==================================================================
BUG: KASAN: stack-out-of-bounds in bio_list_empty include/linux/bio.h:561 [inline]
BUG: KASAN: stack-out-of-bounds in bio_alloc_bioset+0x5b2/0x5d0 block/bio.c:482
Read of size 8 at addr ffffc900045673a0 by task khugepaged/1158

CPU: 0 PID: 1158 Comm: khugepaged Not tainted 5.8.0-rc3-next-20200702-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x18f/0x20d lib/dump_stack.c:118
 print_address_description.constprop.0.cold+0x5/0x436 mm/kasan/report.c:383
 __kasan_report mm/kasan/report.c:513 [inline]
 kasan_report.cold+0x1f/0x37 mm/kasan/report.c:530
 bio_list_empty include/linux/bio.h:561 [inline]
 bio_alloc_bioset+0x5b2/0x5d0 block/bio.c:482
 bio_clone_fast+0x21/0x1b0 block/bio.c:710
 bio_split+0xc7/0x2c0 block/bio.c:1477
 blk_bio_segment_split block/blk-merge.c:281 [inline]
 __blk_queue_split+0x10e2/0x1650 block/blk-merge.c:331
 blk_mq_submit_bio+0x1b0/0x1760 block/blk-mq.c:2169
 __submit_bio_noacct_mq block/blk-core.c:1181 [inline]
 submit_bio_noacct+0xc9e/0x12d0 block/blk-core.c:1214
 submit_bio+0x263/0x5b0 block/blk-core.c:1284
 ext4_io_submit+0x181/0x210 fs/ext4/page-io.c:382
 ext4_writepages+0x13be/0x3960 fs/ext4/inode.c:2802
 do_writepages+0xec/0x290 mm/page-writeback.c:2352
 __filemap_fdatawrite_range+0x2a1/0x380 mm/filemap.c:422
 collapse_file+0x351f/0x4080 mm/khugepaged.c:1737
 khugepaged_scan_file mm/khugepaged.c:2011 [inline]
 khugepaged_scan_mm_slot mm/khugepaged.c:2107 [inline]
 khugepaged_do_scan mm/khugepaged.c:2193 [inline]
 khugepaged+0x2fb4/0x5a10 mm/khugepaged.c:2238
 kthread+0x3b5/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294


addr ffffc900045673a0 is located in stack of task khugepaged/1158 at offset 80 in frame:
 arch_atomic64_read arch/x86/include/asm/atomic64_64.h:22 [inline]
 arch_atomic64_fetch_add_unless include/linux/atomic-arch-fallback.h:2195 [inline]
 arch_atomic64_add_unless include/linux/atomic-arch-fallback.h:2220 [inline]
 arch_atomic64_inc_not_zero include/linux/atomic-arch-fallback.h:2236 [inline]
 atomic64_inc_not_zero include/asm-generic/atomic-instrumented.h:1609 [inline]
 atomic_long_inc_not_zero include/asm-generic/atomic-long.h:497 [inline]
 percpu_ref_tryget_live include/linux/percpu-refcount.h:282 [inline]
 submit_bio_noacct+0x0/0x12d0 block/blk-core.c:433

this frame has 3 objects:
 [32, 40) 'bio'
 [64, 80) 'bio_list'
 [96, 128) 'bio_list_on_stack'

Memory state around the buggy address:
 ffffc90004567280: 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 00
 ffffc90004567300: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2
>ffffc90004567380: f2 f2 00 00 f2 f2 00 00 00 00 f3 f3 f3 f3 00 00
                               ^
 ffffc90004567400: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1
 ffffc90004567480: f1 00 f2 f2 f2 00 00 00 00 f3 f3 f3 f3 00 00 00
==================================================================