Free memory is -6440kB above reserved lowmemorykiller: Killing 'syz-executor752' (2724) (tgid 2724), adj 1000, to free 12172kB on behalf of 'kthreadd' (2) because cache 35616kB is below limit 65536kB for oom_score_adj 12 Free memory is -16kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 2, name: kthreadd 2 locks held by kthreadd/2: #0: (shrinker_rwsem){++++..}, at: [<00000000b07cc942>] shrink_slab.part.0+0xb2/0xa20 mm/vmscan.c:472 #1: (rcu_read_lock){......}, at: [<00000000308c8297>] lowmem_scan+0x242/0xb50 drivers/staging/android/lowmemorykiller.c:272 Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 2 Comm: kthreadd Not tainted 4.9.180+ #3 ffff8801da637490 ffffffff81b577f1 0000000000000000 0000000000000001 ffff8801da6017c0 ffffffff810d0c30 ffff8801da6017c0 ffff8801da6374c8 ffffffff8140008c ffff8801da6017c0 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000ffff1b21>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000ffff1b21>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000ffff1b21>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000ffff1b21>] alloc_thread_stack_node kernel/fork.c:212 [inline] [<00000000ffff1b21>] dup_task_struct kernel/fork.c:492 [inline] [<00000000ffff1b21>] copy_process.part.0+0x286/0x63f0 kernel/fork.c:1534 [<0000000072697b09>] copy_process kernel/fork.c:1505 [inline] [<0000000072697b09>] _do_fork+0x1b8/0xd40 kernel/fork.c:1985 [<00000000d3952164>] kernel_thread+0x34/0x40 kernel/fork.c:2049 [<0000000045437374>] create_kthread kernel/kthread.c:235 [inline] [<0000000045437374>] kthreadd+0x2b2/0x420 kernel/kthread.c:558 [<000000001752f0ee>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 ================================= [ INFO: inconsistent lock state ] 4.9.180+ #3 Tainted: G W --------------------------------- inconsistent {RECLAIM_FS-ON-W} -> {IN-RECLAIM_FS-R} usage. kthreadd/2 [HC0[0]:SC0[0]:HE1:SE1] takes: (&mm->mmap_sem){+++++?}, at: [<000000008d424a41>] get_cmdline+0xa3/0x2d0 mm/util.c:641 mark_held_locks+0xb1/0x100 kernel/locking/lockdep.c:2660 __lockdep_trace_alloc kernel/locking/lockdep.c:2882 [inline] lockdep_trace_alloc+0x18c/0x2b0 kernel/locking/lockdep.c:2897 __alloc_pages_nodemask+0x143/0x1a80 mm/page_alloc.c:3803 __alloc_pages include/linux/gfp.h:433 [inline] __alloc_pages_node include/linux/gfp.h:446 [inline] alloc_pages_node include/linux/gfp.h:460 [inline] pmd_alloc_one arch/x86/include/asm/pgalloc.h:88 [inline] __pmd_alloc+0x4a/0x330 mm/memory.c:3742 pmd_alloc include/linux/mm.h:1597 [inline] alloc_new_pmd mm/mremap.c:64 [inline] move_page_tables+0xadb/0xd60 mm/mremap.c:212 shift_arg_pages+0x1ae/0x470 fs/exec.c:642 setup_arg_pages+0x60d/0x7c0 fs/exec.c:754 load_elf_binary+0xa84/0x4a90 fs/binfmt_elf.c:860 search_binary_handler fs/exec.c:1621 [inline] search_binary_handler+0x14f/0x700 fs/exec.c:1599 exec_binprm fs/exec.c:1663 [inline] do_execveat_common.isra.0+0xf81/0x1db0 fs/exec.c:1785 do_execve+0x3a/0x50 fs/exec.c:1829 run_init_process+0x33/0x37 init/main.c:904 try_to_run_init_process+0x18/0x48 init/main.c:913 kernel_init+0xf2/0x163 init/main.c:984 ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 irq event stamp: 10591 hardirqs last enabled at (10591): [<00000000cbf5283d>] dump_stack+0x100/0x120 lib/dump_stack.c:56 hardirqs last disabled at (10590): [<00000000f2b3ab3b>] dump_stack+0x2c/0x120 lib/dump_stack.c:38 softirqs last enabled at (10512): [<000000007fd63dd2>] spin_unlock_bh include/linux/spinlock.h:352 [inline] softirqs last enabled at (10512): [<000000007fd63dd2>] wb_queue_work+0x1ed/0x450 fs/fs-writeback.c:203 softirqs last disabled at (10508): [<000000000a489210>] spin_lock_bh include/linux/spinlock.h:307 [inline] softirqs last disabled at (10508): [<000000000a489210>] wb_queue_work+0x90/0x450 fs/fs-writeback.c:195 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&mm->mmap_sem); lock(&mm->mmap_sem); *** DEADLOCK *** 3 locks held by kthreadd/2: #0: (shrinker_rwsem){++++..}, at: [<00000000b07cc942>] shrink_slab.part.0+0xb2/0xa20 mm/vmscan.c:472 #1: (rcu_read_lock){......}, at: [<00000000308c8297>] lowmem_scan+0x242/0xb50 drivers/staging/android/lowmemorykiller.c:272 #2: (lmk_event_lock){+.+.-.}, at: [<0000000072c84763>] spin_lock include/linux/spinlock.h:302 [inline] #2: (lmk_event_lock){+.+.-.}, at: [<0000000072c84763>] handle_lmk_event+0xfb/0x8a0 drivers/staging/android/lowmemorykiller.c:114 stack backtrace: CPU: 1 PID: 2 Comm: kthreadd Tainted: G W 4.9.180+ #3 ffff8801da6371d0 ffffffff81b577f1 00000000000000f0 ffff8801da6017c0 ffffffff83cad5b0 ffff8801da602108 ffffffff8424eec0 ffff8801da637248 ffffffff81406ac9 0000000000000000 ffffffff00000001 0000000000000001 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000baaaf949>] print_usage_bug kernel/locking/lockdep.c:2387 [inline] [<00000000baaaf949>] print_usage_bug.cold+0x452/0x5a2 kernel/locking/lockdep.c:2354 [<00000000d8ccef73>] valid_state kernel/locking/lockdep.c:2400 [inline] [<00000000d8ccef73>] mark_lock_irq kernel/locking/lockdep.c:2602 [inline] [<00000000d8ccef73>] mark_lock+0x6c7/0x12e0 kernel/locking/lockdep.c:3065 [<00000000d0bdc63a>] mark_irqflags kernel/locking/lockdep.c:2958 [inline] [<00000000d0bdc63a>] __lock_acquire+0x5c3/0x4350 kernel/locking/lockdep.c:3302 [<00000000419369e9>] lock_acquire+0x133/0x3d0 kernel/locking/lockdep.c:3756 [<0000000081573256>] down_read+0x44/0xb0 kernel/locking/rwsem.c:22 [<000000008d424a41>] get_cmdline+0xa3/0x2d0 mm/util.c:641 [<00000000455db0d5>] handle_lmk_event+0x13c/0x8a0 drivers/staging/android/lowmemorykiller.c:128 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000ffff1b21>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000ffff1b21>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000ffff1b21>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000ffff1b21>] alloc_thread_stack_node