[ 8377] 0 8377 17667 8236 25 4 0 1000 syz-executor1 [ 8428] 0 8428 17634 8234 25 4 0 1000 syz-executor4 [ 8453] 0 8453 17766 8242 26 4 0 0 syz-executor5 [ 8587] 0 8587 17667 8233 25 4 0 1000 syz-executor0 [ 9121] 0 9121 17733 8291 26 4 0 1000 syz-executor0 INFO: task syz-executor3:3959 blocked for more than 140 seconds. Not tainted 4.14.90+ #29 [ 9194] 0 9194 17700 8235 24 4 0 1000 syz-executor4 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 9519] 0 9519 17634 8233 26 4 0 0 syz-executor5 syz-executor3 D29608 3959 1862 0x10000004 Call Trace: [ 9528] 0 9528 17634 8202 24 3 0 1000 syz-executor1 [ 9531] 0 9531 17667 8237 25 4 0 1000 syz-executor1 [ 9543] 0 9543 17634 8194 25 3 0 0 syz-executor5 [ 9544] 0 9544 17634 8201 25 3 0 0 syz-executor5 [ 9591] 0 9591 17667 8235 31 4 0 1000 syz-executor4 [ 9901] 0 9901 17601 8206 25 3 0 0 syz-executor2 [ 9904] 0 9904 17667 8211 26 3 0 0 syz-executor2 [ 9921] 0 9921 17667 8238 26 4 0 0 syz-executor5 [10127] 0 10127 17668 8241 26 4 0 0 syz-executor5 schedule+0x7f/0x1b0 kernel/sched/core.c:3490 __lock_sock+0x11d/0x210 net/core/sock.c:2237 [10306] 0 10306 17634 8206 24 3 0 1000 syz-executor0 [10317] 0 10317 17667 8208 24 3 0 1000 syz-executor0 lock_sock_nested+0xe3/0x100 net/core/sock.c:2758 lock_sock include/net/sock.h:1452 [inline] packet_setsockopt+0xb25/0x2680 net/packet/af_packet.c:3859 [10348] 0 10348 17634 8205 24 3 0 1000 syz-executor0 [10361] 0 10361 17700 8209 24 3 0 1000 syz-executor0 [10447] 0 10447 17667 8248 25 4 0 1000 syz-executor0 SYSC_setsockopt net/socket.c:1864 [inline] SyS_setsockopt+0x132/0x220 net/socket.c:1843 [10465] 0 10465 17601 8247 25 4 0 0 syz-executor3 [10470] 0 10470 17601 8204 24 3 0 1000 syz-executor0 do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289 entry_SYSCALL_64_after_hwframe+0x42/0xb7 [10494] 0 10494 17667 8211 26 3 0 1000 syz-executor0 [10505] 0 10505 17700 8253 26 4 0 0 syz-executor2 RIP: 0033:0x4579b9 RSP: 002b:00007fc2d9b9fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [10631] 0 10631 17601 8205 25 3 0 0 syz-executor5 RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004579b9 [10636] 0 10636 17601 8196 23 3 0 1000 syz-executor1 RDX: 0000000000000013 RSI: 0000000000000107 RDI: 0000000000000005 RBP: 000000000073bfa0 R08: 0000000000000004 R09: 0000000000000000 [10654] 0 10654 17700 8212 26 3 0 0 syz-executor5 R10: 0000000020000080 R11: 0000000000000246 R12: 00007fc2d9ba06d4 [10858] 0 10858 17634 8249 25 4 0 0 syz-executor0 R13: 00000000004c5805 R14: 00000000004da080 R15: 00000000ffffffff INFO: task syz-executor3:3966 blocked for more than 140 seconds. Not tainted 4.14.90+ #29 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor3 D29608 3966 1862 0x10000004 Call Trace: [10929] 0 10929 17634 8208 24 3 0 1000 syz-executor1 schedule+0x7f/0x1b0 kernel/sched/core.c:3490 __lock_sock+0x11d/0x210 net/core/sock.c:2237 [10930] 0 10930 17634 8208 24 3 0 1000 syz-executor1 lock_sock_nested+0xe3/0x100 net/core/sock.c:2758 [10931] 0 10931 17634 8250 25 4 0 1000 syz-executor1 lock_sock include/net/sock.h:1452 [inline] packet_setsockopt+0xb25/0x2680 net/packet/af_packet.c:3859 [10969] 0 10969 17634 8235 25 4 0 1000 syz-executor1 [11198] 0 11198 17634 8249 25 4 0 0 syz-executor3 [11233] 0 11233 17700 8255 25 4 0 0 syz-executor3 [11360] 0 11360 17667 8209 24 3 0 0 syz-executor0 SYSC_setsockopt net/socket.c:1864 [inline] SyS_setsockopt+0x132/0x220 net/socket.c:1843 [11369] 0 11369 17766 8215 27 3 0 0 syz-executor0 [11514] 0 11514 17634 8249 25 4 0 0 syz-executor0 [11532] 0 11532 17832 8263 30 4 0 0 syz-executor0 [11560] 0 11560 17799 8262 26 4 0 0 syz-executor5 do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289 [11904] 0 11904 17766 8257 26 4 0 0 syz-executor3 entry_SYSCALL_64_after_hwframe+0x42/0xb7 [11932] 0 11932 17766 8257 26 4 0 0 syz-executor3 RIP: 0033:0x4579b9 RSP: 002b:00007fc2d9b5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [11997] 0 11997 17766 8276 25 4 0 1000 syz-executor1 RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004579b9 [12821] 0 12821 17634 8212 25 3 0 0 syz-executor2 RDX: 0000000000000013 RSI: 0000000000000107 RDI: 0000000000000008 RBP: 000000000073c0e0 R08: 0000000000000004 R09: 0000000000000000 [12824] 0 12824 17700 8216 25 3 0 0 syz-executor2 R10: 0000000020000080 R11: 0000000000000246 R12: 00007fc2d9b5e6d4 [12841] 0 12841 17700 8276 26 4 0 0 syz-executor5 R13: 00000000004c5805 R14: 00000000004da080 R15: 00000000ffffffff [13090] 0 13090 17634 8268 25 4 0 1000 syz-executor1 Showing all locks held in the system: [13348] 0 13348 17634 8211 25 3 0 0 syz-executor5 [13392] 0 13392 17667 8212 24 3 0 0 syz-executor3 [13402] 0 13402 17700 8214 25 3 0 0 syz-executor3 2 locks held by init/1: [13559] 0 13559 17601 8271 25 4 0 0 syz-executor3 #0: [13609] 0 13609 17799 8279 25 4 0 1000 syz-executor1 (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x26d/0xb60 arch/x86/mm/fault.c:1354 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x75/0xb0 fs/ext4/inode.c:6178 [13826] 0 13826 17667 8271 26 4 0 0 syz-executor5 1 lock held by khungtaskd/23: #0: (tasklist_lock){.+.?}, at: [] debug_show_all_locks+0x74/0x20f kernel/locking/lockdep.c:4541 2 locks held by getty/1755: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x20/0x80 drivers/tty/tty_ldisc.c:275 #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1ff/0x1700 drivers/tty/n_tty.c:2156 2 locks held by syz-fuzzer/1780: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x26d/0xb60 arch/x86/mm/fault.c:1354 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x75/0xb0 fs/ext4/inode.c:6178 1 lock held by kworker/1:1/22529: #0: (&rq->lock){-.-.}, at: [] rq_lock kernel/sched/sched.h:1835 [inline] #0: (&rq->lock){-.-.}, at: [] __schedule+0x19a/0x1ed0 kernel/sched/core.c:3376 1 lock held by syz-executor3/3955: [14181] 0 14181 17601 8199 23 3 0 0 syz-executor2 #0: (sk_lock-AF_PACKET){+.+.}, at: [] lock_sock include/net/sock.h:1452 [inline] #0: (sk_lock-AF_PACKET){+.+.