EXT4-fs (loop2): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. BUG: spinlock recursion on CPU#1, syz.2.71/5645 ================================================================== BUG: KASAN: stack-out-of-bounds in prb_read kernel/printk/printk_ringbuffer.c:1914 [inline] BUG: KASAN: stack-out-of-bounds in _prb_read_valid+0x1ee/0xac0 kernel/printk/printk_ringbuffer.c:2113 Oops: general protection fault, probably for non-canonical address 0xe3fffb2400147179: 0000 [#1] PREEMPT SMP KASAN PTI Write of size 24 at addr ffffc900051c6bd0 by task syz.2.71/5645 KASAN: maybe wild-memory-access in range [0x1ffff92000a38bc8-0x1ffff92000a38bcf] CPU: 0 UID: 0 PID: 5645 Comm: syz.2.71 Not tainted 6.11.0-rc4-next-20240821-syzkaller #0 CPU: 1 UID: 0 PID: 5645 Comm: syz.2.71 Not tainted 6.11.0-rc4-next-20240821-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Call Trace: RIP: 0010:vsnprintf+0xe64/0x1da0 lib/vsprintf.c:2884 __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 Code: 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 56 53 48 89 d3 41 89 f6 48 89 fd 48 8b 4c 24 18 48 89 d6 ba 01 00 00 00 e8 fd e5 ff ff <84> c0 74 12 48 89 ef 44 89 f6 48 89 da 5b 41 5e 5d e9 d7 5e c1 09 RSP: 0082:0000000000000082 EFLAGS: ffffffff8e098a4c ORIG_RAX: ffffc900051c5920 RAX: 8bb6e90100000000 RBX: 00000000fffffff8 RCX: 0000000000000018 RDX: 00000000ffff1060 RSI: 0000000000000010 RDI: 0000000000000010 RBP: ffffffff8bb6f3ee R08: 00000000ffff1020 R09: 00000000fffffffd R10: ffffc900851c5cec R11: 01fffc0000000000 R12: ffffc900051c5930 R13: ffffc900051c5cf1 R14: dffffc0000000000 R15: ffffc900051c5cf1 FS: 00007f0a36c1a6c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 CS: 360e DS: 0000 ES: 0000 CR0: 0000000080050033 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 CR2: ffffc900051c62c0 CR3: 000000005cf80000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:vsnprintf+0xe64/0x1da0 lib/vsprintf.c:2884 kasan_report+0x143/0x180 mm/kasan/report.c:601 Code: f0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 f7 e8 82 9d 45 f6 49 8b 1e 48 8d 43 08 49 89 06 4c 8b 7c 24 18 48 89 d8 48 c1 e8 03 <42> 0f b6 04 28 84 c0 0f 85 70 0a 00 00 48 63 13 e9 b7 06 00 00 e8 RSP: 0018:ffffc900051c58a0 EFLAGS: 00010003 RAX: 03ffff2400147179 RBX: 1ffff92000a38bcc RCX: 0000000000040000 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 RDX: ffffc900051c5de0 RSI: 000000000003ffff RDI: 0000000000040000 RBP: ffffc900051c5998 R08: ffffffff8bb6a1da R09: ffffffff8bb69bc4 __asan_memset+0x23/0x50 mm/kasan/shadow.c:84 R10: 0000000000000012 R11: ffff88802d823c00 R12: ffffffff8c086287 R13: dffffc0000000000 R14: ffff0a01ffffff10 R15: ffffffff94fbb1d9 prb_read kernel/printk/printk_ringbuffer.c:1914 [inline] _prb_read_valid+0x1ee/0xac0 kernel/printk/printk_ringbuffer.c:2113 FS: 00007f0a36c1a6c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc900051c62c0 CR3: 000000005cf80000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 90 nop 1: 90 nop 2: 90 nop 3: 90 nop 4: 90 nop 5: 90 nop 6: 90 nop 7: f3 0f 1e fa endbr64 b: 55 push %rbp c: 41 56 push %r14 e: 53 push %rbx f: 48 89 d3 mov %rdx,%rbx 12: 41 89 f6 mov %esi,%r14d 15: 48 89 fd mov %rdi,%rbp 18: 48 8b 4c 24 18 mov 0x18(%rsp),%rcx 1d: 48 89 d6 mov %rdx,%rsi 20: ba 01 00 00 00 mov $0x1,%edx 25: e8 fd e5 ff ff call 0xffffe627 * 2a: 84 c0 test %al,%al <-- trapping instruction 2c: 74 12 je 0x40 2e: 48 89 ef mov %rbp,%rdi 31: 44 89 f6 mov %r14d,%esi 34: 48 89 da mov %rbx,%rdx 37: 5b pop %rbx 38: 41 5e pop %r14 3a: 5d pop %rbp 3b: e9 d7 5e c1 09 jmp 0x9c15f17