INFO: task syz-executor.0:5226 blocked for more than 140 seconds. Not tainted 4.9.194+ #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D25480 5226 1 0x00000004 0000000000000083 ffff8801a581c740 ffff8801d42bd280 ffff8801db621000 ffff8801c97ac740 ffff8801db621018 ffff8801a3d2f988 ffffffff8281af8e ffffffff830c3120 ffff8801a3d2f9a8 00ff8801a3d2f8d8 ffff8801db6218f0 Call Trace: [<000000008613e33e>] schedule+0x92/0x1c0 kernel/sched/core.c:3546 [<0000000068fb6c32>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3579 [<000000005764faa9>] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [<000000005764faa9>] mutex_lock_nested+0x38d/0x920 kernel/locking/mutex.c:621 [<000000003a3e36ae>] blkdev_reread_part+0x1f/0x40 block/ioctl.c:189 [<00000000f7424387>] loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:637 [<000000007a2ba487>] loop_clr_fd+0x7dd/0xa60 drivers/block/loop.c:1081 [<0000000055b1a96d>] lo_ioctl+0x7e9/0x1b10 drivers/block/loop.c:1414 [<000000008a177562>] __blkdev_driver_ioctl block/ioctl.c:294 [inline] [<000000008a177562>] blkdev_ioctl+0xe14/0x19e0 block/ioctl.c:590 [<000000003da0a210>] block_ioctl+0xde/0x120 fs/block_dev.c:1696 [<00000000b2519ef6>] vfs_ioctl fs/ioctl.c:43 [inline] [<00000000b2519ef6>] file_ioctl fs/ioctl.c:493 [inline] [<00000000b2519ef6>] do_vfs_ioctl+0xb87/0x11d0 fs/ioctl.c:677 [<00000000eca1c50d>] SYSC_ioctl fs/ioctl.c:694 [inline] [<00000000eca1c50d>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685 [<000000003f8a9d01>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<0000000019743185>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [<000000002e91c609>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline] #0: (rcu_read_lock){......}, at: [<000000002e91c609>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263 #1: (tasklist_lock){.+.+..}, at: [<00000000fbd51552>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1899: #0: (&f->f_pos_lock){+.+.+.}, at: [<00000000b1fbe1e1>] __fdget_pos+0xa8/0xd0 fs/file.c:782 2 locks held by getty/2028: #0: (&tty->ldisc_sem){++++++}, at: [<0000000063c19204>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:376 #1: (&ldata->atomic_read_lock){+.+...}, at: [<000000005983c3cb>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156 2 locks held by syz-executor.0/5226: #0: (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<00000000892fff78>] lo_ioctl+0x8e/0x1b10 drivers/block/loop.c:1404 #1: (&bdev->bd_mutex){+.+.+.}, at: [<000000003a3e36ae>] blkdev_reread_part+0x1f/0x40 block/ioctl.c:189 2 locks held by syz-executor.1/7611: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000f3a4359f>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 #1: (loop_index_mutex){+.+.+.}, at: [<0000000052f9f769>] lo_open+0x1d/0xb0 drivers/block/loop.c:1621 2 locks held by syz-executor.3/23454: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000f3a4359f>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 #1: (loop_index_mutex){+.+.+.}, at: [<0000000052f9f769>] lo_open+0x1d/0xb0 drivers/block/loop.c:1621 1 lock held by syz-executor.5/25611: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000f3a4359f>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 2 locks held by syz-executor.4/29305: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000428527fc>] __blkdev_put+0xbb/0x840 fs/block_dev.c:1587 #1: (loop_index_mutex){+.+.+.}, at: [<000000004c240bee>] lo_release+0x20/0x1b0 drivers/block/loop.c:1663 2 locks held by syz-executor.2/29333: #0: (loop_index_mutex){+.+.+.}, at: [<000000003fbb2bfb>] loop_control_ioctl+0x7a/0x320 drivers/block/loop.c:1973 #1: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [<00000000eba52efa>] loop_control_ioctl+0x17f/0x320 drivers/block/loop.c:1987 1 lock held by syz-executor.2/29349: #0: (loop_index_mutex){+.+.+.}, at: [<000000003fbb2bfb>] loop_control_ioctl+0x7a/0x320 drivers/block/loop.c:1973 1 lock held by blkid/29334: #0: (&bdev->bd_mutex){+.+.+.