executing program
syzkaller login: [  615.391845] INFO: task syzkaller741492:3041 blocked for more than 120 seconds.
[  615.394009]       Not tainted 4.13.0-rc6-next-20170825+ #9
[  615.397175] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  615.399366] syzkaller741492 D23824  3041   3039 0x00000000
[  615.401491] Call Trace:
[  615.402548]  __schedule+0x8e8/0x2070
[  615.404007]  ? __sched_text_start+0x8/0x8
[  615.405575]  ? prepare_to_wait_exclusive+0xb6/0x530
[  615.407274]  ? find_held_lock+0x39/0x1d0
[  615.408692]  ? trace_hardirqs_on_caller+0x19e/0x5c0
[  615.410371]  ? trace_hardirqs_on+0xd/0x10
[  615.411782]  schedule+0x108/0x440
[  615.413008]  ? __schedule+0x2070/0x2070
[  615.414433]  ? mark_held_locks+0xb2/0x100
[  615.420117]  ? __local_bh_enable_ip+0x9d/0x160
[  615.421678]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.422978]  ? __lock_sock+0x1d7/0x2f0
[  615.424012]  ? trace_hardirqs_on+0xd/0x10
[  615.425169]  ? __local_bh_enable_ip+0x9d/0x160
[  615.426398]  __lock_sock+0x1dc/0x2f0
[  615.427400]  ? proto_unregister+0x5e0/0x5e0
[  615.428569]  ? finish_wait+0x490/0x490
[  615.429932]  ? lock_sock_nested+0x44/0x110
[  615.431404]  lock_sock_nested+0xf3/0x110
[  615.432806]  tcp_sendmsg+0x21/0x50
[  615.434091]  inet_sendmsg+0x11f/0x5e0
[  615.435385]  ? inet_recvmsg+0x5f0/0x5f0
[  615.436766]  ? selinux_socket_sendmsg+0x36/0x40
[  615.438988]  ? security_socket_sendmsg+0x89/0xb0
[  615.439874]  ? inet_recvmsg+0x5f0/0x5f0
[  615.440642]  sock_sendmsg+0xca/0x110
[  615.441357]  kernel_sendmsg+0x47/0x60
[  615.442096]  sock_no_sendpage+0x1cc/0x280
[  615.442827]  ? sock_no_shutdown+0x10/0x10
[  615.443642]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.444369]  tcp_sendpage_locked+0x10b/0x160
[  615.444974]  tcp_sendpage+0x43/0x60
[  615.445517]  ? tcp_sendpage_locked+0x160/0x160
[  615.446180]  inet_sendpage+0x1aa/0x660
[  615.446718]  ? inet_sendmsg+0x5e0/0x5e0
[  615.447307]  ? inet_sendmsg+0x5e0/0x5e0
[  615.447852]  kernel_sendpage+0x8d/0xe0
[  615.448443]  sock_sendpage+0x92/0xc0
[  615.448860]  ? kernel_sendpage+0xe0/0xe0
[  615.449345]  pipe_to_sendpage+0x290/0x3b0
[  615.449809]  ? direct_splice_actor+0x180/0x180
[  615.450349]  ? check_same_owner+0x320/0x320
[  615.450840]  ? splice_from_pipe_next.part.9+0x22a/0x2e0
[  615.451469]  __splice_from_pipe+0x343/0x750
[  615.451956]  ? direct_splice_actor+0x180/0x180
[  615.452508]  splice_from_pipe+0x1e9/0x330
[  615.452969]  ? direct_splice_actor+0x180/0x180
[  615.453500]  ? splice_shrink_spd+0xb0/0xb0
[  615.453907]  ? security_file_permission+0x89/0x1f0
[  615.454402]  generic_splice_sendpage+0x40/0x50
[  615.454829]  ? splice_from_pipe+0x330/0x330
[  615.455262]  SyS_splice+0x7d5/0x1630
[  615.455616]  ? do_writev+0xfc/0x2a0
[  615.455972]  ? compat_SyS_vmsplice+0x250/0x250
[  615.456426]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.456893]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  615.457371]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[  615.457814] RIP: 0033:0x434f29
