[syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[syzbot]

Hello,

syzbot found the following issue on:

HEAD commit:    708283abf896 Merge tag 'dmaengine-6.6-rc1' of git://git.ke..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=17424cd0680000
kernel config:  https://syzkaller.appspot.com/x/.config?x=15f37e053f1602f8
dashboard link: https://syzkaller.appspot.com/bug?extid=2403e3909382fbdeaf6c
compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64

Unfortunately, I don't have any reproducer for this issue yet.

Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-708283ab.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/ae645c88b07f/vmlinux-708283ab.xz
kernel image: https://storage.googleapis.com/syzbot-assets/32d5997bb055/Image-708283ab.gz.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2403e3909382fbdeaf6c@syzkaller.appspotmail.com

Unable to handle kernel paging request at virtual address dfff800000000001
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
Mem abort info:
  ESR = 0x0000000096000005
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x05: level 1 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000001] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 2922 Comm: udevd Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : list_add_tail include/linux/list.h:183 [inline]
pc : list_lru_add+0x174/0x464 mm/list_lru.c:129
lr : list_lru_from_memcg_idx mm/list_lru.c:56 [inline]
lr : list_lru_from_memcg_idx mm/list_lru.c:53 [inline]
lr : list_lru_from_kmem mm/list_lru.c:78 [inline]
lr : list_lru_add+0x354/0x464 mm/list_lru.c:128
sp : ffff80008dd57520
x29: ffff80008dd57520 x28: 0000000000000008 x27: ffff0000378c4000
x26: 0000000000000001 x25: 0000000000000000 x24: 0000000000000000
x23: 1fffe0000293550a x22: 0000000000000000 x21: ffff000012d1c7a0
x20: ffff0000149aa850 x19: ffff0000146f7a00 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: ffff800080915234
x14: ffff800080914c58 x13: ffff800080914c58 x12: 000000000000f1f1
x11: dfff800000000000 x10: 00000000f3000000 x9 : 00000000f3f3f3f3
x8 : ffff700011baae76 x7 : 00000000f1f1f1f1 x6 : dfff800000000000
x5 : ffff700011baae7a x4 : 00000000f204f1f1 x3 : 1fffe0000d51ff28
x2 : 0000000000000000 x1 : 0000000000000000 x0 : dfff800000000000
Call trace:
 list_add_tail include/linux/list.h:183 [inline]
 list_lru_add+0x174/0x464 mm/list_lru.c:129
 d_lru_add+0x180/0x31c fs/dcache.c:431
 retain_dentry fs/dcache.c:685 [inline]
 dput+0x4ac/0x96c fs/dcache.c:908
 handle_mounts fs/namei.c:1554 [inline]
 step_into+0xc18/0x16c4 fs/namei.c:1839
 walk_component+0xa8/0x484 fs/namei.c:2007
 link_path_walk.part.0.constprop.0+0x4cc/0x970 fs/namei.c:2328
 link_path_walk fs/namei.c:2253 [inline]
 path_openat+0x1bc/0x2058 fs/namei.c:3792
 do_filp_open+0x16c/0x330 fs/namei.c:3823
 do_sys_openat2+0x12c/0x160 fs/open.c:1422
 do_sys_open fs/open.c:1437 [inline]
 __do_sys_openat fs/open.c:1453 [inline]
 __se_sys_openat fs/open.c:1448 [inline]
 __arm64_sys_openat+0x12c/0x1b8 fs/open.c:1448
 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]
 invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:51
 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:136
 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:155
 el0_svc+0x58/0x140 arch/arm64/kernel/entry-common.c:678
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591
Code: 9100231c d2d00000 f2fbffe0 d343ff9a (38e06b40) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	9100231c 	add	x28, x24, #0x8
   4:	d2d00000 	mov	x0, #0x800000000000        	// #140737488355328
   8:	f2fbffe0 	movk	x0, #0xdfff, lsl #48
   c:	d343ff9a 	lsr	x26, x28, #3
* 10:	38e06b40 	ldrsb	w0, [x26, x0] <-- trapping instruction


