SELinux: policydb magic number 0x100 does not match expected magic number 0xf97cff8c SELinux: policydb magic number 0x100 does not match expected magic number 0xf97cff8c BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 257s! Showing busy workqueues and worker pools: workqueue events: flags=0x0 pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=5/256 in-flight: 6699:rtc_timer_do_work pending: destroy_super_work, free_obj_work, vmstat_shepherd, xfrm_state_gc_task workqueue events_power_efficient: flags=0x80 pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 pending: check_lifetime workqueue lru-add-drain: flags=0x8 pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 pending: lru_add_drain_per_cpu BAR(13709) workqueue writeback: flags=0x4e pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 in-flight: 2436:wb_workfn pending: wb_workfn workqueue vmstat: flags=0xc pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 pending: vmstat_update workqueue dm_bufio_cache: flags=0x8 pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 pending: work_fn pool 2: cpus=1 node=0 flags=0x0 nice=0 hung=257s workers=3 idle: 346 22 pool 4: cpus=0-1 flags=0x4 nice=0 hung=0s workers=11 idle: 2617 9865 6 9858 2445 3723 3462 64 2440 2676 INFO: task syz-executor1:2319 blocked for more than 140 seconds. Not tainted 4.9.124+ #32 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D28216 2319 2295 0x00000000 ffff8801d5d54740 ffff8801a9aaa680 ffff8801bf3ccd00 ffff8801c4f40000 ffff8801db6210d8 ffff8801a68df9c8 ffffffff8277c942 0000000000000000 ffff8801d5d54ff0 ffffed003abaa9fd 00ff8801d5d54740 ffff8801db6219b0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3586 [] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [] mutex_lock_nested+0x326/0x870 kernel/locking/mutex.c:621 [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 [] __blkdev_driver_ioctl block/ioctl.c:294 [inline] [] blkdev_ioctl+0x7a4/0x1a50 block/ioctl.c:590 [] block_ioctl+0xde/0x120 fs/block_dev.c:1688 [] vfs_ioctl fs/ioctl.c:43 [inline] [] file_ioctl fs/ioctl.c:493 [inline] [] do_vfs_ioctl+0x1ac/0x11a0 fs/ioctl.c:677 [] SYSC_ioctl fs/ioctl.c:694 [inline] [] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685 [] do_syscall_64+0x19f/0x480 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/2220: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor1/2319: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 3 locks held by kworker/u4:2/2436: #0: ("writeback"){++++.+}, at: [] process_one_work+0x6a0/0x1470 kernel/workqueue.c:2085 #1: ((&(&wb->dwork)->work)){+.+.+.}, at: [] process_one_work+0x6d8/0x1470 kernel/workqueue.c:2089 #2: (&type->s_umount_key#28){++++..}, at: [] trylock_super+0x20/0xf0 fs/super.c:393 2 locks held by /selinux/avc/ca/13694: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 #1: (lock#2){+.+...}, at: [] lru_add_drain_all+0x4a/0x400 mm/swap.c:695 1 lock held by syz-executor6/13705: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 1 lock held by syz-executor6/13738: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 1 lock held by blkid/13700: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 3 locks held by syz-executor2/13709: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 #1: (lock#2){+.+...}, at: [] lru_add_drain_all+0x4a/0x400 mm/swap.c:695 #2: (cpu_hotplug.dep_map){++++++}, at: [] get_online_cpus+0x32/0x90 kernel/cpu.c:253 1 lock held by syz-executor2/13715: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [] lo_ioctl+0x8c/0x1670 drivers/block/loop.c:1353 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.124+ #32 ffff8801d9497d08 ffffffff81af4529 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffff81096740 ffff8801d9497d40 ffffffff81aff287 0000000000000000 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12a/0x14f lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 6699 Comm: kworker/1:3 Not tainted 4.9.124+ #32 Workqueue: events rtc_timer_do_workc task: ffff8801a3a6af80 task.stack: ffff8801d8600000 RIP: 0010:[] c [] mark_held_locks+0xa6/0x130 kernel/locking/lockdep.c:2652 RSP: 0018:ffff8801d8607990 EFLAGS: 00000002 RAX: 0000000000000000 RBX: 0000000000000002 RCX: 1ffff1003474d70f RDX: 0000000000000002 RSI: ffff8801a3a6b880 RDI: ffff8801a3a6b8a2 RBP: ffff8801d86079d0 R08: ffff8801a3a6b878 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801a3a6b830 R13: ffffed003474d705 R14: ffff8801a3a6af80 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f961ac24000 CR3: 00000001c3834000 CR4: 00000000001606b0 DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 Stack: 0000000000000000c ffff8801a3a6b828c 0000000600000007c ffff8801a3a6af80c ffffffff8278b17ac ffff8801d4cfdac8c 0000000000000292c dffffc0000000000c ffff8801d86079f0c ffffffff8120232bc 0000000000000292c ffff8801d4cfdac8c Call Trace: [] __trace_hardirqs_on_caller kernel/locking/lockdep.c:2689 [inline] [] trace_hardirqs_on_caller+0x38b/0x590 kernel/locking/lockdep.c:2736 [] trace_hardirqs_on+0xd/0x10 kernel/locking/lockdep.c:2743 [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:162 [inline] [] _raw_spin_unlock_irqrestore+0x5a/0x70 kernel/locking/spinlock.c:191 [] spin_unlock_irqrestore include/linux/spinlock.h:362 [inline] [] rtc_handle_legacy_irq+0x114/0x190 drivers/rtc/interface.c:521 [] rtc_uie_update_irq+0x1f/0x30 drivers/rtc/interface.c:550 [] rtc_timer_do_work+0x1ff/0x5e0 drivers/rtc/interface.c:881 [] process_one_work+0x791/0x1470 kernel/workqueue.c:2092 [] worker_thread+0xd6/0x10a0 kernel/workqueue.c:2226 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Code: c08 c00 c00 c49 cc1 ced c03 c4d c01 cfd c48 c63 cc3 c48 c8d c04 c80 c49 c8d c34 cc4 c48 c8d c7e c22 c48 c89 cf8 c48 c89 cfa c48 cc1 ce8 c03 c83 ce2 c07 c42 c0f cb6 c04 c38 c<38> cd0 c7f c04 c84 cc0 c75 c5e c0f cb6 c46 c22 c8b c55 cd4 ca8 c03 c0f c45 c55 cd0 c