EXT4-fs (loop4): unmounting filesystem. ================================ WARNING: inconsistent lock state 5.19.0-rc5-next-20220706 #1 Not tainted -------------------------------- inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage. systemd-udevd/127 [HC0[0]:SC0[0]:HE0:SE1] takes: ffff88806cf345c0 (lock#2){+.?.}-{2:2}, at: get_page_from_freelist+0x457/0x2cf0 {IN-SOFTIRQ-W} state was registered at: lock_acquire+0x1a2/0x530 free_unref_page+0x1f3/0x6f0 bio_free_pages+0x10a/0x220 bio_copy_kern_endio_read+0x62/0x340 bio_endio+0x58e/0x710 blk_update_request+0x394/0x1180 scsi_end_request+0x7a/0x9a0 scsi_io_completion+0xbc/0x1d20 scsi_complete+0x114/0x560 blk_complete_reqs+0xb2/0xf0 __do_softirq+0x1c8/0x8cc run_ksoftirqd+0x2d/0x60 smpboot_thread_fn+0x66f/0xa00 kthread+0x2ed/0x3a0 ret_from_fork+0x22/0x30 irq event stamp: 6557312 hardirqs last enabled at (6557311): [] __alloc_pages_slowpath.constprop.0+0x160d/0x2180 hardirqs last disabled at (6557312): [] get_page_from_freelist+0x1734/0x2cf0 softirqs last enabled at (6556660): [] __irq_exit_rcu+0x113/0x170 softirqs last disabled at (6556655): [] __irq_exit_rcu+0x113/0x170 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(lock#2); lock(lock#2); *** DEADLOCK *** 2 locks held by systemd-udevd/127: #0: ffff88800b9605a0 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0x14f5/0x2270 #1: ffff88806cf345c0 (lock#2){+.?.}-{2:2}, at: get_page_from_freelist+0x457/0x2cf0 stack backtrace: CPU: 1 PID: 127 Comm: systemd-udevd Not tainted 5.19.0-rc5-next-20220706 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 mark_lock.part.0.cold+0x3f/0x151 mark_held_locks+0x9e/0xe0 lockdep_hardirqs_on_prepare+0x28b/0x400 trace_hardirqs_on+0x2d/0x110 charge_memcg+0x206/0x2c0 __mem_cgroup_charge+0x24/0x80 __filemap_add_folio+0x5de/0x11e0 filemap_add_folio+0x9b/0x1b0 __filemap_get_folio+0x385/0xd80 filemap_fault+0x1535/0x2270 __do_fault+0x10d/0x590 __handle_mm_fault+0x135a/0x34f0 handle_mm_fault+0x2e6/0xa10 do_user_addr_fault+0x536/0x1300 exc_page_fault+0x98/0x1a0 asm_exc_page_fault+0x27/0x30 RIP: 0033:0x7f2e84808a41 Code: 3e e9 9c fe ff ff 49 8d 04 1f e9 93 fe ff ff e8 f5 eb 07 00 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 53 48 81 ec 28 01 00 00 <0f> b6 1e 64 48 8b 04 25 28 00 00 00 48 89 84 24 18 01 00 00 31 c0 RSP: 002b:00007ffccbd15f10 EFLAGS: 00010202 RAX: 000055c6042f47f0 RBX: 000055c6031d8334 RCX: 0000000000000000 RDX: 0000000000000008 RSI: 00007f2e84904f65 RDI: 000055c6031d8335 RBP: 000055c6042f47f0 R08: 0000000000000008 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000246 R12: 000055c6042f47f0 R13: 000055c6042f47f0 R14: 0000000000000001 R15: 000055c60433ae00 syz-executor.1 (7441) used greatest stack depth: 23200 bytes left loop4: detected capacity change from 0 to 512 EXT4-fs error (device loop4): __ext4_fill_super:5235: inode #2: comm syz-executor.4: casefold flag without casefold feature EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. EXT4-fs (loop4): unmounting filesystem. syz-executor.7 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000 CPU: 0 PID: 7499 Comm: syz-executor.7 Not tainted 5.19.0-rc5-next-20220706 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11e7/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a72/0x2180 __alloc_pages+0x421/0x4f0 alloc_pages+0x1a0/0x2f0 __vmalloc_node_range+0x8d9/0x1400 __vmalloc_node+0xa8/0xf0 packet_set_ring+0xaeb/0x1950 packet_setsockopt+0x1b56/0x3cc0 __sys_setsockopt+0x180/0x2a0 __x64_sys_setsockopt+0xba/0x150 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7efd3f2e3b19 Code: Unable to access opcode bytes at RIP 0x7efd3f2e3aef. RSP: 002b:00007efd3c859188 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007efd3f3f6f60 RCX: 00007efd3f2e3b19 RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000003 RBP: 00007efd3f33df6d R08: 0000000000000010 R09: 0000000000000000 R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fff6592441f R14: 00007efd3c859300 R15: 0000000000022000 Mem-Info: active_anon:9334 inactive_anon:39422 isolated_anon:0 active_file:41 inactive_file:17 isolated_file:0 unevictable:0 dirty:0 writeback:0 slab_reclaimable:7551 slab_unreclaimable:63705 mapped:69644 shmem:8318 pagetables:1503 bounce:0 kernel_misc_reclaimable:0 free:2807 free_pcp:62 free_cma:0 Node 0 active_anon:37336kB inactive_anon:157688kB active_file:80kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:278576kB dirty:0kB writeback:0kB shmem:33272kB writeback_tmp:0kB kernel_stack:4864kB pagetables:6012kB all_unreclaimable? no Node 0 DMA free:6500kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1615 1615 1615 Node 0 DMA32 free:4728kB boost:0kB min:5120kB low:6772kB high:8424kB reserved_highatomic:0KB active_anon:37336kB inactive_anon:157688kB active_file:228kB inactive_file:92kB unevictable:0kB writepending:0kB present:2080640kB managed:1658292kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 1*256kB (U) 0*512kB 0*1024kB 1*2048kB (M) 1*4096kB (M) = 6500kB Node 0 DMA32: 729*4kB (UME) 129*8kB (UM) 30*16kB (UM) 11*32kB (UM) 1*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4844kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 8384 total pagecache pages 0 pages in swap cache Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 105745 pages reserved Unreclaimable slab info: Name Used Total pid_3 11KB 11KB pid_2 40KB 67KB IEEE-802.15.4-MAC 63KB 63KB IEEE-802.15.4-RAW 63KB 63KB fib6_nodes 28KB 28KB ip6_dst_cache 30KB 30KB RAWv6 126KB 126KB UDPLITEv6 62KB 62KB UDPv6 62KB 62KB tw_sock_TCPv6 7KB 7KB TCPv6 62KB 62KB scsi_sense_cache 8KB 8KB virtio_scsi_cmd 16KB 16KB bio-120 7KB 7KB sgpool-128 127KB 297KB sgpool-64 63KB 63KB sgpool-32 81KB 141KB sgpool-16 37KB 75KB sgpool-8 71KB 71KB io_kiocb 37KB 37KB mqueue_inode_cache 60KB 60KB nfs_commit_data 15KB 15KB nfs_write_data 47KB 47KB jbd2_inode 11KB 11KB ext4_system_zone 7KB 7KB ext4_io_end_vec 7KB 7KB ext4_bio_post_read_ctx 15KB 15KB kioctx 31KB 31KB aio_kiocb 7KB 7KB fasync_cache 7KB 7KB pid_namespace 11KB 11KB posix_timers_cache 15KB 15KB rpc_buffers 31KB 31KB rpc_tasks 3KB 3KB UNIX-STREAM 204KB 320KB UNIX 164KB 256KB ip4-frags 15KB 15KB UDP-Lite 63KB 63KB tcp_bind_bucket 8KB 8KB inet_peer_cache 4KB 4KB ip_fib_trie 8KB 8KB ip_fib_alias 15KB 15KB ip_dst_cache 36KB 36KB RAW 62KB 62KB UDP 189KB 189KB request_sock_TCP 15KB 15KB TCP 58KB 58KB hugetlbfs_inode_cache 31KB 31KB bio-248 11KB 11KB ep_head 8KB 8KB eventpoll_pwq 19KB 19KB eventpoll_epi 35KB 35KB inotify_inode_mark 42KB 42KB request_queue 63KB 63KB blkdev_ioc 8KB 8KB bio-184 36KB 36KB biovec-max 867KB 867KB biovec-64 247KB 283KB biovec-16 41KB 41KB uid_cache 7KB 7KB dmaengine-unmap-2 4KB 4KB audit_buffer 7KB 7KB skbuff_fclone_cache 322KB 322KB skbuff_head_cache 453KB 453KB file_lock_cache 39KB 39KB file_lock_ctx 7KB 7KB fsnotify_mark_connector 28KB 28KB taskstats 37KB 79KB proc_dir_entry 375KB 375KB pde_opener 7KB 7KB seq_file 60KB 60KB sigqueue 27KB 43KB shmem_inode_cache 1488KB 1577KB kernfs_iattrs_cache 250KB 250KB kernfs_node_cache 5470KB 5484KB mnt_cache 226KB 236KB filp 2846KB 2962KB names_cache 21611KB 22104KB net_namespace 95KB 95KB hashtab_node 274KB 274KB ebitmap_node 1149KB 1149KB avtab_node 4976KB 4976KB avc_node 31KB 31KB lsm_inode_cache 2678KB 3142KB lsm_file_cache 147KB 152KB key_jar 39KB 39KB uts_namespace 15KB 15KB nsproxy 15KB 15KB vm_area_struct 905KB 1169KB mm_struct 239KB 283KB fs_cache 27KB 44KB files_cache 165KB 191KB signal_cache 291KB 394KB sighand_cache 390KB 390KB task_struct 1357KB 1605KB cred_jar 216KB 216KB anon_vma_chain 233KB 279KB anon_vma 301KB 304KB pid 65KB 71KB Acpi-Operand 95KB 154KB Acpi-ParseExt 31KB 31KB Acpi-Parse 43KB 59KB Acpi-State 47KB 63KB Acpi-Namespace 28KB 28KB numa_policy 7KB 7KB perf_event 158KB 254KB trace_event_file 175KB 175KB ftrace_event_field 308KB 308KB pool_workqueue 32KB 32KB maple_node 532KB 1176KB task_group 16KB 16KB vmap_area 57KB 70KB page->ptl 206KB 255KB kmemleak_scan_area 36KB 51KB kmemleak_object 134002KB 148199KB kmalloc-cg-8k 224KB 224KB kmalloc-cg-4k 3280KB 3352KB kmalloc-cg-2k 1968KB 2112KB kmalloc-cg-1k 514KB 544KB kmalloc-cg-512 308KB 320KB kmalloc-cg-256 64KB 64KB kmalloc-cg-192 44KB 44KB kmalloc-cg-128 40KB 40KB kmalloc-cg-96 40KB 40KB kmalloc-cg-64 28KB 28KB kmalloc-cg-32 60KB 72KB kmalloc-cg-16 16KB 16KB kmalloc-cg-8 27KB 27KB kmalloc-8k 5504KB 5536KB kmalloc-4k 7584KB 7920KB kmalloc-2k 3388KB 3584KB kmalloc-1k 3492KB 3616KB kmalloc-512 2455KB 2592KB kmalloc-256 1041KB 1088KB kmalloc-192 462KB 556KB kmalloc-128 336KB 360KB kmalloc-96 339KB 416KB kmalloc-64 1051KB 1220KB kmalloc-32 458KB 504KB kmalloc-16 324KB 368KB kmalloc-8 269KB 278KB kmem_cache_node 51KB 51KB kmem_cache 78KB 78KB oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz7,mems_allowed=0,global_oom,task_memcg=/syz7,task=syz-executor.7,pid=7499,uid=0 Out of memory (oom_kill_allocating_task): Killed process 7498 (syz-executor.7) total-vm:93412kB, anon-rss:384kB, file-rss:34076kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 netlink: 'syz-executor.4': attribute type 309 has an invalid length. loop6: detected capacity change from 0 to 512 EXT4-fs error (device loop6): __ext4_fill_super:5235: inode #2: comm syz-executor.6: iget: root inode unallocated EXT4-fs (loop6): get root inode failed EXT4-fs (loop6): mount failed loop6: detected capacity change from 0 to 512 EXT4-fs error (device loop6): __ext4_fill_super:5235: inode #2: comm syz-executor.6: iget: root inode unallocated EXT4-fs (loop6): get root inode failed EXT4-fs (loop6): mount failed loop6: detected capacity change from 0 to 512 EXT4-fs error (device loop6): __ext4_fill_super:5235: inode #2: comm syz-executor.6: iget: root inode unallocated EXT4-fs (loop6): get root inode failed EXT4-fs (loop6): mount failed loop6: detected capacity change from 0 to 512 EXT4-fs error (device loop6): __ext4_fill_super:5235: inode #2: comm syz-executor.6: iget: root inode unallocated EXT4-fs (loop6): get root inode failed EXT4-fs (loop6): mount failed netlink: 'syz-executor.4': attribute type 309 has an invalid length. loop6: detected capacity change from 0 to 512 netlink: 'syz-executor.5': attribute type 309 has an invalid length. EXT4-fs error (device loop6): __ext4_fill_super:5235: inode #2: comm syz-executor.6: iget: root inode unallocated EXT4-fs (loop6): get root inode failed EXT4-fs (loop6): mount failed netlink: 'syz-executor.4': attribute type 309 has an invalid length. netlink: 'syz-executor.5': attribute type 309 has an invalid length. Invalid option length (422) for dns_resolver key random: crng reseeded on system resumption Restarting kernel threads ... Invalid option length (422) for dns_resolver key Process accounting resumed done. Process accounting resumed random: crng reseeded on system resumption Restarting kernel threads ... done. Invalid option length (422) for dns_resolver key Process accounting resumed random: crng reseeded on system resumption Invalid option length (422) for dns_resolver key Restarting kernel threads ... done. Process accounting resumed Process accounting resumed random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done. Process accounting resumed random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done. Process accounting resumed Process accounting resumed random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done. random: crng reseeded on system resumption Restarting kernel threads ... done.