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[syzbot]

syzbot has found a reproducer for the following issue on:

HEAD commit:    fbafc3e621c3 Merge tag 'for_linus' of git://git.kernel.org..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=10dc0065e80000
kernel config:  https://syzkaller.appspot.com/x/.config?x=c29fe98c88e5c7ae
dashboard link: https://syzkaller.appspot.com/bug?extid=2403e3909382fbdeaf6c
compiler:       aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1217a445e80000

Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-fbafc3e6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/44afd70ba00e/vmlinux-fbafc3e6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2812e972b4b2/Image-fbafc3e6.gz.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2403e3909382fbdeaf6c@syzkaller.appspotmail.com

netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008
Mem abort info:
  ESR = 0x0000000097d88004
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x04: level 0 translation fault
Data abort info:
  Access size = 8 byte(s)
  SSE = 0, SRT = 24
  SF = 1, AR = 0
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
user pgtable: 4k pages, 48-bit VAs, pgdp=0000000045d88000
[0000000000000008] pgd=0000000000000000, p4d=0000000000000000
Internal error: Oops: 0000000097d88004 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 3148 Comm: syz-executor.1 Not tainted 6.7.0-rc7-syzkaller-00003-gfbafc3e621c3 #0
Hardware name: linux,dummy-virt (DT)
pstate: 61400009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : list_add_tail include/linux/list.h:183 [inline]
pc : list_lru_add+0xa4/0x188 mm/list_lru.c:129
lr : list_lru_from_memcg_idx mm/list_lru.c:56 [inline]
lr : list_lru_from_memcg_idx mm/list_lru.c:53 [inline]
lr : list_lru_from_kmem mm/list_lru.c:78 [inline]
lr : list_lru_add+0x16c/0x188 mm/list_lru.c:128
sp : ffff800082c23ce0
x29: ffff800082c23ce0 x28: f7ff0000034f2f40 x27: 0000000000000000
x26: 0000000000000000 x25: faff000004d30000 x24: f0ff000005702340
x23: 0000000000000000 x22: 0000000000000000 x21: f8ff000005e0ac58
x20: f0ff000005702340 x19: f4ff000005b05d40 x18: 0000000000000001
x17: 0000000000000000 x16: 0000000000000000 x15: ffff8000803180f8
x14: 0000000000000000 x13: 000000000000039c x12: 0000000000005800
x11: 0000000000000040 x10: 000000000000002e x9 : 0000000000000001
x8 : ffff800082c23af8 x7 : 00000000001fffff x6 : 0000000055555556
x5 : f1ff000002c38b00 x4 : 0000000000000001 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 list_lru_from_kmem mm/list_lru.c:68 [inline]
 list_lru_add+0xa4/0x188 mm/list_lru.c:128
 d_lru_add+0x98/0x14c fs/dcache.c:431
 retain_dentry fs/dcache.c:685 [inline]
 dput+0x194/0x31c fs/dcache.c:908
 done_path_create fs/namei.c:3925 [inline]
 do_mkdirat+0x90/0x16c fs/namei.c:4132
 __do_sys_mkdirat fs/namei.c:4144 [inline]
 __se_sys_mkdirat fs/namei.c:4142 [inline]
 __arm64_sys_mkdirat+0x50/0x7c fs/namei.c:4142
 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:51
 el0_svc_common.constprop.0+0x40/0xe0 arch/arm64/kernel/syscall.c:136
 do_el0_svc+0x1c/0x28 arch/arm64/kernel/syscall.c:155
 el0_svc+0x34/0xd8 arch/arm64/kernel/entry-common.c:678
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:595
Code: 8b160316 d2800019 910022d6 aa1603fa (f94006d8) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	8b160316 	add	x22, x24, x22
   4:	d2800019 	mov	x25, #0x0                   	// #0
   8:	910022d6 	add	x22, x22, #0x8
   c:	aa1603fa 	mov	x26, x22
* 10:	f94006d8 	ldr	x24, [x22, #8] <-- trapping instruction


