INFO: task kworker/u4:5:238 blocked for more than 143 seconds. Not tainted 5.12.0-rc6-next-20210409-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:5 state:D stack:24608 pid: 238 ppid: 2 flags:0x00004000 Workqueue: events_unbound flush_to_ldisc Call Trace: context_switch kernel/sched/core.c:4329 [inline] __schedule+0x917/0x2170 kernel/sched/core.c:5079 schedule+0xcf/0x270 kernel/sched/core.c:5158 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5217 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 flush_to_ldisc+0x3e/0x380 drivers/tty/tty_buffer.c:505 process_one_work+0x98d/0x1600 kernel/workqueue.c:2275 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421 kthread+0x3b1/0x4a0 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task login:8379 blocked for more than 143 seconds. Not tainted 5.12.0-rc6-next-20210409-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:login state:D stack:22896 pid: 8379 ppid: 1 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:4329 [inline] __schedule+0x917/0x2170 kernel/sched/core.c:5079 schedule+0xcf/0x270 kernel/sched/core.c:5158 schedule_timeout+0x1db/0x250 kernel/time/timer.c:1854 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x168/0x270 kernel/sched/completion.c:138 __flush_work+0x50e/0xad0 kernel/workqueue.c:3052 n_tty_read+0x97c/0x12f0 drivers/tty/n_tty.c:2217 iterate_tty_read drivers/tty/tty_io.c:873 [inline] tty_read+0x33a/0x5d0 drivers/tty/tty_io.c:950 call_read_iter include/linux/fs.h:2104 [inline] new_sync_read+0x41e/0x6e0 fs/read_write.c:415 vfs_read+0x35c/0x570 fs/read_write.c:496 ksys_read+0x12d/0x250 fs/read_write.c:634 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f1be8a69910 RSP: 002b:00007fffcc8bb968 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f1be8a69910 RDX: 00000000000001ff RSI: 00007fffcc8bbc70 RDI: 0000000000000000 RBP: 0000000000000000 R08: 00007f1be95844c0 R09: 00007fffcc8bb9f0 R10: 000000000000037b R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000001 R14: 00007fffcc8bbf68 R15: 000055de11b9ab18 INFO: task syz-executor.2:17199 can't die for more than 143 seconds. task:syz-executor.2 state:D stack:26384 pid:17199 ppid: 11181 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:4329 [inline] __schedule+0x917/0x2170 kernel/sched/core.c:5079 schedule+0xcf/0x270 kernel/sched/core.c:5158 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5217 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 paste_selection+0x123/0x4e0 drivers/tty/vt/selection.c:390 tioclinux+0x126/0x560 drivers/tty/vt/vt.c:3164 vt_ioctl+0x2022/0x27f0 drivers/tty/vt/vt_ioctl.c:723 tty_ioctl+0xed8/0x1710 drivers/tty/tty_io.c:2800 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x466459 RSP: 002b:00007f85bea02188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 RDX: 0000000020000300 RSI: 000000000000541c RDI: 0000000000000008 RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60 R13: 00007fff3392a02f R14: 00007f85bea02300 R15: 0000000000022000 INFO: task syz-executor.2:17199 blocked for more than 144 seconds. Not tainted 5.12.0-rc6-next-20210409-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.2 state:D stack:26384 pid:17199 ppid: 11181 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:4329 [inline] __schedule+0x917/0x2170 kernel/sched/core.c:5079 schedule+0xcf/0x270 kernel/sched/core.c:5158 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5217 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 paste_selection+0x123/0x4e0 drivers/tty/vt/selection.c:390 tioclinux+0x126/0x560 drivers/tty/vt/vt.c:3164 vt_ioctl+0x2022/0x27f0 drivers/tty/vt/vt_ioctl.c:723 tty_ioctl+0xed8/0x1710 drivers/tty/tty_io.c:2800 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x466459 RSP: 002b:00007f85bea02188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 RDX: 0000000020000300 RSI: 000000000000541c RDI: 0000000000000008 RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60 R13: 00007fff3392a02f R14: 00007f85bea02300 R15: 0000000000022000 Showing all locks held in the system: 3 locks held by kworker/u4:5/238: #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x871/0x1600 kernel/workqueue.c:2246 #1: ffffc9000104fda8 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x1600 kernel/workqueue.c:2250 #2: ffff8880108790b8 (&buf->lock){+.+.}-{3:3}, at: flush_to_ldisc+0x3e/0x380 drivers/tty/tty_buffer.c:505 1 lock held by khungtaskd/1647: #0: ffffffff8bf752a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6333 1 lock held by in:imklog/8315: 2 locks held by login/8379: #0: ffff888011e0b098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:266 #1: ffffc900010182e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xd5b/0x12f0 drivers/tty/n_tty.c:2178 2 locks held by syz-executor.2/17199: #0: ffff888011e0b098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:266 #1: ffff8880108790b8 (&buf->lock){+.+.}-{3:3}, at: paste_selection+0x123/0x4e0 drivers/tty/vt/selection.c:390 2 locks held by syz-executor.4/17198: #0: ffff888011e0b098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:266 #1: ffff8880108790b8 (&buf->lock){+.+.}-{3:3}, at: paste_selection+0x123/0x4e0 drivers/tty/vt/selection.c:390 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 1647 Comm: khungtaskd Not tainted 5.12.0-rc6-next-20210409-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x141/0x1d7 lib/dump_stack.c:120 nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:253 [inline] watchdog+0xd3b/0xf50 kernel/hung_task.c:338 kthread+0x3b1/0x4a0 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 4856 Comm: systemd-journal Not tainted 5.12.0-rc6-next-20210409-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:match_held_lock+0x0/0x150 kernel/locking/lockdep.c:4961 Code: cc cc cc cc cc cc cc cc cc cc 80 3d 17 02 a4 04 00 74 01 c3 48 c7 c7 20 9a 6b 89 c6 05 06 02 a4 04 01 e8 a0 f9 be ff 0f 0b c3 <48> 39 77 10 0f 84 97 00 00 00 66 f7 47 22 f0 ff 74 4b 48 83 ec 08 RSP: 0018:ffffc9000161f9c0 EFLAGS: 00000002 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ffffffff8bf751e0 RDI: ffff88801267c2f8 RBP: ffffffff8bf751e0 R08: 0000000000000000 R09: ffffffff8dc7d34f R10: fffffbfff1b8fa69 R11: 0000000000000000 R12: ffff88801267b900 R13: ffff88801267c2f8 R14: 00000000ffffffff R15: ffff88801267c2f8 FS: 00007f26891318c0(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2686686000 CR3: 00000000123a6000 CR4: 00000000001526e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __lock_is_held kernel/locking/lockdep.c:5255 [inline] lock_is_held_type+0xa7/0x140 kernel/locking/lockdep.c:5555 lock_is_held include/linux/lockdep.h:283 [inline] rcu_read_lock_sched_held+0x3a/0x70 kernel/rcu/update.c:125 trace_lock_release include/trace/events/lock.h:58 [inline] lock_release+0x522/0x720 kernel/locking/lockdep.c:5523 rcu_lock_release include/linux/rcupdate.h:272 [inline] rcu_read_unlock include/linux/rcupdate.h:711 [inline] is_bpf_text_address+0x99/0x170 kernel/bpf/core.c:706 kernel_text_address kernel/extable.c:151 [inline] kernel_text_address+0xbd/0xf0 kernel/extable.c:120 __kernel_text_address+0x9/0x30 kernel/extable.c:105 unwind_get_return_address arch/x86/kernel/unwind_orc.c:318 [inline] unwind_get_return_address+0x51/0x90 arch/x86/kernel/unwind_orc.c:313 arch_stack_walk+0x93/0xe0 arch/x86/kernel/stacktrace.c:26 stack_trace_save+0x8c/0xc0 kernel/stacktrace.c:121 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38 kasan_record_aux_stack+0xe5/0x110 mm/kasan/generic.c:345 __call_rcu kernel/rcu/tree.c:3016 [inline] call_rcu+0xb1/0x750 kernel/rcu/tree.c:3091 task_work_run+0xdd/0x1a0 kernel/task_work.c:164 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:174 [inline] exit_to_user_mode_prepare+0x249/0x250 kernel/entry/common.c:208 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:301 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f26886c0840 Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 RSP: 002b:00007fff2a541588 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: fffffffffffffffe RBX: 00007fff2a541890 RCX: 00007f26886c0840 RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 00005627ec42a4e0 RBP: 000000000000000d R08: 00000000000001e0 R09: 00000000ffffffff R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff R13: 00005627ec41f040 R14: 00007fff2a541850 R15: 00005627ec42a530