loop4: p1 size 2 extends beyond EOD, truncated loop1: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p loop1: p1 size 2 extends beyond EOD, truncated INFO: task init:9197 blocked for more than 140 seconds. Not tainted 4.9.194+ #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. init D29304 9197 1 0x00000000 0000000000000087 ffff88018cd8af80 ffff8801d3a4c780 ffff8801db621000 ffff8801c9c30000 ffff8801db621018 ffff88018d33f758 ffffffff8281af8e ffff88010000000d 1ffff10031a67ed4 00ffe8ffffc14cf0 ffff8801db6218f0 Call Trace: [<00000000d0e80c6f>] schedule+0x92/0x1c0 kernel/sched/core.c:3546 [<0000000012d3e834>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3579 [<00000000c81640c2>] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [<00000000c81640c2>] mutex_lock_nested+0x38d/0x920 kernel/locking/mutex.c:621 [<00000000e7fb7429>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline] [<00000000e7fb7429>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140 [<0000000036f386a4>] chrdev_open+0x230/0x630 fs/char_dev.c:398 [<00000000b976a248>] do_dentry_open+0x422/0xd20 fs/open.c:791 [<000000006e9601f8>] vfs_open+0x105/0x230 fs/open.c:904 [<00000000c0cc5296>] do_last fs/namei.c:3541 [inline] [<00000000c0cc5296>] path_openat+0xbf5/0x2f60 fs/namei.c:3665 [<0000000090512a60>] do_filp_open+0x1a1/0x280 fs/namei.c:3699 [<000000007a9bd0fc>] do_sys_open+0x2f0/0x610 fs/open.c:1097 [<00000000b329fe49>] SYSC_open fs/open.c:1115 [inline] [<00000000b329fe49>] SyS_open+0x2d/0x40 fs/open.c:1110 [<0000000024ef4598>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c3b32a67>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [<00000000d3df507d>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline] #0: (rcu_read_lock){......}, at: [<00000000d3df507d>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263 #1: (tasklist_lock){.+.+..}, at: [<000000002e5f0f09>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1893: #0: (&f->f_pos_lock){+.+.+.}, at: [<0000000037fd2641>] __fdget_pos+0xa8/0xd0 fs/file.c:782 2 locks held by getty/2021: #0: (&tty->ldisc_sem){++++++}, at: [<00000000351dba48>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:376 #1: (&ldata->atomic_read_lock){+.+...}, at: [<00000000a3e1e651>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156 2 locks held by syz-executor.1/2097: #0: (tasklist_lock){.+.+..}, at: [<000000007cd040e7>] do_wait+0x371/0x930 kernel/exit.c:1567 #1: (rcu_read_lock){......}, at: [<0000000085907658>] avc_has_perm_noaudit security/selinux/avc.c:1106 [inline] #1: (rcu_read_lock){......}, at: [<0000000085907658>] avc_has_perm+0xac/0x3a0 security/selinux/avc.c:1146 1 lock held by init/9197: #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline] #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140 1 lock held by init/9198: #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline] #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140 1 lock held by init/9199: #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline] #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140 1 lock held by init/9200: #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline] #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140 1 lock held by init/9201: #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline] #0: (tty_mutex){+.+.+.}, at: [<00000000e7fb7429>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140 1 lock held by blkid/19375: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000480db70a>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 1 lock held by blkid/19386: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000480db70a>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 1 lock held by blkid/19389: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000480db70a>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.194+ #0 ffff8801d98d7cc8 ffffffff81b67001 0000000000000001 0000000000000000 0000000000000001 ffffffff81099d01 dffffc0000000000 ffff8801d98d7d00 ffffffff81b7229c 0000000000000001 0000000000000000 0000000000000001 Call Trace: [<000000001dd9cb2a>] __dump_stack lib/dump_stack.c:15 [inline] [<000000001dd9cb2a>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000b2784783>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99 [<00000000259e4bc4>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60 [<00000000a9f717e5>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [<0000000040156feb>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [<0000000040156feb>] check_hung_task kernel/hung_task.c:126 [inline] [<0000000040156feb>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline] [<0000000040156feb>] watchdog+0x670/0xaf0 