kernel/fork.c:212 [inline] [<00000000ffff1b21>] dup_task_struct kernel/fork.c:492 [inline] [<00000000ffff1b21>] copy_process.part.0+0x286/0x63f0 kernel/fork.c:1534 [<0000000072697b09>] copy_process kernel/fork.c:1505 [inline] [<0000000072697b09>] _do_fork+0x1b8/0xd40 kernel/fork.c:1985 [<00000000d3952164>] kernel_thread+0x34/0x40 kernel/fork.c:2049 [<0000000045437374>] create_kthread kernel/kthread.c:235 [inline] [<0000000045437374>] kthreadd+0x2b2/0x420 kernel/kthread.c:558 [<000000001752f0ee>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 lowmemorykiller: Killing 'syz-executor752' (2724) (tgid 2724), adj 1000, to free 12172kB on behalf of 'kworker/u4:1' (64) because cache 35516kB is below limit 65536kB for oom_score_adj 12 Free memory is 184kB above reserved lowmemorykiller: Killing 'syz-executor752' (2727) (tgid 2727), adj 1000, to free 12172kB on behalf of 'syz-executor752' (3999) because cache 35392kB is below limit 65536kB for oom_score_adj 12 Free memory is -13280kB above reserved lowmemorykiller: Killing 'syz-executor752' (2736) (tgid 2736), adj 1000, to free 12172kB on behalf of 'syz-executor752' (3999) because cache 35292kB is below limit 65536kB for oom_score_adj 12 Free memory is -5980kB above reserved lowmemorykiller: Killing 'syz-executor752' (2739) (tgid 2739), adj 1000, to free 12172kB on behalf of 'syz-executor752' (3999) because cache 35292kB is below limit 65536kB for oom_score_adj 12 Free memory is 892kB above reserved lowmemorykiller: Killing 'syz-executor752' (2742) (tgid 2742), adj 1000, to free 12172kB on behalf of 'syz-executor752' (3999) because cache 35292kB is below limit 65536kB for oom_score_adj 12 Free memory is 4392kB above reserved lowmemorykiller: Killing 'syz-executor752' (2748) (tgid 2748), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4011) because cache 35240kB is below limit 65536kB for oom_score_adj 12 Free memory is -13304kB above reserved lowmemorykiller: Killing 'syz-executor752' (2751) (tgid 2751), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4011) because cache 35140kB is below limit 65536kB for oom_score_adj 12 Free memory is -9004kB above reserved lowmemorykiller: Killing 'syz-executor752' (2754) (tgid 2754), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4011) because cache 35040kB is below limit 65536kB for oom_score_adj 12 Free memory is -1704kB above reserved lowmemorykiller: Killing 'syz-executor752' (2760) (tgid 2760), adj 1000, to free 12172kB on behalf of 'init' (1) because cache 35088kB is below limit 65536kB for oom_score_adj 12 Free memory is -9620kB above reserved lowmemorykiller: Killing 'syz-executor752' (2766) (tgid 2766), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34980kB is below limit 65536kB for oom_score_adj 12 Free memory is -13332kB above reserved lowmemorykiller: Killing 'syz-executor752' (2769) (tgid 2769), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34880kB is below limit 65536kB for oom_score_adj 12 Free memory is -7132kB above reserved lowmemorykiller: Killing 'syz-executor752' (2778) (tgid 2778), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34880kB is below limit 65536kB for oom_score_adj 12 Free memory is -3788kB above reserved lowmemorykiller: Killing 'syz-executor752' (2781) (tgid 2781), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34880kB is below limit 65536kB for oom_score_adj 12 Free memory is 612kB above reserved lowmemorykiller: Killing 'syz-executor752' (2784) (tgid 2784), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34880kB is below limit 65536kB for oom_score_adj 12 Free memory is 11296kB above reserved lowmemorykiller: Killing 'syz-executor752' (2787) (tgid 2787), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34780kB is below limit 65536kB for oom_score_adj 12 Free memory is 15236kB above reserved lowmemorykiller: Killing 'syz-executor752' (2802) (tgid 2802), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34780kB is below limit 65536kB for oom_score_adj 12 Free memory is 32904kB above reserved lowmemorykiller: Killing 'syz-executor752' (2814) (tgid 2814), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4025) because cache 34680kB is below limit 65536kB for oom_score_adj 12 Free memory is 33804kB above reserved lowmemorykiller: Killing 'syz-executor752' (2817) (tgid 2817), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4053) because cache 34680kB is below limit 65536kB for oom_score_adj 12 Free memory is -13344kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4053, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 4053 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff8801cb4a7018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff8801cb1397c0 ffffffff810d0c30 ffff8801cb1397c0 ffff8801cb4a7050 ffffffff8140008c ffff8801cb1397c0 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (2829) (tgid 2829), adj 1000, to free 12172kB on behalf of 'syz-executor752' (2067) because cache 34480kB is below limit 65536kB for oom_score_adj 12 Free memory is -10504kB above reserved lowmemorykiller: Killing 'syz-executor752' (2832) (tgid 2832), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4059) because cache 34380kB is below limit 65536kB for oom_score_adj 12 Free memory is -13232kB above reserved lowmemorykiller: Killing 'syz-executor752' (2838) (tgid 2838), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4059) because cache 34380kB is below limit 65536kB for oom_score_adj 12 Free memory is -13232kB above reserved lowmemorykiller: Killing 'syz-executor752' (2841) (tgid 2841), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4065) because cache 34108kB is below limit 65536kB for oom_score_adj 