}, at: [<0000000051b6401e>] blkdev_put+0x2b/0x560 fs/block_dev.c:1629 2 locks held by blkid/29336: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000428527fc>] __blkdev_put+0xbb/0x840 fs/block_dev.c:1587 #1: (loop_index_mutex){+.+.+.}, at: [<000000004c240bee>] lo_release+0x20/0x1b0 drivers/block/loop.c:1663 2 locks held by blkid/29342: #0: (&bdev->bd_mutex){+.+.+.}, at: [<00000000f3a4359f>] __blkdev_get+0x10e/0xeb0 fs/block_dev.c:1273 #1: (loop_index_mutex){+.+.+.}, at: [<0000000052f9f769>] lo_open+0x1d/0xb0 drivers/block/loop.c:1621 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.194+ #0 ffff8801d98d7cc8 ffffffff81b67001 0000000000000000 0000000000000000 0000000000000000 ffffffff81099d01 dffffc0000000000 ffff8801d98d7d00 ffffffff81b7229c 0000000000000000 0000000000000000 0000000000000000 Call Trace: [<000000003ed5473c>] __dump_stack lib/dump_stack.c:15 [inline] [<000000003ed5473c>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000006d71cb08>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99 [<0000000071098b08>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60 [<000000004eafe88e>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [<0000000010e49654>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [<0000000010e49654>] check_hung_task kernel/hung_task.c:126 [inline] [<0000000010e49654>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline] [<0000000010e49654>] watchdog+0x670/0xaf0 kernel/hung_task.c:263 [<0000000019a70708>] kthread+0x278/0x310 kernel/kthread.c:211 [<00000000ce187742>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.9.194+ #0 task: 0000000044088be0 task.stack: 00000000f7ae26e6 RIP: 0010:[] c [<0000000024b67802>] update_ts_time_stats+0xb6/0x320 kernel/time/tick-sched.c:539 RSP: 0018:ffff8801db707ec0 EFLAGS: 00000046 RAX: 0000000000000000 RBX: ffff8801db71cb00 RCX: 0000000000000000 RDX: 1ffff1003b6e3972 RSI: ffffffff8129a154 RDI: ffff8801db71cb90 RBP: ffff8801db707f60 R08: ffff88021fffd05c R09: ffff88021fffd048 R10: ffff88021fffd050 R11: 000000a74e99199a R12: 0000000000000000 R13: 1ffff1003b6e0fdb R14: 000000a6932b5261 R15: 0000000000000001 FS: 0000000000000000(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000023871a0 CR3: 00000001d4d42000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: ffff88021fffd04fc ffffed0043fffa0bc 000000000be05773c 0000000041b58ab3c ffffffff82e38248c ffffffff8129a0e0c ffff8801db71cb74c 000000a6932b5261c 00000000000199bac dffffc0000000000c ffff8801db707f50c ffffffff81bcd65cc Call Trace: [<00000000b07ba62c>] tick_nohz_stop_idle+0x26/0x70 kernel/time/tick-sched.c:555 [<000000008418f972>] tick_nohz_irq_enter kernel/time/tick-sched.c:1146 [inline] [<000000008418f972>] tick_irq_enter+0x157/0x220 kernel/time/tick-sched.c:1165 [<00000000bf6cb7d2>] irq_enter+0xb3/0xd0 kernel/softirq.c:349 [<00000000054b070c>] smp_reschedule_interrupt+0xa/0x90 arch/x86/kernel/smp.c:267 [<00000000e4cd5d3f>] reschedule_interrupt+0xa5/0xb0 arch/x86/entry/entry_64.S:676 d [<0000000029b1316d>] ? native_safe_halt+0x41/0x60 arch/x86/include/asm/irqflags.h:59 [<000000003ab852d2>] arch_safe_halt arch/x86/include/asm/paravirt.h:104 [inline] [<000000003ab852d2>] default_idle+0x56/0x370 arch/x86/kernel/process.c:500 [<0000000061e0b486>] arch_cpu_idle+0x10/0x20 arch/x86/kernel/process.c:491 [<0000000015b7fcaa>] default_idle_call+0x36/0x60 kernel/sched/idle.c:97 [<00000000df16e09a>] cpuidle_idle_call kernel/sched/idle.c:155 [inline] [<00000000df16e09a>] cpu_idle_loop kernel/sched/idle.c:248 [inline] [<00000000df16e09a>] cpu_startup_entry+0x283/0x3a0 kernel/sched/idle.c:303 [<00000000114ce412>] start_secondary+0x31c/0x410 arch/x86/kernel/smpboot.c:251 Code: c8d cbb c90 c00 c00 c00 c4c c8b c75 c98 c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c48 c89 cfa c48 cc1 cea c03 c0f cb6 c04 c02 c84 cc0 c74 c08 c3c c03 c0f c8e cc0 c01 c00 c00 c<8b> c83 c90 c00 c00 c00 c85 cc0 c0f c85 c83 c00 c00 c00 ce8 c57 c85 c08 c00 c4d c85 c