[  615.458749] RSP: 002b:00007ffdbde9e948 EFLAGS: 00000203 ORIG_RAX: 0000000000000113
[  615.459388] RAX: ffffffffffffffda RBX: 00000000004002b0 RCX: 0000000000434f29
[  615.459971] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  615.460580] RBP: 0000000000000086 R08: 0000000000000009 R09: 0000000000000004
[  615.461170] R10: 0000000000000000 R11: 0000000000000203 R12: 0000000000000000
[  615.461736] R13: 00000000004018a0 R14: 0000000000401930 R15: 0000000000000000
[  615.462353] 
[  615.462353] Showing all locks held in the system:
[  615.462861] 2 locks held by khungtaskd/663:
[  615.463242]  #0:  (rcu_read_lock){....}, at: [<ffffffff816ed305>] watchdog+0x1c5/0xd60
[  615.463854]  #1:  (tasklist_lock){.+.+}, at: [<ffffffff81544bd2>] debug_show_all_locks+0xd2/0x410
[  615.464528] 1 lock held by rsyslogd/2927:
[  615.464821]  #0:  (&f->f_pos_lock){+.+.}, at: [<ffffffff81b21d01>] __fdget_pos+0x131/0x1a0
[  615.465442] 2 locks held by getty/3010:
[  615.465723]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.466361]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.467040] 2 locks held by getty/3011:
[  615.467318]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.467937]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.468617] 2 locks held by getty/3012:
[  615.468875]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.469460]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.470084] 2 locks held by getty/3013:
[  615.470341]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.470933]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.471592] 2 locks held by getty/3014:
[  615.471883]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.472456]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.473091] 2 locks held by getty/3015:
[  615.473340]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.473889]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.474498] 2 locks held by getty/3016:
[  615.474792]  #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff84da1f17>] ldsem_down_read+0x37/0x40
[  615.475360]  #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff826ff0a2>] n_tty_read+0x2f2/0x1a40
[  615.475950] 2 locks held by syzkaller741492/3041:
[  615.476272]  #0:  (&pipe->mutex/1){+.+.}, at: [<ffffffff81abf7e6>] pipe_lock+0x56/0x70
[  615.476818]  #1:  (sk_lock-AF_INET){+.+.}, at: [<ffffffff840ac24e>] tcp_sendpage+0x2e/0x60
[  615.477373] 
[  615.477483] =============================================
[  615.477483] 
[  615.477945] NMI backtrace for cpu 0
[  615.478198] CPU: 0 PID: 663 Comm: khungtaskd Not tainted 4.13.0-rc6-next-20170825+ #9
[  615.478688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[  615.479798] Call Trace:
[  615.480002]  dump_stack+0x194/0x257
[  615.480279]  ? arch_local_irq_restore+0x53/0x53
[  615.480609]  nmi_cpu_backtrace+0x20e/0x240
[  615.480905]  ? kobject_synth_uevent+0xad0/0xad0
[  615.481239]  ? debug_check_no_locks_held+0x140/0x140
[  615.481601]  ? show_regs_print_info+0x65/0x65
[  615.481916]  ? irq_force_complete_move+0x390/0x390
