 kernel/hung_task.c:515 kthread+0x370/0x450 kernel/kthread.c:436 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK>

Crashes (3):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/03/22 18:19	upstream	113ae7b4decc	5b92003d	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-qemu-gce-upstream-auto	INFO: task hung in rds_conn_destroy
2026/03/15 17:24	upstream	267594792a71	ee8d34d6	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-qemu-gce-upstream-auto	INFO: task hung in rds_conn_destroy
2026/03/04 17:47	upstream	0031c06807cf	e6b6b96b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-qemu-gce-upstream-auto	INFO: task hung in rds_conn_destroy

Crashes (3):

Assets (help?)