binder: undelivered TRANSACTION_ERROR: 29189 INFO: task syz-executor5:18530 blocked for more than 140 seconds. Not tainted 4.9.131+ #4 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor5 D26776 18530 2094 0x20020004 ffff8801950d5f00 ffff8801aeb9d800 ffff8801aeb9d800 ffff8801c53a97c0 ffff8801db721018 ffff8801c761f460 ffffffff827f3542 0000000000000292 0000000000000002 0000000041b58ab3 00ffffff82e29c7a ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] wb_wait_for_completion+0x149/0x1b0 fs/fs-writeback.c:221 [] __writeback_inodes_sb_nr+0x207/0x300 fs/fs-writeback.c:2310 [] try_to_writeback_inodes_sb_nr+0x4a/0x70 fs/fs-writeback.c:2361 [] try_to_writeback_inodes_sb+0x25/0x30 fs/fs-writeback.c:2377 [] ext4_nonda_switch+0x188/0x1c0 fs/ext4/inode.c:2884 [] ext4_da_write_begin+0x104/0x1020 fs/ext4/inode.c:2922 [] generic_perform_write+0x28a/0x500 mm/filemap.c:2753 [] __generic_file_write_iter+0x29a/0x540 mm/filemap.c:2846 [] ext4_file_write_iter+0x63d/0xd70 fs/ext4/file.c:165 [] new_sync_write fs/read_write.c:496 [inline] [] __vfs_write+0x3d7/0x580 fs/read_write.c:509 [] vfs_write+0x187/0x520 fs/read_write.c:557 [] SYSC_write fs/read_write.c:604 [inline] [] SyS_write+0xd9/0x1c0 fs/read_write.c:596 [] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline] [] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 3 locks held by kworker/u4:1/64: #0: ("writeback"){++++.+}, at: [] process_one_work+0x73c/0x1530 kernel/workqueue.c:2085 #1: ((&(&wb->dwork)->work)){+.+.+.}, at: [] process_one_work+0x774/0x1530 kernel/workqueue.c:2089 #2: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [] do_writepages+0xef/0x1d0 mm/page-writeback.c:2331 1 lock held by rsyslogd/1901: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 2 locks held by getty/2029: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+.+.}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor4/17794: #0: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [] do_writepages+0xef/0x1d0 mm/page-writeback.c:2331 4 locks held by syz-executor5/18530: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 #1: (sb_writers#4){.+.+.+}, at: [] file_start_write include/linux/fs.h:2640 [inline] #1: (sb_writers#4){.+.+.+}, at: [] vfs_write+0x3eb/0x520 fs/read_write.c:556 #2: (&sb->s_type->i_mutex_key#9){++++++}, at: [] inode_lock include/linux/fs.h:766 [inline] #2: (&sb->s_type->i_mutex_key#9){++++++}, at: [] ext4_file_write_iter+0x122/0xd70 fs/ext4/file.c:100 #3: (&type->s_umount_key#32){++++++}, at: [] try_to_writeback_inodes_sb_nr+0x29/0x70 fs/fs-writeback.c:2358 1 lock held by syz-executor4/18520: #0: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [] do_writepages+0xef/0x1d0 mm/page-writeback.c:2331 4 locks held by syz-executor4/18534: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 #1: (sb_writers#4){.+.+.+}, at: [] file_start_write include/linux/fs.h:2640 [inline] #1: (sb_writers#4){.+.+.+}, at: [] vfs_write+0x3eb/0x520 fs/read_write.c:556 #2: (&sb->s_type->i_mutex_key#9){++++++}, at: [] inode_lock include/linux/fs.h:766 [inline] #2: (&sb->s_type->i_mutex_key#9){++++++}, at: [] ext4_file_write_iter+0x122/0xd70 fs/ext4/file.c:100 #3: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [] do_writepages+0xef/0x1d0 mm/page-writeback.c:2331 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.131+ #4 ffff8801d98ffd08 ffffffff81b37029 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffff81098450 ffff8801d98ffd40 ffffffff81b42139 0000000000000000 0000000000000000 0000000000000002 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 1899 Comm: rs:main Q:Reg Not tainted 4.9.131+ #4 task: ffff8801d3884740 task.stack: ffff8801d3040000 RIP: 0010:[] c [] do_raw_spin_lock+0x10/0x1b0 kernel/locking/spinlock_debug.c:111 RSP: 0018:ffff8801d30474c0 EFLAGS: 00000286 RAX: dffffc0000000000 RBX: ffff8801cbabc658 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff8801d38850e0 RDI: ffff8801cbabc658 RBP: ffff8801d30474c8 R08: ffff8801d3885100 R09: 8773669972dc987a R10: ffff8801d3884740 R11: 0000000000000001 R12: dffffc0000000000 R13: ffff8801cbabc270 R14: ffff8801cbabc270 R15: ffffed00397578c9 FS: 00007f4644d79700(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fd33177b000 CR3: 00000001d4249000 CR4: 00000000001606b0 Stack: ffff8801cbabc270c ffff8801d30474e8c ffffffff82802b6ec ffffffff817aecb0c dffffc0000000000c ffff8801d3047638c ffffffff817aecb0c 0000000000000000c ffff8801d5cc6600c ffff8801d9163888c ffff880192b0bfc0c ffffffff82ad90c0c Call Trace: [] __raw_spin_lock include/linux/spinlock_api_smp.h:145 [inline] [] _raw_spin_lock+0x3e/0x50 kernel/locking/spinlock.c:151 [] spin_lock include/linux/spinlock.h:302 [inline] [] ext4_discard_preallocations+0x1e0/0x10c0 fs/ext4/mballoc.c:3992 [] ext4_truncate+0x9d6/0x12c0 fs/ext4/inode.c:4244 [] ext4_truncate_failed_write fs/ext4/truncate.h:15 [inline] [] ext4_da_write_begin+0x4eb/0x1020 fs/ext4/inode.c:3003 [] generic_perform_write+0x28a/0x500 mm/filemap.c:2753 [] __generic_file_write_iter+0x352/0x540 mm/filemap.c:2878 [] ext4_file_write_iter+0x63d/0xd70 fs/ext4/file.c:165 [] new_sync_write fs/read_write.c:496 [inline] [] __vfs_write+0x3d7/0x580 fs/read_write.c:509 [] vfs_write+0x187/0x520 fs/read_write.c:557 [] SYSC_write fs/read_write.c:604 [inline] [] SyS_write+0xd9/0x1c0 fs/read_write.c:596 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c89 cdf ce8 c64 ce3 c2d c00 ce9 c1d cff cff cff ce8 c7a ce3 c2d c00 ceb c94 c0f c1f c84 c00 c00 c00 c00 c00 c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c55 c48 c89 ce5 c41 c56 c<41> c55 c41 c54 c53 c48 c89 cfb c48 c83 cc7 c04 c48 c89 cfa c48 cc1 cea c03 c0f cb6 c