INFO: task syz-executor3:6346 blocked for more than 140 seconds.
      Not tainted 4.9.129+ #45
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor3   D28824  6346   2107 0x00000004
 ffff8801cc60c740 0000000000000000 ffff8801cd96cd00 ffff8801d1042f80
 ffff8801db621018 ffff8801cefbfc50 ffffffff827f2ab2 ffff8801cefbfc28
 ffffffff81206807 0000000000000000 00ff8801cc60cfe8 ffff8801db6218f0
Call Trace:
 [<ffffffff827f3fdf>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
 [<ffffffff827fed3c>] rwsem_down_read_failed+0x26c/0x400 kernel/locking/rwsem-xadd.c:260
 [<ffffffff81b68e88>] call_rwsem_down_read_failed+0x18/0x30 arch/x86/lib/rwsem.S:94
 [<ffffffff827fcb12>] __down_read arch/x86/include/asm/rwsem.h:65 [inline]
 [<ffffffff827fcb12>] down_read+0x52/0xb0 kernel/locking/rwsem.c:24
 [<ffffffff810b2cbb>] __do_page_fault+0x7db/0xa60 arch/x86/mm/fault.c:1342
 [<ffffffff810b2f97>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469
 [<ffffffff82803d35>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:951

Showing all locks held in the system:
2 locks held by khungtaskd/24:
 #0:  (rcu_read_lock){......}, at: [<ffffffff8131b83c>] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
 #0:  (rcu_read_lock){......}, at: [<ffffffff8131b83c>] watchdog+0x11c/0xa20 kernel/hung_task.c:239
 #1:  (tasklist_lock){.+.+..}, at: [<ffffffff813fdfe4>] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
2 locks held by getty/2019:
 #0:  (&tty->ldisc_sem){++++++}, at: [<ffffffff82800e02>] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
 #1:  (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff81d2abd2>] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
1 lock held by syz-executor3/6346:
 #0:  (&mm->mmap_sem){++++++}, at: [<ffffffff810b2cbb>] __do_page_fault+0x7db/0xa60 arch/x86/mm/fault.c:1342
1 lock held by syz-executor3/6350:
 #0:  (&mm->mmap_sem){++++++}, at: [<ffffffff810e64d1>] exit_mm kernel/exit.c:480 [inline]
 #0:  (&mm->mmap_sem){++++++}, at: [<ffffffff810e64d1>] do_exit+0x3c1/0x29d0 kernel/exit.c:820
1 lock held by syz-executor3/6363:
 #0:  (&mm->mmap_sem){++++++}, at: [<ffffffff810e64d1>] exit_mm kernel/exit.c:480 [inline]
 #0:  (&mm->mmap_sem){++++++}, at: [<ffffffff810e64d1>] do_exit+0x3c1/0x29d0 kernel/exit.c:820

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.129+ #45
 ffff8801d9907d08 ffffffff81b36939 0000000000000000 0000000000000001
 0000000000000001 0000000000000001 ffffffff81098180 ffff8801d9907d40
 ffffffff81b41a49 0000000000000001 0000000000000000 0000000000000003
Call Trace:
 [<ffffffff81b36939>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81b36939>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff81b41a49>] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99
 [<ffffffff81b419dc>] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60
 [<ffffffff81098284>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<ffffffff8131bdcd>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<ffffffff8131bdcd>] check_hung_task kernel/hung_task.c:125 [inline]
 [<ffffffff8131bdcd>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
 [<ffffffff8131bdcd>] watchdog+0x6ad/0xa20 kernel/hung_task.c:239
 [<ffffffff8114272d>] kthread+0x26d/0x300 kernel/kthread.c:211
 [<ffffffff82802edc>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 6362 Comm: syz-executor3 Not tainted 4.9.129+ #45
task: ffff8801cea02f80 task.stack: ffff8801ce220000
RIP: 0010:[<ffffffff8120c6ae>] 
c [<ffffffff8120c6ae>] trace_lock_release include/trace/events/lock.h:57 [inline]
RIP: 0010:[<ffffffff8120c6ae>] 
c [<ffffffff8120c6ae>] lock_release+0xce/0xc20 kernel/locking/lockdep.c:3774
RSP: 0018:ffff8801ce227ad0  EFLAGS: 00000046
RAX: 0000000000000000 RBX: ffff8801a25b71c0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801cea0382c
RBP: ffff8801ce227b78 R08: ffff8801cea03878 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801a25b71a0
R13: ffff8801cea02f80 R14: 0000000000000246 R15: ffff8801ce227bb0
FS:  00007f39c237b700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c430a3e010 CR3: 00000001d2618000 CR4: 00000000001606b0
Stack:
 ffff8801cea02f80
c ffffffff827f6d07
c ffffffff841eb840
c 0000000000000246
c
 ffff8801a25b7168
c ffff8801ce227b18
c ffffffff81206bfb
c ffff8801a25b7160
c
 ffff8801cea02f80
c ffff8801ce227b28
c ffff8801a25b7160
c 0000000000000046
c
Call Trace:
 [<ffffffff827fb680>] __mutex_unlock_common_slowpath kernel/locking/mutex.c:740 [inline]
 [<ffffffff827fb680>] __mutex_unlock_slowpath+0x160/0x3c0 kernel/locking/mutex.c:765
 [<ffffffff827fb8e9>] mutex_unlock+0x9/0x10 kernel/locking/mutex.c:437
 [<ffffffff813d957a>] perf_mmap+0x64a/0x1430 kernel/events/core.c:5278
 [<ffffffff814b3e2c>] mmap_region+0x80c/0xf90 mm/mmap.c:1726
 [<ffffffff814b4aed>] do_mmap+0x53d/0xbb0 mm/mmap.c:1505
 [<ffffffff81469af8>] do_mmap_pgoff include/linux/mm.h:2032 [inline]
 [<ffffffff81469af8>] vm_mmap_pgoff+0x168/0x1b0 mm/util.c:329
 [<ffffffff814af19e>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline]
 [<ffffffff814af19e>] SyS_mmap_pgoff+0xfe/0x1b0 mm/mmap.c:1513
 [<ffffffff8105cfe6>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline]
 [<ffffffff8105cfe6>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87
 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
 [<ffffffff82802d13>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: 
cd0 
c7c 
c08 
c84 
cd2 
c0f 
c85 
c2f 
c09 
c00 
c00 
c8b 
c05 
c94 
cfe 
c1c 
c02 
c41 
cc7 
c85 
cac 
c08 
c00 
c00 
c01 
c00 
c00 
c00 
c85 
cc0 
c0f 
c8f 
cd6 
c07 
c00 
c00 
c65 
c8b 
c05 
c82 
c9a 
ce0 
c7e 
c<89> 
cc0 
c48 
c0f 
ca3 
c05 
c00 
ca4 
c1d 
c02 
c0f 
c82 
cf2 
c06 
c00 
c00 
c48 
cc7 
cc7 
c20 
c19 
c