Killed process 7721 (syz-executor900) total-vm:17872kB, anon-rss:16848kB, file-rss:0kB, shmem-rss:0kB
Out of memory: Kill process 7729 (syz-executor900) score 1002 or sacrifice child
Killed process 7729 (syz-executor900) total-vm:17872kB, anon-rss:16848kB, file-rss:0kB, shmem-rss:0kB
Out of memory: Kill process 7739 (syz-executor900) score 1002 or sacrifice child
Killed process 7739 (syz-executor900) total-vm:17872kB, anon-rss:16848kB, file-rss:0kB, shmem-rss:0kB
INFO: task kworker/u4:1:64 blocked for more than 140 seconds.
Not tainted 4.9.135+ #62
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:1 D23304 64 2 0x80000000
Workqueue: netns cleanup_net
ffff8801d7845f00 ffff8801cc3bee00 ffff8801cc3bee00 ffff8801cc0c97c0
ffff8801db721018 ffff8801d79af5d0 ffffffff828067a2 ffffffff83ccf600
ffffffff00000000 fffffbfff0848da8 005164f000000001 ffff8801db7218f0
Call Trace:
[<ffffffff82807ccf>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
[<ffffffff82813475>] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771
[<ffffffff828097ef>] do_wait_for_common kernel/sched/completion.c:75 [inline]
[<ffffffff828097ef>] __wait_for_common kernel/sched/completion.c:93 [inline]
[<ffffffff828097ef>] wait_for_common+0x3ef/0x5d0 kernel/sched/completion.c:101
[<ffffffff828099e8>] wait_for_completion+0x18/0x20 kernel/sched/completion.c:122
[<ffffffff8124ae21>] _rcu_barrier+0x231/0x340 kernel/rcu/tree.c:3701
[<ffffffff8124af80>] rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:698
[<ffffffff8231acf0>] netdev_run_todo+0x110/0x770 net/core/dev.c:7542
[<ffffffff82340d1e>] rtnl_unlock+0xe/0x10 net/core/rtnetlink.c:104
[<ffffffff827add22>] ip6_tnl_exit_net+0x3e2/0x5b0 net/ipv6/ip6_tunnel.c:2240
[<ffffffff822e38a0>] ops_exit_list.isra.0+0xb0/0x160 net/core/net_namespace.c:136
[<ffffffff822e6602>] cleanup_net+0x3f2/0x8b0 net/core/net_namespace.c:473
[<ffffffff81130d61>] process_one_work+0x831/0x1530 kernel/workqueue.c:2092
[<ffffffff81131b36>] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226
[<ffffffff811428dd>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff82816bdc>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Showing all locks held in the system:
2 locks held by khungtaskd/24:
#0: (rcu_read_lock){......}, at: [<ffffffff8131bb4c>] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
#0: (rcu_read_lock){......}, at: [<ffffffff8131bb4c>] watchdog+0x11c/0xa20 kernel/hung_task.c:239
#1: (tasklist_lock){.+.+..}, at: [<ffffffff813fe314>] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
4 locks held by kworker/u4:1/64:
#0: ("%s""netns"){.+.+.+}, at: [<ffffffff81130c6c>] process_one_work+0x73c/0x1530 kernel/workqueue.c:2085
#1: (net_cleanup_work){+.+.+.}, at: [<ffffffff81130ca4>] process_one_work+0x774/0x1530 kernel/workqueue.c:2089
#2: (net_mutex){+.+.+.}, at: [<ffffffff822e634f>] cleanup_net+0x13f/0x8b0 net/core/net_namespace.c:439
#3: (rcu_preempt_state.barrier_mutex){+.+...}, at: [<ffffffff8124ac4d>] _rcu_barrier+0x5d/0x340 kernel/rcu/tree.c:3637
4 locks held by kworker/1:2/622:
#0: ("events"){.+.+.+}, at: [<ffffffff81130c6c>] process_one_work+0x73c/0x1530 kernel/workqueue.c:2085
#1: ((&ns->proc_work)){+.+...}, at: [<ffffffff81130ca4>] process_one_work+0x774/0x1530 kernel/workqueue.c:2089
#2: (&type->s_umount_key#19){++++.+}, at: [<ffffffff81514509>] deactivate_super+0x89/0xd0 fs/super.c:340
