binder: 19934:19936 transaction failed 29189/-3, size 0-12288 line 3136 binder: BINDER_SET_CONTEXT_MGR already set binder: 19950:19955 ioctl 40046207 0 returned -16 binder_alloc: 433: binder_alloc_buf, no vma binder: 19950:19955 transaction failed 29189/-3, size 0-12288 line 3136 INFO: task kworker/u4:5:2114 blocked for more than 140 seconds. Not tainted 4.9.141+ #23 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:5 D25400 2114 2 0x80000000 Workqueue: events_unbound fsnotify_mark_destroy_workfn ffff8801d7868000 ffff8801c0cc9b80 ffff8801c0cca100 ffff8801d3b897c0 ffff8801db721018 ffff8801d396f7c0 ffffffff828075c2 0000000000000096 ffffffff83ce6980 ffffffff830d2c20 0000000000000aee ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771 [] do_wait_for_common kernel/sched/completion.c:75 [inline] [] __wait_for_common kernel/sched/completion.c:93 [inline] [] wait_for_common+0x3ef/0x5d0 kernel/sched/completion.c:101 [] wait_for_completion+0x18/0x20 kernel/sched/completion.c:122 [] __synchronize_srcu+0x254/0x3b0 kernel/rcu/srcu.c:448 [] synchronize_srcu+0x1e/0x40 kernel/rcu/srcu.c:492 [] fsnotify_mark_destroy_list+0x10f/0x390 fs/notify/mark.c:551 [] fsnotify_mark_destroy_workfn+0xe/0x10 fs/notify/mark.c:561 [] process_one_work+0x831/0x15f0 kernel/workqueue.c:2092 [] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1900: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 2 locks held by getty/2027: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 2 locks held by kworker/u4:5/2114: #0: ("events_unbound"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((reaper_work).work){+.+...}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 1 lock held by init/15851: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/15852: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/15853: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/15854: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/15855: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/15856: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #23 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 2085 Comm: syz-executor.4 Not tainted 4.9.141+ #23 task: ffff8801d27e97c0 task.stack: ffff8801aff48000 RIP: 0010:[] c [] jhash2 include/linux/jhash.h:129 [inline] RIP: 0010:[] c [] hash_stack lib/stackdepot.c:161 [inline] RIP: 0010:[] c [] depot_save_stack+0x69/0x470 lib/stackdepot.c:217 RSP: 0018:ffff8801aff4f888 EFLAGS: 00000a13 RAX: 000000004cf43ab6 RBX: 0000000063df4a2d RCX: 000000000000000a RDX: ffff8801aff4f930 RSI: 00000000543e09bd RDI: 00000000ffffffff RBP: ffff8801aff4f8d8 R08: 000000000000000b R09: ffff8801aff4f900 R10: ffffed0035fe9f13 R11: ffff8801aff4f89f R12: ffff8801aff4f8e8 R13: 0000000000000000 R14: ffff8801d11bdee0 R15: ffff8801d11bdf2f FS: 0000000000000000(0000) GS:ffff8801db600000(0063) knlGS:000000000a001900 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 0000000008148008 CR3: 00000001afda7000 CR4: 00000000001606b0 Stack: ffff8801024000c0c 0000000000000000c ffff8801aff4ff48c 0000000000000000c 67482b2cef267702c ffff8801d11bdf30c 00000000024000c0c 0000000000000000c ffff8801d11bdee0c ffff8801d11bdf2fc ffff8801aff4fb10c ffffffff814f1ff9c Call Trace: [] save_stack mm/kasan/kasan.c:511 [inline] [] set_track mm/kasan/kasan.c:517 [inline] [] kasan_kmalloc.part.1+0xc9/0xf0 mm/kasan/kasan.c:609 [] kasan_kmalloc+0xaf/0xc0 mm/kasan/kasan.c:594 [] kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:547 [] slab_post_alloc_hook mm/slab.h:417 [inline] [] slab_alloc_node mm/slub.c:2715 [inline] [] slab_alloc mm/slub.c:2723 [inline] [] kmem_cache_alloc+0xd5/0x2b0 mm/slub.c:2728 [] anon_vma_chain_alloc mm/rmap.c:125 [inline] [] anon_vma_fork+0x1cc/0x4a0 mm/rmap.c:341 [] dup_mmap kernel/fork.c:628 [inline] [] dup_mm kernel/fork.c:1156 [inline] [] copy_mm kernel/fork.c:1210 [inline] [] copy_process.part.8+0x42a9/0x6a10 kernel/fork.c:1692 [] copy_process kernel/fork.c:1505 [inline] [] _do_fork+0x1b2/0xd30 kernel/fork.c:1972 [] SYSC_clone kernel/fork.c:2084 [inline] [] SyS_clone+0x37/0x50 kernel/fork.c:2078 [] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline] [] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Code: c49 c89 cfc c48 c01 cc0 c8d c34 c85 c7b c71 cf5 c75 c83 cf8 c03 c89 cc1 c89 cf3 c89 cf0 c4c c89 cca c76 c5d c03 c5a c08 c83 ce9 c03 c48 c83 cc2 c0c c8b c7a cf4 c03 c42 cf8 c<29> cdf c01 cf7 c89 cde c01 cc3 cc1 cc6 c04 c31 cfe c29 cf0 c89 cc7 c89 cf0 c01 cde c