loop1: p226 start 1854537728 is beyond EOD, truncated
loop1: p227 start 1854537728 is beyond EOD, truncated
loop1: p228 start 1854537728 is beyond EOD, truncated
loop1: p229 start 1854537728 is beyond EOD, truncated
loop1: p230 start 1854537728 is beyond EOD, truncated
INFO: task init:25226 blocked for more than 140 seconds.
      Not tainted 4.9.205-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
init            D28136 25226      1 0x00000000
 0000000000000087 ffff8801d8232f80 ffff8801adc63c80 ffff8801db61ffc0
 ffff8801a6c617c0 ffff8801db61ffd8 ffff8801d150f758 ffffffff8280a6ae
 ffff8801d8233848 ffff8801d8233820 00ff8801d8233850 ffff8801db6208b0
Call Trace:
 [<000000003e9dab2d>] schedule+0x92/0x1c0 kernel/sched/core.c:3546
 [<0000000044bc06d6>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3579
 [<000000009a9e4089>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<000000009a9e4089>] mutex_lock_nested+0x38d/0x920 kernel/locking/mutex.c:621
 [<00000000cf6ba4b6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 [<00000000cf6ba4b6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
 [<00000000237406c2>] chrdev_open+0x230/0x630 fs/char_dev.c:398
 [<00000000411ac48b>] do_dentry_open+0x422/0xd20 fs/open.c:791
 [<0000000021739746>] vfs_open+0x105/0x230 fs/open.c:904
 [<000000007ec907c9>] do_last fs/namei.c:3457 [inline]
 [<000000007ec907c9>] path_openat+0xbf5/0x2f60 fs/namei.c:3581
 [<00000000bd201998>] do_filp_open+0x1a1/0x280 fs/namei.c:3615
 [<000000005ad77fdd>] do_sys_open+0x2f0/0x610 fs/open.c:1097
 [<00000000cd5cd320>] SYSC_open fs/open.c:1115 [inline]
 [<00000000cd5cd320>] SyS_open+0x2d/0x40 fs/open.c:1110
 [<00000000dc6c27fd>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<0000000065e78acb>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Showing all locks held in the system:
2 locks held by khungtaskd/24:
 #0:  (rcu_read_lock){......}, at: [<00000000f16ef28d>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline]
 #0:  (rcu_read_lock){......}, at: [<00000000f16ef28d>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263
 #1:  (tasklist_lock){.+.+..}, at: [<00000000d9f599bb>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4339
1 lock held by rsyslogd/1896:
 #0:  (&f->f_pos_lock){+.+.+.}, at: [<000000004ba5c387>] __fdget_pos+0xa8/0xd0 fs/file.c:782
2 locks held by getty/2024:
 #0:  (&tty->ldisc_sem){++++++}, at: [<00000000882183ff>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:376
 #1:  (&ldata->atomic_read_lock){+.+...}, at: [<000000008666093b>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156
1 lock held by init/25226:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/25227:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/25228:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/25230:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/25736:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000cf6ba4b6>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by blkid/5783:
 #0:  (&bdev->bd_mutex){+.+.+.}, at: [<000000009c9237d4>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.205-syzkaller #0
 ffff8801d98f7cc8 ffffffff81b55e6b 0000000000000000 0000000000000000
 0000000000000000 ffffffff8109a001 dffffc0000000000 ffff8801d98f7d00
 ffffffff81b6110c 0000000000000000 0000000000000000 0000000000000000
Call Trace:
 [<0000000035857f9c>] __dump_stack lib/dump_stack.c:15 [inline]
 [<0000000035857f9c>] dump_stack+0xcb/0x130 lib/dump_stack.c:56
 [<000000007f748682>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99
 [<0000000041454f3e>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60
 [<00000000007a72bc>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<0000000028195561>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<0000000028195561>] check_hung_task kernel/hung_task.c:126 [inline]
 [<0000000028195561>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline]
 [<0000000028195561>] watchdog+0x670/0xaf0 kernel/hung_task.c:263
 [<00000000ca91a8b3>] kthread+0x278/0x310 kernel/kthread.c:211
 [<00000000ac4460c2>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 5808 Comm: blkid Not tainted 4.9.205-syzkaller #0
task: 00000000eabdadc3 task.stack: 000000006b2c6bcf
RIP: 0010:[<ffffffff82819fe3>] 
c [<00000000917e7102>] __raw_spin_lock include/linux/spinlock_api_smp.h:144 [inline]
RIP: 0010:[<ffffffff82819fe3>] 
c [<00000000917e7102>] _raw_spin_lock+0x33/0x50 kernel/locking/spinlock.c:151
RSP: 0018:ffff8801cf23f8e0  EFLAGS: 00000246
RAX: ffffffff814c446d RBX: ffff8801abbc8a50 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801d1ed52d8
RBP: ffff8801cf23f8f0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: ffff8801d1ed52c0
R13: 00000001ce9ab000 R14: 00003ffffffff000 R15: ffff8801ce9abff0
FS:  00007f5a910ec7a0(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000625208 CR3: 00000001cfc4d000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffffffff814c446d
c ffff880000000ff0
c ffff8801cf23f9b0
c ffffffff814c446d
c
 ffff8801a4d527c0
c 00007fffffffe000
c ffff8801a4d52780
c ffff8801a4d52818
c
 00fff100349aa4f0
c ffffed00349aa4f1
c ffff8801d335d000
c ffff8801ce9abff0
c
Call Trace:
 [<000000004b7c0bbe>] spin_lock include/linux/spinlock.h:302 [inline]
 [<000000004b7c0bbe>] move_ptes mm/mremap.c:140 [inline]
 [<000000004b7c0bbe>] move_page_tables+0x58d/0xd60 mm/mremap.c:239
 [<0000000009c8fef4>] shift_arg_pages+0x1ae/0x470 fs/exec.c:642
 [<0000000021301f74>] setup_arg_pages+0x60d/0x7c0 fs/exec.c:754
 [<00000000b8028463>] load_elf_binary+0xa84/0x4a90 fs/binfmt_elf.c:860
 [<000000002fab7c41>] search_binary_handler fs/exec.c:1621 [inline]
 [<000000002fab7c41>] search_binary_handler+0x14f/0x700 fs/exec.c:1599
 [<000000004ff1666f>] exec_binprm fs/exec.c:1663 [inline]
 [<000000004ff1666f>] do_execveat_common.isra.0+0xf81/0x1db0 fs/exec.c:1785
 [<000000009bd75618>] do_execve fs/exec.c:1829 [inline]
 [<000000009bd75618>] SYSC_execve fs/exec.c:1910 [inline]
 [<000000009bd75618>] SyS_execve+0x42/0x50 fs/exec.c:1905
 [<00000000dc6c27fd>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<0000000065e78acb>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: 
cfc 
cbf 
c01 
c00 
c00 
c00 
c48 
c83 
cec 
c08 
ce8 
c49 
c15 
c95 
cfe 
c48 
c8b 
c45 
c08 
c49 
c8d 
c7c 
c24 
c18 
c45 
c31 
cc9 
c31 
cc9 
c41 
cb8 
c01 
c00 
c00 
c00 
c31 
cd2 
c31 
cf6 
c48 
c89 
c04 
c24 
c<e8> 
cb8 
c82 
c9f 
cfe 
c4c 
c89 
ce7 
ce8 
cb0 
c0e 
ca0 
cfe 
c48 
c83 
cc4 
c08 
c41 
c5c 
c5d 
cc3 
c