FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) ====================================================== WARNING: possible circular locking dependency detected 5.10.45 #1 Not tainted ------------------------------------------------------ kswapd0/55 is trying to acquire lock: ffff88800f7128e0 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf94/0x1390 fs/jbd2/transaction.c:449 but task is already holding lock: ffffffff84e8f340 (fs_reclaim){+.+.}-{0:0}, at: __fs_reclaim_acquire+0x0/0x30 include/linux/mm.h:907 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (fs_reclaim){+.+.}-{0:0}: __fs_reclaim_acquire mm/page_alloc.c:4296 [inline] fs_reclaim_acquire+0xc1/0xf0 mm/page_alloc.c:4307 slab_pre_alloc_hook mm/slab.h:511 [inline] slab_alloc_node mm/slub.c:2813 [inline] __kmalloc_node+0x5c/0x4b0 mm/slub.c:4011 kmalloc_node include/linux/slab.h:575 [inline] kvmalloc_node+0x61/0xf0 mm/util.c:575 kvmalloc include/linux/mm.h:765 [inline] ext4_xattr_inode_cache_find fs/ext4/xattr.c:1465 [inline] ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1508 [inline] ext4_xattr_set_entry+0x1e12/0x3880 fs/ext4/xattr.c:1649 ext4_xattr_ibody_set+0x78/0x2b0 fs/ext4/xattr.c:2225 ext4_xattr_set_handle+0x947/0x1310 fs/ext4/xattr.c:2382 ext4_xattr_set+0x13a/0x340 fs/ext4/xattr.c:2495 ext4_xattr_user_set+0xbc/0x100 fs/ext4/xattr_user.c:40 __vfs_setxattr+0x10f/0x170 fs/xattr.c:177 __vfs_setxattr_noperm+0x11a/0x4c0 fs/xattr.c:208 __vfs_setxattr_locked+0x1bf/0x250 fs/xattr.c:266 vfs_setxattr+0xe8/0x270 fs/xattr.c:283 setxattr+0x23d/0x330 fs/xattr.c:548 path_setxattr+0x170/0x190 fs/xattr.c:567 __do_sys_setxattr fs/xattr.c:582 [inline] __se_sys_setxattr fs/xattr.c:578 [inline] __x64_sys_setxattr+0xc0/0x160 fs/xattr.c:578 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> #1 (&ei->xattr_sem){++++}-{3:3}: down_write+0x92/0x150 kernel/locking/rwsem.c:1557 ext4_write_lock_xattr fs/ext4/xattr.h:142 [inline] ext4_xattr_set_handle+0x15e/0x1310 fs/ext4/xattr.c:2309 ext4_xattr_set+0x13a/0x340 fs/ext4/xattr.c:2495 __vfs_setxattr+0x10f/0x170 fs/xattr.c:177 __vfs_setxattr_noperm+0x11a/0x4c0 fs/xattr.c:208 __vfs_setxattr_locked+0x1bf/0x250 fs/xattr.c:266 vfs_setxattr+0xe8/0x270 fs/xattr.c:283 setxattr+0x23d/0x330 fs/xattr.c:548 path_setxattr+0x170/0x190 fs/xattr.c:567 __do_sys_lsetxattr fs/xattr.c:589 [inline] __se_sys_lsetxattr fs/xattr.c:585 [inline] __x64_sys_lsetxattr+0xbd/0x150 fs/xattr.c:585 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> #0 (jbd2_handle){++++}-{0:0}: check_prev_add kernel/locking/lockdep.c:2869 [inline] check_prevs_add kernel/locking/lockdep.c:2994 [inline] validate_chain kernel/locking/lockdep.c:3609 [inline] __lock_acquire+0x2a48/0x5a80 kernel/locking/lockdep.c:4834 lock_acquire kernel/locking/lockdep.c:5444 [inline] lock_acquire+0x197/0x6c0 kernel/locking/lockdep.c:5409 start_this_handle+0xfc7/0x1390 fs/jbd2/transaction.c:451 jbd2__journal_start+0x38c/0x880 fs/jbd2/transaction.c:508 __ext4_journal_start_sb+0x210/0x420 fs/ext4/ext4_jbd2.c:105 __ext4_journal_start fs/ext4/ext4_jbd2.h:328 [inline] ext4_dirty_inode+0xbc/0x130 fs/ext4/inode.c:5949 __mark_inode_dirty+0x9a4/0x1020 fs/fs-writeback.c:2262 mark_inode_dirty_sync include/linux/fs.h:2188 [inline] iput.part.0+0x57/0x780 fs/inode.c:1679 