INFO: task syz-executor.1:3434 blocked for more than 140 seconds.
Not tainted 4.9.141+ #23
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D29816 3434 3432 0x20020000
ffff8801d06fdf00 0000000000000000 ffff8801d2f4f380 ffff8801da6b2f80
ffff8801db721018 ffff8801d13b7b80 ffffffff828075c2 ffffffff8432c608
ffffffff83cc61c0 ffff8801d06fe7d8 00000000000031cb ffff8801db7218f0
Call Trace:
[<ffffffff82808aef>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
[<ffffffff828142d5>] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771
[<ffffffff8280a63f>] do_wait_for_common kernel/sched/completion.c:75 [inline]
[<ffffffff8280a63f>] __wait_for_common kernel/sched/completion.c:93 [inline]
[<ffffffff8280a63f>] wait_for_common+0x3ef/0x5d0 kernel/sched/completion.c:101
[<ffffffff8280a838>] wait_for_completion+0x18/0x20 kernel/sched/completion.c:122
[<ffffffff815ff490>] SYSC_io_destroy fs/aio.c:1414 [inline]
[<ffffffff815ff490>] SyS_io_destroy+0x2c0/0x340 fs/aio.c:1392
[<ffffffff81006311>] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline]
[<ffffffff81006311>] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390
[<ffffffff82818de0>] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137
Showing all locks held in the system:
2 locks held by khungtaskd/24:
#0: (rcu_read_lock){......}, at: [<ffffffff8131c0cc>] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
#0: (rcu_read_lock){......}, at: [<ffffffff8131c0cc>] watchdog+0x11c/0xa20 kernel/hung_task.c:239
#1: (tasklist_lock){.+.+..}, at: [<ffffffff813fe63f>] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
2 locks held by getty/2020:
#0: (&tty->ldisc_sem){++++++}, at: [<ffffffff82815952>] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
#1: (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff81d37362>] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
1 lock held by syz-executor.4/2297:
#0: (tasklist_lock){.+.+..}, at: [<ffffffff810e5158>] release_task.part.4+0x148/0x14b0 kernel/exit.c:183
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #23
ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001
0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40
ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000003
Call Trace:
[<ffffffff81b42e79>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81b42e79>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff81b4df89>] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99
[<ffffffff81b4df1c>] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60
[<ffffffff810984b4>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
[<ffffffff8131c65d>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
[<ffffffff8131c65d>] check_hung_task kernel/hung_task.c:125 [inline]
[<ffffffff8131c65d>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
[<ffffffff8131c65d>] watchdog+0x6ad/0xa20 kernel/hung_task.c:239
[<ffffffff81142c3d>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff82817a5c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 2298 Comm: syz-executor.5 Not tainted 4.9.141+ #23
task: ffff8801c7815f00 task.stack: ffff8801cae48000
RIP: 0010:[<ffffffff810e9249>] �c [<ffffffff810e9249>] wait_consider_task+0x2f9/0x3620 kernel/exit.c:1401
RSP: 0018:ffff8801cae4fa30 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff8801c5c64768 RCX: 0000000000000000
RDX: 1ffff10038b8c8ed RSI: ffffffff810e9220 RDI: 0000000000000246
RBP: ffff8801cae4fb88 R08: ffffed00395c9f1f R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffff8801c5c64740 R14: ffff8801cae4fc9c R15: ffff8801cae4fc98
FS: 0000000000000000(0000) GS:ffff8801db600000(0063) knlGS:000000000a363900
CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00007fba78a3ef44 CR3: 00000001d4909000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
0000000000000000�c ffff8801c78167d2�c ffff8801cae4fc00�c 0000000000000046�c
ffff8801cae4fb08�c ffff8801c789f338�c ffff8801cae4fa70�c ffffffff81243c87�c
ffff8801cae4fb28�c 0000000000000046�c 0000000000000046�c ffff8801c7815f00�c
Call Trace:
[<ffffffff810ec993>] do_wait_thread kernel/exit.c:1490 [inline]
[<ffffffff810ec993>] do_wait+0x423/0x950 kernel/exit.c:1561
[<ffffffff810eda0b>] SYSC_wait4 kernel/exit.c:1693 [inline]
[<ffffffff810eda0b>] SyS_wait4+0x12b/0x1f0 kernel/exit.c:1658
[<ffffffff812bf054>] C_SYSC_wait4 kernel/compat.c:543 [inline]
[<ffffffff812bf054>] compat_SyS_wait4+0x254/0x290 kernel/compat.c:536
[<ffffffff810c6305>] sys32_waitpid+0x25/0x30 arch/x86/ia32/sys_ia32.c:172
[<ffffffff81006311>] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline]
[<ffffffff81006311>] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390
[<ffffffff82818de0>] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137
Code: �c23 �c00 �c49 �c8d �c5d �c28 �c48 �cb8 �c00 �c00 �c00 �c00 �c00 �cfc �cff �cdf �c48 �c89 �cda �c48 �cc1 �cea �c03 �c0f �cb6 �c04 �c02 �c84 �cc0 �c74 �c08 �c3c �c03 �c0f �c8e �c26 �c14 �c00 �c00 �c45 �c8b �c5d �c28 �c<45> �c85 �cdb �c0f �c85 �c34 �c15 �c00 �c00 �ce8 �c09 �c28 �c23 �c00 �c41 �c83 �cfc �c20 �c0f �c84 �c09 �c