INFO: task kworker/u4:0:7 blocked for more than 143 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:0 D24664 7 2 0x80004000 Workqueue: events_unbound fsnotify_mark_destroy_workfn Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 schedule_timeout+0x717/0xc50 kernel/time/timer.c:1783 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x29c/0x440 kernel/sched/completion.c:136 __synchronize_srcu+0x197/0x250 kernel/rcu/srcutree.c:921 synchronize_srcu_expedited kernel/rcu/srcutree.c:946 [inline] synchronize_srcu+0x239/0x3e8 kernel/rcu/srcutree.c:997 fsnotify_mark_destroy_workfn+0x110/0x3b0 fs/notify/mark.c:827 process_one_work+0x98e/0x1790 kernel/workqueue.c:2268 worker_thread+0x98/0xe40 kernel/workqueue.c:2414 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task kworker/1:0:17 blocked for more than 143 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/1:0 D25528 17 2 0x80004000 Workqueue: events xfrm_state_gc_task Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3567 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 exp_funnel_lock kernel/rcu/tree_exp.h:318 [inline] synchronize_rcu_expedited+0x26f/0x5b0 kernel/rcu/tree_exp.h:790 synchronize_rcu.part.0+0x76/0xe0 kernel/rcu/tree.c:2565 synchronize_rcu+0x27/0xa0 kernel/rcu/tree.c:2568 xfrm_state_gc_task+0xc3/0x170 net/xfrm/xfrm_state.c:435 process_one_work+0x98e/0x1790 kernel/workqueue.c:2268 worker_thread+0x98/0xe40 kernel/workqueue.c:2414 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task kworker/u4:5:3028 blocked for more than 144 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:5 D25288 3028 2 0x80004000 Workqueue: netns cleanup_net Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 schedule_timeout+0x717/0xc50 kernel/time/timer.c:1783 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x29c/0x440 kernel/sched/completion.c:136 __flush_work+0x50f/0xa70 kernel/workqueue.c:3039 flush_work+0x18/0x20 kernel/workqueue.c:3060 xfrm_flush_gc+0x15/0x20 net/xfrm/xfrm_state.c:2179 xfrm6_tunnel_net_exit+0x179/0x370 net/ipv6/xfrm6_tunnel.c:347 ops_exit_list.isra.0+0xb0/0x160 net/core/net_namespace.c:153 cleanup_net+0x3fb/0x960 net/core/net_namespace.c:552 process_one_work+0x98e/0x1790 kernel/workqueue.c:2268 worker_thread+0x98/0xe40 kernel/workqueue.c:2414 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task kworker/1:3:7921 blocked for more than 144 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/1:3 D25432 7921 2 0x80004000 Workqueue: events key_garbage_collector Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 exp_funnel_lock kernel/rcu/tree_exp.h:309 [inline] synchronize_rcu_expedited+0x54e/0x5b0 kernel/rcu/tree_exp.h:790 synchronize_rcu.part.0+0x76/0xe0 kernel/rcu/tree.c:2565 synchronize_rcu+0x27/0xa0 kernel/rcu/tree.c:2568 key_garbage_collector+0x3a5/0x900 security/keys/gc.c:291 process_one_work+0x98e/0x1790 kernel/workqueue.c:2268 worker_thread+0x98/0xe40 kernel/workqueue.c:2414 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task syz-executor.0:15667 blocked for more than 144 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28224 15667 7910 0x80004006 Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 exp_funnel_lock kernel/rcu/tree_exp.h:309 [inline] synchronize_rcu_expedited+0x54e/0x5b0 kernel/rcu/tree_exp.h:790 namespace_unlock+0x108/0x130 fs/namespace.c:1384 drop_collected_mounts+0x82/0x90 fs/namespace.c:1841 put_mnt_ns fs/namespace.c:3389 [inline] put_mnt_ns+0x6a/0x90 fs/namespace.c:3385 free_nsproxy+0x48/0x230 kernel/nsproxy.c:176 switch_task_namespaces+0xb3/0xd0 kernel/nsproxy.c:229 exit_task_namespaces+0x18/0x20 kernel/nsproxy.c:234 do_exit+0x905/0x2fa0 kernel/exit.c:875 do_group_exit+0x135/0x370 kernel/exit.c:980 get_signal+0x399/0x1d50 kernel/signal.c:2578 do_signal+0x87/0x1900 arch/x86/kernel/signal.c:818 exit_to_usermode_loop+0x244/0x2c0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:276 [inline] do_syscall_64+0x57e/0x670 arch/x86/entry/common.c:301 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458c29 Code: Bad RIP value. RSP: 002b:00007f419ec1fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 000000000073bf08 RCX: 0000000000458c29 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000073bf08 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000073bf0c R13: 00007ffc0d46696f R14: 00007f419ec209c0 R15: 000000000073bf0c INFO: task kworker/1:5:16831 blocked for more than 144 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/1:5 