syzbot

INFO: task syz-executor695:3855 blocked for more than 120 seconds.
      Not tainted 4.9.111-g03c70fe #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor695 D28504  3855   3852 0x00000000
 ffff8801d843b000 ffff8801b8182f40 ffff8801c1b38540 ffff8801d8439800
 ffff8801db221c18 ffff8801ccd379c8 ffffffff839e7ded ffff8801d843b8c8
 ffffed003b087718 ffff8801d843b000 00fffc0000000000 ffff8801db2224e8
Call Trace:
 [<ffffffff839e93ef>] schedule+0x7f/0x1b0 kernel/sched/core.c:3557
 [<ffffffff839e9d73>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3590
 [<ffffffff839ee1f6>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<ffffffff839ee1f6>] mutex_lock_nested+0x326/0x870 kernel/locking/mutex.c:621
 [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
 [<ffffffff81e56326>] __blkdev_driver_ioctl block/ioctl.c:294 [inline]
 [<ffffffff81e56326>] blkdev_ioctl+0x7b6/0x1a70 block/ioctl.c:590
 [<ffffffff81632c5e>] block_ioctl+0xde/0x120 fs/block_dev.c:1688
 [<ffffffff815b2c6c>] vfs_ioctl fs/ioctl.c:43 [inline]
 [<ffffffff815b2c6c>] file_ioctl fs/ioctl.c:493 [inline]
 [<ffffffff815b2c6c>] do_vfs_ioctl+0x1ac/0x11a0 fs/ioctl.c:677
 [<ffffffff815b3cef>] SYSC_ioctl fs/ioctl.c:694 [inline]
 [<ffffffff815b3cef>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685
 [<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
 [<ffffffff839f8cd3>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Showing all locks held in the system:
2 locks held by khungtaskd/519:
 #0:  (rcu_read_lock){......}, at: [<ffffffff813666fc>] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
 #0:  (rcu_read_lock){......}, at: [<ffffffff813666fc>] watchdog+0x11c/0xa20 kernel/hung_task.c:239
 #1:  (tasklist_lock){.+.+..}, at: [<ffffffff81425d87>] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
2 locks held by getty/3778:
 #0:  (&tty->ldisc_sem){++++++}, at: [<ffffffff839f6e92>] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
 #1:  (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff8211e602>] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2133
1 lock held by syz-executor695/3855:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3857:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3858:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3860:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3861:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3862:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3863:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3864:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3865:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3866:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3867:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3868:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3869:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3870:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3871:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344
1 lock held by syz-executor695/3872:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<ffffffff825c922b>] lo_ioctl+0x8b/0x1aa0 drivers/block/loop.c:1344

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 519 Comm: khungtaskd Not tainted 4.9.111-g03c70fe #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d871fd08 ffffffff81eb2729 0000000000000000 0000000000000001
 0000000000000001 0000000000000001 ffffffff810b9af0 ffff8801d871fd40
 ffffffff81ebda27 0000000000000001 0000000000000000 0000000000000002
Call Trace:
 [<ffffffff81eb2729>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81eb2729>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff81ebda27>] nmi_cpu_backtrace.cold.2+0x48/0x87 lib/nmi_backtrace.c:99
 [<ffffffff81ebd9ba>] nmi_trigger_cpumask_backtrace+0x12a/0x14f lib/nmi_backtrace.c:60
 [<ffffffff810b9bf4>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<ffffffff81366c94>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<ffffffff81366c94>] check_hung_task kernel/hung_task.c:125 [inline]
 [<ffffffff81366c94>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
 [<ffffffff81366c94>] watchdog+0x6b4/0xa20 kernel/hung_task.c:239
 [<ffffffff8119d05d>] kthread+0x26d/0x300 kernel/kthread.c:211
 [<ffffffff839f8e9c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 3852 Comm: sshd Not tainted 4.9.111-g03c70fe #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801d8439800 task.stack: ffff8801b5388000
RIP: 0033:[<00007fefa08afb3e>] 
c [<00007fefa08afb3e>] 0x7fefa08afb3e
RSP: 002b:00007ffe81ac9598  EFLAGS: 00000287
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000200 RSI: 0000000000000011 RDI: 00007ffe81ac9630
RBP: 00005604c6d01c88 R08: 00007ffe81ac9670 R09: 0101010101010101
R10: 0000000000000000 R11: 0000000000000246 R12: 00005604c7bc7a50
R13: 00005604c6cfffb4 R14: 0000000000000028 R15: 00005604c6d01ca0
FS:  00007fefa25b47c0(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005604c7beaff0 CR3: 00000001bcc9b000 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400