iput+0x58/0x70 fs/inode.c:1672 dentry_unlink_inode+0x2b4/0x3e0 fs/dcache.c:374 __dentry_kill+0x36f/0x5c0 fs/dcache.c:579 shrink_dentry_list+0x14b/0x490 fs/dcache.c:1141 prune_dcache_sb+0xe7/0x140 fs/dcache.c:1222 super_cache_scan+0x331/0x580 fs/super.c:105 do_shrink_slab+0x3bc/0x8d0 mm/vmscan.c:513 shrink_slab+0x16f/0x600 mm/vmscan.c:674 shrink_node_memcgs mm/vmscan.c:2654 [inline] shrink_node+0x8a7/0x1cf0 mm/vmscan.c:2769 kswapd_shrink_node mm/vmscan.c:3512 [inline] balance_pgdat+0x71e/0x11a0 mm/vmscan.c:3670 kswapd+0x58c/0xc80 mm/vmscan.c:3927 kthread+0x38f/0x470 kernel/kthread.c:292 ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:296 other info that might help us debug this: Chain exists of: jbd2_handle --> &ei->xattr_sem --> fs_reclaim Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(fs_reclaim); lock(&ei->xattr_sem); lock(fs_reclaim); lock(jbd2_handle); *** DEADLOCK *** 3 locks held by kswapd0/55: #0: ffffffff84e8f340 (fs_reclaim){+.+.}-{0:0}, at: __fs_reclaim_acquire+0x0/0x30 include/linux/mm.h:907 #1: ffffffff84e6ba90 (shrinker_rwsem){++++}-{3:3}, at: shrink_slab+0xc7/0x600 mm/vmscan.c:664 #2: ffff88800f6fe0e0 (&type->s_umount_key#42){++++}-{3:3}, at: trylock_super fs/super.c:418 [inline] #2: ffff88800f6fe0e0 (&type->s_umount_key#42){++++}-{3:3}, at: super_cache_scan+0x71/0x580 fs/super.c:80 stack backtrace: CPU: 0 PID: 55 Comm: kswapd0 Not tainted 5.10.45 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x163 lib/dump_stack.c:118 check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2118 check_prev_add kernel/locking/lockdep.c:2869 [inline] check_prevs_add kernel/locking/lockdep.c:2994 [inline] validate_chain kernel/locking/lockdep.c:3609 [inline] __lock_acquire+0x2a48/0x5a80 kernel/locking/lockdep.c:4834 lock_acquire kernel/locking/lockdep.c:5444 [inline] lock_acquire+0x197/0x6c0 kernel/locking/lockdep.c:5409 start_this_handle+0xfc7/0x1390 fs/jbd2/transaction.c:451 jbd2__journal_start+0x38c/0x880 fs/jbd2/transaction.c:508 __ext4_journal_start_sb+0x210/0x420 fs/ext4/ext4_jbd2.c:105 __ext4_journal_start fs/ext4/ext4_jbd2.h:328 [inline] ext4_dirty_inode+0xbc/0x130 fs/ext4/inode.c:5949 __mark_inode_dirty+0x9a4/0x1020 fs/fs-writeback.c:2262 mark_inode_dirty_sync include/linux/fs.h:2188 [inline] iput.part.0+0x57/0x780 fs/inode.c:1679 iput+0x58/0x70 fs/inode.c:1672 dentry_unlink_inode+0x2b4/0x3e0 fs/dcache.c:374 __dentry_kill+0x36f/0x5c0 fs/dcache.c:579 shrink_dentry_list+0x14b/0x490 fs/dcache.c:1141 prune_dcache_sb+0xe7/0x140 fs/dcache.c:1222 super_cache_scan+0x331/0x580 fs/super.c:105 do_shrink_slab+0x3bc/0x8d0 mm/vmscan.c:513 shrink_slab+0x16f/0x600 mm/vmscan.c:674 shrink_node_memcgs mm/vmscan.c:2654 [inline] shrink_node+0x8a7/0x1cf0 mm/vmscan.c:2769 kswapd_shrink_node mm/vmscan.c:3512 [inline] balance_pgdat+0x71e/0x11a0 mm/vmscan.c:3670 kswapd+0x58c/0xc80 mm/vmscan.c:3927 kthread+0x38f/0x470 kernel/kthread.c:292 ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:296 syz-executor.6 invoked oom-killer: gfp_mask=0x100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), order=0, oom_score_adj=1000 CPU: 1 PID: 9074 Comm: syz-executor.6 Not tainted 5.10.45 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x163 lib/dump_stack.c:118 dump_header+0x106/0x613 mm/oom_kill.c:461 