[11719] 0 11719 18146 11611 31 4 0 0 syz-executor.2 [11732] 0 11732 18146 11610 30 4 0 0 syz-executor.1 [11747] 0 11747 18146 11611 31 4 0 0 syz-executor.2 [11753] 0 11753 18146 11612 31 4 0 0 syz-executor.3 [11756] 0 11756 18146 11610 30 4 0 0 syz-executor.1 INFO: task syz-executor.3:26709 blocked for more than 140 seconds. Not tainted 4.14.111+ #52 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [11769] 0 11769 18146 11611 31 4 0 0 syz-executor.2 syz-executor.3 D27792 26709 1852 0x00000000 [11780] 0 11780 18146 11610 30 4 0 0 syz-executor.1 Call Trace: [11794] 0 11794 18146 11611 31 4 0 0 syz-executor.2 [11800] 0 11800 18146 11610 30 4 0 0 syz-executor.1 [11846] 0 11846 18146 11611 31 4 0 0 syz-executor.2 [11851] 0 11851 18146 11610 30 4 0 0 syz-executor.1 [11868] 0 11868 18146 11611 31 4 0 0 syz-executor.2 [11879] 0 11879 18146 11610 30 4 0 0 syz-executor.1 [11886] 0 11886 18146 8744 27 4 0 0 syz-executor.5 [11890] 0 11890 18146 11611 31 4 0 0 syz-executor.2 [11903] 0 11903 18146 8744 27 4 0 0 syz-executor.5 [11905] 0 11905 18146 11610 30 4 0 0 syz-executor.1 [11927] 0 11927 18146 11611 31 4 0 0 syz-executor.2 [11928] 0 11928 18146 8744 27 4 0 0 syz-executor.5 [11932] 0 11932 18146 11610 30 4 0 0 syz-executor.1 [11954] 0 11954 18146 11611 31 4 0 0 syz-executor.2 schedule+0x92/0x1c0 kernel/sched/core.c:3498 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:276 [inline] rwsem_down_read_failed+0x21f/0x3c0 kernel/locking/rwsem-xadd.c:293 [11958] 0 11958 18146 8709 25 3 0 0 syz-executor.5 [11959] 0 11959 18146 11610 30 4 0 0 syz-executor.1 [11981] 0 11981 18146 11611 31 4 0 0 syz-executor.2 [11986] 0 11986 18146 8709 25 3 0 0 syz-executor.5 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 [11987] 0 11987 18146 11610 30 4 0 0 syz-executor.1 __down_read arch/x86/include/asm/rwsem.h:66 [inline] down_read+0x45/0xa0 kernel/locking/rwsem.c:26 [11989] 0 11989 18146 8745 27 4 0 0 syz-executor.3 [12003] 0 12003 18146 8745 27 4 0 0 syz-executor.3 __do_page_fault+0x871/0xb80 arch/x86/mm/fault.c:1361 [12011] 0 12011 18146 11611 31 4 0 0 syz-executor.2 [12015] 0 12015 18146 11610 30 4 0 0 syz-executor.1 [12017] 0 12017 18146 8709 25 3 0 0 syz-executor.5 [12034] 0 12034 18146 11611 31 4 0 0 syz-executor.5 [12037] 0 12037 18146 11611 31 4 0 0 syz-executor.2 [12041] 0 12041 18146 11610 30 4 0 0 syz-executor.1 page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1104 [12054] 0 12054 18146 11611 31 4 0 0 syz-executor.5 RIP: 2b465f:0x3e8 [12060] 0 12060 18146 11611 31 4 0 0 syz-executor.2 RSP: 73bfa0:000000000073c900 EFLAGS: 0073c900 [12061] 0 12061 18146 11610 30 4 0 0 syz-executor.1 INFO: task syz-executor.3:26711 blocked for more than 140 seconds. [12072] 0 12072 18146 11611 31 4 0 0 syz-executor.5 Not tainted 4.14.111+ #52 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [12076] 0 12076 18146 9782 28 4 0 0 syz-executor.1 syz-executor.3 D29048 26711 1852 0x00000000 [12077] 0 12077 18146 11611 31 4 0 0 syz-executor.2 Call Trace: [12098] 0 12098 18146 11610 30 4 0 0 syz-executor.1 [12104] 0 12104 18146 11611 31 4 0 0 syz-executor.2 [12105] 0 12105 18146 11611 31 4 0 0 syz-executor.5 [12111] 0 12111 18146 11610 30 4 0 0 syz-executor.1 [12123] 0 12123 18146 11611 31 4 0 0 syz-executor.2 [12127] 0 12127 18146 11611 31 4 0 0 syz-executor.5 [12132] 0 12132 18146 11610 30 4 0 0 syz-executor.1 [12133] 0 12133 18146 11611 31 4 0 0 syz-executor.2 [12150] 0 12150 18146 11611 31 4 0 0 syz-executor.5 [12157] 0 12157 18146 11610 30 4 0 0 syz-executor.1 [12158] 0 12158 18146 11611 31 4 0 0 syz-executor.2 [12159] 0 12159 18146 11612 31 4 0 