INFO: task syz-executor0:9828 blocked for more than 120 seconds. Not tainted 4.4.105-ge303a83 #5 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor0 D ffff8801d61b77d8 28904 9828 3521 0x00000004 ffff8801d61b77d8 dffffc0000000000 ffff8800b4232030 ffff8801d61b77b8 ffffffff81229f2f ffff8800b4232000 ffff8801db51f838 ffff8801db51f860 ffff8801db51ef58 ffff8801da655f00 ffff8800b42317c0 ffff8801d61b0000 Call Trace: [] schedule+0x9a/0x1c0 kernel/sched/core.c:3351 [] rwsem_down_read_failed+0x1bf/0x300 kernel/locking/rwsem-xadd.c:250 [] call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:90 [] n_tty_read+0x21c/0x1c30 drivers/tty/n_tty.c:2184 [] tty_read+0x13c/0x210 drivers/tty/tty_io.c:1071 [] do_loop_readv_writev+0x11c/0x1e0 fs/read_write.c:680 [] do_readv_writev+0x552/0x660 fs/read_write.c:810 [] vfs_readv+0x5a/0xa0 fs/read_write.c:834 [] SYSC_readv fs/read_write.c:860 [inline] [] SyS_readv+0xd3/0x260 fs/read_write.c:852 [] entry_SYSCALL_64_fastpath+0x16/0x76 3 locks held by syz-executor0/9828: #0: (&tty->ldisc_sem){++++++}, at: [] tty_ldisc_ref_wait+0x1d/0xa0 drivers/tty/tty_ldisc.c:264 #1: (&ldata->atomic_read_lock){+.+.+.}, at: [] n_tty_read+0x1fd/0x1c30 drivers/tty/n_tty.c:2180 #2: (&o_tty->termios_rwsem/1){++++.+}, at: [] n_tty_read+0x21c/0x1c30 drivers/tty/n_tty.c:2184 Sending NMI to all CPUs: NMI backtrace for cpu 0 CPU: 0 PID: 483 Comm: khungtaskd Not tainted 4.4.105-ge303a83 #5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8801d9edc740 task.stack: ffff8801da7b8000 RIP: 0010:[] [] native_apic_mem_write arch/x86/include/asm/apic.h:94 [inline] RIP: 0010:[] [] __default_send_IPI_dest_field arch/x86/include/asm/ipi.h:119 [inline] RIP: 0010:[] [] _flat_send_IPI_mask arch/x86/kernel/apic/apic_flat_64.c:61 [inline] RIP: 0010:[] [] flat_send_IPI_mask+0xf7/0x1a0 arch/x86/kernel/apic/apic_flat_64.c:69 RSP: 0018:ffff8801da7bfcb8 EFLAGS: 00000046 RAX: 0000000003000000 RBX: 0000000000000c00 RCX: 0000000000000000 RDX: 0000000000000c00 RSI: 0000000000000000 RDI: ffffffffff5fb300 RBP: ffff8801da7bfce0 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000246 R13: 0000000000000003 R14: ffffffff8426ace0 R15: 0000000000000002 FS: 0000000000000000(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000c422237000 CR3: 00000000b5db1000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffffffff8426ace0 ffffffff847e73c0 ffffffff847e4964 0000000000000001 dffffc0000000000 ffff8801da7bfd00 ffffffff810b62ab fffffbfff08fc92c 0000000000019460 ffff8801da7bfd68 ffffffff81cd3e78 ffff8801da7bfd28 Call Trace: [] nmi_raise_cpu_backtrace+0x5b/0x70 arch/x86/kernel/apic/hw_nmi.c:33 [] nmi_trigger_all_cpu_backtrace+0x428/0x590 lib/nmi_backtrace.c:85 [] arch_trigger_all_cpu_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 [] trigger_all_cpu_backtrace include/linux/nmi.h:44 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x636/0xa20 kernel/hung_task.c:238 [] kthread+0x245/0x310 kernel/kthread.c:211 [] ret_from_fork+0x3f/0x70 arch/x86/entry/entry_64.S:468 Code: b3 5f ff f6 c4 10 75 e1 44 89 e8 c1 e0 18 89 04 25 10 b3 5f ff 44 89 fa 09 da 80 cf 04 41 83 ff 02 0f 44 d3 89 14 25 00 b3 5f ff <41> f7 c4 00 02 00 00 74 1a e8 8b 9d 16 00 4c 89 e7 57 9d 0f 1f NMI backtrace for cpu 1 CPU: 1 PID: 3158 Comm: rsyslogd Not tainted 4.4.105-ge303a83 #5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8800b9524740 task.stack: ffff8801d4468000 RIP: 0010:[] [] __lock_is_held+0x91/0xf0 kernel/locking/lockdep.c:3463 RSP: 0018:ffff8801d446fa78 EFLAGS: 00000086 RAX: 0000000000000000 RBX: ffff8800b9524740 RCX: 000000000000000a RDX: 1ffff100172a49f5 RSI: ffffffff842b7700 RDI: ffffffff842b76c0 RBP: ffff8801d446faa8 R08: ffff8801d446fc10 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffed00172a49f5 R13: ffffffff842b76c0 R14: ffff8800b9524fb0 R15: 0000000000000000 FS: 00007f85771f8700(0000) GS:ffff8801db500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000c422339000 CR3: 00000001d572b000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff8800b9524fa8 0000000000000246 ffff8800b9524740 ffffffff842b76c0 000000000000052c 0000000000000400 ffff8801d446fad0 ffffffff81224d00 ffff8800b9524740 0000000000000000 ffffffff83fb0ed5 ffff8801d446fb08 Call Trace: [] lock_is_held+0xb0/0x140 kernel/locking/lockdep.c:3630 [] ___might_sleep+0x361/0x460 kernel/sched/core.c:7938 [] __might_sleep+0x90/0x1a0 kernel/sched/core.c:7930 [] slab_pre_alloc_hook mm/slub.c:1324 [inline] [] slab_alloc_node mm/slub.c:2527 [inline] [] slab_alloc mm/slub.c:2609 [inline] [] kmem_cache_alloc_trace+0x14c/0x2b0 mm/slub.c:2626 [] kmalloc include/linux/slab.h:470 [inline] [] syslog_print kernel/printk/printk.c:1148 [inline] [] do_syslog+0x52a/0xb00 kernel/printk/printk.c:1331 [] kmsg_read+0x65/0x80 fs/proc/kmsg.c:39 [] proc_reg_read+0xbc/0x180 fs/proc/inode.c:202 [] __vfs_read+0xda/0x3e0 fs/read_write.c:432 [] vfs_read+0xe1/0x340 fs/read_write.c:454 [] SYSC_read fs/read_write.c:569 [inline] [] SyS_read+0xd3/0x1c0 fs/read_write.c:562 [] entry_SYSCALL_64_fastpath+0x16/0x76 Code: 00 00 fc ff df 49 c1 ec 03 49 01 c4 eb 1a 41 0f b6 04 24 41 83 c7 01 84 c0 74 04 3c 03 7e 53 44 39 bb 68 08 00 00 7e 2b 49 63 c7 <4c> 89 ee 48 8d 04 80 49 8d 3c c6 e8 ef f9 ff ff 85 c0 74 cf 48