[24127] 0 24127 18278 8979 27 4 0 0 syz-executor3 [24247] 0 24247 18179 8970 27 4 0 0 syz-executor3 [24258] 0 24258 18179 8970 27 4 0 0 syz-executor3 [24410] 0 24410 18113 8967 26 4 0 1000 syz-executor2 [24493] 0 24493 18245 8997 27 4 0 1000 syz-executor1 INFO: task syz-executor2:28106 blocked for more than 140 seconds. [24512] 0 24512 18245 8997 27 4 0 1000 syz-executor1 [24592] 0 24592 18179 8970 27 4 0 0 syz-executor3 [24661] 0 24661 18113 8965 26 4 0 1000 syz-executor0 [24816] 0 24816 18113 8742 25 3 0 1000 syz-executor2 [24821] 0 24821 18146 8744 25 3 0 1000 syz-executor2 [24850] 0 24850 18179 8747 25 3 0 0 syz-executor5 [24853] 0 24853 18179 8747 25 3 0 0 syz-executor5 [24858] 0 24858 18245 8751 26 3 0 0 syz-executor5 [24884] 0 24884 18146 8968 26 4 0 0 syz-executor5 Not tainted 4.14.94+ #12 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor2 D30008 28106 1858 0x00000004 Call Trace: [25192] 0 25192 18245 8960 26 4 0 1000 syz-executor2 [25215] 0 25215 18245 8960 26 4 0 1000 syz-executor2 schedule+0x92/0x1c0 kernel/sched/core.c:3490 __lock_sock+0x12b/0x220 net/core/sock.c:2237 [25311] 0 25311 18111 8745 25 3 0 1000 syz-executor2 [25324] 0 25324 18146 8744 25 3 0 0 syz-executor3 lock_sock_nested+0xe1/0x100 net/core/sock.c:2761 [25347] 0 25347 18179 8746 26 3 0 0 syz-executor3 lock_sock include/net/sock.h:1456 [inline] packet_setsockopt+0xed5/0x2830 net/packet/af_packet.c:3863 [25367] 0 25367 18113 8983 26 4 0 1000 syz-executor1 [25512] 0 25512 18146 8972 26 4 0 1000 syz-executor2 [25570] 0 25570 18212 8972 27 4 0 0 syz-executor3 [25670] 0 25670 18179 8972 25 4 0 1000 syz-executor2 [25853] 0 25853 18146 8968 26 4 0 0 syz-executor3 [26216] 0 26216 18146 8968 26 4 0 1000 syz-executor0 Showing all locks held in the system: [26232] 0 26232 18146 8988 27 4 0 1000 syz-executor1 1 lock held by khungtaskd/23: #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541 2 locks held by getty/1761: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:275 #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156 1 lock held by syz-executor0/5312: #0: (&sig->cred_guard_mutex){+.+.}, at: [] prepare_bprm_creds+0x51/0x110 fs/exec.c:1389 [26300] 0 26300 18144 8743 24 3 0 0 syz-executor3 1 lock held by syz-executor1/7062: #0: (&sig->cred_guard_mutex){+.+.}, at: [] prepare_bprm_creds+0x51/0x110 fs/exec.c:1389 1 lock held by syz-executor0/19883: #0: (&sig->cred_guard_mutex){+.+.}, at: [] prepare_bprm_creds+0x51/0x110 fs/exec.c:1389 1 lock held by syz-executor1/29401: #0: (&sig->cred_guard_mutex){+.+.}, at: [] prepare_bprm_creds+0x51/0x110 fs/exec.c:1389 4 locks held by kworker/u4:22/9534: #0: ("%s""netns"){+.+.}, at: [] process_one_work+0x6e5/0x14e0 kernel/workqueue.c:2085 #1: (net_cleanup_work){+.+.}, at: [] process_one_work+0x71b/0x14e0 kernel/workqueue.c:2089 #2: (net_mutex){+.+.}, at: [] cleanup_net+0x136/0x860 net/core/net_namespace.c:449 [26307] 0 26307 18177 8745 25 3 0 0 syz-executor3 #3: (rcu_preempt_state.barrier_mutex){+.+.