Free memory is -12992kB above reserved lowmemorykiller: Killing 'syz-executor.4' (20832) (tgid 20832), adj 1000, to free 35984kB on behalf of 'kswapd0' (33) because cache 53088kB is below limit 65536kB for oom_score_adj 12 Free memory is -11364kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 33, name: kswapd0 2 locks held by kswapd0/33: #0: (shrinker_rwsem){++++..}, at: [<0000000048a5bb70>] shrink_slab.part.0+0xb2/0xa20 mm/vmscan.c:472 #1: (rcu_read_lock){......}, at: [<00000000690635b2>] lowmem_scan+0x242/0xb50 drivers/staging/android/lowmemorykiller.c:272 Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 0 PID: 33 Comm: kswapd0 Not tainted 4.9.189+ #22 ffff8801d84077c0 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801d99297c0 ffffffff810d1010 ffff8801d99297c0 ffff8801d84077f8 ffffffff814018f3 ffff8801d99297c0 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000636e680c>] kswapd_shrink_node mm/vmscan.c:3209 [inline] [<00000000636e680c>] balance_pgdat mm/vmscan.c:3329 [inline] [<00000000636e680c>] kswapd+0x7f8/0x13b0 mm/vmscan.c:3523 [<00000000ebe36ea3>] kthread+0x278/0x310 kernel/kthread.c:211 [<0000000029aecd4b>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 ================================= [ INFO: inconsistent lock state ] 4.9.189+ #22 Tainted: G W --------------------------------- inconsistent {RECLAIM_FS-ON-W} -> {IN-RECLAIM_FS-R} usage. kswapd0/33 [HC0[0]:SC0[0]:HE1:SE1] takes: (&mm->mmap_sem){+++++?}, at: [<000000005b36c564>] get_cmdline+0xa3/0x2d0 mm/util.c:641 mark_held_locks+0xb1/0x100 kernel/locking/lockdep.c:2660 __lockdep_trace_alloc kernel/locking/lockdep.c:2882 [inline] lockdep_trace_alloc+0x18c/0x2b0 kernel/locking/lockdep.c:2897 __alloc_pages_nodemask+0x143/0x1a80 mm/page_alloc.c:3803 __alloc_pages include/linux/gfp.h:433 [inline] __alloc_pages_node include/linux/gfp.h:446 [inline] alloc_pages_node include/linux/gfp.h:460 [inline] pmd_alloc_one arch/x86/include/asm/pgalloc.h:88 [inline] __pmd_alloc+0x4a/0x330 mm/memory.c:3742 pmd_alloc include/linux/mm.h:1625 [inline] alloc_new_pmd mm/mremap.c:64 [inline] move_page_tables+0xadb/0xd60 mm/mremap.c:212 shift_arg_pages+0x1ae/0x470 fs/exec.c:642 setup_arg_pages+0x60d/0x7c0 fs/exec.c:754 load_elf_binary+0xa84/0x4a90 fs/binfmt_elf.c:860 search_binary_handler fs/exec.c:1621 [inline] search_binary_handler+0x14f/0x700 fs/exec.c:1599 exec_binprm fs/exec.c:1663 [inline] do_execveat_common.isra.0+0xf81/0x1db0 fs/exec.c:1785 do_execve+0x3a/0x50 fs/exec.c:1829 run_init_process+0x33/0x37 init/main.c:904 try_to_run_init_process+0x18/0x48 init/main.c:913 kernel_init+0xf2/0x163 init/main.c:984 ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 irq event stamp: 142317 hardirqs last enabled at (142317): [<00000000c073b4d6>] dump_stack+0x100/0x120 lib/dump_stack.c:56 hardirqs last disabled at (142316): [<000000003c728014>] dump_stack+0x2c/0x120 lib/dump_stack.c:38 softirqs last enabled at (137916): [<000000002f7ab293>] __do_softirq+0x474/0x964 kernel/softirq.c:314 softirqs last disabled at (137909): [<00000000a5240491>] invoke_softirq kernel/softirq.c:368 [inline] softirqs last disabled at (137909): [<00000000a5240491>] irq_exit+0x119/0x160 kernel/softirq.c:409 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&mm->mmap_sem); lock(&mm->mmap_sem); *** DEADLOCK *** 3 locks held by kswapd0/33: #0: (shrinker_rwsem){++++..}, at: [<0000000048a5bb70>] shrink_slab.part.0+0xb2/0xa20 mm/vmscan.c:472 #1: (rcu_read_lock){......}, at: [<00000000690635b2>] lowmem_scan+0x242/0xb50 drivers/staging/android/lowmemorykiller.c:272 #2: (lmk_event_lock){+.+.-.}, at: [<00000000e011dd95>] spin_lock include/linux/spinlock.h:302 [inline] #2: (lmk_event_lock){+.+.-.