------------[ cut here ]------------
kernel BUG at mm/slab.c:4421!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
kobject: 'loop0' (00000000c4f40248): fill_kobj_path: path = '/devices/virtual/block/loop0'
CPU: 0 PID: 19879 Comm: udevd Not tainted 5.0.0-rc7+ #80
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__check_heap_object+0xa5/0xb3 mm/slab.c:4421
Code: 2b 48 c7 c7 bd 8f 5c 88 e8 a8 a6 07 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 bd 48 01 d0 48 29 c8 4c 39 c0 72 b2 c3 <0f> 0b 48 c7 c7 bd 8f 5c 88 e8 bc ab 07 00 44 89 e9 48 c7 c7 78 90
RSP: 0018:ffff888068f8fbd8 EFLAGS: 00010297
RAX: 00000000000f0f0e RBX: 0000000000000fe0 RCX: 000000000000000c
RDX: ffff888060aba380 RSI: 0000000000000000 RDI: ffff888060aba120
RBP: ffff888068f8fc28 R08: 0000000000000fe0 R09: ffff88812c291180
R10: 00000000e1e1dfc9 R11: ffff888060abb0ff R12: ffff888060aba120
R13: ffffea000182ae80 R14: ffff888060abb100 R15: 0000000000000001
FS:  00007f6c59efc7a0(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff1da9dff0 CR3: 00000000979fc000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 check_object_size include/linux/thread_info.h:119 [inline]
 strncpy_from_user+0xa6/0x380 lib/strncpy_from_user.c:116
 getname_flags fs/namei.c:151 [inline]
 getname_flags+0x11b/0x5b0 fs/namei.c:129
 user_path_at_empty+0x2f/0x50 fs/namei.c:2608
 user_path_at include/linux/namei.h:57 [inline]
 vfs_statx+0x129/0x200 fs/stat.c:185
 vfs_stat include/linux/fs.h:3171 [inline]
 __do_sys_newstat+0xa4/0x130 fs/stat.c:339
 __se_sys_newstat fs/stat.c:335 [inline]
 __x64_sys_newstat+0x54/0x80 fs/stat.c:335
 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6c59603c65
Code: 00 00 00 e8 5d 01 00 00 48 83 c4 18 c3 90 90 90 90 90 90 90 90 83 ff 01 48 89 f0 77 18 48 89 c7 48 89 d6 b8 04 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 17 f3 c3 90 48 8b 05 a1 51 2b 00 64 c7 00 16
kobject: 'loop1' (0000000052ac9c33): kobject_uevent_env
RSP: 002b:00007fff1da9f458 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
RAX: ffffffffffffffda RBX: 00000000013f5250 RCX: 00007f6c59603c65
RDX: 00007fff1da9f470 RSI: 00007fff1da9f470 RDI: 00007fff1da9f900
RBP: 000000000140e960 R08: 000000000041f4f1 R09: 00007f6c5965a7d0
R10: 7269762f73656369 R11: 0000000000000246 R12: 0000000000000004
R13: 000000000140e967 R14: 00000000013f5250 R15: 000000000000000b
Modules linked in:
------------[ cut here ]------------
kobject: 'loop1' (0000000052ac9c33): fill_kobj_path: path = '/devices/virtual/block/loop1'
kernel BUG at mm/slab.c:4421!