}, at: [] _rcu_barrier+0x56/0x3e0 kernel/rcu/tree.c:3538 ============================================= [26695] 0 26695 18344 9004 27 4 0 1000 syz-executor1 [26706] 0 26706 18179 8974 26 4 0 0 syz-executor4 [26719] 0 26719 18344 9004 27 4 0 1000 syz-executor1 [26750] 0 26750 18245 8973 26 4 0 1000 syz-executor0 [26817] 0 26817 18179 8992 27 4 0 1000 syz-executor1 [26912] 0 26912 18179 13266 33 3 0 0 syz-executor3 [26914] 0 26914 18179 9715 27 3 0 0 syz-executor3 [26965] 0 26965 18113 8744 25 3 0 1000 syz-executor1 [26980] 0 26980 18212 8751 26 3 0 1000 syz-executor1 [26986] 0 26986 18216 11839 31 4 0 0 syz-executor5 [27044] 0 27044 18146 8971 27 4 0 0 syz-executor5 [27143] 0 27143 18179 8976 26 4 0 0 syz-executor4 [27158] 0 27158 18113 8742 25 3 0 0 syz-executor5 [27182] 0 27182 18179 8748 25 3 0 0 syz-executor5 NMI backtrace for cpu 1 CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.94+ #12 Call Trace: [27392] 0 27392 18179 8972 26 4 0 1000 syz-executor0 __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xb9/0x10e lib/dump_stack.c:53 nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101 [27717] 0 27717 18113 8746 26 3 0 1000 syz-executor2 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 1633 Comm: rsyslogd Not tainted 4.14.94+ #12 task: ffff8881d5249780 task.stack: ffff8881d4fe8000 RIP: 0010:rcu_read_unlock_sched_notrace include/linux/rcupdate.h:777 [inline] RIP: 0010:trace_lock_acquire include/trace/events/lock.h:13 [inline] RIP: 0010:lock_acquire+0x1a3/0x380 kernel/locking/lockdep.c:3990 RSP: 0000:ffff8881d4fef078 EFLAGS: 00000082 RAX: 0000000000000000 RBX: 0000000000000046 RCX: 1ffffffff13c2328 RDX: 0000000000000001 RSI: 1ffffffff1359484 RDI: ffff8881d5249fac RBP: ffff88819d2b1c60 R08: 0000000000000000 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 FS: 00007fb210fc6700(0000) GS:ffff8881dba00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000043120a CR3: 00000001d58b4003 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x42/0x60 kernel/locking/spinlock.c:160 __remove_mapping+0x9e/0x560 mm/vmscan.c:680 shrink_page_list+0x1870/0x32b0 mm/vmscan.c:1311 shrink_inactive_list+0x39a/0x1170 mm/vmscan.c:1816 shrink_list mm/vmscan.c:2175 [inline] shrink_node_memcg+0x5f9/0x1320 mm/vmscan.c:2440 shrink_node+0x2fa/0xbf0 mm/vmscan.c:2632 shrink_zones mm/vmscan.c:2814 [inline] do_try_to_free_pages+0x350/0xd80 mm/vmscan.c:2876 try_to_free_pages+0x20a/0x6c0 mm/vmscan.c:3082 __perform_reclaim mm/page_alloc.c:3593 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:3614 [inline] __alloc_pages_slowpath mm/page_alloc.c:4001 [inline] __alloc_pages_nodemask+0xac8/0x22e0 mm/page_alloc.c:4210 __alloc_pages include/linux/gfp.h:461 [inline] __alloc_pages_node include/linux/gfp.h:474 [inline] alloc_pages_node include/linux/gfp.h:488 [inline] __page_cache_alloc include/linux/pagemap.h:226 [inline] page_cache_read mm/filemap.c:2286 [inline] filemap_fault+0x900/0x14a0 mm/filemap.c:2470 ext4_filemap_fault+0x84/0xb0 fs/ext4/inode.c:6185 __do_fault+0x100/0x380 mm/memory.c:3217 do_read_fault mm/memory.c:3627 [inline] do_fault mm/memory.c:3753 [inline] handle_pte_fault mm/memory.c:3983 [inline] __handle_mm_fault+0x9a0/0x2640 mm/memory.c:4107 handle_mm_fault+0x2e0/0x6c9 mm/memory.c:4144 __do_page_fault+0x466/0xb80 arch/x86/mm/fault.c:1425 page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1104 RIP: 0000:0x9cc RSP: 0006:00007fb2127fb5a0 EFLAGS: 00000000 Code: 01 62 78 48 8b 05 5e 15 63 02 e8 89 ee 03 00 4c 8b 14 24 85 c0 74 0d 80 3d 84 f3 62 02 00 0f 84 22 01 00 00 65 ff 0d 6d 01 62 78 <0f> 85 39 ff ff ff e8 e8 43 e0 ff e9 2f ff ff ff 65 8b 05 36 a4