[  615.482267]  nmi_trigger_cpumask_backtrace+0x122/0x180
[  615.482626]  arch_trigger_cpumask_backtrace+0x14/0x20
[  615.482978]  watchdog+0x90c/0xd60
[  615.483247]  ? reset_hung_task_detector+0xa0/0xa0
[  615.483564]  ? complete+0x18/0x80
[  615.483816]  ? __schedule+0x2070/0x2070
[  615.484118]  ? _raw_spin_unlock_irqrestore+0x31/0xba
[  615.484453]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.484794]  ? trace_hardirqs_on+0xd/0x10
[  615.485080]  ? __kthread_parkme+0x173/0x240
[  615.485383]  kthread+0x39c/0x470
[  615.485594]  ? reset_hung_task_detector+0xa0/0xa0
[  615.485894]  ? kthread_create_on_node+0x100/0x100
[  615.486199]  ret_from_fork+0x2a/0x40
[  615.486486] Sending NMI from CPU 0 to CPUs 1-3:
[  615.486970] NMI backtrace for cpu 2
[  615.486974] CPU: 2 PID: 2925 Comm: rs:main Q:Reg Not tainted 4.13.0-rc6-next-20170825+ #9
[  615.486976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[  615.486978] task: ffff880068ffc340 task.stack: ffff8800697d0000
[  615.486998] RIP: 0010:memcmp+0xcb/0x160
[  615.487000] RSP: 0018:ffff8800697d6ba0 EFLAGS: 00000246
[  615.487005] RAX: 0000000000000000 RBX: ffff8800697d6ce0 RCX: 00000000000000ff
[  615.487021] RDX: ffff8800697d6ce0 RSI: ffff880068d165b0 RDI: 0000000000000007
[  615.487023] RBP: ffff8800697d6bc8 R08: 0000000000000000 R09: 1ffff1000d2fad42
[  615.487026] R10: 00000000db37e248 R11: 00000000bc08ac0a R12: dffffc0000000000
[  615.487028] R13: 0000000000000098 R14: ffff880068d16500 R15: ffff8800697d6c48
[  615.487045] FS:  00007f9212fab700(0000) GS:ffff88006de00000(0000) knlGS:0000000000000000
[  615.487047] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  615.487050] CR2: 000055d48e77de50 CR3: 0000000038f43000 CR4: 00000000000006e0
[  615.487054] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  615.487056] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  615.487057] Call Trace:
[  615.487063]  depot_save_stack+0x12c/0x490
[  615.487069]  save_stack+0xa3/0xd0
[  615.487073]  ? save_stack_trace+0x16/0x20
[  615.487076]  ? save_stack+0x43/0xd0
[  615.487080]  ? kasan_kmalloc+0xad/0xe0
[  615.487082]  ? kasan_slab_alloc+0x12/0x20
[  615.487086]  ? kmem_cache_alloc+0x11b/0x760
[  615.487089]  ? alloc_buffer_head+0x76/0x190
[  615.487092]  ? alloc_page_buffers+0xb7/0x200
[  615.487096]  ? create_empty_buffers+0xd0/0x7b0
[  615.487099]  ? create_page_buffers+0x1ed/0x290
[  615.487102]  ? __block_write_begin_int+0x22c/0x1410
[  615.487106]  ? __block_write_begin+0x30/0x40
[  615.487110]  ? ext4_da_write_begin+0x4f1/0x1020
[  615.487113]  ? generic_perform_write+0x28c/0x650
[  615.487116]  ? __generic_file_write_iter+0x366/0x5b0
[  615.487119]  ? ext4_file_write_iter+0x59e/0x10b0
[  615.487123]  ? __vfs_write+0x68a/0x970
[  615.487126]  ? vfs_write+0x18f/0x510
[  615.487129]  ? SyS_write+0xef/0x220
[  615.487133]  ? entry_SYSCALL_64_fastpath+0x1f/0xbe
[  615.487139]  ? __lock_is_held+0xbc/0x140
[  615.487146]  ? check_same_owner+0x320/0x320
[  615.487150]  ? check_noncircular+0x20/0x20
[  615.487155]  ? kasan_unpoison_shadow+0x35/0x50
