program: syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I42ccBvA3OcPB3XDLTTfdXeGGcssdN16GuyPJnVgIURe7KCgiZoogRBoq6KAZFDOIo4sIWaxOxgxOikLnIg4WwcGlRRfBxRTrWyjF/sGmpYXPB358eV+e9314h4wJ/K8lw4+tVisRQmjdvz0x+Qene+uZ7Ken+XeFnhASoRVCGP3ys5/vScTEL7c+j+ujuF5ZftCcPf+Yqh92X7zo36kmf9V2/T1cbfS25YH8o9bSu4+mpku5uXJ65CBXOZn57tsvvjnLFBpd1dp6Z+rDYMztxdkR51goh4kwGgZCMRTDUCi1qX+pfvzq6kmuvjn89jLbnN9+HXP5v/nOv9o//myhr1Z5/3Lj8eKb8tZ+4fTeTa74O78uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+W9bSu4+mpku5uXJ65CCXPJkZDyGcZQqNrmptvTP1YTDm9uLsiHMslMNEGA0DoRgSYSiU2tJfOVmqH7+6epKrbw6/vcw257dfx1z+twc77lj4J/3jzxb6apX3LzceL74pb+0XTu/d5Ir329MHAAAAAAAAAAAAAAAAAAAAt8lkPz3Nvyv0fB3Xn//wVfJ6tuL/3RNx/3mcR3F/ZflBc/b8Y6p+2H3xon+n+n3cn4zfw9VG77/6EO7kpwAAAP//SueTAQ==") io_setup(0x200, &(0x7f0000000140)=0x0) open(&(0x7f0000000080)='./bus\x00', 0x14d27e, 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x200, 0x0, 0x0, 0x2, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d306e6d602000000000000000000010001", [0x204]}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101542, 0x0) io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r2, &(0x7f0000000380)='\\', 0x1, 0x9}]) (fail_nth: 3) [ 95.715424][ T921] cfg80211: failed to load regulatory.db [ 95.746709][ T5296] Bluetooth: hci0: command tx timeout [ 95.911597][ T5322] loop0: detected capacity change from 0 to 2048 [ 95.952844][ T5322] Alternate GPT is invalid, using primary GPT. [ 95.955752][ T5322] loop0: p1 p2 p3 [ 95.988889][ T4711] Alternate GPT is invalid, using primary GPT. [ 95.991692][ T4711] loop0: p1 p2 p3 [ 96.017208][ T5322] loop0: detected capacity change from 2048 to 0 [ 96.031960][ T13] I/O error, dev loop0, sector 58 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2 [ 96.041602][ T5322] FAULT_INJECTION: forcing a failure. [ 96.041602][ T5322] name failslab, interval 1, probability 0, space 0, times 1 [ 96.051019][ T13] I/O error, dev loop0, sector 1008 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2 [ 96.057561][ T13] I/O error, dev loop0, sector 108 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2 [ 96.062024][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 96.062044][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 96.062052][ T5322] Call Trace: [ 96.062058][ T5322] [ 96.062064][ T5322] dump_stack_lvl+0xe8/0x150 [ 96.062219][ T5322] should_fail_ex+0x412/0x560 [ 96.062288][ T5322] should_failslab+0xa8/0x100 [ 96.062323][ T5322] __kmalloc_noprof+0xe8/0x760 [ 96.062361][ T5322] ? __pcs_replace_empty_main+0x3cc/0x620 [ 96.062376][ T5322] ? __pcs_replace_empty_main+0x239/0x620 [ 96.062390][ T5322] ? __pcs_replace_empty_main+0x239/0x620 [ 96.062412][ T5322] __pcs_replace_empty_main+0x3cc/0x620 [ 96.062431][ T5322] kmem_cache_alloc_noprof+0x37d/0x650 [ 96.062446][ T5322] ? io_submit_one+0x130/0x14c0 [ 96.062482][ T5322] ? __might_fault+0xcb/0x130 [ 96.062499][ T5322] ? kmem_cache_alloc_noprof+0x15a/0x650 [ 96.062520][ T5322] io_submit_one+0x130/0x14c0 [ 96.062539][ T5322] ? irqentry_exit+0x59e/0x620 [ 96.062616][ T5322] ? lockdep_hardirqs_on+0x7a/0x110 [ 96.062633][ T5322] ? irqentry_exit+0x59e/0x620 [ 96.062650][ T5322] ? trace_irq_disable+0x3b/0x150 [ 96.062690][ T5322] ? __pfx_io_submit_one+0x10/0x10 [ 96.062719][ T5322] ? __might_fault+0xaf/0x130 [ 96.062739][ T5322] __se_sys_io_submit+0x195/0x340 [ 96.062758][ T5322] ? __pfx___se_sys_io_submit+0x10/0x10 [ 96.062774][ T5322] ? ksys_write+0x242/0x270 [ 96.062850][ T5322] do_syscall_64+0x14d/0xf80 [ 96.062870][ T5322] ? trace_irq_disable+0x3b/0x150 [ 96.062887][ T5322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.062901][ T5322] ? clear_bhb_loop+0x40/0x90 [ 96.062916][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.062929][ T5322] RIP: 0033:0x7fb4ed79c799 [ 96.062944][ T5322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 96.062956][ T5322] RSP: 002b:00007fb4ee664fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 96.062971][ T5322] RAX: ffffffffffffffda RBX: 00007fb4eda15fa0 RCX: 00007fb4ed79c799 [ 96.062979][ T5322] RDX: 0000200000000500 RSI: 0000000000000001 RDI: 00007fb4ee61b000 [ 96.062987][ T5322] RBP: 00007fb4ee665050 R08: 0000000000000000 R09: 0000000000000000 [ 96.062993][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.063000][ T5322] R13: 00007fb4eda16038 R14: 00007fb4eda15fa0 R15: 00007ffe3bf7dc68 [ 96.063020][ T5322] [ 96.064544][ T1040] I/O error, dev loop0, sector 50 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.188403][ T13] I/O error, dev loop0, sector 1008 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.193100][ T13] Buffer I/O error on dev loop0p3, logical block 8, async page read [ 96.196650][ T13] I/O error, dev loop0, sector 1009 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.202856][ T13] Buffer I/O error on dev loop0p3, logical block 9, async page read [ 96.208928][ T13] I/O error, dev loop0, sector 1010 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.213727][ T13] Buffer I/O error on dev loop0p3, logical block 10, async page read [ 96.218261][ T13] I/O error, dev loop0, sector 1011 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.223135][ T13] Buffer I/O error on dev loop0p3, logical block 11, async page read [ 96.227425][ T13] I/O error, dev loop0, sector 1012 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.232509][ T13] Buffer I/O error on dev loop0p3, logical block 12, async page read [ 96.237244][ T13] I/O error, dev loop0, sector 1013 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 96.241908][ T13] Buffer I/O error on dev loop0p3, logical block 13, async page read [ 96.245650][ T13] Buffer I/O error on dev loop0p3, logical block 14, async page read [ 96.252596][ T13] Buffer I/O error on dev loop0p3, logical block 15, async page read [ 96.258984][ T13] Buffer I/O error on dev loop0p2, logical block 8, async page read [ 96.262330][ T13] Buffer I/O error on dev loop0p2, logical block 9, async page read [ 96.359607][ T1040] ================================================================== [ 96.363394][ T1040] BUG: KASAN: slab-use-after-free in update_io_ticks+0xa9/0x280 [ 96.367057][ T1040] Read of size 8 at addr ffff888031f11728 by task kworker/u4:7/1040 [ 96.370840][ T1040] [ 96.372088][ T1040] CPU: 0 UID: 0 PID: 1040 Comm: kworker/u4:7 Not tainted syzkaller #0 PREEMPT(full) [ 96.372105][ T1040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 96.372113][ T1040] Workqueue: loop0 loop_workfn [ 96.372133][ T1040] Call Trace: [ 96.372139][ T1040] [ 96.372143][ T1040] dump_stack_lvl+0xe8/0x150 [ 96.372156][ T1040] print_report+0xba/0x230 [ 