12 Free memory is -13392kB above reserved lowmemorykiller: Killing 'syz-executor752' (2868) (tgid 2868), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4065) because cache 33908kB is below limit 65536kB for oom_score_adj 12 Free memory is -13344kB above reserved lowmemorykiller: Killing 'syz-executor752' (2907) (tgid 2907), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4065) because cache 33808kB is below limit 65536kB for oom_score_adj 12 Free memory is 3732kB above reserved lowmemorykiller: Killing 'syz-executor752' (2910) (tgid 2910), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4065) because cache 33908kB is below limit 65536kB for oom_score_adj 12 Free memory is 13508kB above reserved lowmemorykiller: Killing 'syz-executor752' (2913) (tgid 2913), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4077) because cache 33836kB is below limit 65536kB for oom_score_adj 12 Free memory is -13368kB above reserved lowmemorykiller: Killing 'syz-executor752' (2922) (tgid 2922), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4077) because cache 33636kB is below limit 65536kB for oom_score_adj 12 Free memory is -5968kB above reserved lowmemorykiller: Killing 'syz-executor752' (2925) (tgid 2925), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4083) because cache 33636kB is below limit 65536kB for oom_score_adj 12 Free memory is -13336kB above reserved lowmemorykiller: Killing 'syz-executor752' (2931) (tgid 2931), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4083) because cache 33536kB is below limit 65536kB for oom_score_adj 12 Free memory is -4536kB above reserved lowmemorykiller: Killing 'syz-executor752' (2937) (tgid 2937), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4089) because cache 33500kB is below limit 65536kB for oom_score_adj 12 Free memory is -13292kB above reserved lowmemorykiller: Killing 'syz-executor752' (2943) (tgid 2943), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4089) because cache 33300kB is below limit 65536kB for oom_score_adj 12 Free memory is -13336kB above reserved lowmemorykiller: Killing 'syz-executor752' (2949) (tgid 2949), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4089) because cache 33400kB is below limit 65536kB for oom_score_adj 12 Free memory is -13236kB above reserved lowmemorykiller: Killing 'syz-executor752' (2955) (tgid 2955), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 33064kB is below limit 65536kB for oom_score_adj 12 Free memory is -13420kB above reserved lowmemorykiller: Killing 'syz-executor752' (2958) (tgid 2958), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 32864kB is below limit 65536kB for oom_score_adj 12 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor752' (2961) (tgid 2961), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 32864kB is below limit 65536kB for oom_score_adj 12 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor752' (2964) (tgid 2964), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 32464kB is below limit 65536kB for oom_score_adj 12 Free memory is -13284kB above reserved lowmemorykiller: Killing 'syz-executor752' (2967) (tgid 2967), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 32264kB is below limit 65536kB for oom_score_adj 12 Free memory is -3008kB above reserved lowmemorykiller: Killing 'syz-executor752' (2970) (tgid 2970), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 32264kB is below limit 65536kB for oom_score_adj 12 Free memory is 19292kB above reserved lowmemorykiller: Killing 'syz-executor752' (2973) (tgid 2973), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4098) because cache 32264kB is below limit 65536kB for oom_score_adj 12 Free memory is 29392kB above reserved lowmemorykiller: Killing 'syz-executor752' (2976) (tgid 2976), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4119) because cache 32296kB is below limit 65536kB for oom_score_adj 12 Free memory is -13372kB above reserved lowmemorykiller: Killing 'syz-executor752' (2979) (tgid 2979), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4119) because cache 32196kB is below limit 65536kB for oom_score_adj 12 Free memory is -8072kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4119, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 4119 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff880007edf018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff8800002d97c0 ffffffff810d0c30 ffff8800002d97c0 ffff880007edf050 ffffffff8140008c ffff8800002d97c0 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (2982) (tgid 2982), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 32168kB is below limit 65536kB for oom_score_adj 12 Free memory is -13332kB above reserved lowmemorykiller: Killing 'syz-executor752' (2991) (tgid 2991), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 31968kB is below limit 65536kB for oom_score_adj 12 Free memory is -13332kB above reserved lowmemorykiller: Killing 'syz-executor752' (2994) (tgid 2994), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 31868kB is below limit 65536kB for oom_score_adj 12 Free memory is 3048kB above reserved lowmemorykiller: Killing 'syz-executor752' (3000) (tgid 3000), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 31768kB is below limit 65536kB for oom_score_adj 12 Free memory is 6148kB above reserved lowmemorykiller: Killing 'syz-executor752' (3003) (tgid 3003), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 31768kB is below limit 65536kB for oom_score_adj 12 Free memory is 11324kB above reserved lowmemorykiller: Killing 'syz-executor752' (3006) (tgid 3006), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 31768kB is below limit 65536kB for oom_score_adj 12 Free memory is 17824kB above reserved