binder: 5719:5722 transaction failed 29189/-3, size 72-24 line 3136 binder: BINDER_SET_CONTEXT_MGR already set binder: 5732:5736 ioctl 40046207 0 returned -16 binder_alloc: 6309: binder_alloc_buf, no vma binder: 5732:5736 transaction failed 29189/-3, size 72-24 line 3136 INFO: task kworker/u4:2:19627 blocked for more than 140 seconds. Not tainted 4.9.141+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:2 D29464 19627 2 0x80000000 Workqueue: events_unbound fsnotify_mark_destroy_workfn ffff8801cc5897c0 ffff88019c965280 ffff8801d2f9cd00 ffff88019c975f00 ffff8801db621018 ffff88019d9777c0 ffffffff828075c2 0000000000000096 ffffffff83cd8fd0 ffffffff830d2c20 0000000000003346 ffff8801db6218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771 [] do_wait_for_common kernel/sched/completion.c:75 [inline] [] __wait_for_common kernel/sched/completion.c:93 [inline] [] wait_for_common+0x3ef/0x5d0 kernel/sched/completion.c:101 [] wait_for_completion+0x18/0x20 kernel/sched/completion.c:122 [] __synchronize_srcu+0x254/0x3b0 kernel/rcu/srcu.c:448 [] synchronize_srcu+0x1e/0x40 kernel/rcu/srcu.c:492 [] fsnotify_mark_destroy_list+0x10f/0x390 fs/notify/mark.c:551 [] fsnotify_mark_destroy_workfn+0xe/0x10 fs/notify/mark.c:561 [] process_one_work+0x831/0x15f0 kernel/workqueue.c:2092 [] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1892: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 2 locks held by getty/2019: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 2 locks held by kworker/u4:2/19627: #0: ("events_unbound"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((reaper_work).work){+.+...}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 1 lock held by init/29588: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/29589: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/29777: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/29778: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/29779: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/29780: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #1 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000002 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 5737 Comm: syz-executor.1 Not tainted 4.9.141+ #1 task: ffff880191f497c0 task.stack: ffff880191f78000 RIP: 0010:[] c [] __write_once_size include/linux/compiler.h:272 [inline] RIP: 0010:[] c [] __sanitizer_cov_trace_pc+0x48/0x50 kernel/kcov.c:108 RSP: 0018:ffff880191f7f378 EFLAGS: 00000216 RAX: 0000000000040000 RBX: 0000000000000080 RCX: ffffc900069b7000 RDX: 0000000000006e2e RSI: ffffffff81b8dc30 RDI: ffff8801d4d8d9c8 RBP: ffff880191f7f378 R08: ffffc9000ec1ece3 R09: 0000000000000001 R10: fffff52001d83ce8 R11: ffffc9000ec1e742 R12: 00000000000000b2 R13: 0000000000000000 R14: ffff8801d4d8d9c8 R15: 020c000000000000 FS: 00007f602617e700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000240 CR3: 000000019802f000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff880191f7f3b8c ffffffff81b8dc30c 020c0002c0000000c 0000000000000180c 00000000000000a2c ffff8801d4d8d9c8c dffffc0000000000c ffff8801d4d8d9f8c ffff880191f7f3e0c ffffffff81b8dcabc ffff8801d4d8d9c0c 0000000000000221c Call Trace: [] _find_next_bit.part.0+0xe0/0x120 lib/find_bit.c:53 [] _find_next_bit lib/find_bit.c:36 [inline] [] find_next_bit+0x3b/0x50 lib/find_bit.c:64 [] ebitmap_next_positive security/selinux/ss/ebitmap.h:70 [inline] [] ebitmap_write+0x214/0xd60 security/selinux/ss/ebitmap.c:461 [] write_cons_helper.isra.19+0x327/0x600 security/selinux/ss/policydb.c:2822 [] class_write+0x438/0x8e0 security/selinux/ss/policydb.c:2891 [] hashtab_map+0x109/0x190 security/selinux/ss/hashtab.c:134 [] policydb_write+0x634/0x2610 security/selinux/ss/policydb.c:3422 [] security_read_policy+0x13e/0x230 security/selinux/ss/services.c:3438 [] sel_open_policy+0x162/0x2c0 security/selinux/selinuxfs.c:388 [] do_dentry_open+0x3ef/0xc90 fs/open.c:766 [] vfs_open+0x11c/0x210 fs/open.c:879 [] do_last fs/namei.c:3410 [inline] [] path_openat+0x542/0x2790 fs/namei.c:3534 [] do_filp_open+0x197/0x270 fs/namei.c:3568 [] do_sys_open+0x30d/0x5c0 fs/open.c:1072 [] SYSC_openat fs/open.c:1099 [inline] [] SyS_openat+0x30/0x40 fs/open.c:1093 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c00 c75 c2b c8b c90 c38 c12 c00 c00 c83 cfa c02 c75 c20 c48 c8b c88 c40 c12 c00 c00 c8b c80 c3c c12 c00 c00 c48 c8b c11 c48 c83 cc2 c01 c48 c39 cd0 c76 c07 c48 c89 c34 cd1 c<48> c89 c11 c5d cc3 c0f c1f c00 c55 cba c58 c00 c00 c00 c48 c89 ce5 c41 c55 c49 c89 c