96.372167][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.372177][ T1040] kasan_report+0x117/0x150 [ 96.372186][ T1040] ? __wake_up_common_lock+0x190/0x1f0 [ 96.372216][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.372231][ T1040] update_io_ticks+0xa9/0x280 [ 96.372245][ T1040] ? __pfx_update_io_ticks+0x10/0x10 [ 96.372258][ T1040] ? blk_stat_add+0x7d/0x4e0 [ 96.372275][ T1040] blk_account_io_done+0x18b/0x7b0 [ 96.372294][ T1040] __blk_mq_end_request+0x2ae/0x630 [ 96.372308][ T1040] lo_rw_aio+0xcde/0xf00 [ 96.372321][ T1040] ? __pfx_lo_rw_aio+0x10/0x10 [ 96.372340][ T1040] ? kthread_associate_blkcg+0x490/0x600 [ 96.372421][ T1040] ? _raw_spin_unlock_irq+0x23/0x50 [ 96.372439][ T1040] loop_process_work+0x958/0x11a0 [ 96.372454][ T1040] ? __pfx_loop_process_work+0x10/0x10 [ 96.372466][ T1040] ? __lock_acquire+0x6b5/0x2cf0 [ 96.372481][ T1040] ? look_up_lock_class+0x57/0x110 [ 96.372499][ T1040] ? register_lock_class+0x31/0x2e0 [ 96.372513][ T1040] ? __lock_acquire+0x6b5/0x2cf0 [ 96.372528][ T1040] ? do_raw_spin_lock+0x12b/0x2f0 [ 96.372540][ T1040] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.372553][ T1040] ? process_scheduled_works+0xa25/0x1830 [ 96.372588][ T1040] ? process_scheduled_works+0xa25/0x1830 [ 96.372601][ T1040] process_scheduled_works+0xb02/0x1830 [ 96.372619][ T1040] ? __pfx_process_scheduled_works+0x10/0x10 [ 96.372634][ T1040] ? assign_work+0x3d5/0x5e0 [ 96.372648][ T1040] worker_thread+0xa50/0xfc0 [ 96.372668][ T1040] kthread+0x388/0x470 [ 96.372678][ T1040] ? __pfx_worker_thread+0x10/0x10 [ 96.372692][ T1040] ? __pfx_kthread+0x10/0x10 [ 96.372703][ T1040] ret_from_fork+0x51e/0xb90 [ 96.372735][ T1040] ? __pfx_ret_from_fork+0x10/0x10 [ 96.372749][ T1040] ? __switch_to+0xc7d/0x1450 [ 96.372764][ T1040] ? __pfx_kthread+0x10/0x10 [ 96.372774][ T1040] ret_from_fork_asm+0x1a/0x30 [ 96.372795][ T1040] [ 96.372800][ T1040] [ 96.481708][ T1040] Allocated by task 4711: [ 96.484105][ T1040] kasan_save_track+0x3e/0x80 [ 96.486319][ T1040] __kasan_slab_alloc+0x6c/0x80 [ 96.488768][ T1040] kmem_cache_alloc_lru_noprof+0x2b8/0x640 [ 96.491363][ T1040] bdev_alloc_inode+0x29/0x90 [ 96.493693][ T1040] alloc_inode+0x6a/0x1b0 [ 96.495672][ T1040] new_inode+0x22/0x170 [ 96.497544][ T1040] bdev_alloc+0x26/0x380 [ 96.499549][ T1040] add_partition+0x1c3/0x8e0 [ 96.501841][ T1040] bdev_disk_changed+0xbab/0x1550 [ 96.504424][ T1040] blkdev_get_whole+0x380/0x510 [ 96.506967][ T1040] bdev_open+0x31e/0xd30 [ 96.509038][ T1040] bdev_file_open_by_dev+0x1be/0x240 [ 96.511349][ T1040] disk_scan_partitions+0x1c1/0x2c0 [ 96.513896][ T1040] blkdev_common_ioctl+0x1ce4/0x3250 [ 96.516403][ T1040] blkdev_ioctl+0x528/0x740 [ 96.518599][ T1040] __se_sys_ioctl+0xfc/0x170 [ 96.520657][ T1040] do_syscall_64+0x14d/0xf80 [ 96.523810][ T1040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.526900][ T1040] [ 96.528270][ T1040] Freed by task 15: [ 96.530462][ T1040] kasan_save_track+0x3e/0x80 [ 96.532813][ T1040] kasan_save_free_info+0x46/0x50 [ 96.535185][ T1040] __kasan_slab_free+0x5c/0x80 [ 96.537286][ T1040] kmem_cache_free+0x187/0x630 [ 96.539631][ T1040] rcu_core+0x7cd/0x1070 [ 96.541679][ T1040] handle_softirqs+0x22a/0x870 [ 96.543882][ T1040] run_ksoftirqd+0x36/0x60 [ 96.546145][ T1040] smpboot_thread_fn+0x541/0xa50 [ 96.548799][ T1040] kthread+0x388/0x470 [ 96.550485][ T1040] ret_from_fork+0x51e/0xb90 [ 96.552453][ T1040] ret_from_fork_asm+0x1a/0x30 [ 96.554324][ T1040] [ 96.555314][ T1040] Last potentially related work creation: [ 96.557718][ T1040] kasan_save_stack+0x3e/0x60 [ 96.559836][ T1040] kasan_record_aux_stack+0xbd/0xd0 [ 96.561884][ T1040] call_rcu+0xee/0x890 [ 96.563822][ T1040] evict+0x95b/0xb10 [ 96.565530][ T1040] device_release+0x9e/0x1d0 [ 96.567702][ T1040] kobject_put+0x228/0x560 [ 96.570038][ T1040] bdev_disk_changed+0x292/0x1550 [ 96.572275][ T1040] lo_release+0x547/0x840 [ 96.574160][ T1040] bdev_release+0x536/0x650 [ 96.576255][ T1040] blkdev_release+0x15/0x20 [ 96.579041][ T1040] __fput+0x44f/0xa70 [ 96.581437][ T1040] fput_close_sync+0x11f/0x240 [ 96.584116][ T1040] __x64_sys_close+0x7e/0x110 [ 96.586220][ T1040] do_syscall_64+0x14d/0xf80 [ 96.588327][ T1040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.590760][ T1040] [ 96.591775][ T1040] The buggy address belongs to the object at ffff888031f11700 [ 96.591775][ T1040] which belongs to the cache bdev_cache of size 2776 [ 96.598529][ T1040] The buggy address is located 40 bytes inside of [ 96.598529][ T1040] freed 2776-byte region [ffff888031f11700, ffff888031f121d8) [ 96.605059][ T1040] [ 96.606242][ T1040] The buggy address belongs to the physical page: [ 96.609577][ T1040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x31f10 [ 96.613883][ T1040] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 96.617190][ T1040] memcg:ffff888044b7b281 [ 96.618937][ T1040] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 96.622055][ T1040] page_type: f5(slab) [ 96.623857][ T1040] raw: 04fff00000000040 ffff888030414b40 dead000000000122 0000000000000000 [ 96.627578][ T1040] raw: 0000000000000000 00000008000b000b 00000000f5000000 ffff888044b7b281 [ 96.631220][ T1040] head: 04fff00000000040 ffff888030414b40 dead000000000122 0000000000000000 [ 96.635825][ T1040] head: 0000000000000000 00000008000b000b 00000000f5000000 ffff888044b7b281 [ 96.640905][ T1040] head: 04fff00000000003 ffffea0000c7c401 00000000ffffffff 00000000ffffffff [ 96.644592][ T1040] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 96.648274][ T1040] page dumped because: kasan: bad access detected [ 96.651037][ T1040] page_owner tracks the page as allocated [ 96.653688][ T1040] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 15439559208, free_ts 0 [ 96.663341][ T1040] post_alloc_hook+0x231/0x280 [ 96.665379][ T1040] get_page_from_freelist+0x24dc/0x2580 [ 96.668149][ T1040] __alloc_frozen_pages_noprof+0x18d/0x380 [ 96.671544][ T1040] allocate_slab+0x77/0x660 [ 96.673970][ T1040] refill_objects+0x331/0x3c0 [ 96.675839][ T1040] __pcs_replace_empty_main+0x2b9/0x620 [ 96.678231][ T1040] kmem_cache_alloc_lru_noprof+0x37c/0x640 [ 96.680889][ T1040] bdev_alloc_inode+0x29/0x90 [ 96.683150][ T1040] alloc_inode+0x6a/0x1b0 [ 96.685212][ T1040] new_inode+0x22/0x170 [ 96.686863][ T1040] bdev_alloc+0x26/0x380 [ 96.688924][ T1040] __alloc_disk_node+0x11d/0x5b0 [ 96.691598][ T1040] __blk_alloc_disk+0x105/0x1d0 [ 96.693358][ T1040] pmem_attach_disk+0x4d1/0xe10 [ 96.695483][ T1040] nvdimm_bus_probe+0x331/0x6c0 [ 96.697393][ T1040] really_probe+0x267/0xaf0 [ 96.699343][ T1040] page_owner free stack trace missing [ 96.701612][ T1040] [ 96.702731][ T1040] Memory state around the buggy