------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(!test_bit(class_idx, lock_classes_in_use))
WARNING: CPU: 1 PID: 10737 at kernel/locking/lockdep.c:5198 __lock_acquire+0x165b/0x2100 kernel/locking/lockdep.c:5198
Modules linked in:
CPU: 1 UID: 0 PID: 10737 Comm: kworker/u8:0 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: loop7 loop_rootcg_workfn
RIP: 0010:__lock_acquire+0x165b/0x2100 kernel/locking/lockdep.c:5198
Code: 0f b6 04 08 84 c0 0f 85 31 0a 00 00 83 3d 00 3e a0 0e 00 75 19 90 48 c7 c7 40 b2 2a 8c 48 c7 c6 80 db 2a 8c e8 96 ab e4 ff 90 <0f> 0b 90 90 90 e9 be fd ff ff 90 0f 0b 90 e9 16 fd ff ff 90 e8 5c
RSP: 0018:ffffc9000400eb90 EFLAGS: 00010046
RAX: cc7207343ca04100 RBX: 000000000a3c4220 RCX: ffff88802728da00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffff88802728e540 R08: ffffffff81819e52 R09: 1ffff110170e519a
R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff88802728e4d4
R13: ffff88802728da00 R14: 0000000000000000 R15: ffff88802728e560
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00002000000000c0 CR3: 0000000032e8a000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5851
 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378
 raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:606
 raw_spin_rq_lock kernel/sched/sched.h:1521 [inline]
 rq_lock kernel/sched/sched.h:1852 [inline]
 __schedule+0x357/0x4c90 kernel/sched/core.c:6688
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7087
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:116 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x175/0x290 mm/kasan/generic.c:189
Code: 08 00 00 00 44 29 e3 49 01 db 4d 29 df 4c 89 fd 48 8d 5d 07 48 85 ed 48 0f 49 dd 48 c1 eb 03 85 db 74 23 45 31 ff 4b 8b 2c 3b <48> 85 ed 75 4a 49 83 c7 08 ff cb 75 ef 4c 89 cd 4c 29 dd 4c 29 fd
RSP: 0018:ffffc9000400f1c8 EFLAGS: 00000202
RAX: ffff88804629b001 RBX: 0000000000000020 RCX: ffffffff84f3266f
RDX: 0000000000000001 RSI: 0000000000001000 RDI: ffff88806bf5d000
RBP: 0000000000000000 R08: ffff88806bf5dfff R09: 1ffff1100d7ebbff
R10: dffffc0000000000 R11: ffffed100d7eba00 R12: 0000000000000000
R13: 0000000000000000 R14: dffffc0000000001 R15: 0000000000000100
 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106
 memcpy_to_iter lib/iov_iter.c:65 [inline]
 iterate_bvec include/linux/iov_iter.h:123 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:304 [inline]
 iterate_and_advance include/linux/iov_iter.h:328 [inline]
 _copy_to_iter+0x7ef/0x1c40 lib/iov_iter.c:185
 copy_page_to_iter+0xb1/0x160 lib/iov_iter.c:362
 copy_folio_to_iter include/linux/uio.h:198 [inline]
 shmem_file_read_iter+0x58e/0x990 mm/shmem.c:3425
 do_iter_readv_writev+0x71c/0x9d0
 vfs_iter_read+0x154/0x460 fs/read_write.c:909
 lo_read_simple drivers/block/loop.c:285 [inline]
 do_req_filebacked drivers/block/loop.c:525 [inline]
 loop_handle_cmd drivers/block/loop.c:1929 [inline]
 loop_process_work+0xd72/0x21c0 drivers/block/loop.c:1964
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xac0/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd30 kernel/workqueue.c:3400
 kthread+0x7ab/0x920 kernel/kthread.c:464
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
----------------
Code disassembly (best guess):
   0:	08 00                	or     %al,(%rax)
   2:	00 00                	add    %al,(%rax)
   4:	44 29 e3             	sub    %r12d,%ebx
   7:	49 01 db             	add    %rbx,%r11
   a:	4d 29 df             	sub    %r11,%r15
   d:	4c 89 fd             	mov    %r15,%rbp
  10:	48 8d 5d 07          	lea    0x7(%rbp),%rbx
  14:	48 85 ed             	test   %rbp,%rbp
  17:	48 0f 49 dd          	cmovns %rbp,%rbx
  1b:	48 c1 eb 03          	shr    $0x3,%rbx
  1f:	85 db                	test   %ebx,%ebx
  21:	74 23                	je     0x46
  23:	45 31 ff             	xor    %r15d,%r15d
  26:	4b 8b 2c 3b          	mov    (%r11,%r15,1),%rbp
* 2a:	48 85 ed             	test   %rbp,%rbp <-- trapping instruction
  2d:	75 4a                	jne    0x79
  2f:	49 83 c7 08          	add    $0x8,%r15
  33:	ff cb                	dec    %ebx
  35:	75 ef                	jne    0x26
  37:	4c 89 cd             	mov    %r9,%rbp
  3a:	4c 29 dd             	sub    %r11,%rbp
  3d:	4c 29 fd             	sub    %r15,%rbp