lowmemorykiller: Killing 'syz-executor752' (3018) (tgid 3018), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4125) because cache 31668kB is below limit 65536kB for oom_score_adj 12 Free memory is 17824kB above reserved lowmemorykiller: Killing 'syz-executor752' (3021) (tgid 3021), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4146) because cache 31664kB is below limit 65536kB for oom_score_adj 12 Free memory is -13320kB above reserved lowmemorykiller: Killing 'syz-executor752' (3024) (tgid 3024), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4146) because cache 31364kB is below limit 65536kB for oom_score_adj 12 Free memory is -13304kB above reserved lowmemorykiller: Killing 'syz-executor752' (3036) (tgid 3036), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4146) because cache 31364kB is below limit 65536kB for oom_score_adj 12 Free memory is -12904kB above reserved lowmemorykiller: Killing 'syz-executor752' (3039) (tgid 3039), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4146) because cache 31264kB is below limit 65536kB for oom_score_adj 12 Free memory is -6828kB above reserved lowmemorykiller: Killing 'syz-executor752' (3051) (tgid 3051), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4146) because cache 31264kB is below limit 65536kB for oom_score_adj 12 Free memory is 10884kB above reserved lowmemorykiller: Killing 'syz-executor752' (3066) (tgid 3066), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4146) because cache 31264kB is below limit 65536kB for oom_score_adj 12 Free memory is 12984kB above reserved lowmemorykiller: Killing 'syz-executor752' (3069) (tgid 3069), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4164) because cache 31160kB is below limit 65536kB for oom_score_adj 12 Free memory is -13368kB above reserved lowmemorykiller: Killing 'syz-executor752' (3084) (tgid 3084), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4164) because cache 31160kB is below limit 65536kB for oom_score_adj 12 Free memory is -6076kB above reserved lowmemorykiller: Killing 'syz-executor752' (3090) (tgid 3090), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4170) because cache 30860kB is below limit 65536kB for oom_score_adj 12 Free memory is -13404kB above reserved lowmemorykiller: Killing 'syz-executor752' (3093) (tgid 3093), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4170) because cache 30860kB is below limit 65536kB for oom_score_adj 12 Free memory is -11304kB above reserved lowmemorykiller: Killing 'syz-executor752' (3105) (tgid 3105), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4176) because cache 30632kB is below limit 65536kB for oom_score_adj 12 Free memory is -13392kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4176, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 4176 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff880092807018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff880096482f80 ffffffff810d0c30 ffff880096482f80 ffff880092807050 ffffffff8140008c ffff880096482f80 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (3108) (tgid 3108), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4176) because cache 30432kB is below limit 65536kB for oom_score_adj 12 Free memory is -13232kB above reserved lowmemorykiller: Killing 'syz-executor752' (3114) (tgid 3114), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4176) because cache 30532kB is below limit 65536kB for oom_score_adj 12 Free memory is -13232kB above reserved lowmemorykiller: Killing 'syz-executor752' (3117) (tgid 3117), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4185) because cache 30060kB is below limit 65536kB for oom_score_adj 12 Free memory is -13236kB above reserved lowmemorykiller: Killing 'syz-executor752' (3120) (tgid 3120), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4185) because cache 29860kB is below limit 65536kB for oom_score_adj 12 Free memory is -13272kB above reserved lowmemorykiller: Killing 'syz-executor752' (3129) (tgid 3129), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4185) because cache 29860kB is below limit 65536kB for oom_score_adj 12 Free memory is -13272kB above reserved lowmemorykiller: Killing 'syz-executor752' (3132) (tgid 3132), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4185) because cache 29660kB is below limit 65536kB for oom_score_adj 12 Free memory is -12644kB above reserved lowmemorykiller: Killing 'syz-executor752' (3144) (tgid 3144), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4197) because cache 29316kB is below limit 65536kB for oom_score_adj 12 Free memory is -13376kB above reserved lowmemorykiller: Killing 'syz-executor752' (3147) (tgid 3147), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4197) because cache 29116kB is below limit 65536kB for oom_score_adj 12 Free memory is -13336kB above reserved lowmemorykiller: Killing 'syz-executor752' (3153) (tgid 3153), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4197) because cache 29116kB is below limit 65536kB for oom_score_adj 12 Free memory is -13336kB above reserved lowmemorykiller: Killing 'syz-executor752' (3159) (tgid 3159), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4197) because cache 28916kB is below limit 65536kB for oom_score_adj 12 Free memory is -13408kB above reserved lowmemorykiller: Killing 'syz-executor752' (3162) (tgid 3162), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28568kB is below limit 65536kB for oom_score_adj 12 Free memory is -13276kB above reserved lowmemorykiller: Killing 'syz-executor752' (3165) (tgid 3165), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is -13316kB above reserved lowmemorykiller: Killing 'syz-executor752' (3171) (tgid 3171), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is -13316kB above reserved lowmemorykiller: Killing 'syz-executor752' (3177) (tgid 3177), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is -9940kB above reserved lowmemorykiller: Killing 'syz-executor752' (3189) (tgid 3189), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is -8940kB above reserved lowmemorykiller: Killing 'syz-executor752' (3192) (tgid 3192), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is 1236kB above reserved lowmemorykiller: Killing 'syz-executor752' (3201) (tgid 3201), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is 21436kB above reserved lowmemorykiller: Killing 'syz-executor752' (3213) (tgid 3213), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28360kB is below limit 65536kB for oom_score_adj 12 Free memory is 38032kB above reserved lowmemorykiller: Killing 'syz-executor752' (3216) (tgid 3216), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4209) because cache 28260kB is below limit 65536kB for oom_score_adj 12 Free memory is 46132kB above reserved lowmemorykiller: Killing 'syz-executor752' (3219) (tgid 3219), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 28132kB is below limit 65536kB for oom_score_adj 12 Free memory is -13312kB above reserved lowmemorykiller: Killing 'syz-executor752' (3234) (tgid 3234), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 27932kB is below limit 65536kB for oom_score_adj 12 Free memory is -13244kB above reserved lowmemorykiller: Killing 'syz-executor752' (3240) (tgid 3240), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 27932kB is below limit 65536kB for oom_score_adj 12 Free memory is 3408kB above reserved lowmemorykiller: Killing 'syz-executor752' (3246) (tgid 3246), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 27932kB is below limit 65536kB for oom_score_adj 12 Free memory is 7180kB above reserved lowmemorykiller: Killing 'syz-executor752' (3258) (tgid 3258), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 27932kB is below limit 65536kB for oom_score_adj 12 Free memory is 11880kB above reserved lowmemorykiller: Killing 'syz-executor752' (3261) (tgid 3261), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 27932kB is below limit 65536kB for oom_score_adj 12 Free memory is 17480kB above reserved lowmemorykiller: Killing 'syz-executor752' (3267) (tgid 3267), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4236) because cache 27932kB is below limit 65536kB for oom_score_adj 12 Free memory is 23180kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4236, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 4236 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff8800928bf018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff8800967797c0 ffffffff810d0c30 ffff8800967797c0 ffff8800928bf050 ffffffff8140008c ffff8800967797c0 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (3282) (tgid 3282), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is -13324kB above reserved lowmemorykiller: Killing 'syz-executor752' (3285) (tgid 3285), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is -10524kB above reserved lowmemorykiller: Killing 'syz-executor752' (3291) (tgid 3291), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is -6224kB above reserved lowmemorykiller: Killing 'syz-executor752' (3294) (tgid 3294), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is 2276kB above reserved lowmemorykiller: Killing 'syz-executor752' (3297) (tgid 3297), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is 9276kB above reserved lowmemorykiller: Killing 'syz-executor752' (3309) (tgid 3309), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is 25772kB above reserved lowmemorykiller: Killing 'syz-executor752' (3333) (tgid 3333), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27732kB is below limit 65536kB for oom_score_adj 12 Free memory is 26472kB above reserved lowmemorykiller: Killing 'syz-executor752' (3345) (tgid 3345), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4257) because cache 27632kB is below limit 65536kB for oom_score_adj 12 Free memory is 58672kB above reserved lowmemorykiller: Killing 'syz-executor752' (3363) (tgid 3363), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is -13316kB above reserved lowmemorykiller: Killing 'syz-executor752' (3369) (tgid 3369), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is -2816kB above reserved lowmemorykiller: Killing 'syz-executor752' (3378) (tgid 3378), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is 1384kB above reserved lowmemorykiller: Killing 'syz-executor752' (3387) (tgid 3387), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is 10184kB above reserved lowmemorykiller: Killing 'syz-executor752' (3393) (tgid 3393), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is 18284kB above reserved lowmemorykiller: Killing 'syz-executor752' (3426) (tgid 3426), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is 25180kB above reserved lowmemorykiller: Killing 'syz-executor752' (3429) (tgid 3429), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27532kB is below limit 65536kB for oom_score_adj 12 Free memory is 30680kB above reserved lowmemorykiller: Killing 'syz-executor752' (3435) (tgid 3435), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27432kB is below limit 65536kB for oom_score_adj 12 Free memory is 37680kB above reserved lowmemorykiller: Killing 'syz-executor752' (3444) (tgid 3444), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27432kB is below limit 65536kB for oom_score_adj 12 Free memory is 43880kB above reserved lowmemorykiller: Killing 'syz-executor752' (3447) (tgid 3447), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4281) because cache 27332kB is below limit 65536kB for