INFO: task syz-executor1:12767 blocked for more than 140 seconds. Not tainted 4.11.0-rc5+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D28744 12767 6488 0x00000002 Call Trace: context_switch kernel/sched/core.c:2878 [inline] __schedule+0x935/0x1eb0 kernel/sched/core.c:3439 schedule+0x92/0x1b0 kernel/sched/core.c:3499 schedule_timeout+0x580/0xc30 kernel/time/timer.c:1688 do_wait_for_common kernel/sched/completion.c:77 [inline] __wait_for_common kernel/sched/completion.c:96 [inline] wait_for_common kernel/sched/completion.c:104 [inline] wait_for_completion+0x26b/0x3f0 kernel/sched/completion.c:125 kthread_stop+0xc2/0x610 kernel/kthread.c:521 vivid_stop_generating_vid_cap+0x195/0x6c0 drivers/media/platform/vivid/vivid-kthread-cap.c:931 vid_cap_stop_streaming+0x71/0xe0 drivers/media/platform/vivid/vivid-vid-cap.c:273 __vb2_queue_cancel+0x99/0x6e0 drivers/media/v4l2-core/videobuf2-core.c:1645 vb2_core_streamoff+0x62/0x140 drivers/media/v4l2-core/videobuf2-core.c:1769 __vb2_cleanup_fileio+0x69/0x150 drivers/media/v4l2-core/videobuf2-core.c:2283 vb2_core_queue_release+0xf/0x70 drivers/media/v4l2-core/videobuf2-core.c:2010 vb2_queue_release drivers/media/v4l2-core/videobuf2-v4l2.c:670 [inline] _vb2_fop_release+0x1af/0x260 drivers/media/v4l2-core/videobuf2-v4l2.c:841 vb2_fop_release+0x6a/0xd0 drivers/media/v4l2-core/videobuf2-v4l2.c:855 vivid_fop_release+0x163/0x400 drivers/media/platform/vivid/vivid-core.c:486 v4l2_release+0xeb/0x210 drivers/media/v4l2-core/v4l2-dev.c:446 __fput+0x25c/0x730 fs/file_table.c:209 ____fput+0x9/0x10 fs/file_table.c:245 task_work_run+0xd9/0x150 kernel/task_work.c:116 exit_task_work include/linux/task_work.h:21 [inline] do_exit+0x7c1/0x3050 kernel/exit.c:878 do_group_exit+0xf4/0x2f0 kernel/exit.c:982 get_signal+0x4b6/0x13b0 kernel/signal.c:2318 do_signal+0x7f/0x19c0 arch/x86/kernel/signal.c:808 exit_to_usermode_loop+0x12b/0x1c0 arch/x86/entry/common.c:157 prepare_exit_to_usermode arch/x86/entry/common.c:191 [inline] syscall_return_slowpath+0x24f/0x2d0 arch/x86/entry/common.c:260 entry_SYSCALL_64_fastpath+0xc4/0xc6 RIP: 0033:0x4578a9 RSP: 002b:00007ffe6568c288 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffdfc RBX: 000000000000002d RCX: 00000000004578a9 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000073bf0c RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 00007ffe6568c350 R11: 0000000000000246 R12: 00000000000003e8 R13: 000000000003b585 R14: 000000000003b558 R15: 000000000073bf0c Showing all locks held in the system: 2 locks held by khungtaskd/970: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:172 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x109/0x9e0 kernel/hung_task.c:243 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x70/0x280 kernel/locking/lockdep.c:4342 2 locks held by getty/6368: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 2 locks held by getty/6369: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 2 locks held by getty/6370: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 2 locks held by getty/6371: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 2 locks held by getty/6372: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 2 locks held by getty/6373: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 2 locks held by getty/6374: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x1d1/0x1660 drivers/tty/n_tty.c:2133 1 lock held by syz-executor0/9515: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_get+0x296/0xeb0 fs/block_dev.c:1554 2 locks held by blkid/9496: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_put+0xae/0x9e0 fs/block_dev.c:1869 #1: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_release+0x5c/0x120 drivers/block/loop.c:1570 2 locks held by blkid/9498: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_put+0xae/0x9e0 fs/block_dev.c:1869 #1: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_release+0x5c/0x120 drivers/block/loop.c:1570 1 lock held by syz-executor5/9513: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_get+0x296/0xeb0 fs/block_dev.c:1554 2 locks held by blkid/9506: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_put+0xae/0x9e0 fs/block_dev.c:1869 #1: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_release+0x5c/0x120 drivers/block/loop.c:1570 2 locks held by blkid/9507: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_put+0xae/0x9e0 fs/block_dev.c:1869 #1: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_release+0x5c/0x120 drivers/block/loop.c:1570 2 locks held by blkid/9510: #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_put+0xae/0x9e0 fs/block_dev.c:1869 #1: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_release+0x5c/0x120 drivers/block/loop.c:1570 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 970 Comm: khungtaskd Not tainted 4.11.0-rc5+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0xe6/0x120 lib/dump_stack.c:52 nmi_cpu_backtrace+0x137/0x160 lib/nmi_backtrace.c:100 nmi_trigger_cpumask_backtrace+0xf8/0x1a0 lib/nmi_backtrace.c:61 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 trigger_all_cpu_backtrace include/linux/nmi.h:95 [inline] check_hung_task kernel/hung_task.c:129 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:186 [inline] watchdog+0x62d/0x9e0 kernel/hung_task.c:243 kthread+0x2c9/0x3d0 kernel/kthread.c:229 ret_from_fork+0x31/0x40 arch/x86/entry/entry_64.S:430 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 9526 Comm: syz-executor4 Not tainted 4.11.0-rc5+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8801bede23c0 task.stack: ffff8801c00d0000 RIP: 0010:do_futex+0x17d/0x16b0 kernel/futex.c:3246 RSP: 0018:ffff8801c00d7e18 EFLAGS: 00000246 RAX: 0000000000000001 RBX: 1ffff1003801afd0 RCX: 0000000000000000 RDX: ffffed003801af96 RSI: ffff8801c00d7ba8 RDI: ffffed003801afbe RBP: ffff8801c00d7e38 R08: ffff8801dac25130 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 R13: ffff8801c00d7e10 R14: 00000000004bfda9 R15: 0000000000000000 FS: 00007f42b901a700(0000) GS:ffff8801dac00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 00000001c4541000 CR4: 00000000001406f0 Call Trace: SYSC_futex kernel/futex.c:3281 [inline] SyS_futex+0x1ac/0x280 kernel/futex.c:3249 entry_SYSCALL_64_fastpath+0x23/0xc6 RIP: 0033:0x4578a9 RSP: 002b:00007f42b9019cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: ffffffffffffffda RBX: 000000000073bf08 RCX: 00000000004578a9 RDX: 00000000004bfda9 RSI: 0000000000000081 RDI: 000000000073bf0c RBP: 0000000000000086 R08: 000000000000000e R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f42b901a6d4 R13: 00000000004c6003 R14: 00000000004dadb0 R15: 00000000ffffffff Code: ba 00 00 00 00 00 fc ff df 48 03 95 68 fe ff ff 31 c0 b9 05 00 00 00 48 89 d7 f3 48 ab 4c 89 e0 c7 07 00 00 00 00 48 8d 65 d8 5b <41> 5c 41 5d 41 5e 41 5f 5d c3 48 8b bd 70 fe ff ff 48 89 d9 44 kobject: 'loop1' (ffff8801d263b6e0): kobject_uevent_env kobject: 'loop1' (ffff8801d263b6e0): fill_kobj_path: path = '/devices/virtual/block/loop1'