kernel/hung_task.c:263 [<0000000009b7885c>] kthread+0x278/0x310 kernel/kthread.c:211 [<0000000039c871d8>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 19377 Comm: syz-executor.1 Not tainted 4.9.194+ #0 task: 00000000afc7aee9 task.stack: 00000000a67cb7c0 RIP: 0010:[] c [<00000000b877bd76>] native_apic_mem_write+0x8/0x10 arch/x86/include/asm/apic.h:102 RSP: 0018:ffff8801db607dd8 EFLAGS: 00000046 RAX: ffffffff810a21d0 RBX: ffffffff82e906c0 RCX: 0000000000000020 RDX: 1ffffffff05d20f5 RSI: 00000000000000dd RDI: 0000000000000380 RBP: ffff8801db607df0 R08: ffff88021fffd01c R09: ffff88021fffd008 R10: ffff88021fffd010 R11: 000001b238433737 R12: ffff8801db617e40 R13: 1ffff1003b6c0fc1 R14: 0000000000000003 R15: ffff8801db607e68 FS: 00007ff9e8bbc700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000960004 CR3: 00000001d95f7000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: ffffffff81091f3dc 0000000000000003c 00000000000000ddc ffff8801db607e90c ffffffff81294b21c 00000000d026e748c 0000000041b58ab3c ffffffff82e38082c ffffffff81294860c ffff8801c89aaf80c 000001b16f7cfc10c ffff8801c8745088c Call Trace: [<0000000075ea5ff6>] clockevents_program_event+0x2c1/0x3f0 kernel/time/clockevents.c:339 [<0000000013269c07>] tick_program_event+0xf9/0x180 kernel/time/tick-oneshot.c:47 [<00000000bb7b8cfd>] hrtimer_interrupt+0x1e8/0x450 kernel/time/hrtimer.c:1366 [<000000003eb944b2>] local_apic_timer_interrupt+0x76/0xa0 arch/x86/kernel/apic/apic.c:975 [<00000000196f1d8c>] smp_apic_timer_interrupt+0x79/0xb0 arch/x86/kernel/apic/apic.c:999 [<00000000e44dd269>] apic_timer_interrupt+0xa5/0xb0 arch/x86/entry/entry_64.S:653 d [<000000006b36268a>] ? __read_once_size include/linux/compiler.h:264 [inline] d [<000000006b36268a>] ? depot_save_stack+0x105/0x4a0 lib/stackdepot.c:225 [<00000000912229fa>] save_stack mm/kasan/kasan.c:518 [inline] [<00000000912229fa>] set_track mm/kasan/kasan.c:524 [inline] [<00000000912229fa>] kasan_kmalloc.part.0+0xc6/0xf0 mm/kasan/kasan.c:616 [<0000000098b5c0fb>] kasan_kmalloc+0xb7/0xd0 mm/kasan/kasan.c:601 [<00000000fd6deace>] kasan_slab_alloc+0xf/0x20 mm/kasan/kasan.c:554 [<00000000f229d86e>] slab_post_alloc_hook mm/slab.h:417 [inline] [<00000000f229d86e>] slab_alloc_node mm/slub.c:2715 [inline] [<00000000f229d86e>] slab_alloc mm/slub.c:2723 [inline] [<00000000f229d86e>] __kmalloc_track_caller+0xf4/0x2d0 mm/slub.c:4232 [<000000003ec3adf0>] kstrdup+0x3a/0x80 mm/util.c:53 [<000000006ce21b55>] kstrdup_const+0x48/0x60 mm/util.c:74 [<00000000e48e2fd5>] __kernfs_new_node+0x2b/0x2b0 fs/kernfs/dir.c:615 [<000000000767184e>] kernfs_new_node+0x80/0xf0 fs/kernfs/dir.c:651 [<00000000bdd13172>] kernfs_create_dir_ns+0x41/0x140 fs/kernfs/dir.c:923 [<000000005dc4a317>] sysfs_create_dir_ns+0xbe/0x1d0 fs/sysfs/dir.c:55 [<0000000098bafd84>] create_dir lib/kobject.c:71 [inline] [<0000000098bafd84>] kobject_add_internal+0x28f/0x8a0 lib/kobject.c:229 [<0000000040189eba>] kobject_add_varg lib/kobject.c:364 [inline] [<0000000040189eba>] kobject_add+0x135/0x1a0 lib/kobject.c:409 [<000000003a0238bc>] device_add+0x354/0x1490 drivers/base/core.c:1145 [<0000000051fbdc68>] add_partition+0x7e0/0xd90 block/partition-generic.c:350 [<000000003ba18f30>] rescan_partitions+0x44e/0x5c0 block/partition-generic.c:533 [<000000004ec2d5af>] __blkdev_reread_part+0x145/0x1e0 block/ioctl.c:170 [<00000000bc5ca372>] blkdev_reread_part+0x27/0x40 block/ioctl.c:190 [<0000000082469228>] loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:637 [<0000000052726cfe>] loop_set_status+0xc02/0x1260 drivers/block/loop.c:1196 [<0000000061ddd3f0>] loop_set_status64+0xd7/0x130 drivers/block/loop.c:1305 [<00000000cd30e30e>] lo_ioctl+0x4c7/0x1b10 drivers/block/loop.c:1430 [<000000005d4eab93>] __blkdev_driver_ioctl block/ioctl.c:294 [inline] [<000000005d4eab93>] blkdev_ioctl+0xe14/0x19e0 block/ioctl.c:590 [<000000005f135f47>] block_ioctl+0xde/0x120 fs/block_dev.c:1696 [<00000000e2e83260>] vfs_ioctl fs/ioctl.c:43 [inline] [<00000000e2e83260>] file_ioctl fs/ioctl.c:493 [inline] [<00000000e2e83260>] do_vfs_ioctl+0xb87/0x11d0 fs/ioctl.c:677 [<000000006bd3d4a0>] SYSC_ioctl fs/ioctl.c:694 [inline] [<000000006bd3d4a0>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685 [<0000000024ef4598>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c3b32a67>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c89 ce7 ce8 c46 cca c02 c00 c41 c5c c5d cc3 c48 cc7 cc7 ca0 c26 c57 c83 ce8 cac cc6 c45 c00 ceb cdd c66 c2e c0f c1f c84 c00 c00 c00 c00 c00 c89 cff c89 cb7 c00 cd0 c5f cff c c0f c1f c80 c00 c00 c00 c00 c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c55 c48 c89 c