D26176 16831 2 0x80004000 Workqueue: events proc_cleanup_work Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 exp_funnel_lock kernel/rcu/tree_exp.h:309 [inline] synchronize_rcu_expedited+0x54e/0x5b0 kernel/rcu/tree_exp.h:790 synchronize_rcu.part.0+0x76/0xe0 kernel/rcu/tree.c:2565 synchronize_rcu+0x27/0xa0 kernel/rcu/tree.c:2568 kern_unmount+0x6c/0xf0 fs/namespace.c:3413 pid_ns_release_proc+0x37/0x41 fs/proc/root.c:336 proc_cleanup_work+0x19/0x20 kernel/pid_namespace.c:64 process_one_work+0x98e/0x1790 kernel/workqueue.c:2268 worker_thread+0x98/0xe40 kernel/workqueue.c:2414 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task syz-executor.0:25320 blocked for more than 145 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28224 25320 7910 0x80004006 Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 schedule_timeout+0x717/0xc50 kernel/time/timer.c:1783 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x29c/0x440 kernel/sched/completion.c:136 __synchronize_srcu+0x197/0x250 kernel/rcu/srcutree.c:921 synchronize_srcu+0x2dc/0x3e8 kernel/rcu/srcutree.c:999 mmu_notifier_unregister+0x2cf/0x440 mm/mmu_notifier.c:372 kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:746 [inline] kvm_put_kvm+0x553/0xc70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:771 kvm_vm_release+0x44/0x60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:782 __fput+0x2e5/0x8d0 fs/file_table.c:278 ____fput+0x16/0x20 fs/file_table.c:309 task_work_run+0x14a/0x1c0 kernel/task_work.c:113 exit_task_work include/linux/task_work.h:22 [inline] do_exit+0x90a/0x2fa0 kernel/exit.c:876 do_group_exit+0x135/0x370 kernel/exit.c:980 get_signal+0x399/0x1d50 kernel/signal.c:2578 do_signal+0x87/0x1900 arch/x86/kernel/signal.c:818 exit_to_usermode_loop+0x244/0x2c0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:276 [inline] do_syscall_64+0x57e/0x670 arch/x86/entry/common.c:301 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458c29 Code: Bad RIP value. RSP: 002b:00007f419ec1fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 000000000073bf08 RCX: 0000000000458c29 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000073bf08 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000073bf0c R13: 00007ffc0d46696f R14: 00007f419ec209c0 R15: 000000000073bf0c INFO: task kworker/1:1:28603 blocked for more than 145 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/1:1 D26424 28603 2 0x80004000 Workqueue: events bpf_map_free_deferred Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 exp_funnel_lock kernel/rcu/tree_exp.h:309 [inline] synchronize_rcu_expedited+0x54e/0x5b0 kernel/rcu/tree_exp.h:790 synchronize_rcu.part.0+0x76/0xe0 kernel/rcu/tree.c:2565 synchronize_rcu+0x27/0xa0 kernel/rcu/tree.c:2568 htab_map_free+0x1e/0x460 kernel/bpf/hashtab.c:1198 fd_htab_map_free kernel/bpf/hashtab.c:1408 [inline] htab_of_map_free+0x235/0x2e0 kernel/bpf/hashtab.c:1500 bpf_map_free_deferred+0xba/0xf0 kernel/bpf/syscall.c:310 process_one_work+0x98e/0x1790 kernel/workqueue.c:2268 worker_thread+0x98/0xe40 kernel/workqueue.c:2414 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task syz-executor.3:29477 blocked for more than 145 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D27544 29477 28593 0x80004004 Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 schedule_timeout+0x717/0xc50 kernel/time/timer.c:1783 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x29c/0x440 kernel/sched/completion.c:136 __synchronize_srcu+0x197/0x250 kernel/rcu/srcutree.c:921 synchronize_srcu_expedited kernel/rcu/srcutree.c:946 [inline] synchronize_srcu+0x239/0x3e8 kernel/rcu/srcutree.c:997 __mmu_notifier_release+0x219/0x3c0 mm/mmu_notifier.c:95 mmu_notifier_release include/linux/mmu_notifier.h:274 [inline] exit_mmap+0x413/0x520 mm/mmap.c:3097 __mmput kernel/fork.c:1056 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1077 exit_mm kernel/exit.c:546 [inline] do_exit+0x816/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:980 get_signal+0x399/0x1d50 kernel/signal.c:2578 do_signal+0x87/0x1900 arch/x86/kernel/signal.c:818 exit_to_usermode_loop+0x244/0x2c0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:276 [inline] do_syscall_64+0x57e/0x670 arch/x86/entry/common.c:301 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458c29 Code: Bad RIP value. RSP: 002b:00007f473d585cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 000000000073bf08 RCX: 0000000000458c29 