[  615.487158]  kasan_kmalloc+0xad/0xe0
[  615.487163]  kasan_slab_alloc+0x12/0x20
[  615.487166]  kmem_cache_alloc+0x11b/0x760
[  615.487172]  alloc_buffer_head+0x76/0x190
[  615.487176]  ? recalc_bh_state.part.34+0x150/0x150
[  615.487181]  ? lock_downgrade+0x990/0x990
[  615.487186]  alloc_page_buffers+0xb7/0x200
[  615.487191]  create_empty_buffers+0xd0/0x7b0
[  615.487196]  ? lock_release+0xd70/0xd70
[  615.487200]  ? attach_nobh_buffers+0x560/0x560
[  615.487204]  ? save_stack_trace+0x16/0x20
[  615.487210]  ? start_this_handle+0x4b8/0x1080
[  615.487214]  ? start_this_handle+0x597/0x1080
[  615.487217]  ? vfs_write+0x18f/0x510
[  615.487220]  ? SyS_write+0xef/0x220
[  615.487226]  ? jbd2_journal_free_reserved+0xf0/0xf0
[  615.487229]  ? check_noncircular+0x20/0x20
[  615.487232]  ? alloc_pages_current+0xbe/0x1e0
[  615.487236]  ? __lock_is_held+0xbc/0x140
[  615.487239]  ? __page_cache_alloc+0x165/0x4d0
[  615.487245]  create_page_buffers+0x1ed/0x290
[  615.487250]  ? create_empty_buffers+0x7b0/0x7b0
[  615.487254]  ? __lock_is_held+0xbc/0x140
[  615.487259]  __block_write_begin_int+0x22c/0x1410
[  615.487263]  ? __lock_is_held+0xbc/0x140
[  615.487281]  ? check_noncircular+0x20/0x20
[  615.487285]  ? ext4_inode_attach_jinode.part.67+0x150/0x150
[  615.487290]  ? __breadahead+0x150/0x150
[  615.487295]  ? jbd2_write_access_granted.part.9+0x3a0/0x3a0
[  615.487299]  ? rcu_note_context_switch+0x710/0x710
[  615.487303]  ? __lock_is_held+0xbc/0x140
[  615.487307]  ? __lock_is_held+0xbc/0x140
[  615.487313]  ? __ext4_journal_start_sb+0x167/0x550
[  615.487318]  ? check_same_owner+0x320/0x320
[  615.487322]  ? wb_domain_writeout_inc.part.27+0xa0/0xa0
[  615.487325]  ? wait_for_stable_page+0x173/0x310
[  615.487329]  ? wb_domain_writeout_inc.part.27+0xa0/0xa0
[  615.487333]  ? ext4_inode_attach_jinode.part.67+0x150/0x150
[  615.487337]  __block_write_begin+0x30/0x40
[  615.487341]  ext4_da_write_begin+0x4f1/0x1020
[  615.487348]  ? ext4_write_begin+0x1400/0x1400
[  615.487353]  ? __test_set_page_writeback+0x1210/0x1210
[  615.487356]  ? generic_write_end+0x2c3/0x460
[  615.487361]  ? block_write_end+0x1c0/0x1c0
[  615.487365]  ? check_noncircular+0x20/0x20
[  615.487368]  ? __lock_is_held+0xbc/0x140
[  615.487386]  ? __ext4_journal_stop+0x76/0x1c0
[  615.487390]  ? ext4_da_write_end+0x4b6/0xaf0
[  615.487396]  ? iov_iter_advance+0x2a1/0x13f0
[  615.487399]  ? __lock_is_held+0xbc/0x140
[  615.487402]  ? ext4_write_end+0xe90/0xe90
[  615.487406]  ? iov_iter_fault_in_readable+0x20e/0x410
[  615.487410]  ? iov_iter_revert+0x9d0/0x9d0
[  615.487415]  ? iov_iter_copy_from_user_atomic+0xd30/0xd30
[  615.487418]  ? check_same_owner+0x320/0x320
[  615.487422]  ? current_kernel_time64+0x122/0x2f0
[  615.487427]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.487431]  generic_perform_write+0x28c/0x650
[  615.487438]  ? add_page_wait_queue+0x290/0x290
[  615.487441]  ? current_time+0x88/0xc0
[  615.487445]  ? file_update_time+0xbf/0x470
[  615.487449]  ? current_time+0xc0/0xc0
[  615.487453]  ? generic_write_checks+0x2f2/0x540
[  615.487458]  __generic_file_write_iter+0x366/0x5b0
[  615.487461]  ? mutex_lock_io_nested+0x1740/0x1740
[  615.487466]  ext4_file_write_iter+0x59e/0x10b0
[  615.487469]  ? __lock_is_held+0xbc/0x140
[  615.487474]  ? ext4_file_mmap+0x1b0/0x1b0
[  615.487478]  ? __fget+0x362/0x580
[  615.487481]  ? lock_downgrade+0x990/0x990
[  615.487486]  ? check_noncircular+0x20/0x20
[  615.487489]  ? iterate_fd+0x3f0/0x3f0
[  615.487494]  ? __lock_is_held+0xbc/0x140
[  615.487499]  ? check_noncircular+0x20/0x20
[  615.487503]  ? iov_iter_init+0xaf/0x1d0
[  615.487508]  __vfs_write+0x68a/0x970
[  615.487512]  ? default_llseek+0x2a0/0x2a0
[  615.487521]  ? rcu_sync_lockdep_assert+0x6d/0xb0
[  615.487525]  ? __sb_start_write+0x203/0x290
[  615.487529]  vfs_write+0x18f/0x510
[  615.487534]  SyS_write+0xef/0x220
[  615.487539]  ? SyS_read+0x220/0x220
[  615.487542]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.487546]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  615.487551]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[  615.487554] RIP: 0033:0x7f9214a0919d
[  615.487555] RSP: 002b:00007f9212faa000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  615.487559] RAX: ffffffffffffffda RBX: 00000000000003d2 RCX: 00007f9214a0919d
[  615.487561] RDX: 00000000000003d2 RSI: 00000000012ee340 RDI: 0000000000000006
[  615.487563] RBP: 0000000000000086 R08: 0a3a332d31207355 R09: 676e69646e655320
[  615.487565] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  615.487566] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[  615.487571] Code: b6 03 48 c1 e9 03 83 e7 07 42 0f b6 0c 21 40 38 f9 7f 04 84 c9 75 7c 0f b6 0e 29 c8 75 0f 48 83 c3 01 48 83 c6 01 48 39 d3 75 b4 <31> c0 48 83 c4 18 5b 41 5c 5d c3 48 89 55 e0 48 89 75 e8 e8 ed 
[  615.487626] NMI backtrace for cpu 1 skipped: idling at pc 0xffffffff84da2b86
[  615.487630] NMI backtrace for cpu 3 skipped: idling at pc 0xffffffff84da2b86
[  615.487982] Kernel panic - not syncing: hung_task: blocked tasks
[  615.487989] CPU: 0 PID: 663 Comm: khungtaskd Not tainted 4.13.0-rc6-next-20170825+ #9
[  615.487993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[  615.487996] Call Trace:
[  615.488006]  dump_stack+0x194/0x257
[  615.488017]  ? arch_local_irq_restore+0x53/0x53
[  615.488038]  panic+0x1e4/0x41c
[  615.488046]  ? refcount_error_report+0x214/0x214
[  615.488073]  watchdog+0x91d/0xd60
[  615.488094]  ? reset_hung_task_detector+0xa0/0xa0
[  615.488101]  ? complete+0x18/0x80
[  615.488118]  ? __schedule+0x2070/0x2070
[  615.488136]  ? _raw_spin_unlock_irqrestore+0x31/0xba
[  615.488146]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.488155]  ? trace_hardirqs_on+0xd/0x10
[  615.488162]  ? __kthread_parkme+0x173/0x240
[  615.488175]  kthread+0x39c/0x470
[  615.488182]  ? reset_hung_task_detector+0xa0/0xa0
[  615.488188]  ? kthread_create_on_node+0x100/0x100
[  615.488200]  ret_from_fork+0x2a/0x40
[  615.551565] Dumping ftrace buffer:
[  615.551849]    (ftrace buffer empty)
[  615.552089] Kernel Offset: disabled
[  615.552325] Rebooting in 86400 seconds..