Free memory is -31928kB above reserved lowmemorykiller: Killing 'syz-executor.1' (2379) (tgid 2379), adj 1000, to free 34844kB on behalf of 'kswapd0' (33) because cache 224kB is below limit 6144kB for oom_score_adj 0 Free memory is -31936kB above reserved INFO: task syz-executor.0:15187 blocked for more than 140 seconds. Not tainted 4.9.141+ #23 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D 28936 15187 2095 0xa0020006 ffff88017776dd80 ffff8801d46c6e00 ffff8801c83997c0 ffff8801db721018 ffff8801ac7d7798 ffffffff828075c2 0000000000000000 ffff8801ce9067b0 ffffed0039d20cf5 00ff8801ce905f00 ffff8801db7218f0Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3586 [] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [] mutex_lock_nested+0x38d/0x900 kernel/locking/mutex.c:621 [] tty_release+0xb79/0xe90 drivers/tty/tty_io.c:1938 [] __fput+0x263/0x700 fs/file_table.c:208 [] ____fput+0x15/0x20 fs/file_table.c:244 [] task_work_run+0x10c/0x180 kernel/task_work.c:116 [] exit_task_work include/linux/task_work.h:21 [inline] [] do_exit+0x78d/0x2a50 kernel/exit.c:833 [] do_group_exit+0x111/0x300 kernel/exit.c:937 [] get_signal+0x4e1/0x1460 kernel/signal.c:2321 [] do_signal+0x95/0x1b00 arch/x86/kernel/signal.c:807 [] exit_to_usermode_loop+0x10e/0x150 arch/x86/entry/common.c:158 [] prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] [] syscall_return_slowpath arch/x86/entry/common.c:263 [inline] [] do_syscall_32_irqs_on arch/x86/entry/common.c:334 [inline] [] do_fast_syscall_32+0x6dc/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 #0: (tty_mutex){+.+.+.}, at: [] tty_release+0xb79/0xe90 drivers/tty/tty_io.c:1938 #0: (tty_mutex){+.+.+.}, at: [] tty_release+0xb79/0xe90 drivers/tty/tty_io.c:1938 #0: (tty_mutex){+.+.+.}, at: [] tty_release+0xb79/0xe90 drivers/tty/tty_io.c:1938 #0: (tty_mutex){+.+.+.}, at: [] tty_release+0xb79/0xe90 drivers/tty/tty_io.c:1938 #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #23 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4df89 0000000000000000 0000000000000000 0000000000000003Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 2057 Comm: syz-fuzzer Not tainted 4.9.141+ #23 task: ffff8801d11e0000 task.stack: ffff8801d0a10000 RIP: 0010:[] c [] debug_lockdep_rcu_enabled.part.0+0x37/0x60 kernel/rcu/update.c:265 RSP: 0000:ffff8801d0a17268 EFLAGS: 00000002 RAX: 0000000000000007 RBX: ffff8801d11e0000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801d11e08ac RBP: ffff8801d0a17270 R08: 0000000000000001 R09: 0000000000000000 R10: ffff8801d11e0000 R11: 0000000000000000 R12: ffff8801cafa1f98 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 FS: 000000c420026e68(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000433130 CR3: 00000001d09a5000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: 0000000000000246c ffff8801d0a17280c ffffffff81243c87c ffff8801d0a172f8c ffffffff8120c93ec 0000000000000000c 0000000000000002c ffff8801d0a17318c ffff8801d0a172e8c ffffffff81ba7d7bc ffffffff81419f70c 0000000000000000c Call Trace: [] debug_lockdep_rcu_enabled+0x77/0x90 kernel/rcu/update.c:264 [] trace_lock_acquire include/trace/events/lock.h:12 [inline] [] lock_acquire+0x19e/0x3e0 kernel/locking/lockdep.c:3755 [] __raw_spin_lock include/linux/spinlock_api_smp.h:144 [inline] [] _raw_spin_lock+0x36/0x50 kernel/locking/spinlock.c:151 [] spin_lock include/linux/spinlock.h:302 [inline] [] task_lock include/linux/sched.h:3257 [inline] [] find_lock_task_mm+0xf1/0x270 mm/oom_kill.c:115 [] lowmem_scan+0x34f/0xaf0 drivers/staging/android/lowmemorykiller.c:134 [] do_shrink_slab mm/vmscan.c:398 [inline] [] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [] shrink_slab mm/vmscan.c:465 [inline] [] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [] shrink_zones mm/vmscan.c:2749 [inline] [] do_try_to_free_pages mm/vmscan.c:2791 [inline] [] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [] __perform_reclaim mm/page_alloc.c:3324 [inline] [] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [] __alloc_pages include/linux/gfp.h:433 [inline] [] __alloc_pages_node include/linux/gfp.h:446 [inline] [] alloc_pages_node include/linux/gfp.h:460 [inline] [] __page_cache_alloc include/linux/pagemap.h:208 [inline] [] __do_page_cache_readahead+0x21a/0x8b0 mm/readahead.c:183 [] ra_submit mm/internal.h:59 [inline] [] do_sync_mmap_readahead mm/filemap.c:2066 [inline] [] filemap_fault+0x924/0x1110 mm/filemap.c:2143 [] ext4_filemap_fault+0x71/0xa0 fs/ext4/inode.c:5853 [] __do_fault+0x223/0x500 mm/memory.c:2833 [] do_read_fault mm/memory.c:3180 [inline] [] do_fault mm/memory.c:3315 [inline] [] handle_pte_fault mm/memory.c:3516 [inline] [] __handle_mm_fault mm/memory.c:3603 [inline] [] handle_mm_fault+0x1326/0x2350 mm/memory.c:3640 [] __do_page_fault+0x403/0xa60 arch/x86/mm/fault.c:1406 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469 [] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:951 Code: c89 ce5 c53 c65 c48 c8b c1c c25 c00 c7e c01 c00 c48 c8d cbb cac c08 c00 c00 c48 c89 cfa c48 cc1 cea c03 c0f cb6 c14 c02 c48 c89 cf8 c83 ce0 c07 c83 cc0 c03 c38 cd0 c7c c04 c<84> cd2 c75 c10 c8b c93 cac c08 c00 c00 c31 cc0 c5b c5d c85 cd2 c0f c94 cc0 cc3 ce8 c