oom_kill_process.cold+0x10/0x15 mm/oom_kill.c:978 out_of_memory mm/oom_kill.c:1097 [inline] out_of_memory+0x10f9/0x13f0 mm/oom_kill.c:1047 __alloc_pages_may_oom mm/page_alloc.c:4074 [inline] __alloc_pages_slowpath.constprop.0+0x1bbf/0x2210 mm/page_alloc.c:4804 __alloc_pages_nodemask+0x558/0x680 mm/page_alloc.c:4970 alloc_pages_vma+0xbb/0x410 mm/mempolicy.c:2234 alloc_zeroed_user_highpage_movable include/linux/highmem.h:277 [inline] do_anonymous_page mm/memory.c:3541 [inline] handle_pte_fault mm/memory.c:4391 [inline] __handle_mm_fault mm/memory.c:4528 [inline] handle_mm_fault+0x1558/0x3530 mm/memory.c:4626 do_user_addr_fault+0x6d6/0xc30 arch/x86/mm/fault.c:1379 handle_page_fault arch/x86/mm/fault.c:1436 [inline] exc_page_fault+0xa2/0x1a0 arch/x86/mm/fault.c:1492 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:580 RIP: 0010:__clear_user+0x40/0x70 arch/x86/lib/usercopy_64.c:24 Code: 0b 3d 84 e8 02 da 5f ff 0f 01 cb 48 89 d8 48 c1 eb 03 48 89 ef 83 e0 07 48 89 d9 48 85 c9 74 19 66 2e 0f 1f 84 00 00 00 00 00 <48> c7 07 00 00 00 00 48 83 c7 08 ff c9 75 f1 48 89 c1 85 c9 74 0a RSP: 0018:ffff888053027dd0 EFLAGS: 00050202 RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000000058 RDX: 0000000000040000 RSI: ffffffff81fde8de RDI: 0000000020521000 RBP: 00000000205202c0 R08: 0000000000000000 R09: ffffffff8544f08f R10: 0000000000000000 R11: 0000000000000001 R12: 00000000205202c0 R13: 00007ffffffff000 R14: 0000000000000000 R15: 0000000000000000 clear_user+0xf3/0x130 arch/x86/lib/usercopy_64.c:54 read_zero+0x71/0x140 drivers/char/mem.c:738 vfs_read+0x228/0x580 fs/read_write.c:494 ksys_pread64 fs/read_write.c:686 [inline] __do_sys_pread64 fs/read_write.c:696 [inline] __se_sys_pread64 fs/read_write.c:693 [inline] __x64_sys_pread64+0x1fd/0x250 fs/read_write.c:693 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x466609 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fe4eceb3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 RDX: 000000002000031b RSI: 00000000200002c0 RDI: 0000000000000003 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 R13: 00007ffcfe8c629f R14: 00007fe4eceb3300 R15: 0000000000022000 Mem-Info: active_anon:12606 inactive_anon:187835 isolated_anon:0 active_file:26 inactive_file:269 isolated_file:0 unevictable:0 dirty:9 writeback:1 slab_reclaimable:7137 slab_unreclaimable:59404 mapped:70043 shmem:2100 pagetables:5597 bounce:0 free:3502 free_pcp:186 free_cma:0 Node 0 active_anon:50424kB inactive_anon:751424kB active_file:188kB inactive_file:904kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:280172kB dirty:36kB writeback:4kB shmem:8400kB writeback_tmp:0kB kernel_stack:11072kB all_unreclaimable? yes Node 0 DMA free:6532kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:9264kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:28kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1621 1621 1621 Node 0 DMA32 free:7476kB min:5124kB low:6784kB high:8444kB reserved_highatomic:2048KB active_anon:50424kB inactive_anon:741908kB active_file:280kB inactive_file:228kB unevictable:0kB writepending:40kB present:2080640kB managed:1665488kB mlocked:0kB pagetables:22360kB bounce:0kB free_pcp:1088kB local_pcp:500kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (E) 6*8kB (UE) 5*16kB (UME) 6*32kB (UE) 5*64kB (UME) 4*128kB (UME) 3*256kB (UME) 3*512kB (UME) 1*1024kB (E) 1*2048kB (E) 0*4096kB = 6532kB Node 0 DMA32: 258*4kB (UMEH) 165*8kB (UMEH) 73*16kB (ME) 98*32kB (UMEH) 15*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7616kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2430 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 103809 pages reserved oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.6,pid=9074,uid=0 Out of memory (oom_kill_allocating_task): Killed process 9069 (syz-executor.6) total-vm:85324kB, anon-rss:5160kB, file-rss:34800kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 oom_reaper: reaped process 9069 (syz-executor.6), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB systemd-udevd invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=-1000 CPU: 0 PID: 113 Comm: systemd-udevd Not tainted 5.10.45 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x163 lib/dump_stack.c:118 dump_header+0x106/0x613 mm/oom_kill.c:461 oom_kill_process.cold+0x10/0x15 mm/oom_kill.c:978 out_of_memory mm/oom_kill.c:1115 [inline] out_of_memory+0x358/0x13f0 mm/oom_kill.c:1047 __alloc_pages_may_oom mm/page_alloc.c:4074 [inline] __alloc_pages_slowpath.constprop.0+0x1bbf/0x2210 mm/page_alloc.c:4804 __alloc_pages_nodemask+0x558/0x680 mm/page_alloc.c:4970 alloc_pages_current+0x187/0x280 mm/mempolicy.c:2271 alloc_pages include/linux/gfp.h:547 [inline] __page_cache_alloc mm/filemap.c:981 [inline] __page_cache_alloc+0x2ce/0x360 mm/filemap.c:966 pagecache_get_page+0x2c3/0xc80 mm/filemap.c:1840 filemap_fault+0x1822/0x2220 mm/filemap.c:2747 ext4_filemap_fault+0x87/0xc0 fs/ext4/inode.c:6203 __do_fault+0x113/0x410 mm/memory.c:3631 do_read_fault mm/memory.c:4025 [inline] do_fault mm/memory.c:4153 [inline] handle_pte_fault mm/memory.c:4393 [inline] __handle_mm_fault mm/memory.c:4528 [inline] handle_mm_fault+0x1e7f/0x3530 mm/memory.c:4626 do_user_addr_fault+0x6d6/0xc30 arch/x86/mm/fault.c:1379 handle_page_fault arch/x86/mm/fault.c:1436 [inline] exc_page_fault+0xa2/0x1a0 arch/x86/mm/fault.c:1492 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:580 RIP: 0033:0x560352df718c Code: Unable to access opcode bytes at RIP 0x560352df7162. RSP: 002b:00007ffcb318c540 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 00007ffcb318c640 RCX: 0000000000000000 RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000560353479750 R08: 000056035346a9e0 R09: 00007f572abf59b0 R10: 0000560353478450 R11: 0000560353478470 R12: 00007ffcb318c720 R13: 00005603533b0a30 R14: 0000560353472730 R15: 00007ffcb318c5f0 Mem-Info: active_anon:12606 inactive_anon:187520 isolated_anon:0 active_file:67 inactive_file:51 isolated_file:38 unevictable:0 dirty:9 writeback:1 slab_reclaimable:7137 slab_unreclaimable:59404 mapped:69980 shmem:2100 pagetables:5597 bounce:0 free:4110 free_pcp:35 free_cma:0 Node 0 active_anon:50424kB inactive_anon:750080kB active_file:268kB inactive_file:204kB unevictable:0kB isolated(anon):0kB isolated(file):40kB mapped:279920kB dirty:36kB writeback:4kB shmem:8400kB writeback_tmp:0kB kernel_stack:11008kB all_unreclaimable? no Node 0 DMA free:6532kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:9264kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:28kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1621 