INFO: task syz-executor2:32011 blocked for more than 140 seconds. Not tainted 4.9.131+ #50 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor2 D29896 32011 32010 0x00000000 ffff8801cb08df00 0000000000000000 ffff8801c579dd80 ffff8801cb08af80 ffff8801db621018 ffff88018d457c88 ffffffff827f3542 0000000000000000 ffff8801cb08e7b0 ffffed0039611cf5 00ff8801cb08df00 ffff8801db6218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3586 [] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [] mutex_lock_nested+0x38d/0x900 kernel/locking/mutex.c:621 [] __pipe_lock fs/pipe.c:87 [inline] [] pipe_release+0x50/0x250 fs/pipe.c:568 [] __fput+0x263/0x700 fs/file_table.c:208 [] ____fput+0x15/0x20 fs/file_table.c:244 [] task_work_run+0x10c/0x180 kernel/task_work.c:116 [] tracehook_notify_resume include/linux/tracehook.h:191 [inline] [] exit_to_usermode_loop+0x129/0x150 arch/x86/entry/common.c:162 [] prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] [] syscall_return_slowpath arch/x86/entry/common.c:263 [inline] [] do_syscall_64+0x3e2/0x550 arch/x86/entry/common.c:290 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.?..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/2025: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor2/32010: #0: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock_nested fs/pipe.c:66 [inline] #0: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x5e/0x70 fs/pipe.c:74 1 lock held by syz-executor2/32011: #0: (&pipe->mutex/1){+.+.+.}, at: [] __pipe_lock fs/pipe.c:87 [inline] #0: (&pipe->mutex/1){+.+.+.}, at: [] pipe_release+0x50/0x250 fs/pipe.c:568 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.131+ #50 ffff8801d9907d08 ffffffff81b37029 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff81098450 ffff8801d9907d40 ffffffff81b42139 0000000000000001 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.9.131+ #50 task: ffffffff83029180 task.stack: ffffffff83000000 RIP: 0010:[] c [] __lock_release kernel/locking/lockdep.c:3550 [inline] RIP: 0010:[] c [] lock_release+0x39b/0xc20 kernel/locking/lockdep.c:3775 RSP: 0018:ffff8801db607e88 EFLAGS: 00000046 RAX: 0000000000000003 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff83029a30 RDI: 0000000000000000 RBP: ffff8801db607f30 R08: ffffffff83029a50 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 R13: ffffffff83029a30 R14: ffffffff83029a08 R15: ffffffff83029a52 FS: 0000000000000000(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000c2f978 CR3: 00000001a912f000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: 093622b1e709bef8c 0000000000000046c ffffffff83029180c 0000000000000000c 0000000000000000c 0000000000000002c ffff8801db607f30c 0000000000000046c 0000000000000000c ffffffff83029a28c ffffffff83029a30c 0000000000000046c Call Trace: [] seqcount_lockdep_reader_access include/linux/seqlock.h:81 [inline] [] read_seqcount_begin include/linux/seqlock.h:163 [inline] [] ktime_get+0x12f/0x1e0 kernel/time/timekeeping.c:757 [] tick_nohz_irq_enter kernel/time/tick-sched.c:1144 [inline] [] tick_irq_enter+0xcc/0x220 kernel/time/tick-sched.c:1165 [] irq_enter+0xb3/0xd0 kernel/softirq.c:349 [] smp_reschedule_interrupt+0xa/0x90 arch/x86/kernel/smp.c:267 [] reschedule_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:671 d [] ? native_safe_halt+0x6/0x10 arch/x86/include/asm/irqflags.h:56 [] arch_safe_halt arch/x86/include/asm/paravirt.h:104 [inline] [] default_idle+0x55/0x360 arch/x86/kernel/process.c:437 [] arch_cpu_idle+0x10/0x20 arch/x86/kernel/process.c:428 [] default_idle_call+0x45/0x60 kernel/sched/idle.c:97 [] cpuidle_idle_call kernel/sched/idle.c:155 [inline] [] cpu_idle_loop kernel/sched/idle.c:248 [inline] [] cpu_startup_entry+0x2b5/0x380 kernel/sched/idle.c:303 [] rest_init+0x183/0x189 init/main.c:409 [] start_kernel+0x5fb/0x62f init/main.c:664 [] x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:196 [] x86_64_start_kernel+0x13a/0x15d arch/x86/kernel/head64.c:177 Code: c03 c0f cb6 c04 c02 c84 cc0 c74 c0f c3c c03 c7f c0b c89 c4d cc0 ce8 cfb c63 c2e c00 c8b c4d cc0 c66 c41 c83 c6d c22 c10 c66 c41 cf7 c45 c22 cf0 cff c0f c85 c71 c01 c00 c00 c<48> cb8 c00 c00 c00 c00 c00 cfc cff cdf c48 c8b c55 ca0 c48 cc1 cea c03 c0f cb6 c04 c