oom_score_adj 12 Free memory is 60264kB above reserved lowmemorykiller: Killing 'syz-executor752' (3453) (tgid 3453), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4311) because cache 27336kB is below limit 65536kB for oom_score_adj 12 Free memory is -13396kB above reserved lowmemorykiller: Killing 'syz-executor752' (3465) (tgid 3465), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4311) because cache 27336kB is below limit 65536kB for oom_score_adj 12 Free memory is -11696kB above reserved lowmemorykiller: Killing 'syz-executor752' (3468) (tgid 3468), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4311) because cache 27336kB is below limit 65536kB for oom_score_adj 12 Free memory is -6296kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4311, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 4311 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff8800929f7018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff8800929e8000 ffffffff810d0c30 ffff8800929e8000 ffff8800929f7050 ffffffff8140008c ffff8800929e8000 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (3477) (tgid 3477), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved lowmemorykiller: Killing 'syz-executor752' (3480) (tgid 3480), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is -11052kB above reserved lowmemorykiller: Killing 'syz-executor752' (3486) (tgid 3486), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is -5852kB above reserved lowmemorykiller: Killing 'syz-executor752' (3489) (tgid 3489), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is 5648kB above reserved lowmemorykiller: Killing 'syz-executor752' (3516) (tgid 3516), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is 26548kB above reserved lowmemorykiller: Killing 'syz-executor752' (3525) (tgid 3525), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is 33548kB above reserved lowmemorykiller: Killing 'syz-executor752' (3534) (tgid 3534), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27140kB is below limit 65536kB for oom_score_adj 12 Free memory is 40548kB above reserved lowmemorykiller: Killing 'syz-executor752' (3543) (tgid 3543), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 27040kB is below limit 65536kB for oom_score_adj 12 Free memory is 47728kB above reserved lowmemorykiller: Killing 'syz-executor752' (3555) (tgid 3555), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4320) because cache 26940kB is below limit 65536kB for oom_score_adj 12 Free memory is 58312kB above reserved lowmemorykiller: Killing 'syz-executor752' (3564) (tgid 3564), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4347) because cache 26944kB is below limit 65536kB for oom_score_adj 12 Free memory is -13364kB above reserved lowmemorykiller: Killing 'syz-executor752' (3570) (tgid 3570), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4347) because cache 26944kB is below limit 65536kB for oom_score_adj 12 Free memory is -8564kB above reserved lowmemorykiller: Killing 'syz-executor752' (3579) (tgid 3579), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4347) because cache 26744kB is below limit 65536kB for oom_score_adj 12 Free memory is -8464kB above reserved lowmemorykiller: Killing 'syz-executor752' (3588) (tgid 3588), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4356) because cache 26748kB is below limit 65536kB for oom_score_adj 12 Free memory is -13264kB above reserved lowmemorykiller: Killing 'syz-executor752' (3618) (tgid 3618), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4356) because cache 26748kB is below limit 65536kB for oom_score_adj 12 Free memory is -10664kB above reserved lowmemorykiller: Killing 'syz-executor752' (3621) (tgid 3621), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4362) because cache 26552kB is below limit 65536kB for oom_score_adj 12 Free memory is -13316kB above reserved lowmemorykiller: Killing 'syz-executor752' (3627) (tgid 3627), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4362) because cache 26552kB is below limit 65536kB for oom_score_adj 12 Free memory is -2916kB above reserved lowmemorykiller: Killing 'syz-executor752' (3633) (tgid 3633), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4362) because cache 26352kB is below limit 65536kB for oom_score_adj 12 Free memory is -2916kB above reserved lowmemorykiller: Killing 'syz-executor752' (3639) (tgid 3639), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4371) because cache 26364kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4371, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 1 PID: 4371 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff880092ae7018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff880092ad8000 ffffffff810d0c30 ffff880092ad8000 ffff880092ae7050 ffffffff8140008c ffff880092ad8000 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (3651) (tgid 3651), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4371) because cache 26064kB is below limit 65536kB for oom_score_adj 12 Free memory is -13260kB above reserved lowmemorykiller: Killing 'syz-executor752' (3660) (tgid 3660), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4371) because cache 26064kB is below limit 65536kB for oom_score_adj 12 Free memory is -13260kB above reserved lowmemorykiller: Killing 'syz-executor752' (3677) (tgid 3677), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4371) because cache 25964kB is below limit 65536kB for oom_score_adj 12 Free memory is -13260kB above reserved lowmemorykiller: Killing 'syz-executor752' (3681) (tgid 3681), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4371) because cache 25764kB is below limit 65536kB for oom_score_adj 12 Free memory is -10560kB above reserved lowmemorykiller: Killing 'syz-executor752' (3687) (tgid 3687), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4386) because cache 25800kB is below limit 65536kB for oom_score_adj 12 Free memory is -13252kB above reserved lowmemorykiller: Killing 'syz-executor752' (3690) (tgid 3690), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4386) because cache 25700kB is below limit 65536kB for oom_score_adj 12 Free memory is -13252kB above reserved lowmemorykiller: Killing 'syz-executor752' (3702) (tgid 3702), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4392) because cache 25612kB is below limit 65536kB for oom_score_adj 12 Free memory is -13320kB above reserved lowmemorykiller: Killing 'syz-executor752' (3705) (tgid 3705), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4395) because cache 25412kB is below limit 65536kB for oom_score_adj 12 Free memory is -13320kB above reserved lowmemorykiller: Killing 'syz-executor752' (3711) (tgid 3711), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4395) because cache 25412kB is below limit 65536kB for oom_score_adj 12 Free memory is -13320kB above reserved lowmemorykiller: Killing 'syz-executor752' (3714) (tgid 3714), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4395) because cache 25412kB is below limit 65536kB for oom_score_adj 12 Free memory is -3520kB above reserved lowmemorykiller: Killing 'syz-executor752' (3723) (tgid 3723), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4404) because cache 25228kB is below limit 65536kB for oom_score_adj 12 Free memory is -13368kB above reserved lowmemorykiller: Killing 'syz-executor752' (3726) (tgid 3726), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4404) because cache 25128kB is below limit 65536kB for oom_score_adj 12 Free memory is -13368kB above reserved lowmemorykiller: Killing 'syz-executor752' (3732) (tgid 3732), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4410) because cache 24860kB is below limit 65536kB for oom_score_adj 12 Free memory is -13324kB above reserved lowmemorykiller: Killing 'syz-executor752' (3738) (tgid 3738), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4410) because cache 24760kB is below limit 65536kB for oom_score_adj 12 Free memory is -13324kB above reserved lowmemorykiller: Killing 'syz-executor752' (3741) (tgid 3741), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4410) because cache 24660kB is below limit 65536kB for oom_score_adj 12 Free memory is -10124kB above reserved lowmemorykiller: Killing 'syz-executor752' (3753) (tgid 3753), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4419) because cache 24676kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved lowmemorykiller: Killing 'syz-executor752' (3762) (tgid 3762), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4419) because cache 24676kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved lowmemorykiller: Killing 'syz-executor752' (3765) (tgid 3765), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4419) because cache 24576kB is below limit 65536kB for oom_score_adj 12 Free memory is -13236kB above reserved lowmemorykiller: Killing 'syz-executor752' (3768) (tgid 3768), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4419) because cache 24476kB is below limit 65536kB for oom_score_adj 12 Free memory is -860kB above reserved lowmemorykiller: Killing 'syz-executor752' (3771) (tgid 3771), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4419) because cache 24476kB is below limit 65536kB for oom_score_adj 12 Free memory is 40kB above reserved lowmemorykiller: Killing 'syz-executor752' (3774) (tgid 3774), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4434) because cache 24324kB is below limit 65536kB for oom_score_adj 12 Free memory is -13256kB above reserved lowmemorykiller: Killing 'syz-executor752' (3777) (tgid 3777), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4434) because cache 24124kB is below limit 65536kB for oom_score_adj 12 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor752' (3780) (tgid 3780), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4434) because cache 24124kB is below limit 65536kB for oom_score_adj 12 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor752' (3783) (tgid 3783), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4434) because cache 24224kB is below limit 65536kB for oom_score_adj 12 Free memory is -8528kB above reserved lowmemorykiller: Killing 'syz-executor752' (3786) (tgid 3786), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4434) because cache 24124kB is below limit 65536kB for oom_score_adj 12 Free memory is -7628kB above reserved lowmemorykiller: Killing 'syz-executor752' (3789) (tgid 3789), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4449) because cache 23988kB is below limit 65536kB for oom_score_adj 12 Free memory is -13328kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:903 in_atomic(): 0, irqs_disabled(): 0, pid: 4449, name: syz-executor752 INFO: lockdep is turned off. Preemption disabled at: [<000000001b6123ac>] spin_lock include/linux/spinlock.h:302 [inline] [<000000001b6123ac>] task_lock include/linux/sched.h:3217 [inline] [<000000001b6123ac>] get_task_mm+0x20/0xc0 kernel/fork.c:1010 CPU: 0 PID: 4449 Comm: syz-executor752 Tainted: G W 4.9.180+ #3 ffff8801cb01f018 ffffffff81b577f1 0000000000000000 0000000000000001 ffff8801d7b217c0 ffffffff810d0c30 ffff8801d7b217c0 ffff8801cb01f050 ffffffff8140008c ffff8801d7b217c0 ffffffff82a39900 0000000000000387 Call Trace: [<0000000024daa5c8>] __dump_stack lib/dump_stack.c:15 [inline] [<0000000024daa5c8>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000004fa88867>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<000000005953542f>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<000000005b120125>] mmput+0x28/0x370 