======================================================
WARNING: possible circular locking dependency detected
5.19.0-rc5-next-20220706 #1 Not tainted
------------------------------------------------------
syz-executor.6/6031 is trying to acquire lock:
ffffffff852b4880 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc+0x3b/0x490

but task is already holding lock:
ffff88806ce345c0 (lock#2){..-.}-{2:2}, at: get_page_from_freelist+0x457/0x2cf0

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (lock#2){..-.}-{2:2}:
       free_unref_page_list+0x2c3/0xe30
       shrink_page_list+0x23f7/0x2e70
       shrink_lruvec+0xbd0/0x22b0
       shrink_node+0x829/0x1d10
       balance_pgdat+0x8bb/0x1490
       kswapd+0x72f/0xe80
       kthread+0x2ed/0x3a0
       ret_from_fork+0x22/0x30

-> #0 (fs_reclaim){+.+.}-{0:0}:
       __lock_acquire+0x29fe/0x5e70
       lock_acquire+0x1a2/0x530
       fs_reclaim_acquire+0x115/0x160
       kmem_cache_alloc+0x3b/0x490
       __create_object.isra.0+0x3d/0xc10
       __kmalloc_node_track_caller+0x278/0x470
       __alloc_skb+0xdd/0x340
       alloc_skb_with_frags+0x92/0x620
       sock_alloc_send_pskb+0x7ca/0x950
       __ip_append_data+0x1662/0x35d0
       ip_make_skb+0x226/0x2a0
       udp_sendmsg+0x1907/0x20f0
       udpv6_sendmsg+0x1709/0x2940
       inet6_sendmsg+0xfd/0x140
       sock_sendmsg+0xee/0x190
       ____sys_sendmsg+0x337/0x870
       ___sys_sendmsg+0xf3/0x170
       __sys_sendmmsg+0x195/0x470
       __x64_sys_sendmmsg+0x99/0x100
       do_syscall_64+0x3b/0x90
       entry_SYSCALL_64_after_hwframe+0x46/0xb0

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(lock#2);
                               lock(fs_reclaim);
                               lock(lock#2);
  lock(fs_reclaim);

 *** DEADLOCK ***

1 lock held by syz-executor.6/6031:
 #0: ffff88806ce345c0 (lock#2){..-.}-{2:2}, at: get_page_from_freelist+0x457/0x2cf0

