Free memory is -256kB above reserved lowmemorykiller: Killing 'syz-executor.4' (25450) (tgid 25450), adj 1000, to free 36088kB on behalf of 'syz-executor.4' (23038) because cache -92728kB is below limit 6144kB for oom_score_adj 0 Free memory is -4896kB above reserved INFO: task kworker/1:0:18 blocked for more than 140 seconds. Not tainted 4.9.141+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/1:0 D29288 18 2 0x80000000 Workqueue: events proc_cleanup_work ffff8801da6f4740 ffff88008e552100 ffff880180e99b80 ffff88008e6717c0 ffff8801db721018 ffff8801da7177f0 ffffffff828075c2 ffffffff83c35368 0000000041b58ab3 ffffffff82e33920 00ffffff83c7a620 ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771 [] do_wait_for_common kernel/sched/completion.c:75 [inline] [] __wait_for_common kernel/sched/completion.c:93 [inline] [] wait_for_common+0x3ef/0x5d0 kernel/sched/completion.c:101 [] wait_for_completion+0x18/0x20 kernel/sched/completion.c:122 [] __wait_rcu_gp+0x137/0x1b0 kernel/rcu/update.c:369 [] synchronize_rcu.part.55+0xfa/0x110 kernel/rcu/tree_plugin.h:684 [] synchronize_rcu+0x27/0x90 kernel/rcu/tree_plugin.h:685 [] kern_unmount+0x57/0xd0 fs/namespace.c:3344 [] pid_ns_release_proc+0x37/0x50 fs/proc/root.c:227 [] proc_cleanup_work+0x19/0x20 kernel/pid_namespace.c:76 [] process_one_work+0x831/0x15f0 kernel/workqueue.c:2092 [] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Showing all locks held in the system: 2 locks held by kworker/u4:0/6: #0: ("events_unbound"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((reaper_work).work){+.+...}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 2 locks held by kworker/1:0/18: #0: ("events"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((&ns->proc_work)){+.+...}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1907: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 2 locks held by getty/2035: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+.+.}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor.4/25450: #0: (&mapping->i_mmap_rwsem){++++.-}, at: [] i_mmap_lock_write include/linux/fs.h:524 [inline] #0: (&mapping->i_mmap_rwsem){++++.-}, at: [] unlink_file_vma+0x75/0xb0 mm/mmap.c:156 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #1 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4df89 0000000000000000 0000000000000000 0000000000000002 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 2294 Comm: syz-executor.4 Not tainted 4.9.141+ #1 task: ffff8800858c2f80 task.stack: ffff8800858f0000 RIP: 0010:[] c [] debug_lockdep_rcu_enabled.part.0+0x1f/0x60 kernel/rcu/update.c:265 RSP: 0018:ffff8800858f73b0 EFLAGS: 00000202 RAX: dffffc0000000000 RBX: ffff8800858c2f80 RCX: 0000000000000000 RDX: 0000000000000004 RSI: ffffffff8141a08d RDI: ffff8800858c382c RBP: ffff8800858f73b8 R08: ffff8800858c38c8 R09: ced7b85aa16a7d2e R10: ffff8800858c2f80 R11: 0000000000000001 R12: ffff8800b6ff0000 R13: dffffc0000000000 R14: ffff8800b6ff07c0 R15: ffff8800b6ff0738 FS: 00007f1d95b44700(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000007 CR3: 000000008586e000 CR4: 00000000001606b0 Stack: ffff8800b6ff0000c ffff8800858f73c8c ffffffff81243c87c ffff8800858f7410c ffffffff8141a092c ffffffff81419f70c ffffed0016dfe0e7c ffff8800b6ff0000c dffffc0000000000c ffff8800b6ff0418c ffff8800b6eb5f00c 0000000000000600c Call Trace: [] debug_lockdep_rcu_enabled+0x77/0x90 kernel/rcu/update.c:264 [] rcu_read_unlock include/linux/rcupdate.h:927 [inline] [] find_lock_task_mm+0x122/0x270 mm/oom_kill.c:122 [] lowmem_scan+0x34f/0xaf0 drivers/staging/android/lowmemorykiller.c:134 [] do_shrink_slab mm/vmscan.c:398 [inline] [] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [] shrink_slab mm/vmscan.c:465 [inline] [] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [] shrink_zones mm/vmscan.c:2749 [inline] [] do_try_to_free_pages mm/vmscan.c:2791 [inline] [] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [] __perform_reclaim mm/page_alloc.c:3324 [inline] [] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [] __alloc_pages include/linux/gfp.h:433 [inline] [] __alloc_pages_node include/linux/gfp.h:446 [inline] [] alloc_slab_page mm/slub.c:1408 [inline] [] allocate_slab mm/slub.c:1557 [inline] [] new_slab+0x367/0x3d0 mm/slub.c:1635 [] new_slab_objects mm/slub.c:2419 [inline] [] ___slab_alloc.constprop.33+0x2ed/0x470 mm/slub.c:2576 [] __slab_alloc.isra.25.constprop.32+0x50/0xa0 mm/slub.c:2618 [] slab_alloc_node mm/slub.c:2681 [inline] [] slab_alloc mm/slub.c:2723 [inline] [] kmem_cache_alloc+0x212/0x2b0 mm/slub.c:2728 [] kmem_cache_alloc_node include/linux/slab.h:364 [inline] [] alloc_task_struct_node kernel/fork.c:144 [inline] [] dup_task_struct kernel/fork.c:488 [inline] [] copy_process.part.8+0x1677/0x6a10 kernel/fork.c:1534 [] copy_process kernel/fork.c:1505 [inline] [] _do_fork+0x1b2/0xd30 kernel/fork.c:1972 [] sys_fork+0x1f/0x30 kernel/fork.c:2044 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c89 cdf ce8 cb5 cf4 c2a c00 ce9 ca7 cfe cff cff c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c55 c48 c89 ce5 c53 c65 c48 c8b c1c c25 c00 c7e c01 c00 c48 c8d cbb cac c08 c00 c00 c<48> c89 cfa c48 cc1 cea c03 c0f cb6 c14 c02 c48 c89 cf8 c83 ce0 c07 c83 cc0 c03 c38 c