loop4: p1 size 2 extends beyond EOD, truncated
INFO: task init:6322 blocked for more than 140 seconds.
      Not tainted 4.9.194+ #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
init            D28056  6322      1 0x00000000
 0000000000000087 ffff880193a98000 ffff880167762c00 ffff8801db621000
 ffff8801c5d02f80 ffff8801db621018 ffff88015c007758 ffffffff8281af8e
 ffff88010000000d 1ffff1002b800ed4 00ffe8ffffc0c3a8 ffff8801db6218f0
Call Trace:
 [<00000000b4a9e59b>] schedule+0x92/0x1c0 kernel/sched/core.c:3546
 [<000000002562bc2b>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3579
 [<0000000087547cd9>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<0000000087547cd9>] mutex_lock_nested+0x38d/0x920 kernel/locking/mutex.c:621
 [<00000000a30febc8>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 [<00000000a30febc8>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
 [<00000000ebeb5bc2>] chrdev_open+0x230/0x630 fs/char_dev.c:398
 [<00000000374a48b3>] do_dentry_open+0x422/0xd20 fs/open.c:791
 [<0000000048d4d21b>] vfs_open+0x105/0x230 fs/open.c:904
 [<000000007555b75a>] do_last fs/namei.c:3541 [inline]
 [<000000007555b75a>] path_openat+0xbf5/0x2f60 fs/namei.c:3665
 [<00000000fef66902>] do_filp_open+0x1a1/0x280 fs/namei.c:3699
 [<0000000076d63ba2>] do_sys_open+0x2f0/0x610 fs/open.c:1097
 [<00000000701c6604>] SYSC_open fs/open.c:1115 [inline]
 [<00000000701c6604>] SyS_open+0x2d/0x40 fs/open.c:1110
 [<0000000080ada6c2>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<00000000278dd81f>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Showing all locks held in the system:
2 locks held by khungtaskd/24:
 #0:  (rcu_read_lock){......}, at: [<0000000057e1c435>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline]
 #0:  (rcu_read_lock){......}, at: [<0000000057e1c435>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263
 #1:  (tasklist_lock){.+.+..}, at: [<000000008b9b5119>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4336
1 lock held by rsyslogd/1893:
 #0:  (&f->f_pos_lock){+.+.+.}, at: [<00000000640864ca>] __fdget_pos+0xa8/0xd0 fs/file.c:782
2 locks held by getty/2020:
 #0:  (&tty->ldisc_sem){++++++}, at: [<00000000417322ce>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:376
 #1:  (&ldata->atomic_read_lock){+.+...}, at: [<0000000035baaeee>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156
2 locks held by udevd/5397:
 #0:  (&mm->mmap_sem){++++++}, at: [<0000000003f65e7e>] SYSC_munmap mm/mmap.c:2770 [inline]
 #0:  (&mm->mmap_sem){++++++}, at: [<0000000003f65e7e>] SyS_munmap+0x5d/0xb0 mm/mmap.c:2764
 #1:  (&anon_vma->rwsem){++++..}, at: [<00000000084f5fec>] anon_vma_lock_read include/linux/rmap.h:127 [inline]
 #1:  (&anon_vma->rwsem){++++..}, at: [<00000000084f5fec>] validate_mm+0xdb/0x5a0 mm/mmap.c:361
1 lock held by init/6322:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/6324:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/6326:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/6908:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by init/6909:
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open_by_driver drivers/tty/tty_io.c:2062 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<00000000a30febc8>] tty_open+0x3f9/0xe10 drivers/tty/tty_io.c:2140
1 lock held by blkid/15131:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<000000002945e20c>] lo_ioctl+0x8e/0x1b10 drivers/block/loop.c:1404
1 lock held by syz-executor.2/15145:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<000000002945e20c>] lo_ioctl+0x8e/0x1b10 drivers/block/loop.c:1404
1 lock held by syz-executor.0/15148:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<000000002945e20c>] lo_ioctl+0x8e/0x1b10 drivers/block/loop.c:1404
1 lock held by syz-executor.5/15149:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<000000002945e20c>] lo_ioctl+0x8e/0x1b10 drivers/block/loop.c:1404
1 lock held by syz-executor.3/15150:
 #0:  (&lo->lo_ctl_mutex/1){+.+.+.}, at: [<000000002945e20c>] lo_ioctl+0x8e/0x1b10 drivers/block/loop.c:1404

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.194+ #0
 ffff8801d98d7cc8 ffffffff81b67001 0000000000000001 0000000000000000
 0000000000000001 ffffffff81099d01 dffffc0000000000 ffff8801d98d7d00
 ffffffff81b7229c 0000000000000001 0000000000000000 0000000000000001
Call Trace:
 [<00000000523529da>] __dump_stack lib/dump_stack.c:15 [inline]
 [<00000000523529da>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<0000000093ff74de>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99
 [<000000007a08616a>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60
 [<00000000068ceeef>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<0000000075e64651>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<0000000075e64651>] check_hung_task kernel/hung_task.c:126 [inline]
 [<0000000075e64651>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline]
 [<0000000075e64651>] watchdog+0x670/0xaf0 kernel/hung_task.c:263
 [<000000008dc000f1>] kthread+0x278/0x310 kernel/kthread.c:211
 [<0000000000e43e0c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 15154 Comm: blkid Not tainted 4.9.194+ #0
task: 00000000f0fe14f0 task.stack: 000000008d42c95d
RIP: 0010:[<ffffffff81322700>] 
c [<000000004db80949>] __sanitizer_cov_trace_pc+0x0/0x50 kernel/kcov.c:93
RSP: 0000:ffff880158e8fe30  EFLAGS: 00000286
RAX: dffffc0000000000 RBX: ffff8801d7d7c7a0 RCX: 0000000000003b32
RDX: 1ffff10035298c61 RSI: ffffffff814b562f RDI: ffff8801a94c6308
RBP: ffff880158e8fe58 R08: 0000000000000001 R09: ffff88018f4367d0
R10: ffff88018f4367b0 R11: 0000000000000001 R12: 0000000000000000
R13: 00007f0daa6a0730 R14: dffffc0000000000 R15: 0000000000000001
FS:  00007f0daaae7740(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0daa6a0730 CR3: 0000000199c76000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Stack:
 ffffffff814b56ae
c ffff8801a94c6300
c 0000000000000007
c 00007f0daa6a0730
c
 ffff880158e8ff58
c ffff880158e8ff28
c ffffffff810b4761
c ffffffff81bcd65c
c
 0000000000000000
c 0000000000000002
c ffff8801a94c63a0
c 0000005500000000
c
Call Trace:
 [<0000000036e79e16>] __do_page_fault+0x291/0xa60 arch/x86/mm/fault.c:1347
 [<00000000ecbbfaad>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1464
 [<000000000fe7d62a>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956
Code: 
cfe 
cff 
cff 
c48 
c89 
cdf 
ce8 
cb0 
cc1 
c1d 
c00 
ce9 
c9a 
cfe 
cff 
cff 
c4c 
c89 
cef 
ce8 
ca3 
cc1 
c1d 
c00 
ce9 
c1e 
cfe 
cff 
cff 
c66 
c2e 
c0f 
c1f 
c84 
c00 
c00 
c00 
c00 
c00 
c0f 
c1f 
c40 
c00 
c<55> 
c48 
c89 
ce5 
c48 
c8b 
c75 
c08 
c65 
c48 
c8b 
c04 
c25 
c00 
c7e 
c01 
c00 
c65 
c8b 
c15 
c78 
c