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000073bf08 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000073bf0c R13: 00007ffc5b71c66f R14: 00007f473d5869c0 R15: 000000000073bf0c INFO: task syz-executor.2:30049 blocked for more than 146 seconds. Not tainted 5.1.0-rc5-next-20190418 #28 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D24176 30049 1 0x00004004 Call Trace: context_switch kernel/sched/core.c:2817 [inline] __schedule+0x7d1/0x15c0 kernel/sched/core.c:3444 schedule+0xa8/0x260 kernel/sched/core.c:3508 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3567 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 lo_release+0x1f/0x200 drivers/block/loop.c:1782 __blkdev_put+0x4d3/0x810 fs/block_dev.c:1844 blkdev_put+0x98/0x560 fs/block_dev.c:1906 blkdev_close+0x8b/0xb0 fs/block_dev.c:1913 __fput+0x2e5/0x8d0 fs/file_table.c:278 ____fput+0x16/0x20 fs/file_table.c:309 task_work_run+0x14a/0x1c0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x273/0x2c0 arch/x86/entry/common.c:167 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:276 [inline] do_syscall_64+0x57e/0x670 arch/x86/entry/common.c:301 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4129c0 Code: e8 45 89 ff ff 41 bc ff ff ff ff 45 89 75 00 e9 83 fd ff ff e8 01 88 ff ff 8b b3 30 01 00 00 48 8b bb c8 00 00 00 ff 15 1e 6e <24> 00 85 c0 89 c5 0f 85 7e fc ff ff e9 32 ff ff ff 66 66 66 66 66 RSP: 002b:00007fff2c5fdf18 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00000000004129c0 RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003 RBP: 00000000000003d8 R08: 0000000000000000 R09: 000000000000000a R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fff2c5fdf50 R14: 00000000000fb07d R15: 00007fff2c5fdf60 Showing all locks held in the system: 2 locks held by kworker/u4:0/7: #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: __write_once_size include/linux/compiler.h:224 [inline] #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: set_work_data kernel/workqueue.c:619 [inline] #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: 000000007eb95cc7 ((wq_completion)events_unbound){+.+.}, at: process_one_work+0x87e/0x1790 kernel/workqueue.c:2239 #1: 00000000ae9dcb8d ((reaper_work).work){+.+.}, at: process_one_work+0x8b4/0x1790 kernel/workqueue.c:2243 3 locks held by kworker/1:0/17: #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: __write_once_size include/linux/compiler.h:224 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_data kernel/workqueue.c:619 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: process_one_work+0x87e/0x1790 kernel/workqueue.c:2239 #1: 00000000c6849db5 (xfrm_state_gc_work){+.+.}, at: process_one_work+0x8b4/0x1790 kernel/workqueue.c:2243 #2: 000000008e05ab34 (rcu_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:318 [inline] #2: 000000008e05ab34 (rcu_state.exp_mutex){+.+.}, at: synchronize_rcu_expedited+0x26f/0x5b0 kernel/rcu/tree_exp.h:790 1 lock held by khungtaskd/1044: #0: 00000000530e21ac (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e kernel/locking/lockdep.c:5046 3 locks held by kworker/u4:5/3028: #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: __write_once_size include/linux/compiler.h:224 [inline] #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: set_work_data kernel/workqueue.c:619 [inline] #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: 00000000137ecf28 ((wq_completion)netns){+.+.}, at: process_one_work+0x87e/0x1790 kernel/workqueue.c:2239 #1: 0000000074462485 (net_cleanup_work){+.+.}, at: process_one_work+0x8b4/0x1790 kernel/workqueue.c:2243 #2: 00000000acc20f7b (pernet_ops_rwsem){++++}, at: cleanup_net+0xae/0x960 net/core/net_namespace.c:519 1 lock held by rsyslogd/7781: #0: 00000000e2c9358d (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:801 2 locks held by getty/7872: #0: 00000000fce568b2 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000fb509542 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7873: #0: 0000000073d5671b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 000000003cf2979a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7874: #0: 000000000d080f18 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000988e829a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7875: #0: 000000004c577451 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000db8fb3e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7876: #0: 000000001b3193ad (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 