}, at: [] packet_setsockopt+0x4d8/0x2680 net/packet/af_packet.c:3671 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.90+ #29 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xb9/0x11b lib/dump_stack.c:53 [14190] 0 14190 17700 8216 27 3 0 0 syz-executor2 nmi_cpu_backtrace.cold.0+0x47/0x85 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x121/0x146 lib/nmi_backtrace.c:62 [14301] 0 14301 17601 8200 23 3 0 0 syz-executor5 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline] watchdog+0x574/0xa70 kernel/hung_task.c:252 kthread+0x348/0x420 kernel/kthread.c:232 [14312] 0 14312 17634 8212 25 3 0 0 syz-executor5 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402 [14317] 0 14317 17667 8270 25 4 0 0 syz-executor3 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 1780 Comm: syz-fuzzer Not tainted 4.14.90+ #29 task: ffff8881ce7e2f00 task.stack: ffff8881cc408000 RIP: 0010:__read_once_size include/linux/compiler.h:183 [inline] RIP: 0010:compound_head include/linux/page-flags.h:147 [inline] RIP: 0010:PageDirty include/linux/page-flags.h:271 [inline] RIP: 0010:shrink_page_list+0xd48/0x31d0 mm/vmscan.c:1194 RSP: 0000:ffff8881cc40efe8 EFLAGS: 00000246 RAX: 1ffffd4000b80774 RBX: ffffea0005c03ba0 RCX: 1ffffd4000b80770 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea0005c03b98 RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000 R10: ffff8881ce7e3780 R11: 0000000000000001 R12: 0000000000000000 R13: ffffea0005c03b80 R14: ffff88813f6af730 R15: ffffea0005c03b80 FS: 000000c420026068(0000) GS:ffff8881d7700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000041b500 CR3: 00000001cc49a001 CR4: 00000000001606a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: shrink_inactive_list+0x3b9/0xee0 mm/vmscan.c:1816 shrink_list mm/vmscan.c:2175 [inline] shrink_node_memcg+0x5e8/0x12e0 mm/vmscan.c:2438 shrink_node+0x301/0xbf0 mm/vmscan.c:2630 shrink_zones mm/vmscan.c:2812 [inline] do_try_to_free_pages+0x349/0xde0 mm/vmscan.c:2874 try_to_free_pages+0x204/0x6b0 mm/vmscan.c:3080 __perform_reclaim mm/page_alloc.c:3593 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:3614 [inline] __alloc_pages_slowpath mm/page_alloc.c:4001 [inline] __alloc_pages_nodemask+0xa8a/0x2180 mm/page_alloc.c:4210 __alloc_pages include/linux/gfp.h:461 [inline] __alloc_pages_node include/linux/gfp.h:474 [inline] alloc_pages_node include/linux/gfp.h:488 [inline] __page_cache_alloc include/linux/pagemap.h:226 [inline] page_cache_read mm/filemap.c:2286 [inline] filemap_fault+0xcdd/0x14a0 mm/filemap.c:2470 ext4_filemap_fault+0x7d/0xb0 fs/ext4/inode.c:6179 __do_fault+0x80/0x210 mm/memory.c:3194 do_read_fault mm/memory.c:3604 [inline] do_fault mm/memory.c:3730 [inline] handle_pte_fault mm/memory.c:3960 [inline] __handle_mm_fault+0x991/0x25f0 mm/memory.c:4084 handle_mm_fault+0x2f2/0x6eb mm/memory.c:4121 __do_page_fault+0x45d/0xb60 arch/x86/mm/fault.c:1425 page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1104 RIP: 00f1:0x11 RSP: 0015:000000c420035f28 EFLAGS: 00430120 Code: 24 20 01 00 00 00 e8 e8 92 e9 ff 4c 89 ff e8 20 e5 01 00 84 c0 0f 85 d4 10 00 00 e8 d3 92 e9 ff 48 89 d8 48 c1 e8 03 80 3c 28 00 <0f> 85 0e 1e 00 00 48 8b 03 4d 89 fd a8 01 0f 85 72 16 00 00 e8