#3: (shrinker_rwsem){++++..}, at: [<ffffffff81449678>] unregister_shrinker+0x58/0x230 mm/vmscan.c:300
1 lock held by rsyslogd/1892:
#0: (&f->f_pos_lock){+.+.+.}, at: [<ffffffff8156cc6c>] __fdget_pos+0xac/0xd0 fs/file.c:781
2 locks held by getty/2019:
#0: (&tty->ldisc_sem){++++++}, at: [<ffffffff82814af2>] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
#1: (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff81d36e52>] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
1 lock held by init/8890:
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/8891:
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/8892:
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/8893:
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/8894:
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by init/8895:
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline]
#0: (tty_mutex){+.+.+.}, at: [<ffffffff81d2b686>] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130
1 lock held by syz-executor900/9646:
#0: (&mm->mmap_sem){++++++}, at: [<ffffffff81469e08>] vm_mmap_pgoff+0x128/0x1b0 mm/util.c:327
1 lock held by syz-executor900/9647:
#0: (&mm->mmap_sem){++++++}, at: [<ffffffff81491fa7>] __mm_populate+0x257/0x350 mm/gup.c:1136
1 lock held by syz-executor900/9652:
#0: (&mm->mmap_sem){++++++}, at: [<ffffffff81469e08>] vm_mmap_pgoff+0x128/0x1b0 mm/util.c:327
1 lock held by syz-executor900/9653:
#0: (&mm->mmap_sem){++++++}, at: [<ffffffff81491fa7>] __mm_populate+0x257/0x350 mm/gup.c:1136
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.135+ #62
ffff8801d9907d08 ffffffff81b42a19 0000000000000000 0000000000000000
0000000000000000 0000000000000001 ffffffff81098330 ffff8801d9907d40
ffffffff81b4db29 0000000000000000 0000000000000000 0000000000000003
Call Trace:
[<ffffffff81b42a19>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81b42a19>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff81b4db29>] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99
[<ffffffff81b4dabc>] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60
[<ffffffff81098434>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
[<ffffffff8131c0dd>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
[<ffffffff8131c0dd>] check_hung_task kernel/hung_task.c:125 [inline]
[<ffffffff8131c0dd>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
[<ffffffff8131c0dd>] watchdog+0x6ad/0xa20 kernel/hung_task.c:239
[<ffffffff811428dd>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff82816bdc>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 2159 Comm: syz-executor900 Not tainted 4.9.135+ #62
task: ffff8801cc0c97c0 task.stack: ffff8801c5610000
RIP: 0010:[<ffffffff81b702ba>] �c [<ffffffff81b702ba>] __const_udelay+0x2a/0x30 arch/x86/lib/delay.c:174
RSP: 0018:ffff8801c56170d8 EFLAGS: 00000082
RAX: 0000000080000001 RBX: ffffffff84b5db20 RCX: 0000000000000000
RDX: 0000000000000002 RSI: ffffffff81ba789b RDI: ffffffff841ed840
RBP: ffff8801c56170d8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 000000000000270e
R13: 0000000000000020 R14: fffffbfff096bbab R15: fffffbfff096bb6d
FS: 0000000002229880(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000022328b8 CR3: 00000001cb08d000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
ffff8801c5617128�c ffffffff81d643ff�c ffffffff81b6c908�c ffffffff84b5db68�c
ffffffff84b5dd5a�c ffffffff84b5db20�c 000000000000005d�c ffffffff81d64570�c