}, at: [<00000000e011dd95>] handle_lmk_event+0xfb/0x8a0 drivers/staging/android/lowmemorykiller.c:114 stack backtrace: CPU: 0 PID: 33 Comm: kswapd0 Tainted: G W 4.9.189+ #22 ffff8801d8407500 ffffffff81b65c01 00000000000000f0 ffff8801d99297c0 ffffffff83cb0010 ffff8801d992a108 ffffffff84250fc0 ffff8801d8407578 ffffffff81408330 0000000000000000 ffffffff00000001 0000000000000001 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000454f8423>] print_usage_bug kernel/locking/lockdep.c:2387 [inline] [<00000000454f8423>] print_usage_bug.cold+0x452/0x5a2 kernel/locking/lockdep.c:2354 [<0000000034e0e4d1>] valid_state kernel/locking/lockdep.c:2400 [inline] [<0000000034e0e4d1>] mark_lock_irq kernel/locking/lockdep.c:2602 [inline] [<0000000034e0e4d1>] mark_lock+0x6c7/0x12e0 kernel/locking/lockdep.c:3065 [<0000000015dbb42a>] mark_irqflags kernel/locking/lockdep.c:2958 [inline] [<0000000015dbb42a>] __lock_acquire+0x5be/0x4390 kernel/locking/lockdep.c:3302 [<0000000083e2e63b>] lock_acquire+0x133/0x3d0 kernel/locking/lockdep.c:3756 [<00000000132a1f8d>] down_read+0x44/0xb0 kernel/locking/rwsem.c:22 [<000000005b36c564>] get_cmdline+0xa3/0x2d0 mm/util.c:641 [<000000002fbc11c1>] handle_lmk_event+0x13c/0x8a0 drivers/staging/android/lowmemorykiller.c:128 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<00000000636e680c>] kswapd_shrink_node mm/vmscan.c:3209 [inline] [<00000000636e680c>] balance_pgdat mm/vmscan.c:3329 [inline] [<00000000636e680c>] kswapd+0x7f8/0x13b0 mm/vmscan.c:3523 [<00000000ebe36ea3>] kthread+0x278/0x310 kernel/kthread.c:211 [<0000000029aecd4b>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 lowmemorykiller: Killing 'syz-executor.3' (17376) (tgid 17376), adj 1000, to free 35980kB on behalf of 'kswapd0' (33) because cache 52688kB is below limit 65536kB for oom_score_adj 12 Free memory is -10864kB above reserved lowmemorykiller: Killing 'syz-executor.0' (18227) (tgid 18227), adj 1000, to free 35976kB on behalf of 'kswapd0' (33) because cache 52288kB is below limit 65536kB for oom_score_adj 12 Free memory is -10572kB above reserved lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 35972kB on behalf of 'kswapd0' (33) because cache 51488kB is below limit 65536kB for oom_score_adj 12 Free memory is -10472kB above reserved lowmemorykiller: Killing 'syz-executor.1' (4176) (tgid 4176), adj 1000, to free 34996kB on behalf of 'kswapd0' (33) because cache 508kB is below limit 6144kB for oom_score_adj 0 Free memory is -13336kB above reserved lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'syz-executor.1' (4176) because cache 508kB is below limit 6144kB for oom_score_adj 0 Free memory is -13336kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 4176, name: syz-executor.1 INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 0 PID: 4176 Comm: syz-executor.1 Tainted: G W 4.9.189+ #22 ffff8801d0856b50 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801a20197c0 ffffffff810d1010 ffff8801a20197c0 ffff8801d0856b88 ffffffff814018f3 ffff8801a20197c0 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<0000000080c8b590>] __alloc_pages include/linux/gfp.h:433 [inline] [<0000000080c8b590>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<0000000080c8b590>] alloc_pages_node include/linux/gfp.h:460 [inline] [<0000000080c8b590>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<0000000080c8b590>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<000000009c047edc>] find_or_create_page include/linux/pagemap.h:310 [inline] [<000000009c047edc>] ext4_mb_load_buddy_gfp+0x90a/0x1100 fs/ext4/mballoc.c:1172 [<000000007247ac33>] ext4_free_blocks+0x827/0x23d0 fs/ext4/mballoc.c:4834 [<00000000e68e37ed>] ext4_remove_blocks fs/ext4/extents.c:2585 [inline] [<00000000e68e37ed>] ext4_ext_rm_leaf fs/ext4/extents.c:2741 [inline] [<00000000e68e37ed>] ext4_ext_remove_space+0x21cd/0x3a90 fs/ext4/extents.c:2974 [<000000006cab299f>] ext4_ext_truncate+0x17e/0x280 fs/ext4/extents.c:4677 [<0000000012989970>] ext4_truncate+0x526/0x1300 fs/ext4/inode.c:4243 [<00000000d65387d3>] ext4_evict_inode+0xc50/0x1270 fs/ext4/inode.c:265 [<0000000000a0e389>] evict+0x2e9/0x630 fs/inode.c:553 [<0000000085c14039>] iput_final fs/inode.c:1516 [inline] [<0000000085c14039>] iput fs/inode.c:1543 [inline] [<0000000085c14039>] iput+0x370/0x900 fs/inode.c:1528 [<00000000164ea727>] dentry_unlink_inode+0x277/0x330 fs/dcache.c:369 [<00000000a421e1bc>] __dentry_kill+0x333/0x580 fs/dcache.c:571 [<000000002192c1c9>] dentry_kill fs/dcache.c:612 [inline] [<000000002192c1c9>] dput.part.0+0x509/0x7c0 fs/dcache.c:829 [<000000005e8ef80a>] dput+0x20/0x30 fs/dcache.c:791 [<00000000edd7c81a>] path_put+0x31/0x70 fs/namei.c:516 [<00000000f901abca>] free_fs_struct+0x25/0x70 fs/fs_struct.c:90 [<000000006edb41d1>] exit_fs+0xe7/0x120 fs/fs_struct.c:108 [<00000000ae87eb15>] do_exit+0x769/0x2aa0 kernel/exit.c:838 [<0000000071007afa>] do_group_exit+0x111/0x300 kernel/exit.c:946 [<00000000fa9fe244>] get_signal+0x377/0x1cb0 kernel/signal.c:2395 [<0000000085fdf81c>] do_signal+0x9c/0x1920 arch/x86/kernel/signal.c:812 [<0000000040b06872>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:159 [<00000000847c3878>] prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] [<00000000847c3878>] syscall_return_slowpath arch/x86/entry/common.c:266 [inline] [<00000000847c3878>] do_syscall_64+0x3ab/0x5c0 arch/x86/entry/common.c:293 [<00000000302bc019>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'init' (1) because cache 332kB is below limit 6144kB for oom_score_adj 0 Free memory is -13424kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 1, name: init INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 1 PID: 1 Comm: init Tainted: G W 4.9.189+ #22 ffff8801da60f2d0 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801da600000 ffffffff810d1010 ffff8801da600000 ffff8801da60f308 ffffffff814018f3 ffff8801da600000 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000c57901dd>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000c57901dd>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000c57901dd>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000c57901dd>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<00000000c57901dd>] __do_page_cache_readahead+0x21d/0x880 mm/readahead.c:183 [<00000000afbce107>] ra_submit mm/internal.h:61 [inline] [<00000000afbce107>] do_sync_mmap_readahead mm/filemap.c:2239 [inline] [<00000000afbce107>] filemap_fault+0xd7f/0x1360 mm/filemap.c:2328 [<0000000010d1e02c>] ext4_filemap_fault+0x72/0xa0 fs/ext4/inode.c:5854 [<0000000070e820a1>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000d33a2ed8>] do_read_fault mm/memory.c:3202 [inline] [<00000000d33a2ed8>] do_fault mm/memory.c:3338 [inline] [<00000000d33a2ed8>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000d33a2ed8>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000d33a2ed8>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<000000009abe4c72>] __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1404 [<000000002f98a772>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1467 [<00000000dd63e04a>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'init' (1) because cache 160kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 1, name: init INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 1 PID: 1 Comm: init Tainted: G W 4.9.189+ #22 ffff8801da60f2d0 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801da600000 ffffffff810d1010 ffff8801da600000 ffff8801da60f308 ffffffff814018f3 ffff8801da600000 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000c57901dd>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000c57901dd>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000c57901dd>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000c57901dd>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<00000000c57901dd>] __do_page_cache_readahead+0x21d/0x880 mm/readahead.c:183 [<00000000afbce107>] ra_submit mm/internal.h:61 [inline] [<00000000afbce107>] do_sync_mmap_readahead mm/filemap.c:2239 [inline] [<00000000afbce107>] filemap_fault+0xd7f/0x1360 mm/filemap.c:2328 [<0000000010d1e02c>] ext4_filemap_fault+0x72/0xa0 