1621 1621 Node 0 DMA32 free:9908kB min:9220kB low:10880kB high:12540kB reserved_highatomic:2048KB active_anon:50424kB inactive_anon:739892kB active_file:280kB inactive_file:732kB unevictable:0kB writepending:40kB present:2080640kB managed:1665488kB mlocked:0kB pagetables:22360kB bounce:0kB free_pcp:1284kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (E) 6*8kB (UE) 5*16kB (UME) 6*32kB (UE) 5*64kB (UME) 4*128kB (UME) 3*256kB (UME) 3*512kB (UME) 1*1024kB (E) 1*2048kB (E) 0*4096kB = 6532kB Node 0 DMA32: 812*4kB (UMEH) 279*8kB (UMEH) 95*16kB (UME) 106*32kB (UMEH) 17*64kB (UME) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 11608kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2241 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 103809 pages reserved oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.7,pid=8344,uid=0 Out of memory: Killed process 8344 (syz-executor.7) total-vm:85060kB, anon-rss:16528kB, file-rss:34836kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 oom_reaper: reaped process 8344 (syz-executor.7), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) syz-executor.0 invoked oom-killer: gfp_mask=0x100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), order=0, oom_score_adj=1000 CPU: 0 PID: 9134 Comm: syz-executor.0 Not tainted 5.10.45 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x163 lib/dump_stack.c:118 dump_header+0x106/0x613 mm/oom_kill.c:461 oom_kill_process.cold+0x10/0x15 mm/oom_kill.c:978 out_of_memory mm/oom_kill.c:1097 [inline] out_of_memory+0x10f9/0x13f0 mm/oom_kill.c:1047 __alloc_pages_may_oom mm/page_alloc.c:4074 [inline] __alloc_pages_slowpath.constprop.0+0x1bbf/0x2210 mm/page_alloc.c:4804 __alloc_pages_nodemask+0x558/0x680 mm/page_alloc.c:4970 alloc_pages_vma+0xbb/0x410 mm/mempolicy.c:2234 alloc_zeroed_user_highpage_movable include/linux/highmem.h:277 [inline] do_anonymous_page mm/memory.c:3541 [inline] handle_pte_fault mm/memory.c:4391 [inline] __handle_mm_fault mm/memory.c:4528 [inline] handle_mm_fault+0x1558/0x3530 mm/memory.c:4626 do_user_addr_fault+0x6d6/0xc30 arch/x86/mm/fault.c:1379 handle_page_fault arch/x86/mm/fault.c:1436 [inline] exc_page_fault+0xa2/0x1a0 arch/x86/mm/fault.c:1492 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:580 RIP: 0010:__clear_user+0x40/0x70 arch/x86/lib/usercopy_64.c:24 Code: 0b 3d 84 e8 02 da 5f ff 0f 01 cb 48 89 d8 48 c1 eb 03 48 89 ef 83 e0 07 48 89 d9 48 85 c9 74 19 66 2e 0f 1f 84 00 00 00 00 00 <48> c7 07 00 00 00 00 48 83 c7 08 ff c9 75 f1 48 89 c1 85 c9 74 0a RSP: 0018:ffff8880594d7dd0 EFLAGS: 00050202 RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000000058 RDX: 0000000000040000 RSI: ffffffff81fde8de RDI: 0000000020932000 RBP: 00000000209312c0 R08: 0000000000000000 R09: ffffffff8544f08f R10: 0000000000000000 R11: 0000000000000001 R12: 00000000209312c0 R13: 00007ffffffff000 R14: 0000000000000000 R15: 0000000000000000 clear_user+0xf3/0x130 arch/x86/lib/usercopy_64.c:54 read_zero+0x71/0x140 drivers/char/mem.c:738 vfs_read+0x228/0x580 fs/read_write.c:494 ksys_pread64 fs/read_write.c:686 [inline] __do_sys_pread64 fs/read_write.c:696 [inline] __se_sys_pread64 fs/read_write.c:693 [inline] __x64_sys_pread64+0x1fd/0x250 fs/read_write.c:693 