invalid opcode: 0000 [#2] PREEMPT SMP KASAN
CPU: 0 PID: 11479 Comm: syz-executor.2 Tainted: G      D           5.0.0-rc7+ #80
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__check_heap_object+0xa5/0xb3 mm/slab.c:4421
Code: 2b 48 c7 c7 bd 8f 5c 88 e8 a8 a6 07 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 bd 48 01 d0 48 29 c8 4c 39 c0 72 b2 c3 <0f> 0b 48 c7 c7 bd 8f 5c 88 e8 bc ab 07 00 44 89 e9 48 c7 c7 78 90
kobject: 'loop4' (0000000029140522): kobject_uevent_env
RSP: 0018:ffff88808863fd38 EFLAGS: 00010297
RAX: 00000000000f0f0e RBX: 0000000000000fe0 RCX: 000000000000000c
RDX: ffff888064c3a500 RSI: 0000000000000000 RDI: ffff888064c3a1a0
RBP: ffff88808863fd88 R08: 0000000000000fe0 R09: ffff88812c291180
R10: 00000000e1e1dee7 R11: ffff888064c3b17f R12: ffff888064c3a1a0
R13: ffffea0001930e80 R14: ffff888064c3b180 R15: 0000000000000001
FS:  000000000265f940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000940004 CR3: 000000005d39e000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 check_object_size include/linux/thread_info.h:119 [inline]
 strncpy_from_user+0xa6/0x380 lib/strncpy_from_user.c:116
---[ end trace 5fe39117ee73a59f ]---
 getname_flags fs/namei.c:151 [inline]
 getname_flags+0x11b/0x5b0 fs/namei.c:129
RIP: 0010:__check_heap_object+0xa5/0xb3 mm/slab.c:4421
 user_path_at_empty+0x2f/0x50 fs/namei.c:2608
 user_path_at include/linux/namei.h:57 [inline]
 ksys_chdir+0x98/0x1f0 fs/open.c:439
kobject: 'loop4' (0000000029140522): fill_kobj_path: path = '/devices/virtual/block/loop4'
 __do_sys_chdir fs/open.c:461 [inline]
 __se_sys_chdir fs/open.c:459 [inline]
 __x64_sys_chdir+0x31/0x40 fs/open.c:459
 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457417
Code: 2b 48 c7 c7 bd 8f 5c 88 e8 a8 a6 07 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 bd 48 01 d0 48 29 c8 4c 39 c0 72 b2 c3 <0f> 0b 48 c7 c7 bd 8f 5c 88 e8 bc ab 07 00 44 89 e9 48 c7 c7 78 90
Code: 44 00 00 b8 21 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 50 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 0018:ffff888068f8fbd8 EFLAGS: 00010297
RSP: 002b:00007fff09fbdf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457417
RDX: 0000000000000001 RSI: 0000000000710e90 RDI: 00007fff09fbdf80
RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000265f940
R10: 000000000265fc10 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 000000000000034e R15: 0000000000000002
kobject: 'loop0' (00000000c4f40248): kobject_uevent_env
Modules linked in:
---[ end trace 5fe39117ee73a5a0 ]---
RAX: 00000000000f0f0e RBX: 0000000000000fe0 RCX: 000000000000000c
RIP: 0010:__check_heap_object+0xa5/0xb3 mm/slab.c:4421
RDX: ffff888060aba380 RSI: 0000000000000000 RDI: ffff888060aba120
Code: 2b 48 c7 c7 bd 8f 5c 88 e8 a8 a6 07 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 bd 48 01 d0 48 29 c8 4c 39 c0 72 b2 c3 <0f> 0b 48 c7 c7 bd 8f 5c 88 e8 bc ab 07 00 44 89 e9 48 c7 c7 78 90
RBP: ffff888068f8fc28 R08: 0000000000000fe0 R09: ffff88812c291180
RSP: 0018:ffff888068f8fbd8 EFLAGS: 00010297
R10: 00000000e1e1dfc9 R11: ffff888060abb0ff R12: ffff888060aba120
RAX: 00000000000f0f0e RBX: 0000000000000fe0 RCX: 000000000000000c
RDX: ffff888060aba380 RSI: 0000000000000000 RDI: ffff888060aba120
kobject: 'loop0' (00000000c4f40248): fill_kobj_path: path = '/devices/virtual/block/loop0'
RBP: ffff888068f8fc28 R08: 0000000000000fe0 R09: ffff88812c291180
R13: ffffea000182ae80 R14: ffff888060abb100 R15: 0000000000000001
R10: 00000000e1e1dfc9 R11: ffff888060abb0ff R12: ffff888060aba120
R13: ffffea000182ae80 R14: ffff888060abb100 R15: 0000000000000001
FS:  00007f6c59efc7a0(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
FS:  000000000265f940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
kobject: 'loop1' (0000000052ac9c33): kobject_uevent_env
CR2: 00007ffdea2e6b7c CR3: 00000000979fc000 CR4: 00000000001406e0
kobject: 'loop1' (0000000052ac9c33): fill_kobj_path: path = '/devices/virtual/block/loop1'
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
kobject: 'loop4' (0000000029140522): kobject_uevent_env
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
CR2: 0000000020961fe4 CR3: 000000005d39e000 CR4: 00000000001406f0