NOHZ: local_softirq_pending 08
NOHZ: local_softirq_pending 08
NOHZ: local_softirq_pending 08
INFO: task syz-executor.2:7326 blocked for more than 140 seconds.
      Not tainted 4.14.173-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2  D25760  7326      1 0x00000004
Call Trace:
 schedule+0x8d/0x1b0 kernel/sched/core.c:3428
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
 __mutex_lock_common kernel/locking/mutex.c:833 [inline]
 __mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
 lo_ioctl+0x87/0x1c40 drivers/block/loop.c:1414
 __blkdev_driver_ioctl block/ioctl.c:297 [inline]
 blkdev_ioctl+0x91d/0x17d0 block/ioctl.c:594
 block_ioctl+0xd9/0x120 fs/block_dev.c:1881
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xfe0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c6b7
RSP: 002b:00007ffeb51d2408 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045c6b7
RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003
RBP: 00000000000004da R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffeb51d2440 R14: 00000000000783e6 R15: 00007ffeb51d2450
INFO: task syz-executor.2:13453 blocked for more than 140 seconds.
      Not tainted 4.14.173-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2  D27968 13453   7326 0x00000000
Call Trace:
 schedule+0x8d/0x1b0 kernel/sched/core.c:3428
 schedule_timeout+0x946/0xe40 kernel/time/timer.c:1723
 do_wait_for_common kernel/sched/completion.c:91 [inline]
 __wait_for_common kernel/sched/completion.c:112 [inline]
 wait_for_common kernel/sched/completion.c:123 [inline]
 wait_for_completion+0x241/0x390 kernel/sched/completion.c:144
 flush_work+0x3f5/0x780 kernel/workqueue.c:2891
 lru_add_drain_all_cpuslocked mm/swap.c:722 [inline]
 lru_add_drain_all_cpuslocked+0x2e3/0x440 mm/swap.c:691
 lru_add_drain_all+0xf/0x20 mm/swap.c:730
 invalidate_bdev+0x8a/0xc0 fs/block_dev.c:109
 loop_clr_fd+0x3d1/0xad0 drivers/block/loop.c:1062
 lo_ioctl+0x8a5/0x1c40 drivers/block/loop.c:1424
 __blkdev_driver_ioctl block/ioctl.c:297 [inline]
 blkdev_ioctl+0x91d/0x17d0 block/ioctl.c:594
 block_ioctl+0xd9/0x120 fs/block_dev.c:1881
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xfe0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c6b7
RSP: 002b:00007f9e76ad3a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f9e76ad46d4 RCX: 000000000045c6b7
RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003
RBP: 000000000076c0e0 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000be7 R14: 0000000000000003 R15: 000000000076c0ec
INFO: task blkid:18332 blocked for more than 140 seconds.
      Not tainted 4.14.173-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid           D29104 18332   7282 0x00000004
Call Trace:
 schedule+0x8d/0x1b0 kernel/sched/core.c:3428
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
 __mutex_lock_common kernel/locking/mutex.c:833 [inline]
 __mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
 lo_ioctl+0x87/0x1c40 drivers/block/loop.c:1414
 __blkdev_driver_ioctl block/ioctl.c:297 [inline]
 blkdev_ioctl+0x91d/0x17d0 block/ioctl.c:594
 block_ioctl+0xd9/0x120 fs/block_dev.c:1881
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xfe0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7fb3da3ee347
RSP: 002b:00007ffd73eb1428 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000015ce030 RCX: 00007fb3da3ee347
RDX: 0000000000000000 RSI: 0000000000005331 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007fb3da69e5a0 R09: 0000000000000008
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000005

Showing all locks held in the system:
1 lock held by khungtaskd/1058:
 #0:  (tasklist_lock){.+.+}, at: [<ffffffff81465b23>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4544
2 locks held by getty/7274:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