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x466609 Code: Unable to access opcode bytes at RIP 0x4665df. RSP: 002b:00007f2fadff2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 RDX: 000000002000031b RSI: 00000000200002c0 RDI: 0000000000000005 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 R13: 00007ffd312bad0f R14: 00007f2fadff2300 R15: 0000000000022000 Mem-Info: active_anon:12606 inactive_anon:188378 isolated_anon:0 active_file:21 inactive_file:44 isolated_file:22 unevictable:0 dirty:0 writeback:0 slab_reclaimable:6763 slab_unreclaimable:60284 mapped:69935 shmem:2103 pagetables:5533 bounce:0 free:2949 free_pcp:82 free_cma:0 Node 0 active_anon:50424kB inactive_anon:753512kB active_file:84kB inactive_file:92kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:279740kB dirty:0kB writeback:0kB shmem:8412kB writeback_tmp:0kB kernel_stack:10912kB all_unreclaimable? no Node 0 DMA free:6528kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:9228kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:32kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1621 1621 1621 Node 0 DMA32 free:5268kB min:7172kB low:8832kB high:10492kB reserved_highatomic:0KB active_anon:50424kB inactive_anon:744032kB active_file:128kB inactive_file:64kB unevictable:0kB writepending:0kB present:2080640kB managed:1665488kB mlocked:0kB pagetables:22100kB bounce:0kB free_pcp:400kB local_pcp:284kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 3*4kB (ME) 7*8kB (UME) 4*16kB (UE) 6*32kB (UME) 5*64kB (UME) 4*128kB (UME) 3*256kB (UME) 3*512kB (UME) 1*1024kB (E) 1*2048kB (E) 0*4096kB = 6532kB Node 0 DMA32: 271*4kB (UE) 273*8kB (UE) 64*16kB (UE) 17*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4836kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2154 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 103809 pages reserved oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=9134,uid=0 Out of memory (oom_kill_allocating_task): Killed process 9118 (syz-executor.0) total-vm:85324kB, anon-rss:9560kB, file-rss:34752kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 oom_reaper: reaped process 9118 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB syz-executor.7 invoked oom-killer: gfp_mask=0x100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), order=0, oom_score_adj=1000 CPU: 1 PID: 9126 Comm: syz-executor.7 Not tainted 5.10.45 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x163 lib/dump_stack.c:118 dump_header+0x106/0x613 mm/oom_kill.c:461 oom_kill_process.cold+0x10/0x15 mm/oom_kill.c:978 out_of_memory mm/oom_kill.c:1097 [inline] out_of_memory+0x10f9/0x13f0 mm/oom_kill.c:1047 __alloc_pages_may_oom mm/page_alloc.c:4074 [inline] __alloc_pages_slowpath.constprop.0+0x1bbf/0x2210 mm/page_alloc.c:4804 __alloc_pages_nodemask+0x558/0x680 mm/page_alloc.c:4970 alloc_pages_vma+0xbb/0x410 mm/mempolicy.c:2234 alloc_zeroed_user_highpage_movable include/linux/highmem.h:277 [inline] do_anonymous_page mm/memory.c:3541 [inline] handle_pte_fault mm/memory.c:4391 [inline] __handle_mm_fault mm/memory.c:4528 [inline] handle_mm_fault+0x1558/0x3530 mm/memory.c:4626 do_user_addr_fault+0x6d6/0xc30 arch/x86/mm/fault.c:1379 handle_page_fault arch/x86/mm/fault.c:1436 [inline] exc_page_fault+0xa2/0x1a0 arch/x86/mm/fault.c:1492 