0 syz-executor.3 [12171] 0 12171 18146 11611 31 4 0 0 syz-executor.5 [12177] 0 12177 18146 11612 31 4 0 0 syz-executor.3 [12178] 0 12178 18146 11610 30 4 0 0 syz-executor.1 [12179] 0 12179 18146 11611 31 4 0 0 syz-executor.2 schedule+0x92/0x1c0 kernel/sched/core.c:3498 [12183] 0 12183 18146 11611 31 4 0 0 syz-executor.5 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:601 [12200] 0 12200 18146 11610 30 4 0 0 syz-executor.1 [12210] 0 12210 18146 11612 31 4 0 0 syz-executor.3 [12211] 0 12211 18146 11611 31 4 0 0 syz-executor.2 [12219] 0 12219 18146 11610 30 4 0 0 syz-executor.1 [12228] 0 12228 18146 11612 31 4 0 0 syz-executor.3 call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105 [12237] 0 12237 18146 11611 31 4 0 0 syz-executor.2 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x4f/0x90 kernel/locking/rwsem.c:56 [12244] 0 12244 18146 11611 31 4 0 0 syz-executor.5 [12247] 0 12247 18146 11610 30 4 0 0 syz-executor.1 prctl_set_mm+0x245/0xd70 kernel/sys.c:2061 [12252] 0 12252 18146 11612 31 4 0 0 syz-executor.3 [12261] 0 12261 18146 11611 31 4 0 0 syz-executor.2 [12272] 0 12272 18146 11610 30 4 0 0 syz-executor.1 [12273] 0 12273 18146 11612 31 4 0 0 syz-executor.3 SYSC_prctl kernel/sys.c:2490 [inline] SyS_prctl+0x3eb/0x12d0 kernel/sys.c:2346 [12286] 0 12286 18146 11611 31 4 0 0 syz-executor.2 [12293] 0 12293 18146 11610 30 4 0 0 syz-executor.1 [12299] 0 12299 18146 11612 31 4 0 0 syz-executor.3 do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289 [12300] 0 12300 18146 11611 31 4 0 0 syz-executor.5 INFO: task syz-executor.1:26727 blocked for more than 140 seconds. [12308] 0 12308 18146 11611 31 4 0 0 syz-executor.2 Not tainted 4.14.111+ #52 [12318] 0 12318 18146 11610 30 4 0 0 syz-executor.1 [12327] 0 12327 18146 11612 31 4 0 0 syz-executor.3 [12330] 0 12330 18146 11611 31 4 0 0 syz-executor.5 [12332] 0 12332 18146 11611 31 4 0 0 syz-executor.2 [12343] 0 12343 18146 11610 30 4 0 0 syz-executor.1 [12357] 0 12357 18146 11611 31 4 0 0 syz-executor.2 [12366] 0 12366 18146 11610 30 4 0 0 syz-executor.1 [12388] 0 12388 18146 11611 31 4 0 0 syz-executor.5 [12389] 0 12389 18146 11610 30 4 0 0 syz-executor.1 [12409] 0 12409 18146 11611 31 4 0 0 syz-executor.2 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [12422] 0 12422 18146 8745 27 4 0 0 syz-executor.3 syz-executor.1 D [12432] 0 12432 18146 11611 31 4 0 0 syz-executor.2 26232 26727 1861 0x00000000 [12436] 0 12436 18146 8745 27 4 0 0 syz-executor.3 Call Trace: [12450] 0 12450 18146 11610 30 4 0 0 syz-executor.1 [12453] 0 12453 18146 8745 27 4 0 0 syz-executor.3 [12455] 0 12455 18146 11611 31 4 0 0 syz-executor.5 [12456] 0 12456 18146 11611 31 4 0 0 syz-executor.2 [12470] 0 12470 18146 11610 30 4 0 0 syz-executor.1 schedule+0x92/0x1c0 kernel/sched/core.c:3498 [12482] 0 12482 18146 11611 31 4 0 0 syz-executor.5 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:572 [inline] rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:601 [12493] 0 12493 18146 11610 30 4 0 0 syz-executor.1 call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x4f/0x90 kernel/locking/rwsem.c:56 [12503] 0 12503 18146 11611 31 4 0 0 syz-executor.5 [12509] 0 12509 18146 9701 28 4 0 0 syz-executor.2 [12513] 0 12513 18146 11610 30 4 0 0 syz-executor.1 [12532] 0 12532 18146 11611 31 4 0 0 syz-executor.2 prctl_set_mm+0x245/0xd70 kernel/sys.c:2061 [12534] 0 12534 18146 11610 30 4 0 0 syz-executor.1 [12535] 0 12535 18146 11611 31 4 0 0 syz-executor.5 [12560] 0 12560 18146 11610 30 4 0 0 syz-executor.1 [12561] 0 12561 18146 11611 31 4 0 0 syz-executor.2 [12562] 0 12562 18146 11611 31 4 0 0 