kernel/fork.c:903 [<00000000cb3131e7>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<0000000064a6c26a>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<00000000e2d24456>] do_shrink_slab mm/vmscan.c:399 [inline] [<00000000e2d24456>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000a144576f>] shrink_slab mm/vmscan.c:466 [inline] [<00000000a144576f>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000d07a0550>] shrink_zones mm/vmscan.c:2751 [inline] [<00000000d07a0550>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<00000000d07a0550>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<00000000e5202e67>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<00000000e5202e67>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<00000000e5202e67>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<00000000e5202e67>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000d4685a28>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000d4685a28>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000d4685a28>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000d4685a28>] shmem_alloc_page mm/shmem.c:1437 [inline] [<00000000d4685a28>] shmem_alloc_and_acct_page mm/shmem.c:1462 [inline] [<00000000d4685a28>] shmem_getpage_gfp+0x3f3/0x1b00 mm/shmem.c:1734 [<00000000cc801db7>] shmem_fault+0x216/0x6b0 mm/shmem.c:1966 [<00000000b3c789e4>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000eacc5286>] do_read_fault mm/memory.c:3202 [inline] [<00000000eacc5286>] do_fault mm/memory.c:3338 [inline] [<00000000eacc5286>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000eacc5286>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000eacc5286>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000bbe8a77e>] faultin_page mm/gup.c:386 [inline] [<00000000bbe8a77e>] __get_user_pages+0x3c7/0x1060 mm/gup.c:588 [<00000000788a375d>] populate_vma_page_range+0x19a/0x230 mm/gup.c:1106 [<00000000c84cfafd>] __mm_populate+0x1b9/0x300 mm/gup.c:1154 [<00000000b5d10993>] mm_populate include/linux/mm.h:2052 [inline] [<00000000b5d10993>] vm_mmap_pgoff+0x1aa/0x1c0 mm/util.c:333 [<000000000e140ee4>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000000e140ee4>] SyS_mmap_pgoff+0x14d/0x1b0 mm/mmap.c:1513 [<000000007714e512>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<000000007714e512>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000293a346e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c0b986cf>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor752' (3792) (tgid 3792), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4449) because cache 23788kB is below limit 65536kB for oom_score_adj 12 Free memory is -13244kB above reserved lowmemorykiller: Killing 'syz-executor752' (3798) (tgid 3798), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4449) because cache 23888kB is below limit 65536kB for oom_score_adj 12 Free memory is -1168kB above reserved lowmemorykiller: Killing 'syz-executor752' (3801) (tgid 3801), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4449) because cache 23788kB is below limit 65536kB for oom_score_adj 12 Free memory is -268kB above reserved lowmemorykiller: Killing 'syz-executor752' (3804) (tgid 3804), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4461) because cache 23664kB is below limit 65536kB for oom_score_adj 12 Free memory is -13308kB above reserved lowmemorykiller: Killing 'syz-executor752' (3807) (tgid 3807), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4461) because cache 23664kB is below limit 65536kB for oom_score_adj 12 Free memory is -5408kB above reserved lowmemorykiller: Killing 'syz-executor752' (3810) (tgid 3810), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4467) because cache 23496kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved lowmemorykiller: Killing 'syz-executor752' (3816) (tgid 3816), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4467) because cache 23296kB is below limit 65536kB for oom_score_adj 12 Free memory is -13264kB above reserved lowmemorykiller: Killing 'syz-executor752' (3819) (tgid 3819), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4467) because cache 23296kB is below limit 65536kB for oom_score_adj 12 Free memory is -13264kB above reserved lowmemorykiller: Killing 'syz-executor752' (3831) (tgid 3831), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4467) because cache 23296kB is below limit 65536kB for oom_score_adj 12 Free memory is -13264kB above reserved lowmemorykiller: Killing 'syz-executor752' (3834) (tgid 3834), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4479) because cache 23164kB is below limit 65536kB for oom_score_adj 12 Free memory is -13368kB above reserved lowmemorykiller: Killing 'syz-executor752' (3840) (tgid 3840), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4479) because cache 23064kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved lowmemorykiller: Killing 'syz-executor752' (3849) (tgid 3849), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4479) because cache 23064kB is below limit 65536kB for oom_score_adj 12 Free memory is -13352kB above reserved lowmemorykiller: Killing 'syz-executor752' (3858) (tgid 3858), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4479) because cache 22864kB is below limit 65536kB for oom_score_adj 12 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor752' (3861) (tgid 3861), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4479) because cache 22764kB is below limit 65536kB for oom_score_adj 12 Free memory is -2328kB above reserved lowmemorykiller: Killing 'syz-executor752' (3867) (tgid 3867), adj 1000, to free 12172kB on behalf of 'syz-executor752' (4479) because