loop4: p251 start 1854537728 is beyond EOD, truncated
loop4: p252 start 1854537728 is beyond EOD, truncated
loop4: p253 start 1854537728 is beyond EOD, truncated
loop4: p254 start 1854537728 is beyond EOD, truncated
loop4: p255 start 1854537728 is beyond EOD, truncated
INFO: task init:24257 blocked for more than 140 seconds.
      Not tainted 4.9.202+ #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
init            D29128 24257      1 0x00000000
 0000000000000087 ffff8801cae45f00 ffff8801ac332680 ffff8801db71ffc0
 ffff8801a22edf00 ffff8801db71ffd8 ffff8801d4c37758 ffffffff8280a1de
 ffff8801d4c37698 ffffffff81249731 00ff8801cae45f00 ffff8801db7208b0
Call Trace:
 [<000000001d7efd7f>] schedule+0x92/0x1c0 kernel/sched/core.c:3546
 [<000000002bfc504d>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3579
 [<000000007d9c3727>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<000000007d9c3727>] mutex_lock_nested+0x38d/0x920 kernel/locking/mutex.c:621
 [<00000000e691d8c6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 [<00000000e691d8c6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
 [<000000000397c16b>] chrdev_open+0x230/0x630 fs/char_dev.c:398
 [<000000003434661e>] do_dentry_open+0x422/0xd20 fs/open.c:791
 [<000000009ac24640>] vfs_open+0x105/0x230 fs/open.c:904
 [<00000000b520317e>] do_last fs/namei.c:3457 [inline]
 [<00000000b520317e>] path_openat+0xbf5/0x2f60 fs/namei.c:3581
 [<00000000e34ff131>] do_filp_open+0x1a1/0x280 fs/namei.c:3615
 [<0000000049d072dc>] do_sys_open+0x2f0/0x610 fs/open.c:1097
 [<00000000f28aaff7>] SYSC_open fs/open.c:1115 [inline]
 [<00000000f28aaff7>] SyS_open+0x2d/0x40 fs/open.c:1110
 [<000000000cc0667c>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<0000000015dbb6e9>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
INFO: lockdep is turned off.
NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.202+ #0
 ffff8801d98d7cc8 ffffffff81b55d2b 0000000000000001 0000000000000000
 0000000000000001 ffffffff8109a001 dffffc0000000000 ffff8801d98d7d00
 ffffffff81b60fcc 0000000000000001 0000000000000000 0000000000000001
Call Trace:
 [<000000007fe641b6>] __dump_stack lib/dump_stack.c:15 [inline]
 [<000000007fe641b6>] dump_stack+0xcb/0x130 lib/dump_stack.c:56
 [<00000000209e9d55>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99
 [<0000000014c2ee33>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60
 [<00000000fb11beec>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<0000000006e7ecd2>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<0000000006e7ecd2>] check_hung_task kernel/hung_task.c:126 [inline]
 [<0000000006e7ecd2>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline]
 [<0000000006e7ecd2>] watchdog+0x670/0xaf0 kernel/hung_task.c:263
 [<0000000082fe93f3>] kthread+0x278/0x310 kernel/kthread.c:211
 [<0000000086c4cea0>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 30251 Comm: syz-executor.2 Not tainted 4.9.202+ #0
task: 000000001725989e task.stack: 00000000f0c6d4b6
RIP: 0010:[<ffffffff810a8520>] 
c [<0000000055741bb9>] kvm_clock_read+0x10/0x40 arch/x86/kernel/kvmclock.c:90
RSP: 0018:ffff8801db607ae8  EFLAGS: 00000096
RAX: 0000000000000000 RBX: ffff8801cf3eb300 RCX: 1ffffffff063fa28
RDX: 0000000000010000 RSI: ffffffff81bbc38c RDI: ffffffff82b44800
