syzbot

INFO: task syz-executor551:3852 blocked for more than 140 seconds.
      Not tainted 4.4.139-g7ba5557 #66
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor551 D ffff8801d8ae7a68 28320  3852   3849 0x00000000
 ffff8801d8ae7a68 0000000000000000 ffff8800aec250e0 ffffed0015d84a1b
 ffff8800aec24800 ffff8801db31fdb8 ffff8801db31fde0 ffff8801db31f4d8
 ffff8801db31f4c0 ffff8801d0fe8000 ffff8800aec24800 0000000000000000
Call Trace:
 [<ffffffff838b381a>] schedule+0x7a/0x1b0 kernel/sched/core.c:3359
 [<ffffffff838b3fb3>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3392
 [<ffffffff838ba0f7>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<ffffffff838ba0f7>] mutex_lock_nested+0x307/0x850 kernel/locking/mutex.c:621
 [<ffffffff8251a51b>] lo_ioctl+0x8b/0x1ad0 drivers/block/loop.c:1355
 [<ffffffff81db67e8>] __blkdev_driver_ioctl block/ioctl.c:288 [inline]
 [<ffffffff81db67e8>] blkdev_ioctl+0x7b8/0x19c0 block/ioctl.c:584
 [<ffffffff815d3fce>] block_ioctl+0xde/0x120 fs/block_dev.c:1625
 [<ffffffff81559c8f>] vfs_ioctl fs/ioctl.c:43 [inline]
 [<ffffffff81559c8f>] file_ioctl fs/ioctl.c:470 [inline]
 [<ffffffff81559c8f>] do_vfs_ioctl+0x63f/0xf40 fs/ioctl.c:605
 [<ffffffff8155a61f>] SYSC_ioctl fs/ioctl.c:622 [inline]
 [<ffffffff8155a61f>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:613
 [<ffffffff838c1865>] entry_SYSCALL_64_fastpath+0x22/0x9e
1 lock held by syz-executor551/3852:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff8251a51b>] lo_ioctl+0x8b/0x1ad0 drivers/block/loop.c:1355
Sending NMI to all CPUs:
NMI backtrace for cpu 0
CPU: 0 PID: 3859 Comm: syz-executor551 Not tainted 4.4.139-g7ba5557 #66
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801c987e000 task.stack: ffff8800ae490000
RIP: 0010:[<ffffffff81570786>]  [<ffffffff81570786>] timespec_equal include/linux/time.h:16 [inline]
RIP: 0010:[<ffffffff81570786>]  [<ffffffff81570786>] file_update_time+0x2b6/0x3c0 fs/inode.c:1785
RSP: 0018:ffff8800ae497bb0  EFLAGS: 00000246
RAX: dffffc0000000000 RBX: 1ffff10015c92f78 RCX: 0000000000000000
RDX: 1ffff10015babb0a RSI: ffffffff8157076a RDI: ffff8800add5d850
RBP: ffff8800ae497c48 R08: ffff8801c987e900 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8800bae41c00
R13: 0000000000000000 R14: 0000000000000000 R15: ffff8800add5d7d0
FS:  0000000001aff880(0063) GS:ffff8801db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000022b7000 CR3: 00000000b69f2000 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffff880000000000 000000005b44f414 0000000041b58ab3 ffffffff841d9fc1
 ffffffff815704d0 0000000000000246 000000005b44f414 00000000159bfb80
 0000000000000000 ffff8800ba77b6b8 ffff8800ba77b300 ffff8800ae497c48
Call Trace:
 [<ffffffff815371c0>] pipe_write+0xa20/0xd80 fs/pipe.c:473
 [<ffffffff8151ce0d>] new_sync_write fs/read_write.c:478 [inline]
 [<ffffffff8151ce0d>] __vfs_write+0x30d/0x3f0 fs/read_write.c:491
 [<ffffffff8151e9f1>] vfs_write+0x191/0x4e0 fs/read_write.c:538
 [<ffffffff81520ff9>] SYSC_write fs/read_write.c:585 [inline]
 [<ffffffff81520ff9>] SyS_write+0xd9/0x1c0 fs/read_write.c:577
 [<ffffffff838c1865>] entry_SYSCALL_64_fastpath+0x22/0x9e
Code: e8 60 35 01 00 e9 27 fe ff ff e8 46 0d de ff 49 8d bf 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 ee 00 00 00 48 8b 44 24 38 49 39 87 80 00 00 00 0f 85 17 
NMI backtrace for cpu 1
CPU: 1 PID: 492 Comm: khungtaskd Not tainted 4.4.139-g7ba5557 #66
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8800bb324800 task.stack: ffff8800bb350000
RIP: 0010:[<ffffffff810bfb46>]  [<ffffffff810bfb46>] native_apic_mem_write arch/x86/include/asm/apic.h:94 [inline]
RIP: 0010:[<ffffffff810bfb46>]  [<ffffffff810bfb46>] __default_send_IPI_dest_field arch/x86/include/asm/ipi.h:119 [inline]
RIP: 0010:[<ffffffff810bfb46>]  [<ffffffff810bfb46>] _flat_send_IPI_mask arch/x86/kernel/apic/apic_flat_64.c:61 [inline]
RIP: 0010:[<ffffffff810bfb46>]  [<ffffffff810bfb46>] flat_send_IPI_mask+0xf6/0x1a0 arch/x86/kernel/apic/apic_flat_64.c:69
RSP: 0018:ffff8800bb357cc8  EFLAGS: 00000046
RAX: 0000000003000000 RBX: 0000000000000c00 RCX: 0000000000000000
RDX: 0000000000000c00 RSI: 0000000000000000 RDI: ffffffffff5fb300
RBP: ffff8800bb357cf0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000246
R13: 0000000000000003 R14: 0000000000000002 R15: ffffffff8446f6a0
FS:  0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000022b5b10 CR3: 00000001d88a9000 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffffffff8446f6a0 ffffffff84a18ca0 0000000000000007 fffffbfff0942c44
 0000000000000040 ffff8800bb357d10 ffffffff810b5b01 ffffffff83c0b2a0
 0000000000000003 ffff8800bb357d68 ffffffff81e18603 ffffffff8140dd6f
Call Trace:
 [<ffffffff810b5b01>] nmi_raise_cpu_backtrace+0x61/0x80 arch/x86/kernel/apic/hw_nmi.c:33
 [<ffffffff81e18603>] nmi_trigger_all_cpu_backtrace.cold.4+0x70/0xad lib/nmi_backtrace.c:85
 [<ffffffff810b5ba4>] arch_trigger_all_cpu_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 [<ffffffff8141a459>] trigger_all_cpu_backtrace include/linux/nmi.h:44 [inline]
 [<ffffffff8141a459>] check_hung_task kernel/hung_task.c:125 [inline]
 [<ffffffff8141a459>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
 [<ffffffff8141a459>] watchdog.cold.1+0xd3/0xee kernel/hung_task.c:238
 [<ffffffff81190958>] kthread+0x268/0x300 kernel/kthread.c:211
 [<ffffffff838c1c95>] ret_from_fork+0x55/0x80 arch/x86/entry/entry_64.S:510
Code: b3 5f ff f6 c4 10 75 e2 44 89 e8 c1 e0 18 89 04 25 10 b3 5f ff 44 89 f2 09 da 80 cf 04 41 83 fe 02 0f 44 d3 89 14 25 00 b3 5f ff <41> f7 c4 00 02 00 00 75 1a 4c 89 e7 57 9d 0f 1f 44 00 00 e8 e2