stack backtrace:
CPU: 0 PID: 6031 Comm: syz-executor.6 Not tainted 5.19.0-rc5-next-20220706 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x8b/0xb3
 check_noncircular+0x25f/0x2e0
 __lock_acquire+0x29fe/0x5e70
 lock_acquire+0x1a2/0x530
 fs_reclaim_acquire+0x115/0x160
 kmem_cache_alloc+0x3b/0x490
 __create_object.isra.0+0x3d/0xc10
 __kmalloc_node_track_caller+0x278/0x470
 __alloc_skb+0xdd/0x340
 alloc_skb_with_frags+0x92/0x620
 sock_alloc_send_pskb+0x7ca/0x950
 __ip_append_data+0x1662/0x35d0
 ip_make_skb+0x226/0x2a0
 udp_sendmsg+0x1907/0x20f0
 udpv6_sendmsg+0x1709/0x2940
 inet6_sendmsg+0xfd/0x140
 sock_sendmsg+0xee/0x190
 ____sys_sendmsg+0x337/0x870
 ___sys_sendmsg+0xf3/0x170
 __sys_sendmmsg+0x195/0x470
 __x64_sys_sendmmsg+0x99/0x100
 do_syscall_64+0x3b/0x90
 entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fdf3fa4ab19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdf3cfc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 00007fdf3fb5df60 RCX: 00007fdf3fa4ab19
RDX: 0000000004000101 RSI: 0000000020002880 RDI: 0000000000000006
RBP: 00007fdf3faa4f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffbdcad30f R14: 00007fdf3cfc0300 R15: 0000000000022000
 </TASK>
BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274
in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 6031, name: syz-executor.6
preempt_count: 0, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
irq event stamp: 37748
hardirqs last  enabled at (37747): [<ffffffff84200ccb>] asm_sysvec_apic_timer_interrupt+0x1b/0x20
hardirqs last disabled at (37748): [<ffffffff81702164>] get_page_from_freelist+0x1734/0x2cf0
softirqs last  enabled at (37618): [<ffffffff81168a63>] __irq_exit_rcu+0x113/0x170
softirqs last disabled at (37597): [<ffffffff81168a63>] __irq_exit_rcu+0x113/0x170
CPU: 0 PID: 6031 Comm: syz-executor.6 Not tainted 5.19.0-rc5-next-20220706 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x8b/0xb3
 __might_resched.cold+0x222/0x26b
 kmem_cache_alloc+0x35c/0x490
 __create_object.isra.0+0x3d/0xc10
 __kmalloc_node_track_caller+0x278/0x470
 __alloc_skb+0xdd/0x340
 alloc_skb_with_frags+0x92/0x620
 sock_alloc_send_pskb+0x7ca/0x950
 __ip_append_data+0x1662/0x35d0
 ip_make_skb+0x226/0x2a0
 udp_sendmsg+0x1907/0x20f0
 udpv6_sendmsg+0x1709/0x2940
 inet6_sendmsg+0xfd/0x140
 sock_sendmsg+0xee/0x190
 ____sys_sendmsg+0x337/0x870
 ___sys_sendmsg+0xf3/0x170
 __sys_sendmmsg+0x195/0x470
 __x64_sys_sendmmsg+0x99/0x100
 do_syscall_64+0x3b/0x90
 entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fdf3fa4ab19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdf3cfc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 00007fdf3fb5df60 RCX: 00007fdf3fa4ab19
RDX: 0000000004000101 RSI: 0000000020002880 RDI: 0000000000000006
RBP: 00007fdf3faa4f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffbdcad30f R14: 00007fdf3cfc0300 R15: 0000000000022000
 </TASK>
syz-executor.5 (6035) used greatest stack depth: 22896 bytes left
syz-executor.4 (6021) used greatest stack depth: 22744 bytes left
syz-executor.6 (6031) used greatest stack depth: 22512 bytes left
syz-executor.6 (6050) used greatest stack depth: 22472 bytes left
syz-executor.4 (6059) used greatest stack depth: 22424 bytes left
ieee80211 phy24: Selected rate control algorithm 'minstrel_ht'
EXT4-fs (sda): re-mounted. Quota mode: none.
EXT4-fs (sda): re-mounted. Quota mode: none.
ieee80211 phy25: Selected rate control algorithm 'minstrel_ht'
ieee80211 phy26: Selected rate control algorithm 'minstrel_ht'
blktrace: Concurrent blktraces are not allowed on sg0
ieee80211 phy27: Selected rate control algorithm 'minstrel_ht'
EXT4-fs (sda): can't enable nombcache during remount
EXT4-fs (sda): can't enable nombcache during remount
EXT4-fs (sda): can't enable nombcache during remount
EXT4-fs (sda): can't enable nombcache during remount
EXT4-fs (sda): can't enable nombcache during remount
hugetlbfs: Bad value 'm' for mount option 'nr_inodes'

hugetlbfs: Bad value 'm' for mount option 'nr_inodes'

sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
   program syz-executor.3 not setting count and/or reply_len properly
sg_write: data in/out 524252/251 bytes for SCSI command 0x0-- guessing data in;
   program syz-executor.3 not setting count and/or reply_len properly
audit: type=1326 audit(1657110663.595:18): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=6559 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdf3fa4ab19 code=0x0
loop0: detected capacity change from 0 to 81920
audit: type=1326 audit(1657110664.427:19): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=6559 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdf3fa4ab19 code=0x0
loop0: detected capacity change from 0 to 81920
loop0: detected capacity change from 0 to 81920
loop1: detected capacity change from 0 to 81920
loop1: detected capacity change from 0 to 81920