RBP: ffff8801db607ae8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801cf3eb448
R13: ffffffff83114600 R14: ffff8801cf3eb300 R15: dffffc0000000000
FS:  00007fa68360c700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000228a0c8 CR3: 00000001d9e7c000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Stack:
 ffff8801db607af8
c ffffffff810a8569
c ffff8801db607b08
c ffffffff81065799
c
 ffff8801db607b58
c ffffffff8118afe4
c ffffffff810a8559
c ffff8801db607b70
c
 ffffffff8128340b
c ffff8801cf3eb300
c ffff8801cf3eb448
c ffffffff83114600
c
Call Trace:
 <IRQ> 
d [<00000000a896fc5c>] kvm_sched_clock_read+0x9/0x20 arch/x86/kernel/kvmclock.c:103
 [<000000005df7e556>] paravirt_sched_clock arch/x86/include/asm/paravirt.h:185 [inline]
 [<000000005df7e556>] sched_clock+0x9/0x10 arch/x86/kernel/tsc.c:328
 [<00000000e8d41619>] sched_clock_cpu+0x144/0x1c0 kernel/sched/clock.c:305
 [<000000008b1f38e5>] local_clock include/linux/sched.h:2661 [inline]
 [<000000008b1f38e5>] cpu_clock_event_update kernel/events/core.c:8478 [inline]
 [<000000008b1f38e5>] cpu_clock_event_read+0x19/0x30 kernel/events/core.c:8511
 [<000000008833c2d0>] perf_swevent_hrtimer+0x118/0x390 kernel/events/core.c:8394
 [<0000000084834f6a>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline]
 [<0000000084834f6a>] __hrtimer_run_queues+0x313/0xe00 kernel/time/hrtimer.c:1319
 [<0000000020b51eb5>] hrtimer_interrupt+0x1b6/0x450 kernel/time/hrtimer.c:1353
 [<000000009d4a85d1>] local_apic_timer_interrupt+0x76/0xa0 arch/x86/kernel/apic/apic.c:975
 [<000000002488bc8d>] smp_apic_timer_interrupt+0x79/0xb0 arch/x86/kernel/apic/apic.c:999
 [<00000000683ba7d0>] apic_timer_interrupt+0xa5/0xb0 arch/x86/entry/entry_64.S:653
 <EOI> 
d [<00000000e28ada83>] ? audit_kill_trees+0x240/0x240
 [<000000007fed432e>] avc_insert security/selinux/avc.c:670 [inline]
 [<000000007fed432e>] avc_compute_av+0x182/0x610 security/selinux/avc.c:976
 [<00000000cdda53fa>] avc_has_perm_noaudit security/selinux/avc.c:1112 [inline]
 [<00000000cdda53fa>] avc_has_perm+0x355/0x3a0 security/selinux/avc.c:1146
 [<0000000095f946c6>] inode_has_perm security/selinux/hooks.c:1726 [inline]
 [<0000000095f946c6>] file_has_perm+0x3d6/0x510 security/selinux/hooks.c:1816
 [<000000004baeed80>] selinux_revalidate_file_permission security/selinux/hooks.c:3392 [inline]
 [<000000004baeed80>] selinux_file_permission+0x31f/0x470 security/selinux/hooks.c:3413
 [<000000001899765f>] security_file_permission+0x83/0x1f0 security/security.c:778
 [<000000008b103b5c>] rw_verify_area+0xe2/0x2b0 fs/read_write.c:426
 [<000000000dfc46a6>] vfs_write+0xf7/0x520 fs/read_write.c:554
 [<000000007894bfa3>] SYSC_pwrite64 fs/read_write.c:649 [inline]
 [<000000007894bfa3>] SyS_pwrite64+0x13f/0x170 fs/read_write.c:636
 [<000000000cc0667c>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<0000000015dbb6e9>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: 
cc3 
c66 
c2e 
c0f 
c1f 
c84 
c00 
c00 
c00 
c00 
c00 
cc3 
c0f 
c1f 
c44 
c00 
c00 
c66 
c2e 
c0f 
c1f 
c84 
c00 
c00 
c00 
c00 
c00 
c55 
c48 
c89 
ce5 
c65 
cff 
c05 
c75 
cf8 
cf6 
c7e 
ce8 
c30 
c40 
cb1 
c00 
c<48> 
c63 
cf8 
c48 
cc1 
ce7 
c06 
c48 
c03 
c3d 
cb2 
c25 
c4d 
c02 
ce8 
ced 
c26 
c00 
c00 
c65 
cff 
c