binder: 11587:11589 transaction failed 29189/-22, size 0-0 line 3013
binder: 11590:11591 transaction failed 29189/-22, size 0-0 line 3013
binder: 11590:11592 transaction failed 29189/-22, size 0-0 line 3013
binder: 11593:11594 transaction failed 29189/-22, size 0-0 line 3013
binder: 11593:11595 transaction failed 29189/-22, size 0-0 line 3013
INFO: task init:21161 blocked for more than 140 seconds.
      Not tainted 4.9.141+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
init            D29336 21161      1 0x00000000
 ffff8801cbdb8000 0000000000000000 ffff8801cc4d9080 ffff8801d9c20000
 ffff8801db721018 ffff8801cbd0f738 ffffffff828075c2 0000000000000000
 ffff8801cbdb88b0 ffffed00397b7115 00ff8801cbdb8000 ffff8801db7218f0
Call Trace:
 [<ffffffff82808aef>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
 [<ffffffff828094a3>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3586
 [<ffffffff8280b51d>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<ffffffff8280b51d>] mutex_lock_nested+0x38d/0x900 kernel/locking/mutex.c:621
 [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
 [<ffffffff81517bdd>] chrdev_open+0x22d/0x5c0 fs/char_dev.c:392
 [<ffffffff81501e3f>] do_dentry_open+0x3ef/0xc90 fs/open.c:766
 [<ffffffff8150576c>] vfs_open+0x11c/0x210 fs/open.c:879
 [<ffffffff8153c542>] do_last fs/namei.c:3410 [inline]
 [<ffffffff8153c542>] path_openat+0x542/0x2790 fs/namei.c:3534
 [<ffffffff81541617>] do_filp_open+0x197/0x270 fs/namei.c:3568
 [<ffffffff8150617d>] do_sys_open+0x30d/0x5c0 fs/open.c:1072
 [<ffffffff8150645d>] SYSC_open fs/open.c:1090 [inline]
 [<ffffffff8150645d>] SyS_open+0x2d/0x40 fs/open.c:1085
 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
 [<ffffffff82817893>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Showing all locks held in the system:
2 locks held by khungtaskd/24:
 #0:  (rcu_read_lock){......}, at: [<ffffffff8131c0cc>] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
 #0:  (rcu_read_lock){......}, at: [<ffffffff8131c0cc>] watchdog+0x11c/0xa20 kernel/hung_task.c:239
 #1:  (tasklist_lock){.+.+..}, at: [<ffffffff813fe63f>] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
1 lock held by rsyslogd/1909:
 #0:  (&f->f_pos_lock){+.+.+.}, at: [<ffffffff8156cc7c>] __fdget_pos+0xac/0xd0 fs/file.c:781
2 locks held by getty/2037:
 #0:  (&tty->ldisc_sem){++++++}, at: [<ffffffff82815952>] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
 #1:  (
binder: 11596:11597 transaction failed 29189/-22, size 0-0 line 3013
&ldata->atomic_read_lock){+.+...}, at: [<ffffffff81d37362>] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/21162:
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/21163:
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/21164:
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/21165:
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/21166:
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
 #0:  (tty_mutex){+.+.+.}, at: [<ffffffff81d2bb96>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #1
 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001
 0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40
 ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000002
Call Trace:
 [<ffffffff81b42e79>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81b42e79>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff81b4df89>] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99
 [<ffffffff81b4df1c>] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60
 [<ffffffff810984b4>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<ffffffff8131c65d>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<ffffffff8131c65d>] check_hung_task kernel/hung_task.c:125 [inline]
 [<ffffffff8131c65d>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
 [<ffffffff8131c65d>] watchdog+0x6ad/0xa20 kernel/hung_task.c:239
 [<ffffffff81142c3d>] kthread+0x26d/0x300 kernel/kthread.c:211
 [<ffffffff82817a5c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 11597 Comm: syz-executor444 Not tainted 4.9.141+ #1
task: ffff880163cf97c0 task.stack: ffff880159d78000
RIP: 0010:[<ffffffff8155d3e0>] 
c [<ffffffff8155d3e0>] d_lookup+0x0/0x130 fs/dcache.c:2245
RSP: 0018:ffff880159d7f668  EFLAGS: 00000293
RAX: ffff880163cf97c0 RBX: ffff8801d9190580 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff880159d7f710 RDI: ffff8801d9190580
RBP: ffff880159d7f690 R08: ffffed002b3afeba R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000003 R12: ffff880159d7f710
R13: 0000000000000000 R14: 0000000000000000 R15: ffff8801d9190580
FS:  00007f7d3587b700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f7d35859e78 CR3: 000000015a2fa000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffffffff8152a976
c 0000000000000001
c ffff880159d7f895
c ffff8801d9190580
c
 ffff880159d7f710
c ffff880159d7f6c8
c ffffffff8153645b
c ffffffff8152bc46
c
 ffff880159d7f895
c ffff880159d7f895
c 0000000000000000
c ffff880159d7f895
c
Call Trace:
 [<ffffffff8153645b>] __lookup_hash+0x2b/0x190 fs/namei.c:1533
 [<ffffffff815368ca>] lookup_one_len2+0x30a/0x410 fs/namei.c:2480
 [<ffffffff815369f7>] lookup_one_len+0x27/0x30 fs/namei.c:2486
 [<ffffffff81891ced>] start_creating+0xad/0x1d0 fs/debugfs/inode.c:275
 [<ffffffff81891e63>] __debugfs_create_file+0x53/0x3d0 fs/debugfs/inode.c:314
 [<ffffffff81892237>] debugfs_create_file+0x57/0x70 fs/debugfs/inode.c:365
 [<ffffffff821f3c3b>] binder_open+0x68b/0x8d0 drivers/android/binder.c:5027
 [<ffffffff81d89225>] misc_open+0x385/0x510 drivers/char/misc.c:153
 [<ffffffff81517bdd>] chrdev_open+0x22d/0x5c0 fs/char_dev.c:392
 [<ffffffff81501e3f>] do_dentry_open+0x3ef/0xc90 fs/open.c:766
 [<ffffffff8150576c>] vfs_open+0x11c/0x210 fs/open.c:879
 [<ffffffff8153c542>] do_last fs/namei.c:3410 [inline]
 [<ffffffff8153c542>] path_openat+0x542/0x2790 fs/namei.c:3534
 [<ffffffff81541617>] do_filp_open+0x197/0x270 fs/namei.c:3568
 [<ffffffff8150617d>] do_sys_open+0x30d/0x5c0 fs/open.c:1072
 [<ffffffff8150645d>] SYSC_open fs/open.c:1090 [inline]
 [<ffffffff8150645d>] SyS_open+0x2d/0x40 fs/open.c:1085
 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
 [<ffffffff82817893>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: 
cff 
cff 
c4c 
c89 
ce7 
ce8 
ca1 
c5c 
cf9 
cff 
ce9 
ca3 
cfd 
cff 
cff 
c4c 
c89 
ce7 
ce8 
c94 
c5c 
cf9 
cff 
ce9 
c9b 
cfa 
cff 
cff 
c48 
c8b 
c7d 
c88 
ce8 
c86 
c5c 
cf9 
cff 
ce9 
ce1 
cfd 
cff 
cff 
c90 
c<55> 
c48 
c89 
ce5 
c41 
c57 
c49 
c89 
cff 
c41 
c56 
c41 
c55 
c41 
c54 
c49 
cc7 
cc4 
c40 
cdd 
c00 
c
binder: 11596:11598 transaction failed 29189/-22, size 0-0 line 3013