caif:caif_disconnect_client(): nothing to disconnect NOHZ: local_softirq_pending 08 NOHZ: local_softirq_pending 08 NOHZ: local_softirq_pending 08 INFO: task syz-executor.0:8358 blocked for more than 140 seconds. Not tainted 4.14.180-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28144 8358 6353 0x80000004 Call Trace: schedule+0x8d/0x1b0 kernel/sched/core.c:3428 schedule_timeout+0x946/0xe40 kernel/time/timer.c:1723 __down_common kernel/locking/semaphore.c:221 [inline] __down+0x160/0x290 kernel/locking/semaphore.c:238 down+0x57/0x80 kernel/locking/semaphore.c:62 console_lock+0x24/0x70 kernel/printk/printk.c:2216 do_con_write.part.0+0x8c/0x1a20 drivers/tty/vt/vt.c:2223 do_con_write drivers/tty/vt/vt.c:2218 [inline] con_write+0x33/0xc0 drivers/tty/vt/vt.c:2798 process_output_block drivers/tty/n_tty.c:595 [inline] n_tty_write+0x375/0xe30 drivers/tty/n_tty.c:2333 do_tty_write drivers/tty/tty_io.c:959 [inline] tty_write+0x3f0/0x700 drivers/tty/tty_io.c:1043 __vfs_write+0xe4/0x630 fs/read_write.c:480 __kernel_write+0xf5/0x330 fs/read_write.c:501 write_pipe_buf+0x143/0x1b0 fs/splice.c:797 splice_from_pipe_feed fs/splice.c:502 [inline] __splice_from_pipe+0x332/0x740 fs/splice.c:626 splice_from_pipe+0xc6/0x120 fs/splice.c:661 default_file_splice_write+0x37/0x80 fs/splice.c:809 do_splice_from fs/splice.c:851 [inline] direct_splice_actor+0x115/0x160 fs/splice.c:1018 splice_direct_to_actor+0x27e/0x730 fs/splice.c:973 do_splice_direct+0x164/0x210 fs/splice.c:1061 do_sendfile+0x469/0xaf0 fs/read_write.c:1441 SYSC_sendfile64 fs/read_write.c:1502 [inline] SyS_sendfile64+0xff/0x110 fs/read_write.c:1488 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45ca29 RSP: 002b:00007f55e6d8cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 RAX: ffffffffffffffda RBX: 00000000004fc540 RCX: 000000000045ca29 RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0800000080004103 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000008dc R14: 00000000004cba16 R15: 00007f55e6d8d6d4 Showing all locks held in the system: 1 lock held by khungtaskd/1056: #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548 1 lock held by in:imklog/6031: #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0xa6/0xc0 fs/file.c:769 2 locks held by agetty/6034: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284 #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156 2 locks held by agetty/6048: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284 #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e4/0x16f0 drivers/tty/n_tty.c:2156 4 locks held by syz-executor.0/8358: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284 #1: (&tty->atomic_write_lock){+.+.}, at: [] tty_write_lock+0x1d/0x60 drivers/tty/tty_io.c:885 #2: (&tty->termios_rwsem){++++}, at: [] n_tty_write+0x187/0xe30 drivers/tty/n_tty.c:2316 #3: (&ldata->output_lock){+.+.}, at: [] process_output_block drivers/tty/n_tty.c:550 [inline] #3: (&ldata->output_lock){+.+.}, at: [] n_tty_write+0x464/0xe30 drivers/tty/n_tty.c:2333 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1056 Comm: khungtaskd Not tainted 4.14.180-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x139/0x17e lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline] watchdog+0x5e2/0xb80 kernel/hung_task.c:274 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 8349 Comm: syz-executor.4 Not tainted 4.14.180-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff88803e46e400 task.stack: ffff8882111c8000 RIP: 0010:__pvclock_read_cycles arch/x86/include/asm/pvclock.h:84 [inline] RIP: 0010:pvclock_clocksource_read+0x6b/0x4d0 arch/x86/kernel/pvclock.c:87 RSP: 0018:ffff8880aea07b00 EFLAGS: 00000046 RAX: ffff88821fff700f RBX: ffff88821fff7000 RCX: 0000000000000010 RDX: 0000000000000000 RSI: ffffffff86e45880 RDI: ffff88821fff7000 RBP: ffff8880aea07e50 R08: 0000000000000001 R09: 0000000000000003 R10: 0000000000000086 R11: ffff88803e46e400 R12: ffff88821fff7003 R13: ffffffff87ddb360 R14: ffff88809549ad00 R15: 0000000000000000 FS: 00007f25526d9700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000c43dd70000 CR3: 000000004f15c000 CR4: 00000000001406f0 DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: kvm_clock_read+0x1f/0x30 arch/x86/kernel/kvmclock.c:88 kvm_sched_clock_read+0x5/0x10 arch/x86/kernel/kvmclock.c:100 paravirt_sched_clock arch/x86/include/asm/paravirt.h:175 [inline] sched_clock+0x2a/0x40 arch/x86/kernel/tsc.c:228 sched_clock_cpu+0x18/0x1b0 kernel/sched/clock.c:363 local_clock include/linux/sched/clock.h:84 [inline] cpu_clock_event_update kernel/events/core.c:8823 [inline] cpu_clock_event_read+0x15/0x30 kernel/events/core.c:8856 perf_swevent_hrtimer+0x100/0x350 kernel/events/core.c:8739 __run_hrtimer kernel/time/hrtimer.c:1223 [inline] __hrtimer_run_queues+0x25c/0xbb0 kernel/time/hrtimer.c:1287 hrtimer_interrupt+0x1e6/0x5e0 kernel/time/hrtimer.c:1321 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline] smp_apic_timer_interrupt+0x117/0x5e0 arch/x86/kernel/apic/apic.c:1100 apic_timer_interrupt+0x8f/0xa0 arch/x86/entry/entry_64.S:792 RIP: 0010:__sanitizer_cov_trace_pc+0x3d/0x50 kernel/kcov.c:87 RSP: 0018:ffff8882111cf310 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10 RAX: 0000000000040000 RBX: ffff8880000a0000 RCX: ffffc90009336000 RDX: 000000000003ffff RSI: ffffffff831b2f3b RDI: ffff88821927f140 RBP: 0000000000000a00 R08: 0000000000000a00 R09: 0000000000000040 R10: ffffed1043241f13 R11: ffff88821920f89f R12: 0000000000000040 R13: 00000000ef86876d R14: 0000000000000000 R15: 0000000000000000 bitfill_aligned drivers/video/fbdev/core/cfbfillrect.c:43 [inline] bitfill_aligned+0x2b/0x190 drivers/video/fbdev/core/cfbfillrect.c:35 cfb_fillrect+0x3d5/0x720 drivers/video/fbdev/core/cfbfillrect.c:327 vga16fb_fillrect+0x61e/0x1880 drivers/video/fbdev/vga16fb.c:951 bit_clear_margins+0x2a4/0x480 drivers/video/fbdev/core/bitblit.c:232 fbcon_clear_margins+0x285/0x310 drivers/video/fbdev/core/fbcon.c:1320 fbcon_switch+0xcdf/0x1780 drivers/video/fbdev/core/fbcon.c:2302 redraw_screen+0x331/0x770 drivers/tty/vt/vt.c:689 fbcon_modechanged+0x59d/0x890 drivers/video/fbdev/core/fbcon.c:2949 fbcon_event_notify+0x11a/0x1746 drivers/video/fbdev/core/fbcon.c:3302 notifier_call_chain+0x107/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 fb_set_var+0xaad/0xc70 drivers/video/fbdev/core/fbmem.c:1054 do_fb_ioctl+0x3cc/0x840 drivers/video/fbdev/core/fbmem.c:1127 fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1242 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xfe0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45ca29 RSP: 002b:00007f25526d8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00000000004e4ac0 RCX: 000000000045ca29 RDX: 0000000020000000 RSI: 0000000000004601 RDI: 0000000000000005 RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000002f2 R14: 00000000004c56c8 R15: 00007f25526d96d4 Code: 84 c0 0f 95 c0 84 c1 0f 85 45 04 00 00 4c 89 e0 83 e0 07 38 c2 0f 9e c1 84 d2 0f 95 c0 84 c1 0f 85 2d 04 00 00 48 8d 43 0f 8b 0b <48> bd 00 00 00 00 00 fc ff df 48 89 44 24 10 48 8d 43 1b 4c 8d