Buffer I/O error on dev loop5, logical block 3, async page read
EXT4-fs (loop5): VFS: Can't find ext4 filesystem
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 11089 Comm: syz-executor.5 Not tainted 4.14.228-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880a8c52280 task.stack: ffff888057da0000
RIP: 0010:trace_event_get_offsets_lock_acquire include/trace/events/lock.h:13 [inline]
RIP: 0010:perf_trace_lock_acquire+0xb2/0x510 include/trace/events/lock.h:13
RSP: 0018:ffff8880ba507c88 EFLAGS: 00010006
RAX: dffffc0000000000 RBX: ffff8880a48e0128 RCX: 0000000000000000
RDX: 0000000000000006 RSI: 0000000000000018 RDI: ffffffff88f60f80
RBP: ffff8880ba507d50 R08: 0000000000000000 R09: 0000000000000001
R10: ffff8880a8c52b30 R11: ffff8880a8c52280 R12: ffffffff88f60f00
R13: 0000000000000018 R14: 0000000000000000 R15: ffff8880ba507d28
FS:  00007fa6c211f700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000568000 CR3: 000000006119f000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 trace_lock_acquire include/trace/events/lock.h:13 [inline]
 lock_acquire+0x2b8/0x3f0 kernel/locking/lockdep.c:3997
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline]
 _raw_spin_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:176
 spin_lock_bh include/linux/spinlock.h:322 [inline]
 rt6_uncached_list_del net/ipv6/route.c:144 [inline]
 ip6_dst_destroy+0x108/0x390 net/ipv6/route.c:402
 dst_destroy+0xc0/0x390 net/core/dst.c:129
 __rcu_reclaim kernel/rcu/rcu.h:195 [inline]
 rcu_do_batch kernel/rcu/tree.c:2699 [inline]
 invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline]
 __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline]
 rcu_process_callbacks+0x780/0x1180 kernel/rcu/tree.c:2946
 __do_softirq+0x24d/0x9ff kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x193/0x240 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:638 [inline]
 smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106
 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
 </IRQ>
RIP: 0010:arch_local_save_flags arch/x86/include/asm/paravirt.h:774 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/paravirt.h:796 [inline]
RIP: 0010:lock_acquire+0x98/0x3f0 kernel/locking/lockdep.c:3993
RSP: 0018:ffff888057da76c0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000286 RBX: ffff8880a8c52280 RCX: 0000000000000002
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffff8880a8c52b04
RBP: ffffffff88f77800 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: ffff8880a8c52280 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:242 [inline]
 rcu_read_lock include/linux/rcupdate.h:629 [inline]
 lock_page_memcg+0x36/0x200 mm/memcontrol.c:1640
 page_remove_file_rmap+0x2d/0x690 mm/rmap.c:1211
 page_remove_rmap+0x96/0xe0 mm/rmap.c:1296
 zap_pte_range mm/memory.c:1354 [inline]
 zap_pmd_range mm/memory.c:1456 [inline]
 zap_pud_range mm/memory.c:1485 [inline]
 zap_p4d_range mm/memory.c:1506 [inline]
 unmap_page_range+0xf3f/0x1ce0 mm/memory.c:1527
 unmap_single_vma+0x147/0x2b0 mm/memory.c:1572
 unmap_vmas+0x9d/0x160 mm/memory.c:1602
 exit_mmap+0x270/0x4d0 mm/mmap.c:3058
 __mmput kernel/fork.c:930 [inline]
 mmput kernel/fork.c:951 [inline]
 mmput+0xfa/0x420 kernel/fork.c:946
 exit_mm kernel/exit.c:548 [inline]
 do_exit+0x984/0x2850 kernel/exit.c:855
 do_group_exit+0x100/0x2e0 kernel/exit.c:965
 get_signal+0x38d/0x1ca0 kernel/signal.c:2423
 do_signal+0x7c/0x1550 arch/x86/kernel/signal.c:792
 exit_to_usermode_loop+0x160/0x200 arch/x86/entry/common.c:160
 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:270 [inline]
 do_syscall_64+0x4a3/0x640 arch/x86/entry/common.c:297
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x466459
RSP: 002b:00007fa6c211f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
R13: 00007ffe93e1a27f R14: 00007fa6c211f300 R15: 0000000000022000
Code: 00 0f 85 45 03 00 00 49 8d 45 18 4d 8b b4 24 80 00 00 00 48 89 c2 48 89 85 60 ff ff ff 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 2b 03 00 00 49 8b 7d 18 48 c7 c0 20 dc 89 87 
RIP: trace_event_get_offsets_lock_acquire include/trace/events/lock.h:13 [inline] RSP: ffff8880ba507c88
RIP: perf_trace_lock_acquire+0xb2/0x510 include/trace/events/lock.h:13 RSP: ffff8880ba507c88
---[ end trace 099e29dccd3833b4 ]---