0000000005d3cf0a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7877: #0: 0000000040b1ae6a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000f5d0397b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7878: #0: 00000000a53362e8 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 0000000015fa0171 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by kworker/1:3/7921: #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: __write_once_size include/linux/compiler.h:224 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_data kernel/workqueue.c:619 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: process_one_work+0x87e/0x1790 kernel/workqueue.c:2239 #1: 00000000671f580e (key_gc_work){+.+.}, at: process_one_work+0x8b4/0x1790 kernel/workqueue.c:2243 2 locks held by kworker/1:5/16831: #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: __write_once_size include/linux/compiler.h:224 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_data kernel/workqueue.c:619 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: process_one_work+0x87e/0x1790 kernel/workqueue.c:2239 #1: 00000000b10342b1 ((work_completion)(&ns->proc_work)){+.+.}, at: process_one_work+0x8b4/0x1790 kernel/workqueue.c:2243 3 locks held by kworker/0:0/23584: 2 locks held by kworker/1:1/28603: #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: __write_once_size include/linux/compiler.h:224 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_data kernel/workqueue.c:619 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: 00000000e1a301b9 ((wq_completion)events){+.+.}, at: process_one_work+0x87e/0x1790 kernel/workqueue.c:2239 #1: 00000000e9cb72a5 ((work_completion)(&map->work)){+.+.}, at: process_one_work+0x8b4/0x1790 kernel/workqueue.c:2243 2 locks held by syz-executor.2/30049: #0: 000000002e42176e (&bdev->bd_mutex){+.+.}, at: __blkdev_put+0xbb/0x810 fs/block_dev.c:1831 #1: 00000000debeba49 (loop_ctl_mutex){+.+.}, at: lo_release+0x1f/0x200 drivers/block/loop.c:1782 2 locks held by syz-executor.1/1382: #0: 0000000000b3fd80 (&sb->s_type->i_mutex_key#11){+.+.}, at: inode_lock include/linux/fs.h:772 [inline] #0: 0000000000b3fd80 (&sb->s_type->i_mutex_key#11){+.+.}, at: __sock_release+0x89/0x2b0 net/socket.c:598 #1: 000000001e5878ce (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:76 1 lock held by syz-executor.5/5540: #0: 00000000acc20f7b (pernet_ops_rwsem){++++}, at: register_netdevice_notifier+0x7e/0x630 net/core/dev.c:1648 1 lock held by syz-executor.5/5544: #0: 00000000acc20f7b (pernet_ops_rwsem){++++}, at: register_netdevice_notifier+0x7e/0x630 net/core/dev.c:1648 2 locks held by syz-executor.3/5548: #0: 00000000debeba49 (loop_ctl_mutex){+.+.}, at: __loop_clr_fd+0x88/0xd60 drivers/block/loop.c:1073 #1: 000000004d206a18 (lock#6){+.+.}, at: lru_add_drain_all+0x60/0x500 mm/swap.c:680 2 locks held by syz-executor.4/5555: #0: 000000006fcb462d (&sb->s_type->i_mutex_key#11){+.+.}, at: inode_lock include/linux/fs.h:772 [inline] #0: 000000006fcb462d (&sb->s_type->i_mutex_key#11){+.+.}, at: __sock_release+0x89/0x2b0 net/socket.c:598 #1: 000000008e05ab34 (rcu_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:286 [inline] #1: 000000008e05ab34 (rcu_state.exp_mutex){+.+.}, at: synchronize_rcu_expedited+0x4ab/0x5b0 kernel/rcu/tree_exp.h:790 1 lock held by blkid/5557: #0: 000000002e42176e (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x19b/0x1660 fs/block_dev.c:1511 1 lock held by syz-executor.1/5593: #0: 000000001e5878ce (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:76 [inline] #0: 000000001e5878ce (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5192 1 lock held by syz-executor.1/5595: #0: 000000001e5878ce (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:76 1 lock held by syz-executor.1/5596: #0: 000000001e5878ce (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:76 [inline] #0: 000000001e5878ce (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5192 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1044 Comm: khungtaskd Not tainted 5.1.0-rc5-next-20190418 #28 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 nmi_cpu_backtrace.cold+0x63/0xa4 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1be/0x236 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:204 [inline] watchdog+0x9b7/0xec0 kernel/hung_task.c:288 kthread+0x357/0x430 kernel/kthread.c:254 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 1 to CPUs 0: