EXT4-fs error (device loop5): ext4_add_entry:2350: inode #2: comm syz-executor.5: Directory hole found for htree leaf block 0 EXT4-fs error (device loop5): ext4_add_entry:2350: inode #2: comm syz-executor.5: Directory hole found for htree leaf block 0 Module has invalid ELF structures watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.6:4205] Modules linked in: irq event stamp: 7092597 hardirqs last enabled at (7092596): [] asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635 hardirqs last disabled at (7092597): [] sysvec_apic_timer_interrupt+0xb/0xa0 arch/x86/kernel/apic/apic.c:1106 softirqs last enabled at (7081560): [] asm_call_irq_on_stack+0x12/0x20 softirqs last disabled at (7081563): [] asm_call_irq_on_stack+0x12/0x20 CPU: 0 PID: 4205 Comm: syz-executor.6 Not tainted 5.10.232 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__rhashtable_lookup+0x132/0x7d0 include/linux/rhashtable.h:594 Code: 89 b4 24 b8 00 00 00 48 c1 ea 03 48 89 04 24 48 8b 44 24 10 48 89 84 24 c0 00 00 00 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 <0f> 85 68 06 00 00 4d 8b 3e e8 10 e2 30 00 31 ff 89 c3 89 c6 e8 15 RSP: 0018:ffff88806ce09a60 EFLAGS: 00000246 RAX: dffffc0000000000 RBX: dffffc0000000000 RCX: 0000000000000000 RDX: 1ffff110091362d1 RSI: ffffffff83b580b3 RDI: ffff88806ce09b58 RBP: ffff888048ac4bc0 R08: 0000000000000000 R09: ffffffff8686a6e7 R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 R13: ffff8880489b0d00 R14: ffff8880489b1688 R15: ffff88806ce09d98 FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000555d8a1bd608 CR3: 00000000170b4000 CR4: 0000000000350ef0 Call Trace: rhltable_lookup include/linux/rhashtable.h:688 [inline] sta_info_hash_lookup net/mac80211/sta_info.c:162 [inline] sta_info_get_bss+0x12d/0x470 net/mac80211/sta_info.c:199 __ieee80211_rx_handle_packet net/mac80211/rx.c:4725 [inline] ieee80211_rx_list+0xdb0/0x2370 net/mac80211/rx.c:4846 ieee80211_rx_napi+0xdc/0x3c0 net/mac80211/rx.c:4867 ieee80211_rx include/net/mac80211.h:4502 [inline] ieee80211_tasklet_handler+0xd3/0x130 net/mac80211/main.c:237 tasklet_action_common.constprop.0+0x244/0x2f0 kernel/softirq.c:560 __do_softirq+0x1b8/0x7c9 kernel/softirq.c:298 asm_call_irq_on_stack+0x12/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0x80/0xa0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:393 [inline] __irq_exit_rcu kernel/softirq.c:423 [inline] irq_exit_rcu+0x114/0x1b0 kernel/softirq.c:435 sysvec_apic_timer_interrupt+0x43/0xa0 arch/x86/kernel/apic/apic.c:1106 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635 RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x0/0x20 kernel/kcov.c:291 Code: 2e 0f 1f 84 00 00 00 00 00 90 48 8b 0c 24 89 f2 89 fe bf 05 00 00 00 e9 ae fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 0c 24 48 89 f2 48 89 fe bf 07 00 00 00 e9 8c fe ff ff 66 66 RSP: 0018:ffff888048b07628 EFLAGS: 00000246 RAX: 1ffffd40001d9451 RBX: 0000000000000000 RCX: ffffffff8156f000 RDX: ffff88801a84b480 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 000000000000006e R08: 0000000000000001 R09: ffffea0000eca277 R10: 00000000000001fe R11: 0000000000000001 R12: dead000000000100 R13: dffffc0000000000 R14: ffff88800d5e7388 R15: ffffea0000eca280 compound_head include/linux/page-flags.h:187 [inline] release_pages+0xf6/0xc20 mm/swap.c:892 tlb_batch_pages_flush mm/mmu_gather.c:49 [inline] tlb_flush_mmu_free mm/mmu_gather.c:240 [inline] tlb_flush_mmu+0xe9/0x6e0 mm/mmu_gather.c:247 zap_pte_range mm/memory.c:1355 [inline] zap_pmd_range mm/memory.c:1404 [inline] zap_pud_range mm/memory.c:1433 [inline] zap_p4d_range mm/memory.c:1454 [inline] unmap_page_range+0x17d9/0x1fe0 mm/memory.c:1475 unmap_single_vma+0x198/0x300 mm/memory.c:1520 unmap_vmas+0x16d/0x300 mm/memory.c:1552 exit_mmap+0x27f/0x4f0 mm/mmap.c:3253 __mmput kernel/fork.c:1101 [inline] mmput+0xca/0x340 kernel/fork.c:1122 exit_mm kernel/exit.c:536 [inline] do_exit+0xa96/0x2600 kernel/exit.c:847 do_group_exit+0x125/0x310 kernel/exit.c:982 get_signal+0x4bc/0x2350 kernel/signal.c:2762 arch_do_signal_or_restart+0x2b7/0x1990 arch/x86/kernel/signal.c:805 handle_signal_work kernel/entry/common.c:145 [inline] exit_to_user_mode_loop kernel/entry/common.c:169 [inline] exit_to_user_mode_prepare+0x10f/0x190 kernel/entry/common.c:199 syscall_exit_to_user_mode+0x38/0x1d0 kernel/entry/common.c:274 entry_SYSCALL_64_after_hwframe+0x67/0xd1 RIP: 0033:0x7fe261924b19 Code: Unable to access opcode bytes at RIP 0x7fe261924aef. RSP: 002b:00007fe25ee9a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007fe261a37f68 RCX: 00007fe261924b19 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe261a37f68 RBP: 00007fe261a37f60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe261a37f6c R13: 00007fffdad5fc1f R14: 00007fe25ee9a300 R15: 0000000000022000 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline] NMI backtrace for cpu 1 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline] NMI backtrace for cpu 1 skipped: idling at default_idle+0xe/0x20 arch/x86/kernel/process.c:706 ---------------- Code disassembly (best guess): 0: 89 b4 24 b8 00 00 00 mov %esi,0xb8(%rsp) 7: 48 c1 ea 03 shr $0x3,%rdx b: 48 89 04 24 mov %rax,(%rsp) f: 48 8b 44 24 10 mov 0x10(%rsp),%rax 14: 48 89 84 24 c0 00 00 mov %rax,0xc0(%rsp) 1b: 00 1c: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 23: fc ff df 26: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) * 2a: 0f 85 68 06 00 00 jne 0x698 <-- trapping instruction 30: 4d 8b 3e mov (%r14),%r15 33: e8 10 e2 30 00 callq 0x30e248 38: 31 ff xor %edi,%edi 3a: 89 c3 mov %eax,%ebx 3c: 89 c6 mov %eax,%esi 3e: e8 .byte 0xe8 3f: 15 .byte 0x15