dffffc0000000000�c 000000000000005d�c ffff8801c5617148�c ffffffff81d6458f�c
Call Trace:
[<ffffffff81d643ff>] wait_for_xmitr+0x6f/0x1e0 drivers/tty/serial/8250/8250_port.c:2005
[<ffffffff81d6458f>] serial8250_console_putchar+0x1f/0x60 drivers/tty/serial/8250/8250_port.c:3103
[<ffffffff81d4c9a9>] uart_console_write+0x59/0xf0 drivers/tty/serial/serial_core.c:1866
[<ffffffff81d6f7a8>] serial8250_console_write+0x528/0x820 drivers/tty/serial/8250/8250_port.c:3169
[<ffffffff81d5d1bf>] univ8250_console_write+0x5f/0x70 drivers/tty/serial/8250/8250_core.c:594
[<ffffffff8122337d>] call_console_drivers.isra.0.constprop.15+0x1ad/0x360 kernel/printk/printk.c:1589
[<ffffffff812260af>] console_unlock+0x47f/0xb50 kernel/printk/printk.c:2449
[<ffffffff81226bc8>] vprintk_emit+0x448/0x790 kernel/printk/printk.c:1903
[<ffffffff81226f38>] vprintk+0x28/0x30 kernel/printk/printk.c:1913
[<ffffffff81226f5d>] vprintk_default+0x1d/0x30 kernel/printk/printk.c:1914
[<ffffffff81402ea2>] vprintk_func kernel/printk/internal.h:36 [inline]
[<ffffffff81402ea2>] printk+0xaf/0xd7 kernel/printk/printk.c:1975
[<ffffffff8222d57f>] lowmem_scan.cold.1+0x1f9/0x35b drivers/staging/android/lowmemorykiller.c:177
[<ffffffff81449c16>] do_shrink_slab mm/vmscan.c:398 [inline]
[<ffffffff81449c16>] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501
[<ffffffff8145574d>] shrink_slab mm/vmscan.c:465 [inline]
[<ffffffff8145574d>] shrink_node+0x1ed/0x740 mm/vmscan.c:2602
[<ffffffff81456017>] shrink_zones mm/vmscan.c:2749 [inline]
[<ffffffff81456017>] do_try_to_free_pages mm/vmscan.c:2791 [inline]
[<ffffffff81456017>] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002
[<ffffffff81428951>] __perform_reclaim mm/page_alloc.c:3324 [inline]
[<ffffffff81428951>] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline]
[<ffffffff81428951>] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline]
[<ffffffff81428951>] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862
[<ffffffff814eb737>] __alloc_pages include/linux/gfp.h:433 [inline]
[<ffffffff814eb737>] __alloc_pages_node include/linux/gfp.h:446 [inline]
[<ffffffff814eb737>] alloc_slab_page mm/slub.c:1408 [inline]
[<ffffffff814eb737>] allocate_slab mm/slub.c:1557 [inline]
[<ffffffff814eb737>] new_slab+0x367/0x3d0 mm/slub.c:1635
[<ffffffff814ed8cd>] new_slab_objects mm/slub.c:2419 [inline]
[<ffffffff814ed8cd>] ___slab_alloc.constprop.33+0x2ed/0x470 mm/slub.c:2576
[<ffffffff814edaa0>] __slab_alloc.isra.25.constprop.32+0x50/0xa0 mm/slub.c:2618
[<ffffffff814edd02>] slab_alloc_node mm/slub.c:2681 [inline]
[<ffffffff814edd02>] slab_alloc mm/slub.c:2723 [inline]
[<ffffffff814edd02>] kmem_cache_alloc+0x212/0x2b0 mm/slub.c:2728
[<ffffffff8153ec98>] getname_flags+0xc8/0x550 fs/namei.c:137
[<ffffffff8153f139>] getname+0x19/0x20 fs/namei.c:208
[<ffffffff8150606b>] do_sys_open+0x20b/0x5c0 fs/open.c:1066
[<ffffffff8150644d>] SYSC_open fs/open.c:1090 [inline]
[<ffffffff8150644d>] SyS_open+0x2d/0x40 fs/open.c:1085
[<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
[<ffffffff82816a13>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: �c00 �c55 �c48 �c8d �c0c �cbd �c00 �c00 �c00 �c00 �c65 �c48 �c8b �c15 �c67 �c5e �c4a �c7e �c48 �c8d �c14 �c92 �c48 �c89 �ce5 �c48 �c89 �cc8 �c48 �c8d �c14 �c92 �cf7 �ce2 �c48 �c8d �c7a �c01 �ce8 �cb6 �cff �cff �cff �c<5d> �cc3 �c0f �c1f �c40 �c00 �c48 �c69 �ccf �c1c �c43 �c00 �c00 �c55 �c65 �c48 �c8b �c15 �c38 �c5e �c4a �c