syz-executor.5 [12589] 0 12589 18146 11610 30 4 0 0 syz-executor.1 [12591] 0 12591 18146 11611 31 4 0 0 syz-executor.2 [12592] 0 12592 18146 11611 31 4 0 0 syz-executor.5 [12612] 0 12612 18146 11610 30 4 0 0 syz-executor.1 [12613] 0 12613 18146 11611 31 4 0 0 syz-executor.2 SYSC_prctl kernel/sys.c:2490 [inline] SyS_prctl+0x3eb/0x12d0 kernel/sys.c:2346 [12614] 0 12614 18146 11611 31 4 0 0 syz-executor.5 [12640] 0 12640 18146 11611 31 4 0 0 syz-executor.5 do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289 Showing all locks held in the system: 1 lock held by init/1: #0: [12641] 0 12641 18146 11610 30 4 0 0 syz-executor.1 ( [12643] 0 12643 18146 11611 31 4 0 0 syz-executor.2 &ei->i_mmap_sem){++++}, at: [<00000000d65b79a5>] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6184 1 lock held by khungtaskd/23: #0: (tasklist_lock){.+.+}, at: [<00000000d65cd1f0>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4544 2 locks held by getty/1760: #0: (&tty->ldisc_sem){++++}, at: [<00000000b80559ab>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:275 #1: [12666] 0 12666 18146 11611 31 4 0 0 syz-executor.2 ( [12667] 0 12667 18146 11611 31 4 0 0 syz-executor.5 &ldata->atomic_read_lock [12668] 0 12668 18146 11610 30 4 0 0 syz-executor.1 ){+.+.} [12680] 0 12680 18146 11611 31 4 0 0 syz-executor.2 , at: [<000000001a08091c>] n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156 1 lock held by syz-fuzzer/1802: #0: (&ei->i_mmap_sem){++++}, at: [<00000000d65b79a5>] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6184 1 lock held by syz-executor.3/26709: [12700] 0 12700 18146 11611 31 4 0 0 syz-executor.5 #0: [12699] 0 12699 18146 11611 31 4 0 0 syz-executor.2 ( [12701] 0 12701 18146 11610 30 4 0 0 syz-executor.1 &mm->mmap_sem){++++}, at: [<0000000067c6747e>] __do_page_fault+0x871/0xb80 arch/x86/mm/fault.c:1361 1 lock held by syz-executor.3/26711: #0: (&mm->mmap_sem){++++}, at: [<000000007908aead>] prctl_set_mm+0x245/0xd70 kernel/sys.c:2061 1 lock held by syz-executor.1/26724: #0: (&mm->mmap_sem){++++}, at: [<0000000055fbe127>] vm_mmap_pgoff+0x147/0x1c0 mm/util.c:331 1 lock held by syz-executor.1/26727: #0: (&mm->mmap_sem){++++}, at: [<000000007908aead>] prctl_set_mm+0x245/0xd70 kernel/sys.c:2061 ============================================= NMI backtrace for cpu 1 [12723] 0 12723 18146 11611 31 4 0 0 syz-executor.5 CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.111+ #52 [12724] 0 12724 18146 11610 30 4 0 0 syz-executor.1 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xb9/0x10e lib/dump_stack.c:53 nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 26692 Comm: getty Not tainted 4.14.111+ #52 task: 00000000d2512c6e task.stack: 00000000eaee1b33 RIP: 0010:arch_local_save_flags arch/x86/include/asm/paravirt.h:773 [inline] RIP: 0010:__lock_acquire+0x123/0x3fa0 kernel/locking/lockdep.c:3362 RSP: 0000:ffff8881dba07b98 EFLAGS: 00000046 RAX: 0000000000000003 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000004 RSI: 0000000000000000 RDI: ffff8881dba22858 RBP: ffff8881dba07d58 R08: 0000000000000001 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881dba22858 R13: 0000000000000001 R14: 0000000000000000 R15: ffff8881a5300000 FS: 00007f9c58d29700(0000) GS:ffff8881dba00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbdeff68fc0 CR3: 00000000715be005 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: Code: 03 0f b6 14 02 48 c7 c0 e0 e5 c0 97 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 c8 0e 00 00 44 8b 1d 73 4a 81 03 45 85 db 75 10 9c <58> 0f 1f 44 00 00 f6 c4 02 0f 85 fe 0c 00 00 44 8b 15 17 67 2c