address: [ 96.705806][ T1040] ffff888031f11600: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 96.710497][ T1040] ffff888031f11680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 96.713843][ T1040] >ffff888031f11700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.717247][ T1040] ^ [ 96.719811][ T1040] ffff888031f11780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.724076][ T1040] ffff888031f11800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.728559][ T1040] ================================================================== [ 96.732180][ T1040] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 96.735204][ T1040] CPU: 0 UID: 0 PID: 1040 Comm: kworker/u4:7 Not tainted syzkaller #0 PREEMPT(full) [ 96.739897][ T1040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 96.745012][ T1040] Workqueue: loop0 loop_workfn [ 96.747090][ T1040] Call Trace: [ 96.748623][ T1040] [ 96.749939][ T1040] vpanic+0x56c/0xa60 [ 96.751987][ T1040] ? __pfx_vpanic+0x10/0x10 [ 96.754075][ T1040] panic+0xc5/0xd0 [ 96.755828][ T1040] ? __pfx_panic+0x10/0x10 [ 96.757688][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.759787][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.762238][ T1040] check_panic_on_warn+0x89/0xb0 [ 96.765862][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.769227][ T1040] end_report+0x73/0x180 [ 96.771355][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.773559][ T1040] kasan_report+0x128/0x150 [ 96.775672][ T1040] ? __wake_up_common_lock+0x190/0x1f0 [ 96.778227][ T1040] ? update_io_ticks+0xa9/0x280 [ 96.780513][ T1040] update_io_ticks+0xa9/0x280 [ 96.782489][ T1040] ? __pfx_update_io_ticks+0x10/0x10 [ 96.784604][ T1040] ? blk_stat_add+0x7d/0x4e0 [ 96.786773][ T1040] blk_account_io_done+0x18b/0x7b0 [ 96.789113][ T1040] __blk_mq_end_request+0x2ae/0x630 [ 96.791338][ T1040] lo_rw_aio+0xcde/0xf00 [ 96.792980][ T1040] ? __pfx_lo_rw_aio+0x10/0x10 [ 96.794819][ T1040] ? kthread_associate_blkcg+0x490/0x600 [ 96.796896][ T1040] ? _raw_spin_unlock_irq+0x23/0x50 [ 96.799108][ T1040] loop_process_work+0x958/0x11a0 [ 96.801677][ T1040] ? __pfx_loop_process_work+0x10/0x10 [ 96.804173][ T1040] ? __lock_acquire+0x6b5/0x2cf0 [ 96.806389][ T1040] ? look_up_lock_class+0x57/0x110 [ 96.808739][ T1040] ? register_lock_class+0x31/0x2e0 [ 96.810949][ T1040] ? __lock_acquire+0x6b5/0x2cf0 [ 96.813125][ T1040] ? do_raw_spin_lock+0x12b/0x2f0 [ 96.815478][ T1040] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.818106][ T1040] ? process_scheduled_works+0xa25/0x1830 [ 96.821310][ T1040] ? process_scheduled_works+0xa25/0x1830 [ 96.825014][ T1040] process_scheduled_works+0xb02/0x1830 [ 96.827447][ T1040] ? __pfx_process_scheduled_works+0x10/0x10 [ 96.830273][ T1040] ? assign_work+0x3d5/0x5e0 [ 96.832520][ T1040] worker_thread+0xa50/0xfc0 [ 96.834589][ T1040] kthread+0x388/0x470 [ 96.836499][ T1040] ? __pfx_worker_thread+0x10/0x10 [ 96.839177][ T1040] ? __pfx_kthread+0x10/0x10 [ 96.841433][ T1040] ret_from_fork+0x51e/0xb90 [ 96.843739][ T1040] ? __pfx_ret_from_fork+0x10/0x10 [ 96.846049][ T1040] ? __switch_to+0xc7d/0x1450 [ 96.848197][ T1040] ? __pfx_kthread+0x10/0x10 [ 96.850111][ T1040] ret_from_fork_asm+0x1a/0x30 [ 96.852060][ T1040] [ 96.853541][ T1040] Kernel Offset: disabled [ 96.855138][ T1040] Rebooting in 86400 seconds..