Free memory is -31492kB above reserved lowmemorykiller: Killing 'syz-executor.1' (7974) (tgid 7974), adj 1000, to free 34864kB on behalf of 'syz-executor.0' (14765) because cache 120kB is below limit 6144kB for oom_score_adj 0 Free memory is -31492kB above reserved INFO: task init:1 blocked for more than 140 seconds. Not tainted 4.9.141+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. init D23880 1 0 0x00000000 ffff8801da5f8000 0000000000000000 ffff8801d4890000 ffff8801d8410000 ffff8801db721018 ffff8801da607580 ffffffff828075c2 ffff8801da5f88f8 ffff8801da5f88a8 ffff8801da5f88b0 00fff1003b4c0ea6 ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771 [] __down_common kernel/locking/semaphore.c:221 [inline] [] __down+0x191/0x2b0 kernel/locking/semaphore.c:238 [] down+0x5e/0x80 kernel/locking/semaphore.c:61 [] console_lock+0x2c/0x80 kernel/printk/printk.c:2217 [] console_device+0x1c/0xc0 kernel/printk/printk.c:2554 [] tty_lookup_driver drivers/tty/tty_io.c:2008 [inline] [] tty_open_by_driver drivers/tty/tty_io.c:2053 [inline] [] tty_open+0x6f5/0xdf0 drivers/tty/tty_io.c:2130 [] chrdev_open+0x22d/0x5c0 fs/char_dev.c:392 [] do_dentry_open+0x3ef/0xc90 fs/open.c:766 [] vfs_open+0x11c/0x210 fs/open.c:879 [] do_last fs/namei.c:3410 [inline] [] path_openat+0x542/0x2790 fs/namei.c:3534 [] do_filp_open+0x197/0x270 fs/namei.c:3568 [] do_sys_open+0x30d/0x5c0 fs/open.c:1072 [] SYSC_open fs/open.c:1090 [inline] [] SyS_open+0x2d/0x40 fs/open.c:1085 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 1 lock held by init/1: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1917: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 2 locks held by getty/2044: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #1 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000002 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 14765 Comm: syz-executor.0 Not tainted 4.9.141+ #1 task: ffff8801a4bac740 task.stack: ffff8801c4eb0000 RIP: 0010:[] c [] lock_acquire+0x162/0x3e0 kernel/locking/lockdep.c:3758 RSP: 0000:ffff8801c4eb73c0 EFLAGS: 00000046 RAX: 0000000000000007 RBX: 0000000000000246 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff8801a4bad068 RDI: ffff8801a4bacfec RBP: ffff8801c4eb7428 R08: ffff8801a4bad088 R09: ced7b85aa16a7d2e R10: ffff8801a4bac740 R11: 0000000000000001 R12: ffff8801a4bac740 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 FS: 00007f618300e700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000009878c0 CR3: 00000001d9fe5000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: 0000000000000000c ffffffff8141a061c ffff880100000000c ffff880100000000c ffffffff81ba7d7bc ffffffff81419f70c 0000000000000000c 00000001a6954740c ffff8801a6954f00c ffff8801a6954740c dffffc0000000000c ffff8801a6954f00c Call Trace: [] __raw_spin_lock include/linux/spinlock_api_smp.h:144 [inline] [] _raw_spin_lock+0x36/0x50 kernel/locking/spinlock.c:151 [] spin_lock include/linux/spinlock.h:302 [inline] [] task_lock include/linux/sched.h:3257 [inline] [] find_lock_task_mm+0xf1/0x270 mm/oom_kill.c:115 [] lowmem_scan+0x34f/0xaf0 drivers/staging/android/lowmemorykiller.c:134 [] do_shrink_slab mm/vmscan.c:398 [inline] [] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [] shrink_slab mm/vmscan.c:465 [inline] [] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [] shrink_zones mm/vmscan.c:2749 [inline] [] do_try_to_free_pages mm/vmscan.c:2791 [inline] [] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [] __perform_reclaim mm/page_alloc.c:3324 [inline] [] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [] __alloc_pages include/linux/gfp.h:433 [inline] [] __alloc_pages_node include/linux/gfp.h:446 [inline] [] alloc_pages_node include/linux/gfp.h:460 [inline] [] __vmalloc_area_node mm/vmalloc.c:1644 [inline] [] __vmalloc_node_range+0x25b/0x600 mm/vmalloc.c:1702 [] __vmalloc_node mm/vmalloc.c:1745 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1759 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1774 [] xt_alloc_table_info+0xc9/0x100 net/netfilter/x_tables.c:997 [] do_replace net/ipv6/netfilter/ip6_tables.c:1175 [inline] [] do_ip6t_set_ctl+0x235/0x470 net/ipv6/netfilter/ip6_tables.c:1712 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:922 [] tcp_setsockopt+0x88/0xe0 net/ipv4/tcp.c:2758 [] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2706 [] SYSC_setsockopt net/socket.c:1785 [inline] [] SyS_setsockopt+0x166/0x260 net/socket.c:1764 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c00 c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c48 c89 cfa c48 cc1 cea c03 c0f cb6 c14 c02 c48 c89 cf8 c83 ce0 c07 c83 cc0 c03 c38 cd0 c7c c08 c84 cd2 c0f c85 cc8 c01 c00 c00 c<41> cc7 c84 c24 cac c08 c00 c00 c00 c00 c00 c00 c48 c89 cdf c57 c9d c0f c1f c44 c00 c