2 locks held by getty/7275:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
2 locks held by getty/7276:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
2 locks held by getty/7277:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
2 locks held by getty/7278:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
2 locks held by getty/7279:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
2 locks held by getty/7280:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff833ad812>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff833a1454>] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.2/7326:
 #0:  (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839d4867>] lo_ioctl+0x87/0x1c40 drivers/block/loop.c:1414
3 locks held by syz-executor.2/13453:
 #0:  (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839d4867>] lo_ioctl+0x87/0x1c40 drivers/block/loop.c:1414
 #1:  (cpu_hotplug_lock.rw_sem){++++}, at: [<ffffffff8171964a>] get_online_cpus include/linux/cpu.h:145 [inline]
 #1:  (cpu_hotplug_lock.rw_sem){++++}, at: [<ffffffff8171964a>] lru_add_drain_all+0xa/0x20 mm/swap.c:729
 #2:  (lock#5){+.+.}, at: [<ffffffff8171926c>] lru_add_drain_all_cpuslocked+0x6c/0x440 mm/swap.c:704
1 lock held by blkid/18332:
 #0:  (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839d4867>] lo_ioctl+0x87/0x1c40 drivers/block/loop.c:1414

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1058 Comm: khungtaskd Not tainted 4.14.173-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x13e/0x194 lib/dump_stack.c:58
 nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x139/0x17e lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
 watchdog+0x5e2/0xb80 kernel/hung_task.c:274
 kthread+0x30d/0x420 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 17985 Comm: syz-executor.2 Not tainted 4.14.173-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff888033aaa540 task.stack: ffff888053038000
RIP: 0010:__might_fault+0x2/0x1b0 mm/memory.c:4570
RSP: 0000:ffff88805303fc30 EFLAGS: 00000297
RAX: ffff888033aaa540 RBX: 0000000000000040 RCX: 1ffff1100a607fb6
RDX: 0000000000000000 RSI: 0000000000000013 RDI: ffffffff8750f420
RBP: 00007f9e76ad3880 R08: ffff88805303fdd8 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 00007f9e76ad3680
R13: ffff888033aaa540 R14: ffff888033aab9c0 R15: 00007f9e76ad39c4
FS:  00007f9e76ad4700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000375adcd0 CR3: 000000004696e000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __clear_user+0x1e/0x70 arch/x86/lib/usercopy_64.c:19
 copy_xregs_to_user arch/x86/include/asm/fpu/internal.h:375 [inline]
 copy_fpregs_to_sigframe arch/x86/kernel/fpu/signal.c:126 [inline]
 copy_fpstate_to_sigframe+0x212/0x460 arch/x86/kernel/fpu/signal.c:177
 get_sigframe.isra.0.constprop.0+0x46e/0x660 arch/x86/kernel/signal.c:283
 __setup_rt_frame arch/x86/kernel/signal.c:465 [inline]
 setup_rt_frame arch/x86/kernel/signal.c:704 [inline]
 handle_signal arch/x86/kernel/signal.c:748 [inline]
 do_signal+0xa6a/0x1690 arch/x86/kernel/signal.c:816
 exit_to_usermode_loop+0x159/0x220 arch/x86/entry/common.c:160
 prepare_exit_to_usermode+0x1af/0x210 arch/x86/entry/common.c:199
 retint_user+0x8/0x18
RIP: 0033:0x405b49
RSP: 002b:00007f9e76ad3a70 EFLAGS: 00010206
RAX: 00000000375adcc0 RBX: 00007f9e76ad46d4 RCX: 0000000000416647
RDX: 3429d2f371931ce4 RSI: 0000000000000000 RDI: 0000000000000008
RBP: 000000000076c0e0 R08: 00007f9e76ad3a70 R09: 000000000076c0e0
R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff
R13: 0000000000000be7 R14: 00000000004ce0ac R15: 000000000076c0ec
Code: 41 5c 41 5d 41 5e c3 e8 0d 51 e1 ff 0f 0b 48 c7 c7 10 c7 a0 87 e8 bf a2 0a 00 eb 8b e8 b8 a2 0a 00 eb af 66 0f 1f 44 00 00 41 54 <41> 89 f4 55 48 89 fd 53 e8 e1 50 e1 ff 48 b8 00 00 00 00 00 fc