fs/ext4/inode.c:5854 [<0000000070e820a1>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000d33a2ed8>] do_read_fault mm/memory.c:3202 [inline] [<00000000d33a2ed8>] do_fault mm/memory.c:3338 [inline] [<00000000d33a2ed8>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000d33a2ed8>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000d33a2ed8>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<000000009abe4c72>] __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1404 [<000000002f98a772>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1467 [<00000000dd63e04a>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'syz-fuzzer' (2068) because cache 164kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 2068, name: syz-fuzzer INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 1 PID: 2068 Comm: syz-fuzzer Tainted: G W 4.9.189+ #22 ffff8801cce273c8 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801ce4b2f80 ffffffff810d1010 ffff8801ce4b2f80 ffff8801cce27400 ffffffff814018f3 ffff8801ce4b2f80 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<0000000080c8b590>] __alloc_pages include/linux/gfp.h:433 [inline] [<0000000080c8b590>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<0000000080c8b590>] alloc_pages_node include/linux/gfp.h:460 [inline] [<0000000080c8b590>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<0000000080c8b590>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<000000009c43a9ad>] filemap_fault+0xb1f/0x1360 mm/filemap.c:2331 [<0000000010d1e02c>] ext4_filemap_fault+0x72/0xa0 fs/ext4/inode.c:5854 [<0000000070e820a1>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000d33a2ed8>] do_read_fault mm/memory.c:3202 [inline] [<00000000d33a2ed8>] do_fault mm/memory.c:3338 [inline] [<00000000d33a2ed8>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000d33a2ed8>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000d33a2ed8>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<000000009abe4c72>] __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1404 [<000000002f98a772>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1467 [<00000000dd63e04a>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'init' (1) because cache 164kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 1, name: init INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 0 PID: 1 Comm: init Tainted: G W 4.9.189+ #22 ffff8801da60f3c8 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801da600000 ffffffff810d1010 ffff8801da600000 ffff8801da60f400 ffffffff814018f3 ffff8801da600000 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<0000000080c8b590>] __alloc_pages include/linux/gfp.h:433 [inline] [<0000000080c8b590>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<0000000080c8b590>] alloc_pages_node include/linux/gfp.h:460 [inline] [<0000000080c8b590>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<0000000080c8b590>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<000000009c43a9ad>] filemap_fault+0xb1f/0x1360 mm/filemap.c:2331 [<0000000010d1e02c>] ext4_filemap_fault+0x72/0xa0 fs/ext4/inode.c:5854 [<0000000070e820a1>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000d33a2ed8>] do_read_fault mm/memory.c:3202 [inline] [<00000000d33a2ed8>] do_fault mm/memory.c:3338 [inline] [<00000000d33a2ed8>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000d33a2ed8>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000d33a2ed8>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<000000009abe4c72>] __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1404 [<000000002f98a772>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1467 [<00000000dd63e04a>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'init' (1) because cache 164kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'udevd' (470) because cache 164kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 1, name: init INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 0 PID: 1 