INFO: task syz-executor.0:26467 can't die for more than 143 seconds. syz-executor.0 R running task 27872 26467 8986 0x00000004 Call Trace: context_switch kernel/sched/core.c:2818 [inline] __schedule+0x7c5/0x1560 kernel/sched/core.c:3444 preempt_schedule_irq+0xb5/0x140 kernel/sched/core.c:3692 retint_kernel+0x1b/0x2b RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x11/0x20 kernel/kcov.c:175 Code: bf 06 00 00 00 48 89 e5 48 8b 4d 08 e8 18 ff ff ff 5d c3 66 0f 1f 44 00 00 55 40 0f b6 d6 40 0f b6 f7 bf 01 00 00 00 48 89 e5 <48> 8b 4d 08 e8 f6 fe ff ff 5d c3 0f 1f 40 00 55 0f b7 d6 0f b7 f7 RSP: 0018:ffff8880586df4e0 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 RAX: 0000000000040000 RBX: 0000000000000005 RCX: ffffc90005df9000 RDX: 0000000000000005 RSI: 0000000000000010 RDI: 0000000000000001 RBP: ffff8880586df4e0 R08: ffff888093b10440 R09: ffffed100b0dbeb3 R10: ffffed100b0dbeb2 R11: 0000000000000000 R12: ffff88808b477500 R13: 0000000000000030 R14: 00000000000002be R15: 0000000000000001 tomoyo_domain_quota_is_ok+0x335/0x540 security/tomoyo/util.c:1068 tomoyo_supervisor+0x2e8/0xef0 security/tomoyo/common.c:2087 tomoyo_audit_path_log security/tomoyo/file.c:168 [inline] tomoyo_path_permission security/tomoyo/file.c:587 [inline] tomoyo_path_permission+0x263/0x360 security/tomoyo/file.c:573 tomoyo_check_open_permission+0x372/0x3f0 security/tomoyo/file.c:780 tomoyo_file_open security/tomoyo/tomoyo.c:319 [inline] tomoyo_file_open+0xa9/0xd0 security/tomoyo/tomoyo.c:314 security_file_open+0x71/0x300 security/security.c:1457 do_dentry_open+0x373/0x1250 fs/open.c:765 vfs_open+0xa0/0xd0 fs/open.c:887 do_last fs/namei.c:3416 [inline] path_openat+0x10e9/0x46d0 fs/namei.c:3533 do_filp_open+0x1a1/0x280 fs/namei.c:3563 do_sys_open+0x3fe/0x5d0 fs/open.c:1070 __do_sys_open fs/open.c:1088 [inline] __se_sys_open fs/open.c:1083 [inline] __x64_sys_open+0x7e/0xc0 fs/open.c:1083 do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4131b1 Code: 44 24 08 29 00 00 00 e8 2d 87 01 00 0f 0b cc cc cc cc cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 0f 86 21 01 <00> 00 48 83 ec 28 48 89 6c 24 20 48 8d 6c 24 20 48 8b 4c 24 40 48 RSP: 002b:00007f0d51c7d7a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004131b1 RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f0d51c7d850 RBP: 000000000075bf20 R08: 000000000000000f R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000293 R12: 00007f0d51c7e6d4 R13: 00000000004c8602 R14: 00000000004def00 R15: 00000000ffffffff Showing all locks held in the system: 1 lock held by khungtaskd/1045: #0: 00000000914bbde3 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e kernel/locking/lockdep.c:5262 1 lock held by rsyslogd/8858: #0: 000000002aabbc9c (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:801 2 locks held by getty/8948: #0: 000000003ba48941 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 0000000083915c79 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/8949: #0: 00000000cb0ff9f3 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000a64efc60 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/8950: #0: 00000000a373f01f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 000000008374a520 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/8951: #0: 0000000057eb2abc (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 0000000023c7be00 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/8952: #0: 0000000014089580 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000a43b6605 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/8953: #0: 00000000120b1c6e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000b1cbdabc (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/8954: #0: 000000006707843b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 000000005ee12b12 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 1 lock held by syz-executor.0/26467: ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 1045 Comm: khungtaskd Not tainted 5.2.0-rc5-next-20190619 #18 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 nmi_cpu_backtrace.cold+0x63/0xa4 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1be/0x236 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:249 [inline] watchdog+0xb88/0x12b0 kernel/hung_task.c:333 kthread+0x354/0x420 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 98 Comm: kworker/u4:2 Not tainted 5.2.0-rc5-next-20190619 #18 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_nc_worker RIP: 0010:separate_irq_context kernel/locking/lockdep.c:3533 [inline] RIP: 0010:__lock_acquire+0x642/0x4af0 kernel/locking/lockdep.c:3869 Code: ff ff 49 89 0a 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 26 32 00 00 41 8b 83 88 08 00 00 <85> c0 74 78 48 8b b5 60 ff ff ff 48 8d 04 80 4c 8d 6c c6 d8 48 b8 RSP: 0018:ffff8880a955faa0 EFLAGS: 00000046 RAX: 0000000000000002 RBX: 0000000000000000 RCX: 92189fdad1408520 RDX: 1ffff110152a9979 RSI: ffff8880a954cc20 RDI: ffffffff8a534540 RBP: ffff8880a955fbb8 R08: ffff8880a954cc20 R09: 0000000000000002 R10: ffff8880a954cc20 R11: ffff8880a954c340 R12: 0000000000000567 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffff600400 CR3: 000000009b4d4000 CR4: 00000000001406e0 Call Trace: lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:4418 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x33/0x50 kernel/locking/spinlock.c:175 spin_lock_bh include/linux/spinlock.h:343 [inline] batadv_nc_purge_paths+0xd8/0x370 net/batman-adv/network-coding.c:441 batadv_nc_worker+0x29c/0x760 net/batman-adv/network-coding.c:719 process_one_work+0x989/0x1790 kernel/workqueue.c:2269 worker_thread+0x98/0xe40 kernel/workqueue.c:2415 kthread+0x354/0x420 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352