---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[syzbot]

syzbot has found a reproducer for the following issue on:

HEAD commit:    43db1e03c086 Merge tag 'for-6.10/dm-fixes-2' of git://git...
git tree:       upstream
console+strace: https://syzkaller.appspot.com/x/log.txt?x=16f39ee1980000
kernel config:  https://syzkaller.appspot.com/x/.config?x=42a432cfd0e579e0
dashboard link: https://syzkaller.appspot.com/bug?extid=2403e3909382fbdeaf6c
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=141c864e980000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12b1da7e980000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/709e8f085073/disk-43db1e03.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1ab1fd5e8c1c/vmlinux-43db1e03.xz
kernel image: https://storage.googleapis.com/syzbot-assets/dc7484cb3765/bzImage-43db1e03.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/40d14eae864b/mount_0.gz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2403e3909382fbdeaf6c@syzkaller.appspotmail.com

Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
CPU: 1 PID: 5077 Comm: syz-executor294 Not tainted 6.10.0-rc7-syzkaller-00141-g43db1e03c086 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
RIP: 0010:list_add_tail include/linux/list.h:183 [inline]
RIP: 0010:list_lru_add+0x1b1/0x390 mm/list_lru.c:97
Code: 89 ef e8 e2 06 1c 00 48 8b 45 00 48 8b 4c 24 30 48 8d 6c 08 40 4c 8d 6d 08 4d 89 ec 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ef e8 b0 06 1c 00 4c 8b 7d 08 4c 89 f7
RSP: 0018:ffffc90003bbfa78 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 1ffff1100fada037 RCX: 0000000000000000
RDX: 0000000000000003 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f54c0
RBP: 0000000000000000 R08: ffffffff8fac686f R09: 1ffffffff1f58d0d
R10: dffffc0000000000 R11: fffffbfff1f58d0e R12: 0000000000000001
R13: 0000000000000008 R14: ffff88807d6d01b8 R15: 0000000000000000
FS:  000055557a070380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000045bdd0 CR3: 0000000023864000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __inode_add_lru fs/inode.c:467 [inline]
 iput_final fs/inode.c:1718 [inline]
 iput+0x87a/0x930 fs/inode.c:1767
 __dentry_kill+0x20d/0x630 fs/dcache.c:607
 dput+0x19f/0x2b0 fs/dcache.c:849
 shrink_dcache_for_umount+0x7d/0x130 fs/dcache.c:1559
 generic_shutdown_super+0x6a/0x2d0 fs/super.c:620
 bch2_kill_sb+0x41/0x50 fs/bcachefs/fs.c:2052
 deactivate_locked_super+0xc4/0x130 fs/super.c:473
 cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1267
 task_work_run+0x24f/0x310 kernel/task_work.c:180
 ptrace_notify+0x2d2/0x380 kernel/signal.c:2402
 ptrace_report_syscall include/linux/ptrace.h:415 [inline]
 ptrace_report_syscall_exit include/linux/ptrace.h:477 [inline]
 syscall_exit_work+0xc6/0x190 kernel/entry/common.c:173
 syscall_exit_to_user_mode_prepare kernel/entry/common.c:200 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:205 [inline]
 syscall_exit_to_user_mode+0x273/0x360 kernel/entry/common.c:218
 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f232c4c5e77
Code: 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007fffde2e9f38 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f232c4c5e77
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffde2e9ff0
RBP: 00007fffde2e9ff0 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000202 R12: 00007fffde2eb060
R13: 000055557a0716c0 R14: 00007fffde2eb05c R15: 431bde82d7b634db
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:list_add_tail include/linux/list.h:183 [inline]
RIP: 0010:list_lru_add+0x1b1/0x390 mm/list_lru.c:97
Code: 89 ef e8 e2 06 1c 00 48 8b 45 00 48 8b 4c 24 30 48 8d 6c 08 40 4c 8d 6d 08 4d 89 ec 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ef e8 b0 06 1c 00 4c 8b 7d 08 4c 89 f7
RSP: 0018:ffffc90003bbfa78 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 1ffff1100fada037 RCX: 0000000000000000
RDX: 0000000000000003 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f54c0
RBP: 0000000000000000 R08: ffffffff8fac686f R09: 1ffffffff1f58d0d
R10: dffffc0000000000 R11: fffffbfff1f58d0e R12: 0000000000000001
R13: 0000000000000008 R14: ffff88807d6d01b8 R15: 0000000000000000
FS:  000055557a070380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000045bdd0 CR3: 0000000023864000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	89 ef                	mov    %ebp,%edi
   2:	e8 e2 06 1c 00       	call   0x1c06e9
   7:	48 8b 45 00          	mov    0x0(%rbp),%rax
   b:	48 8b 4c 24 30       	mov    0x30(%rsp),%rcx
  10:	48 8d 6c 08 40       	lea    0x40(%rax,%rcx,1),%rbp
  15:	4c 8d 6d 08          	lea    0x8(%rbp),%r13
  19:	4d 89 ec             	mov    %r13,%r12
  1c:	49 c1 ec 03          	shr    $0x3,%r12
  20:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  27:	fc ff df
* 2a:	41 80 3c 04 00       	cmpb   $0x0,(%r12,%rax,1) <-- trapping instruction
  2f:	74 08                	je     0x39
  31:	4c 89 ef             	mov    %r13,%rdi
  34:	e8 b0 06 1c 00       	call   0x1c06e9
  39:	4c 8b 7d 08          	mov    0x8(%rbp),%r15
  3d:	4c 89 f7             	mov    %r14,%rdi


