[ 434.731706][ T9746] loop0: detected capacity change from 0 to 40427 [ 434.746135][ T9746] F2FS-fs (loop0): Found nat_bits in checkpoint [ 434.781679][ T9746] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 435.799575][ T9753] loop0: detected capacity change from 0 to 40427 [ 435.812310][ T9753] F2FS-fs (loop0): Found nat_bits in checkpoint [ 435.845967][ T9753] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 435.856433][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 435.856442][ T27] audit: type=1800 audit(1705308493.882:1930): pid=9753 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 435.882941][ T27] audit: type=1800 audit(1705308493.882:1931): pid=9753 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 435.903857][ T27] audit: type=1800 audit(1705308493.882:1932): pid=9753 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 435.925097][ T27] audit: type=1800 audit(1705308493.952:1933): pid=9759 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 436.313046][ T9762] loop0: detected capacity change from 0 to 40427 [ 436.326137][ T9762] F2FS-fs (loop0): Found nat_bits in checkpoint [ 436.356926][ T9762] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 436.365884][ T27] audit: type=1800 audit(1705308494.392:1934): pid=9762 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 436.386544][ T27] audit: type=1800 audit(1705308494.392:1935): pid=9762 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 436.407764][ T27] audit: type=1800 audit(1705308494.392:1936): pid=9762 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 436.429080][ T27] audit: type=1800 audit(1705308494.412:1937): pid=9768 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 437.394543][ T9770] loop0: detected capacity change from 0 to 40427 [ 437.407196][ T9770] F2FS-fs (loop0): Found nat_bits in checkpoint [ 437.438787][ T9770] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 437.447866][ T27] audit: type=1800 audit(1705308495.472:1938): pid=9770 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 437.468378][ T27] audit: type=1800 audit(1705308495.472:1939): pid=9770 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 438.488372][ T2964] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.527139][ T2964] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.608319][ T2964] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.679076][ T2964] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.426982][ T2964] hsr_slave_0: left promiscuous mode [ 439.434107][ T2964] hsr_slave_1: left promiscuous mode [ 439.440163][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 439.448269][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 439.456939][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 439.464701][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 439.472896][ T2964] bridge_slave_1: left allmulticast mode [ 439.480698][ T2964] bridge_slave_1: left promiscuous mode [ 439.486745][ T2964] bridge0: port 2(bridge_slave_1) entered disabled state [ 439.495936][ T2964] bridge_slave_0: left allmulticast mode [ 439.501712][ T2964] bridge_slave_0: left promiscuous mode [ 439.508600][ T2964] bridge0: port 1(bridge_slave_0) entered disabled state [ 439.520590][ T2964] veth1_macvtap: left promiscuous mode [ 439.526450][ T2964] veth0_macvtap: left promiscuous mode [ 439.532206][ T2964] veth1_vlan: left promiscuous mode [ 439.539066][ T2964] veth0_vlan: left promiscuous mode [ 439.723124][ T2964] team0 (unregistering): Port device team_slave_1 removed [ 439.738825][ T2964] team0 (unregistering): Port device team_slave_0 removed [ 439.750573][ T2964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 439.764278][ T2964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 439.803550][ T2964] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.0.138' (ED25519) to the list of known hosts. [ 440.272215][ T5242] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 440.280243][ T5242] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 440.287705][ T5242] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 440.295457][ T5242] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 440.302855][ T5242] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 440.311943][ T5242] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 440.471631][ T9857] chnl_net:caif_netlink_parms(): no params data found [ 440.567079][ T9857] bridge0: port 1(bridge_slave_0) entered blocking state [ 440.574489][ T9857] bridge0: port 1(bridge_slave_0) entered disabled state [ 440.581722][ T9857] bridge_slave_0: entered allmulticast mode [ 440.588856][ T9857] bridge_slave_0: entered promiscuous mode [ 440.599187][ T9857] bridge0: port 2(bridge_slave_1) entered blocking state [ 440.606928][ T9857] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.614332][ T9857] bridge_slave_1: entered allmulticast mode [ 440.620835][ T9857] bridge_slave_1: entered promiscuous mode [ 440.655813][ T9857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 440.670708][ T9857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 440.706891][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.713226][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.723656][ T9857] team0: Port device team_slave_0 added [ 440.735285][ T9857] team0: Port device team_slave_1 added [ 440.769273][ T9857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 440.776458][ T9857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 440.803126][ T9857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 440.815216][ T9857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 440.822570][ T9857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 440.849511][ T9857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 440.898988][ T9857] hsr_slave_0: entered promiscuous mode [ 440.905912][ T9857] hsr_slave_1: entered promiscuous mode [ 441.534128][ T9857] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 441.546952][ T9857] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 441.557345][ T9857] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 441.568076][ T9857] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 441.650318][ T9857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 441.669712][ T9857] 8021q: adding VLAN 0 to HW filter on device team0 [ 441.685143][ T4979] bridge0: port 1(bridge_slave_0) entered blocking state [ 441.692303][ T4979] bridge0: port 1(bridge_slave_0) entered forwarding state [ 441.708858][ T4979] bridge0: port 2(bridge_slave_1) entered blocking state [ 441.716340][ T4979] bridge0: port 2(bridge_slave_1) entered forwarding state [ 441.788596][ T9857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 441.830600][ T9857] veth0_vlan: entered promiscuous mode [ 441.845719][ T9857] veth1_vlan: entered promiscuous mode [ 441.878123][ T9857] veth0_macvtap: entered promiscuous mode [ 441.889022][ T9857] veth1_macvtap: entered promiscuous mode [ 441.912257][ T9857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 441.927313][ T9857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 441.948905][ T9857] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 441.958083][ T9857] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 441.973989][ T9857] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 441.982720][ T9857] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.052090][ T2906] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.075274][ T2906] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.109702][ T2906] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.119188][ T2906] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.374437][ T4636] Bluetooth: hci0: command 0x0409 tx timeout [ 442.529816][ T9950] loop0: detected capacity change from 0 to 40427 [ 442.574292][ T9950] F2FS-fs (loop0): Found nat_bits in checkpoint [ 442.633979][ T9950] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 442.643986][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 442.643999][ T27] audit: type=1800 audit(1705308500.662:1942): pid=9950 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor419" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 442.676328][ T9950] bio_check_eod: 56571 callbacks suppressed [ 442.676342][ T9950] syz-executor419: attempt to access beyond end of device [ 442.676342][ T9950] loop0: rw=524288, sector=77824, nr_sectors = 8 limit=40427 [ 442.697837][ T27] audit: type=1800 audit(1705308500.692:1943): pid=9950 