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:580 RIP: 0010:__clear_user+0x40/0x70 arch/x86/lib/usercopy_64.c:24 Code: 0b 3d 84 e8 02 da 5f ff 0f 01 cb 48 89 d8 48 c1 eb 03 48 89 ef 83 e0 07 48 89 d9 48 85 c9 74 19 66 2e 0f 1f 84 00 00 00 00 00 <48> c7 07 00 00 00 00 48 83 c7 08 ff c9 75 f1 48 89 c1 85 c9 74 0a RSP: 0018:ffff88801f357dd0 EFLAGS: 00050202 RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000000058 RDX: 0000000000040000 RSI: ffffffff81fde8de RDI: 0000000020f41000 RBP: 0000000020f402c0 R08: 0000000000000000 R09: ffffffff8544f08f R10: 0000000000000000 R11: 0000000000000001 R12: 0000000020f402c0 R13: 00007ffffffff000 R14: 0000000000000000 R15: 0000000000000000 clear_user+0xf3/0x130 arch/x86/lib/usercopy_64.c:54 read_zero+0x71/0x140 drivers/char/mem.c:738 vfs_read+0x228/0x580 fs/read_write.c:494 ksys_pread64 fs/read_write.c:686 [inline] __do_sys_pread64 fs/read_write.c:696 [inline] __se_sys_pread64 fs/read_write.c:693 [inline] __x64_sys_pread64+0x1fd/0x250 fs/read_write.c:693 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x466609 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f64c3122188 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 RDX: 000000002000031b RSI: 00000000200002c0 RDI: 0000000000000004 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 R13: 00007ffe2554915f R14: 00007f64c3122300 R15: 0000000000022000 Mem-Info: active_anon:12606 inactive_anon:188210 isolated_anon:0 active_file:82 inactive_file:51 isolated_file:0 unevictable:0 dirty:21 writeback:0 slab_reclaimable:6763 slab_unreclaimable:60306 mapped:70019 shmem:2103 pagetables:5533 bounce:0 free:2972 free_pcp:138 free_cma:0 Node 0 active_anon:50424kB inactive_anon:752840kB active_file:368kB inactive_file:108kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:279992kB dirty:84kB writeback:0kB shmem:8412kB writeback_tmp:0kB kernel_stack:10784kB all_unreclaimable? no Node 0 DMA free:6528kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:9228kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:32kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1621 1621 1621 Node 0 DMA32 free:5360kB min:5124kB low:6784kB high:8444kB reserved_highatomic:0KB active_anon:50424kB inactive_anon:743024kB active_file:128kB inactive_file:64kB unevictable:0kB writepending:0kB present:2080640kB managed:1665488kB mlocked:0kB pagetables:22100kB bounce:0kB free_pcp:688kB local_pcp:248kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 3*4kB (ME) 7*8kB (UME) 4*16kB (UE) 6*32kB (UME) 5*64kB (UME) 4*128kB (UME) 3*256kB (UME) 3*512kB (UME) 1*1024kB (E) 1*2048kB (E) 0*4096kB = 6532kB Node 0 DMA32: 280*4kB (UME) 289*8kB (UME) 65*16kB (UE) 21*32kB (UME) 1*64kB (M) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5336kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2196 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 103809 pages reserved oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.7,pid=9126,uid=0 Out of memory (oom_kill_allocating_task): Killed process 9126 (syz-executor.7) total-vm:85192kB, anon-rss:15552kB, file-rss:34840kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 oom_reaper: reaped process 9126 (syz-executor.7), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB