BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI CPU: 0 PID: 7377 Comm: syz-executor.0 Not tainted 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007f48a5220700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 00000000377ee000 CR4: 0000000000350ef0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f48a7ccbb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f48a5220188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f48a7ddf020 RCX: 00007f48a7ccbb19 RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007f48a7d25f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc9b21d16f R14: 00007f48a5220300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007f48a5220700(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 00000000377ee000 CR4: 0000000000350ef0 syz-executor.4: attempt to access beyond end of device loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 Buffer I/O error on dev loop4, logical block 10, lost async page write BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#2] PREEMPT SMP KASAN NOPTI CPU: 1 PID: 7392 Comm: syz-executor.2 Tainted: G D 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff8880312e7cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a240 RCX: 1ffffe21fe603bd8 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b448 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a240 R14: ffffffff815f2620 R15: 1ffff110010e5c1f FS: 00007fd3bfab0700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 0000000037756000 CR4: 0000000000350ee0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7fd3c253ab19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd3bfab0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fd3c264df60 RCX: 00007fd3c253ab19 RDX: 0000000000000001 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007fd3c2594f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffddd2953ff R14: 00007fd3bfab0300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007fd3bfab0700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 0000000037756000 CR4: 0000000000350ee0 loop4: detected capacity change from 0 to 40 BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#3] PREEMPT SMP KASAN NOPTI CPU: 1 PID: 7421 Comm: syz-executor.5 Tainted: G D 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff8880322dfcc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a3c0 RCX: 1ffffe21fe603bde RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b478 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a3c0 R14: ffffffff815f2620 R15: 1ffff1100119901f FS: 00007f3833cce700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 00000000364a0000 CR4: 0000000000350ee0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f3836758b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f3833cce188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f383686bf60 RCX: 00007f3836758b19 RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007f38367b2f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffcd85e998f R14: 00007f3833cce300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007f3833cce700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 00000000364a0000 CR4: 0000000000350ee0 process 'syz-executor.7' launched '/dev/fd/-1/./file1' with NULL argv: empty string added BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#4] PREEMPT SMP KASAN NOPTI CPU: 1 PID: 7424 Comm: syz-executor.0 Tainted: G D 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888035577cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a540 RCX: 1ffffe21fe603be4 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b4a8 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a540 R14: ffffffff815f2620 R15: 1ffff110011ad41f FS: 00007f48a5241700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 0000000030f64000 CR4: 0000000000350ee0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f48a7ccbb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f48a5241188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f48a7ddef60 RCX: 00007f48a7ccbb19 RDX: 0000000000000003 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007f48a7d25f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc9b21d16f R14: 00007f48a5241300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007f48a5241700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 0000000030f64000 CR4: 0000000000350ee0 syz-executor.4: attempt to access beyond end of device loop4: rw=2049, sector=40, nr_sectors = 4 limit=40 Buffer I/O error on dev loop4, logical block 10, lost async page write BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#5] PREEMPT SMP KASAN NOPTI CPU: 1 PID: 7449 Comm: syz-executor.3 Tainted: G D 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff8880375cfcc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a6c0 RCX: 1ffffe21fe603bea RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b4d8 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a6c0 R14: ffffffff815f2620 R15: 1ffff1100111321f FS: 00007f5593316700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 000000003fdf8000 CR4: 0000000000350ee0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f5595da0b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f5593316188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f5595eb3f60 RCX: 00007f5595da0b19 RDX: 0000000000000004 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007f5595dfaf6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe2a96d8ef R14: 00007f5593316300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007f5593316700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 000000003fdf8000 CR4: 0000000000350ee0 BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#6] PREEMPT SMP KASAN NOPTI CPU: 1 PID: 7451 Comm: syz-executor.0 Tainted: G D 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff88804201fcc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a840 RCX: 1ffffe21fe603bf0 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b508 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a840 R14: ffffffff815f2620 R15: 1ffff110011f9e1f FS: 00007f48a5241700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 000000003fd78000 CR4: 0000000000350ee0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f48a7ccbb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f48a5241188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f48a7ddef60 RCX: 00007f48a7ccbb19 RDX: 0000000000000005 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007f48a7d25f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc9b21d16f R14: 00007f48a5241300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007f48a5241700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 000000003fd78000 CR4: 0000000000350ee0 audit: type=1400 audit(1667304007.236:10): avc: denied { read } for pid=7459 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 BUG: unable to handle page fault for address: ffffed100fffc000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 7ffd3067 P4D 7ffd3067 PUD 7ffd2067 PMD 7ffd1067 PTE 0 Oops: 0002 [#7] PREEMPT SMP KASAN NOPTI CPU: 1 PID: 7462 Comm: syz-executor.2 Tainted: G D 6.1.0-rc3-next-20221101 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff88803d71fcc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a9c0 RCX: 1ffffe21fe603bf6 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b538 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a9c0 R14: ffffffff815f2620 R15: 1ffff110011f9c1f FS: 00007fd3bfab0700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 0000000033f4a000 CR4: 0000000000350ee0 Call Trace: kasan_unpoison+0x23/0x60 mempool_exit+0x1c2/0x330 bioset_exit+0x2c9/0x630 disk_release+0x143/0x490 device_release+0xa2/0x250 kobject_put+0x173/0x280 put_device+0x1b/0x40 put_disk+0x41/0x60 loop_control_ioctl+0x4d1/0x630 __x64_sys_ioctl+0x19a/0x220 do_syscall_64+0x3b/0xa0 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7fd3c253ab19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd3bfab0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fd3c264df60 RCX: 00007fd3c253ab19 RDX: 0000000000000006 RSI: 0000000000004c81 RDI: 0000000000000006 RBP: 00007fd3c2594f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffddd2953ff R14: 00007fd3bfab0300 R15: 0000000000022000 Modules linked in: CR2: ffffed100fffc000 ---[ end trace 0000000000000000 ]--- RIP: 0010:__memset+0x24/0x50 Code: 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 48 ab 89 d1 f3 aa 4c 89 c8 e9 0d d4 12 00 66 66 2e 0f 1f 84 00 RSP: 0018:ffff888032b87cc0 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88800c05a0c0 RCX: 1ffffe21fe603bd2 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffed100fffc000 RBP: ffff88800c0753c0 R08: 0000000000000005 R09: ffffed100180b418 R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800c0753c0 R13: ffff88800c05a0c0 R14: ffffffff815f2620 R15: 1ffff1100112321f FS: 00007fd3bfab0700(0000) GS:ffff88806d100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffed100fffc000 CR3: 0000000033f4a000 CR4: 0000000000350ee0 Zero length message leads to an empty skb loop7: detected capacity change from 0 to 264192 FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device sit0 entered promiscuous mode device lo entered promiscuous mode device sit0 left promiscuous mode device sit0 entered promiscuous mode device sit0 left promiscuous mode device sit0 entered promiscuous mode device lo left promiscuous mode device sit0 entered promiscuous mode device sit0 left promiscuous mode device sit0 left promiscuous mode device lo entered promiscuous mode Bluetooth: hci2: command 0x0406 tx timeout loop7: detected capacity change from 0 to 264192 I/O error, dev loop7, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 device sit0 entered promiscuous mode device sit0 entered promiscuous mode device sit0 left promiscuous mode device sit0 left promiscuous mode device sit0 entered promiscuous mode device sit0 left promiscuous mode device sit0 entered promiscuous mode device sit0 left promiscuous mode loop7: detected capacity change from 0 to 264192 loop7: detected capacity change from 0 to 264192 netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. ---------------- Code disassembly (best guess): 0: 90 nop 1: 90 nop 2: 90 nop 3: 90 nop 4: 90 nop 5: 90 nop 6: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) b: 49 89 f9 mov %rdi,%r9 e: 48 89 d1 mov %rdx,%rcx 11: 83 e2 07 and $0x7,%edx 14: 48 c1 e9 03 shr $0x3,%rcx 18: 40 0f b6 f6 movzbl %sil,%esi 1c: 48 b8 01 01 01 01 01 movabs $0x101010101010101,%rax 23: 01 01 01 26: 48 0f af c6 imul %rsi,%rax * 2a: f3 48 ab rep stos %rax,%es:(%rdi) <-- trapping instruction 2d: 89 d1 mov %edx,%ecx 2f: f3 aa rep stos %al,%es:(%rdi) 31: 4c 89 c8 mov %r9,%rax 34: e9 0d d4 12 00 jmpq 0x12d446 39: 66 data16 3a: 66 data16 3b: 2e cs 3c: 0f .byte 0xf 3d: 1f (bad) 3e: 84 00 test %al,(%rax)