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor419" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 442.718506][ T9950] syz-executor419: attempt to access beyond end of device [ 442.718506][ T9950] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 442.733066][ T9984] syz-executor419: attempt to access beyond end of device [ 442.733066][ T9984] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 442.747494][ T9984] syz-executor419: attempt to access beyond end of device [ 442.747494][ T9984] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 442.757753][ T27] audit: type=1800 audit(1705308500.692:1944): pid=9950 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor419" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 442.762021][ T9950] ================================================================== [ 442.789768][ T9950] BUG: KASAN: slab-use-after-free in f2fs_filemap_fault+0x145/0x2d0 [ 442.797748][ T9950] Read of size 8 at addr ffff88802ded3240 by task syz-executor419/9950 [ 442.805983][ T9950] [ 442.808300][ T9950] CPU: 0 PID: 9950 Comm: syz-executor419 Not tainted 6.7.0-syzkaller #0 [ 442.816710][ T9950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 442.826837][ T9950] Call Trace: [ 442.830190][ T9950] [ 442.833207][ T9950] dump_stack_lvl+0x214/0x300 [ 442.838402][ T9950] ? tcp_gro_dev_warn+0x150/0x150 [ 442.843598][ T9950] ? panic+0x680/0x680 [ 442.847837][ T9950] ? lock_acquire+0xc2/0x3a0 [ 442.852676][ T9950] ? read_lock_is_recursive+0x20/0x20 [ 442.858211][ T9950] ? __virt_addr_valid+0x165/0x2f0 [ 442.863330][ T9950] ? __virt_addr_valid+0x25d/0x2f0 [ 442.868609][ T9950] print_report+0x163/0x540 [ 442.873189][ T9950] ? __virt_addr_valid+0x165/0x2f0 [ 442.878374][ T9950] ? __virt_addr_valid+0x25d/0x2f0 [ 442.883474][ T9950] ? __phys_addr+0x90/0x120 [ 442.888082][ T9950] ? f2fs_filemap_fault+0x145/0x2d0 [ 442.893373][ T9950] kasan_report+0x142/0x170 [ 442.897969][ T9950] ? f2fs_filemap_fault+0x145/0x2d0 [ 442.903168][ T9950] f2fs_filemap_fault+0x145/0x2d0 [ 442.908304][ T9950] __do_fault+0x131/0x450 [ 442.912633][ T9950] do_pte_missing+0x786/0x3a40 [ 442.917391][ T9950] ? get_signal+0xb3a/0x18b0 [ 442.922071][ T9950] ? copy_fpstate_to_sigframe+0x165/0xc80 [ 442.927796][ T9950] ? pte_marker_clear+0x2d0/0x2d0 [ 442.932813][ T9950] ? __thp_vma_allowable_orders+0x67f/0x780 [ 442.938792][ T9950] handle_mm_fault+0x171e/0x36f0 [ 442.943731][ T9950] ? numa_migrate_prep+0x260/0x260 [ 442.948832][ T9950] ? __lock_acquire+0xc10/0xc10 [ 442.953932][ T9950] ? lock_vma_under_rcu+0x278/0x620 [ 442.959122][ T9950] ? __init_rwsem+0x160/0x160 [ 442.963823][ T9950] ? lock_vma_under_rcu+0x183/0x620 [ 442.969012][ T9950] ? lock_vma_under_rcu+0x540/0x620 [ 442.974375][ T9950] ? do_sigbus+0xef/0x180 [ 442.978704][ T9950] exc_page_fault+0x47f/0x860 [ 442.983892][ T9950] asm_exc_page_fault+0x26/0x30 [ 442.988734][ T9950] RIP: 0033:0x7f4b3b5edb6a [ 442.993327][ T9950] Code: c7 04 25 40 00 00 20 66 32 66 73 c6 04 25 44 00 00 20 00 e9 0f fa ff ff 0f 1f 84 00 00 00 00 00 48 b8 2e 2f 66 69 6c 65 32 00 <48> 89 04 25 80 00 00 20 e9 21 fa ff ff 66 0f 1f 84 00 00 00 00 00 [ 443.013616][ T9950] RSP: 002b:00007f4b3b5e0170 EFLAGS: 00010246 [ 443.019769][ T9950] RAX: 0032656c69662f2e RBX: 00007f4b3b6b66e8 RCX: 0000000000000000 [ 443.027726][ T9950] RDX: 8b75c404b4354ef2 RSI: 0000000000000000 RDI: 00007f4b3b5e05a0 [ 443.035684][ T9950] RBP: 00007f4b3b6b66e0 R08: 00007f4b3b5e0170 R09: 00007f4b3b6b66e0 [ 443.043729][ T9950] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b3b6b66ec [ 443.052294][ T9950] R13: 0000000000000011 R14: 00007fff82c05200 R15: 00007fff82c052e8 [ 443.060273][ T9950] [ 443.063367][ T9950] [ 443.065763][ T9950] Allocated by task 9950: [ 443.070161][ T9950] kasan_save_track+0x3f/0x70 [ 443.074918][ T9950] __kasan_slab_alloc+0x66/0x70 [ 443.079928][ T9950] kmem_cache_alloc+0x15a/0x390 [ 443.084965][ T9950] vm_area_alloc+0x24/0x1d0 [ 443.089471][ T9950] mmap_region+0xc4f/0x22e0 [ 443.093998][ T9950] do_mmap+0x8bd/0xf80 [ 443.098136][ T9950] vm_mmap_pgoff+0x1dc/0x3f0 [ 443.102712][ T9950] ksys_mmap_pgoff+0x36a/0x460 [ 443.107482][ T9950] do_syscall_64+0x8c/0x1a0 [ 443.112084][ T9950] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 443.118323][ T9950] [ 443.120749][ T9950] Freed by task 9984: [ 443.124707][ T9950] kasan_save_track+0x3f/0x70 [ 443.129368][ T9950] kasan_save_free_info+0x4e/0x60 [ 443.134469][ T9950] poison_slab_object+0xee/0x1a0 [ 443.139477][ T9950] __kasan_slab_free+0x34/0x60 [ 443.144223][ T9950] kmem_cache_free+0x136/0x330 [ 443.148971][ T9950] rcu_core+0xcbf/0x15e0 [ 443.153198][ T9950] __do_softirq+0x1c9/0x57e [ 443.157774][ T9950] [ 443.160169][ T9950] Last potentially related work creation: [ 443.165959][ T9950] kasan_save_stack+0x3f/0x60 [ 443.170660][ T9950] __kasan_record_aux_stack+0xae/0x100 [ 443.176121][ T9950] call_rcu+0x159/0x8e0 [ 443.180522][ T9950] do_vmi_align_munmap+0x1448/0x17c0 [ 443.186137][ T9950] do_vmi_munmap+0x24d/0x2d0 [ 443.190708][ T9950] mmap_region+0x6bb/0x22e0 [ 443.195203][ T9950] do_mmap+0x8bd/0xf80 [ 443.199258][ T9950] vm_mmap_pgoff+0x1dc/0x3f0 [ 443.203837][ T9950] ksys_mmap_pgoff+0x36a/0x460 [ 443.208592][ T9950] do_syscall_64+0x8c/0x1a0 [ 443.213088][ T9950] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 443.219054][ T9950] [ 443.221360][ T9950] The buggy address belongs to the object at ffff88802ded3220 [ 443.221360][ T9950] which belongs to the cache vm_area_struct of size 192 [ 443.235653][ T9950] The buggy address is located 32 bytes inside of [ 443.235653][ T9950] freed 192-byte region [ffff88802ded3220, ffff88802ded32e0) [ 443.249364][ T9950] [ 443.251681][ T9950] The buggy address belongs to the physical page: [ 443.258374][ T9950] page:ffffea0000b7b4c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ded3 [ 443.268601][ T9950] memcg:ffff88802ccc0701 [ 443.272820][ T9950] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff) [ 443.280608][ T9950] page_type: 0xffffffff() [ 443.285366][ T9950] raw: 00fff00000000800 ffff8880132b0b40 dead000000000122 0000000000000000 [ 443.294107][ T9950] raw: 0000000000000000 00000000800f000f 00000001ffffffff ffff88802ccc0701 [ 443.302777][ T9950] page dumped because: kasan: bad access detected [ 443.309179][ T9950] page_owner tracks the page as allocated [ 443.315058][ T9950] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 9978, tgid 9978 (dhcpcd-run-hook), ts 442626197804, free_ts 442625298575 [ 443.333974][ T9950] post_alloc_hook+0x10b/0x130 [ 443.338907][ T9950] get_page_from_freelist+0x345c/0x35f0 [ 443.344442][ T9950] __alloc_pages+0x255/0x650 [ 443.349019][ T9950] alloc_slab_page+0x5f/0x160 [ 443.353681][ T9950] new_slab+0x70/0x270 [ 443.357735][ T9950] ___slab_alloc+0xa79/0x10a0 [ 443.362666][ T9950] kmem_cache_alloc+0x231/0x390 [ 443.367588][ T9950] vm_area_dup+0x27/0x280 [ 443.372261][ T9950] __split_vma+0x128/0xc00 [ 443.376690][ T9950] do_vmi_align_munmap+0x3a6/0x17c0 [ 443.382047][ T9950] do_vmi_munmap+0x24d/0x2d0 [ 443.386620][ T9950] mmap_region+0x6bb/0x22e0 [ 443.391117][ T9950] do_mmap+0x8bd/0xf80 [ 443.395177][ T9950] vm_mmap_pgoff+0x1dc/0x3f0 [ 443.399779][ T9950] ksys_mmap_pgoff+0x36a/0x460 [ 443.404788][ T9950] do_syscall_64+0x8c/0x1a0 [ 443.409281][ T9950] page last free pid 16 tgid 16 stack trace: [ 443.415238][ T9950] free_unref_page_prepare+0x892/0x9b0 [ 443.420689][ T9950] free_unref_page+0x37/0x3a0 [ 443.425352][ T9950] rcu_core+0xcbf/0x15e0 [ 443.429581][ T9950] __do_softirq+0x1c9/0x57e [ 443.434077][ T9950] [ 443.436382][ T9950] Memory state around the buggy address: [ 443.441996][ T9950] ffff88802ded3100: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 443.450038][ T9950] ffff88802ded3180: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 443.458084][ T9950] >ffff88802ded3200: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb [ 443.466648][ T9950] ^ [ 443.472799][ T9950] ffff88802ded3280: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 443.480959][ T9950] ffff88802ded3300: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 [ 443.489100][ T9950] ================================================================== [ 443.498797][ T9984] syz-executor419: attempt to access beyond end of device [ 443.498797][ T9984] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 443.512883][ T9984] syz-executor419: attempt to access beyond end of device [ 443.512883][ T9984] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 443.526657][ T9950] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 443.527196][ T9950] Kernel Offset: disabled