EXT4-fs error (device loop2): ext4_fill_super:4954: inode #2: comm syz-executor.2: iget: root inode unallocated
EXT4-fs (loop2): get root inode failed
EXT4-fs (loop2): mount failed
==================================================================
BUG: KASAN: use-after-free in instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
BUG: KASAN: use-after-free in atomic_fetch_add_relaxed include/asm-generic/atomic-instrumented.h:142 [inline]
BUG: KASAN: use-after-free in __refcount_add include/linux/refcount.h:193 [inline]
BUG: KASAN: use-after-free in __refcount_inc include/linux/refcount.h:250 [inline]
BUG: KASAN: use-after-free in refcount_inc include/linux/refcount.h:267 [inline]
BUG: KASAN: use-after-free in get_task_struct include/linux/sched/task.h:104 [inline]
BUG: KASAN: use-after-free in kthread_stop+0x76/0x610 kernel/kthread.c:616
Write of size 4 at addr ffff88804fef32a0 by task syz-executor.2/14397
CPU: 1 PID: 14397 Comm: syz-executor.2 Not tainted 5.10.56 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x107/0x163 lib/dump_stack.c:118
print_address_description.constprop.0+0x1c/0x210 mm/kasan/report.c:385
__kasan_report mm/kasan/report.c:545 [inline]
kasan_report.cold+0x37/0x7c mm/kasan/report.c:562
check_memory_region_inline mm/kasan/generic.c:186 [inline]
check_memory_region+0xf9/0x1e0 mm/kasan/generic.c:192
instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
atomic_fetch_add_relaxed include/asm-generic/atomic-instrumented.h:142 [inline]
__refcount_add include/linux/refcount.h:193 [inline]
__refcount_inc include/linux/refcount.h:250 [inline]
refcount_inc include/linux/refcount.h:267 [inline]
get_task_struct include/linux/sched/task.h:104 [inline]
kthread_stop+0x76/0x610 kernel/kthread.c:616
ext4_stop_mmpd+0x47/0xd0 fs/ext4/mmp.c:254
ext4_fill_super+0x8208/0xcf70 fs/ext4/super.c:5176
mount_bdev+0x331/0x3f0 fs/super.c:1419
legacy_get_tree+0x105/0x220 fs/fs_context.c:592
vfs_get_tree+0x8e/0x2f0 fs/super.c:1549
do_new_mount fs/namespace.c:2881 [inline]
path_mount+0x139a/0x2080 fs/namespace.c:3211
do_mount fs/namespace.c:3224 [inline]
__do_sys_mount fs/namespace.c:3432 [inline]
__se_sys_mount fs/namespace.c:3409 [inline]
__x64_sys_mount+0x27e/0x300 fs/namespace.c:3409
do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x467b2a
Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f277e324fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b2a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f277e325000
RBP: 00007f277e325040 R08: 00007f277e325040 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
R13: 0000000020000100 R14: 00007f277e325000 R15: 0000000020012e00
Allocated by task 2:
kasan_save_stack+0x1b/0x40 mm/kasan/common.c:48
kasan_set_track mm/kasan/common.c:56 [inline]
__kasan_kmalloc.constprop.0+0xc2/0xd0 mm/kasan/common.c:461
slab_post_alloc_hook mm/slab.h:532 [inline]
slab_alloc_node mm/slub.c:2889 [inline]
kmem_cache_alloc_node+0x14b/0x370 mm/slub.c:2925
alloc_task_struct_node kernel/fork.c:170 [inline]
dup_task_struct kernel/fork.c:860 [inline]
copy_process+0x4380/0x6650 kernel/fork.c:1947
kernel_clone+0xe7/0xa20 kernel/fork.c:2465
kernel_thread+0xb5/0xf0 kernel/fork.c:2517
create_kthread kernel/kthread.c:315 [inline]
kthreadd+0x4bb/0x710 kernel/kthread.c:658
ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:296
Freed by task 74:
kasan_save_stack+0x1b/0x40 mm/kasan/common.c:48
kasan_set_track+0x1c/0x30 mm/kasan/common.c:56
kasan_set_free_info+0x1b/0x30 mm/kasan/generic.c:355
__kasan_slab_free+0x110/0x150 mm/kasan/common.c:422
slab_free_hook mm/slub.c:1542 [inline]
slab_free_freelist_hook+0x64/0x150 mm/slub.c:1575
slab_free mm/slub.c:3140 [inline]
kmem_cache_free+0x97/0x2f0 mm/slub.c:3156
__put_task_struct+0x25a/0x3e0 kernel/fork.c:741
put_task_struct include/linux/sched/task.h:113 [inline]
delayed_put_task_struct+0x1a4/0x2b0 kernel/exit.c:173
rcu_do_batch kernel/rcu/tree.c:2484 [inline]
rcu_core+0x52d/0x1660 kernel/rcu/tree.c:2719
__do_softirq+0x1b8/0x867 kernel/softirq.c:298
Last call_rcu():
kasan_save_stack+0x1b/0x40 mm/kasan/common.c:48
kasan_record_aux_stack+0x9e/0xb0 mm/kasan/generic.c:346
__call_rcu kernel/rcu/tree.c:2960 [inline]
call_rcu+0x8a/0xa20 kernel/rcu/tree.c:3034
put_task_struct_rcu_user+0x7f/0xb0 kernel/exit.c:179
finish_task_switch+0x428/0x5d0 kernel/sched/core.c:3649
context_switch kernel/sched/core.c:3779 [inline]
__schedule+0x850/0x1e80 kernel/sched/core.c:4525
preempt_schedule_common kernel/sched/core.c:4684 [inline]
_cond_resched+0x45/0x80 kernel/sched/core.c:6117
down_read+0x79/0x420 kernel/locking/rwsem.c:1503
ext4_da_map_blocks fs/ext4/inode.c:1717 [inline]
ext4_da_get_block_prep+0x7ad/0x1190 fs/ext4/inode.c:1835
__block_write_begin_int+0x3d1/0x1a50 fs/buffer.c:2011
ext4_da_write_begin+0x37d/0xde0 fs/ext4/inode.c:3019
generic_perform_write+0x1fe/0x4d0 mm/filemap.c:3333
ext4_buffered_write_iter+0x244/0x4d0 fs/ext4/file.c:270
ext4_file_write_iter+0x4ee/0x1890 fs/ext4/file.c:681
call_write_iter include/linux/fs.h:1903 [inline]
new_sync_write+0x42c/0x660 fs/read_write.c:518
vfs_write+0x743/0xa20 fs/read_write.c:605
ksys_pwrite64 fs/read_write.c:712 [inline]
__do_sys_pwrite64 fs/read_write.c:722 [inline]
__se_sys_pwrite64 fs/read_write.c:719 [inline]
__x64_sys_pwrite64+0x1fd/0x250 fs/read_write.c:719
do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Second to last call_rcu():
kasan_save_stack+0x1b/0x40 mm/kasan/common.c:48
kasan_record_aux_stack+0x9e/0xb0 mm/kasan/generic.c:346
__call_rcu kernel/rcu/tree.c:2960 [inline]
call_rcu+0x8a/0xa20 kernel/rcu/tree.c:3034
put_task_struct_rcu_user+0x7f/0xb0 kernel/exit.c:179
finish_task_switch+0x428/0x5d0 kernel/sched/core.c:3649
context_switch kernel/sched/core.c:3779 [inline]
__schedule+0x850/0x1e80 kernel/sched/core.c:4525
schedule+0xcb/0x270 kernel/sched/core.c:4603
exit_to_user_mode_loop kernel/entry/common.c:152 [inline]
exit_to_user_mode_prepare+0xdd/0x160 kernel/entry/common.c:191
irqentry_exit_to_user_mode+0x5/0x30 kernel/entry/common.c:279
exc_page_fault+0xca/0x1a0 arch/x86/mm/fault.c:1495
asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:571
The buggy address belongs to the object at ffff88804fef3280
which belongs to the cache task_struct of size 6208
The buggy address is located 32 bytes inside of
6208-byte region [ffff88804fef3280, ffff88804fef4ac0)
The buggy address belongs to the page:
page:00000000d5c3f97a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4fef0
head:00000000d5c3f97a order:3 compound_mapcount:0 compound_pincount:0
flags: 0x100000000010200(slab|head)
raw: 0100000000010200 0000000000000000 0000000400000001 ffff888007fdc140
raw: 0000000000000000 0000000000050005 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff88804fef3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
ffff88804fef3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff88804fef3280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff88804fef3300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff88804fef3380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
------------[ cut here ]------------
refcount_t: addition on 0; use-after-free.
WARNING: CPU: 1 PID: 14397 at lib/refcount.c:25 refcount_warn_saturate+0x178/0x1f0 lib/refcount.c:25
Modules linked in:
CPU: 1 PID: 14397 Comm: syz-executor.2 Tainted: G B 5.10.56 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:refcount_warn_saturate+0x178/0x1f0 lib/refcount.c:25
Code: 03 31 ff 89 de e8 e8 25 51 ff 84 db 0f 85 2e ff ff ff e8 ab 2c 51 ff 48 c7 c7 c0 37 3b 84 c6 05 ee 66 54 03 01 e8 c7 1e c9 01 <0f> 0b e9 0f ff ff ff e8 8c 2c 51 ff 0f b6 1d d8 66 54 03 31 ff 89
RSP: 0018:ffff88800ed47ac0 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000040000 RSI: ffffffff812930d3 RDI: ffffed1001da8f4a
RBP: ffff88804fef32a0 R08: 0000000000000001 R09: ffff88806cf2facf
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804fef32a0
R13: 0000000000000000 R14: ffff8880368fa000 R15: ffff8880368f8000
FS: 00007f277e325700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000002003d000 CR3: 0000000050860000 CR4: 0000000000350ee0
Call Trace:
__refcount_add include/linux/refcount.h:199 [inline]
__refcount_inc include/linux/refcount.h:250 [inline]
refcount_inc include/linux/refcount.h:267 [inline]
get_task_struct include/linux/sched/task.h:104 [inline]
kthread_stop+0x583/0x610 kernel/kthread.c:616
ext4_stop_mmpd+0x47/0xd0 fs/ext4/mmp.c:254
ext4_fill_super+0x8208/0xcf70 fs/ext4/super.c:5176
mount_bdev+0x331/0x3f0 fs/super.c:1419
legacy_get_tree+0x105/0x220 fs/fs_context.c:592
vfs_get_tree+0x8e/0x2f0 fs/super.c:1549
do_new_mount fs/namespace.c:2881 [inline]
path_mount+0x139a/0x2080 fs/namespace.c:3211
do_mount fs/namespace.c:3224 [inline]
__do_sys_mount fs/namespace.c:3432 [inline]
__se_sys_mount fs/namespace.c:3409 [inline]
__x64_sys_mount+0x27e/0x300 fs/namespace.c:3409
do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x467b2a
Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f277e324fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b2a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f277e325000
RBP: 00007f277e325040 R08: 00007f277e325040 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
R13: 0000000020000100 R14: 00007f277e325000 R15: 0000000020012e00
irq event stamp: 1524
hardirqs last enabled at (1523): [<ffffffff83c5e444>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (1523): [<ffffffff83c5e444>] _raw_spin_unlock_irqrestore+0x34/0x40 kernel/locking/spinlock.c:191
hardirqs last disabled at (1524): [<ffffffff83c5e25b>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (1524): [<ffffffff83c5e25b>] _raw_spin_lock_irqsave+0x4b/0x50 kernel/locking/spinlock.c:159
softirqs last enabled at (1364): [<ffffffff83e00f92>] asm_call_irq_on_stack+0x12/0x20
softirqs last disabled at (1309): [<ffffffff83e00f92>] asm_call_irq_on_stack+0x12/0x20
---[ end trace ddba061754762b3c ]---
------------[ cut here ]------------
refcount_t: underflow; use-after-free.
WARNING: CPU: 0 PID: 14397 at lib/refcount.c:28 refcount_warn_saturate+0x103/0x1f0 lib/refcount.c:28
Modules linked in:
CPU: 0 PID: 14397 Comm: syz-executor.2 Tainted: G B W 5.10.56 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:refcount_warn_saturate+0x103/0x1f0 lib/refcount.c:28
Code: 1d 82 67 54 03 31 ff 89 de e8 59 26 51 ff 84 db 75 a3 e8 20 2d 51 ff 48 c7 c7 20 38 3b 84 c6 05 62 67 54 03 01 e8 3c 1f c9 01 <0f> 0b eb 87 e8 04 2d 51 ff 0f b6 1d 4b 67 54 03 31 ff 89 de e8 24
RSP: 0018:ffff88800ed47ac0 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000040000 RSI: ffffffff812930d3 RDI: ffffed1001da8f4a
RBP: ffff88804fef32a0 R08: 0000000000000001 R09: ffff88806ce2facf
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804fef32a0
R13: 0000000000000000 R14: ffff8880368fa000 R15: ffff8880368f8000
FS: 00007f277e325700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000205f0000 CR3: 0000000050860000 CR4: 0000000000350ef0
Call Trace:
__refcount_sub_and_test include/linux/refcount.h:283 [inline]
__refcount_dec_and_test include/linux/refcount.h:315 [inline]
refcount_dec_and_test include/linux/refcount.h:333 [inline]
put_task_struct include/linux/sched/task.h:112 [inline]
kthread_stop+0x56c/0x610 kernel/kthread.c:623
ext4_stop_mmpd+0x47/0xd0 fs/ext4/mmp.c:254
ext4_fill_super+0x8208/0xcf70 fs/ext4/super.c:5176
mount_bdev+0x331/0x3f0 fs/super.c:1419
legacy_get_tree+0x105/0x220 fs/fs_context.c:592
vfs_get_tree+0x8e/0x2f0 fs/super.c:1549
do_new_mount fs/namespace.c:2881 [inline]
path_mount+0x139a/0x2080 fs/namespace.c:3211
do_mount fs/namespace.c:3224 [inline]
__do_sys_mount fs/namespace.c:3432 [inline]
__se_sys_mount fs/namespace.c:3409 [inline]
__x64_sys_mount+0x27e/0x300 fs/namespace.c:3409
do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x467b2a
Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f277e324fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467b2a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f277e325000
RBP: 00007f277e325040 R08: 00007f277e325040 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
R13: 0000000020000100 R14: 00007f277e325000 R15: 0000000020012e00
irq event stamp: 1524
hardirqs last enabled at (1523): [<ffffffff83c5e444>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (1523): [<ffffffff83c5e444>] _raw_spin_unlock_irqrestore+0x34/0x40 kernel/locking/spinlock.c:191
hardirqs last disabled at (1524): [<ffffffff83c5e25b>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (1524): [<ffffffff83c5e25b>] _raw_spin_lock_irqsave+0x4b/0x50 kernel/locking/spinlock.c:159
softirqs last enabled at (1364): [<ffffffff83e00f92>] asm_call_irq_on_stack+0x12/0x20
softirqs last disabled at (1309): [<ffffffff83e00f92>] asm_call_irq_on_stack+0x12/0x20
---[ end trace ddba061754762b3d ]---
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 0
CPU: 0 PID: 14420 Comm: syz-executor.1 Tainted: G B W 5.10.56 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x107/0x163 lib/dump_stack.c:118
fail_dump lib/fault-inject.c:52 [inline]
should_fail.cold+0x5/0xa lib/fault-inject.c:146
_copy_to_user+0x2e/0x180 lib/usercopy.c:29
copy_to_user include/linux/uaccess.h:200 [inline]
simple_read_from_buffer+0xcc/0x160 fs/libfs.c:729
proc_fail_nth_read+0x194/0x220 fs/proc/base.c:1423
vfs_read+0x228/0x580 fs/read_write.c:494
ksys_read+0x12d/0x250 fs/read_write.c:634
do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x41935c
Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
RSP: 002b:00007f5154d8e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c
RDX: 000000000000000f RSI: 00007f5154d8e1e0 RDI: 0000000000000004
RBP: 00007f5154d8e1d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007ffe988a598f R14: 00007f5154d8e300 R15: 0000000000022000
EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
general protection fault, probably for non-canonical address 0x117ddfe220100: 0000 [#1] SMP KASAN NOPTI
CPU: 0 PID: 74 Comm: jbd2/sda-8 Tainted: G B W 5.10.56 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:compound_head include/linux/page-flags.h:185 [inline]
RIP: 0010:virt_to_head_page include/linux/mm.h:860 [inline]
RIP: 0010:qlink_to_cache mm/kasan/quarantine.c:130 [inline]
RIP: 0010:qlist_free_all+0x8d/0xd0 mm/kasan/quarantine.c:167
Code: df 48 85 db 75 cc 48 89 f0 4c 01 e8 72 56 4c 89 f2 48 2b 15 15 61 3a 03 48 01 d0 48 c1 e8 0c 48 c1 e0 06 48 03 05 f3 60 3a 03 <48> 8b 50 08 48 8d 4a ff 83 e2 01 48 0f 45 c1 48 8b 78 18 eb 93 49
RSP: 0018:ffff88800f6ef718 EFLAGS: 00010207
RAX: 000117ddfe220100 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000777f80000000 RSI: 004affff888044f0 RDI: 0000000000000000
RBP: dffffc0000000000 R08: 0000000000000004 R09: ffffffff816abb01
R10: ffff88804fef3282 R11: 0000000000000001 R12: ffff88800f6ef750
R13: 0000000080000000 R14: ffffffff80000000 R15: 004affff888044f0
FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000002769098 CR3: 0000000043dc4000 CR4: 0000000000350ef0
Call Trace:
quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:267
__kasan_kmalloc.constprop.0+0x9e/0xd0 mm/kasan/common.c:442
slab_post_alloc_hook mm/slab.h:532 [inline]
slab_alloc_node mm/slub.c:2889 [inline]
slab_alloc mm/slub.c:2897 [inline]
kmem_cache_alloc+0x13b/0x350 mm/slub.c:2902
kmem_cache_zalloc include/linux/slab.h:654 [inline]
alloc_buffer_head+0x20/0x100 fs/buffer.c:3336
alloc_page_buffers+0x14d/0x6c0 fs/buffer.c:856
grow_dev_page fs/buffer.c:993 [inline]
grow_buffers fs/buffer.c:1043 [inline]
__getblk_slow+0x2e5/0x7e0 fs/buffer.c:1070
__getblk_gfp+0x70/0x80 fs/buffer.c:1354
__getblk include/linux/buffer_head.h:380 [inline]
jbd2_journal_get_descriptor_buffer+0x10a/0x410 fs/jbd2/journal.c:1022
journal_submit_commit_record.part.0+0x8a/0x9f0 fs/jbd2/commit.c:131
journal_submit_commit_record fs/jbd2/commit.c:128 [inline]
jbd2_journal_commit_transaction+0x3b95/0x6610 fs/jbd2/commit.c:925
kjournald2+0x1d1/0x930 fs/jbd2/journal.c:213
kthread+0x38f/0x470 kernel/kthread.c:292
ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:296
Modules linked in:
---[ end trace ddba061754762b3e ]---
RIP: 0010:compound_head include/linux/page-flags.h:185 [inline]
RIP: 0010:virt_to_head_page include/linux/mm.h:860 [inline]
RIP: 0010:qlink_to_cache mm/kasan/quarantine.c:130 [inline]
RIP: 0010:qlist_free_all+0x8d/0xd0 mm/kasan/quarantine.c:167
Code: df 48 85 db 75 cc 48 89 f0 4c 01 e8 72 56 4c 89 f2 48 2b 15 15 61 3a 03 48 01 d0 48 c1 e8 0c 48 c1 e0 06 48 03 05 f3 60 3a 03 <48> 8b 50 08 48 8d 4a ff 83 e2 01 48 0f 45 c1 48 8b 78 18 eb 93 49
RSP: 0018:ffff88800f6ef718 EFLAGS: 00010207
RAX: 000117ddfe220100 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000777f80000000 RSI: 004affff888044f0 RDI: 0000000000000000
RBP: dffffc0000000000 R08: 0000000000000004 R09: ffffffff816abb01
R10: ffff88804fef3282 R11: 0000000000000001 R12: ffff88800f6ef750
R13: 0000000080000000 R14: ffffffff80000000 R15: 004affff888044f0
FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000002769098 CR3: 0000000043dc4000 CR4: 0000000000350ef0