---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[syzbot]

syzbot has bisected this issue to:

commit 86d81ec5f5f05846c7c6e48ffb964b24cba2e669
Author: Youling Tang <tangyouling@kylinos.cn>
Date:   Wed Jul 3 07:09:55 2024 +0000

    bcachefs: Mark bch_inode_info as SLAB_ACCOUNT

bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=113f4bed980000
start commit:   43db1e03c086 Merge tag 'for-6.10/dm-fixes-2' of git://git...
git tree:       upstream
final oops:     https://syzkaller.appspot.com/x/report.txt?x=133f4bed980000
console output: https://syzkaller.appspot.com/x/log.txt?x=153f4bed980000
kernel config:  https://syzkaller.appspot.com/x/.config?x=42a432cfd0e579e0
dashboard link: https://syzkaller.appspot.com/bug?extid=2403e3909382fbdeaf6c
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=141c864e980000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12b1da7e980000

Reported-by: syzbot+2403e3909382fbdeaf6c@syzkaller.appspotmail.com
Fixes: 86d81ec5f5f0 ("bcachefs: Mark bch_inode_info as SLAB_ACCOUNT")

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[syzbot]

syzbot suspects this issue was fixed by commit:

commit aacd897d4d75adaae3becc2b00d8cdc9a56928d1
Author: Kent Overstreet <kent.overstreet@linux.dev>
Date:   Fri Jul 12 00:01:31 2024 +0000

    Revert "bcachefs: Mark bch_inode_info as SLAB_ACCOUNT"

bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=150bcf6b980000
start commit:   43db1e03c086 Merge tag 'for-6.10/dm-fixes-2' of git://git...
git tree:       upstream
kernel config:  https://syzkaller.appspot.com/x/.config?x=42a432cfd0e579e0
dashboard link: https://syzkaller.appspot.com/bug?extid=2403e3909382fbdeaf6c
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10401f71980000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=13f1ae49980000

If the result looks correct, please mark the issue as fixed by replying with:

#syz fix: Revert "bcachefs: Mark bch_inode_info as SLAB_ACCOUNT"

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in list_lru_add

[Kent Overstreet]

#syz fix: Revert "bcachefs: Mark bch_inode_info as SLAB_ACCOUNT"