Comm: init Tainted: G W 4.9.189+ #22 ffff8801da60f3c8 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801da600000 ffffffff810d1010 ffff8801da600000 ffff8801da60f400 ffffffff814018f3 ffff8801da600000 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<0000000080c8b590>] __alloc_pages include/linux/gfp.h:433 [inline] [<0000000080c8b590>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<0000000080c8b590>] alloc_pages_node include/linux/gfp.h:460 [inline] [<0000000080c8b590>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<0000000080c8b590>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<000000009c43a9ad>] filemap_fault+0xb1f/0x1360 mm/filemap.c:2331 [<0000000010d1e02c>] ext4_filemap_fault+0x72/0xa0 fs/ext4/inode.c:5854 [<0000000070e820a1>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<00000000d33a2ed8>] do_read_fault mm/memory.c:3202 [inline] [<00000000d33a2ed8>] do_fault mm/memory.c:3338 [inline] [<00000000d33a2ed8>] handle_pte_fault mm/memory.c:3547 [inline] [<00000000d33a2ed8>] __handle_mm_fault mm/memory.c:3634 [inline] [<00000000d33a2ed8>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<000000009abe4c72>] __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1404 [<000000002f98a772>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1467 [<00000000dd63e04a>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'init' (1) because cache 164kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved lowmemorykiller: Killing 'syz-executor.3' (21546) (tgid 21542), adj 1000, to free 34996kB on behalf of 'syz-executor.3' (21551) because cache 164kB is below limit 6144kB for oom_score_adj 0 Free memory is -13328kB above reserved BUG: sleeping function called from invalid context at kernel/fork.c:905 in_atomic(): 0, irqs_disabled(): 0, pid: 1, name: init INFO: lockdep is turned off. Preemption disabled at: [<00000000c0e670d2>] spin_lock include/linux/spinlock.h:302 [inline] [<00000000c0e670d2>] task_lock include/linux/sched.h:3217 [inline] [<00000000c0e670d2>] get_task_mm+0x20/0xc0 kernel/fork.c:1012 CPU: 0 PID: 1 Comm: init Tainted: G W 4.9.189+ #22 ffff8801da60f3c8 ffffffff81b65c01 0000000000000000 0000000000000001 ffff8801da600000 ffffffff810d1010 ffff8801da600000 ffff8801da60f400 ffffffff814018f3 ffff8801da600000 ffffffff82a39fc0 0000000000000389 Call Trace: [<000000008a55a612>] __dump_stack lib/dump_stack.c:15 [inline] [<000000008a55a612>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000552b8d20>] ___might_sleep.cold+0x1c1/0x1fa kernel/sched/core.c:8004 [<00000000b4429980>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7961 [<00000000b647d9e3>] mmput+0x28/0x370 kernel/fork.c:905 [<0000000056551a68>] handle_lmk_event+0xea/0x8a0 drivers/staging/android/lowmemorykiller.c:111 [<00000000b2991da0>] lowmem_scan+0x695/0xb50 drivers/staging/android/lowmemorykiller.c:345 [<0000000082138f3c>] do_shrink_slab mm/vmscan.c:399 [inline] [<0000000082138f3c>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<00000000d606a2ee>] shrink_slab mm/vmscan.c:466 [inline] [<00000000d606a2ee>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000000c009caf>] shrink_zones mm/vmscan.c:2751 [inline] [<000000000c009caf>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000000c009caf>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<000000005d781fa9>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<000000005d781fa9>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<000000005d781fa9>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<000000005d781fa9>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<0000000080c8b590>] __alloc_pages include/linux/gfp.h:433 [inline] [<0000000080c8b590>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<0000000080c8b590>] alloc_pages_node include/linux/gfp.h:460 [inline] [<0000000080c8b590>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<0000000080c8b590>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367