[ 138.490174] BUG: unable to handle kernel [ 138.490465] ? __x64_sys_ioctl+0

1. [ 138.490174] BUG: unable to handle kernel
2. [ 138.490465] ? __x64_sys_ioctl+0x73/0xb0
3. [ 138.490483] ? do_syscall_64+0x1b1/0x800
4. [ 138.491466] NULL pointer dereference
5. [ 138.492250] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
6. [ 138.492268] ? print_usage_bug+0xc0/0xc0
7. [ 138.493031] at 0000000000000000
8. [ 138.493799] ? kasan_check_write+0x14/0x20
9. [ 138.494799] PGD 2919d067
10. [ 138.495581] ? graph_lock+0x170/0x170
11. [ 138.496211] P4D 2919d067
12. [ 138.497071] ? trace_hardirqs_off+0xd/0x10
13. [ 138.497585] PUD 365c7067
14. [ 138.498345] ? _raw_spin_unlock_irqrestore+0x63/0xc0
15. [ 138.498862] PMD 0
16. [ 138.499738] ? debug_check_no_obj_freed+0x2ff/0x584
17. [ 138.501237] ? __lock_is_held+0xb5/0x140
18. [ 138.501648] Oops: 0010 [#1] SMP KASAN
19. [ 138.502652] ? find_valid_gpt+0x657/0x1950
20. [ 138.503437] CPU: 3 PID: 12199 Comm: syz-executor6 Not tainted 4.17.0+ #17
21. [ 138.504215] ? rcu_read_lock_sched_held+0x108/0x120
22. [ 138.505040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
23. [ 138.505049] RIP: 0010: (null)
24. [ 138.506391] ? kfree+0x1e9/0x260
25. [ 138.507365] Code: Bad RIP value.
26. [ 138.509007] ? find_valid_gpt+0x6b0/0x1950
27. [ 138.509772] RSP: 0018:ffff88002499f590 EFLAGS: 00010246
28. [ 138.510465] ? mark_held_locks+0xc9/0x160
29. [ 138.511109] RAX: 0000000000000000 RBX: ffff8800656e7800 RCX: 1ffffffff10ea839
30. [ 138.511967] ? is_gpt_valid.part.5+0xb90/0xb90
31. [ 138.513008] RDX: ffff88002499fab0 RSI: ffff880063fd6ac0 RDI: ffff880021c40a80
32. [ 138.513016] RBP: ffff88002499f700 R08: 0000000000000001 R09: 0000000000000000
33. [ 138.513842] ? trace_hardirqs_on_thunk+0x1a/0x1c
34. [ 138.515242] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10004933eb7
35. [ 138.515251] R13: ffff88002499fab0 R14: ffff8800656e7812 R15: ffff8800656e7c58
36. [ 138.516164] ? blkdev_writepages+0x30/0x30
37. [ 138.517562] FS: 00007f3a970f5700(0000) GS:ffff88006c6c0000(0000) knlGS:0000000000000000
38. [ 138.518966] ? read_cache_page+0x61/0x80
39. [ 138.519906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
40. [ 138.519914] CR2: ffffffffffffffd6 CR3: 0000000066289004 CR4: 00000000001606e0
41. [ 138.521449] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
42. [ 138.522881] Call Trace:
43. [ 138.523690] ? read_dev_sector+0x1d9/0x4b0
44. [ 138.525311] ? smc_poll+0x211/0xdd0
45. [ 138.526094] ? __delete_partition+0x20/0x20
46. [ 138.527235] ? __smc_connect+0xa90/0xa90
47. [ 138.528640] ? __lock_is_held+0xb5/0x140
48. [ 138.529732] ? trace_hardirqs_on+0xd/0x10
49. [ 138.530222] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
50. [ 138.531057] ? add_wait_queue+0x1b4/0x2a0
51. [ 138.531784] ? sgi_partition+0x721/0xd90
52. [ 138.531797] ? kfree+0x1e9/0x260
53. [ 138.532635] ? __wake_up_locked_key_bookmark+0x20/0x20
54. [ 138.533431] ? efi_partition+0xdc4/0x12f2
55. [ 138.534243] ? __fget_light+0x2ef/0x430
56. [ 138.535042] ? osf_partition+0xe80/0xe80
57. [ 138.536114] ? __pollwait+0x25e/0x430
58. [ 138.536129] sock_poll+0x1d1/0x710
59. [ 138.536935] ? check_partition.cold.2+0x93/0x93
60. [ 138.537747] ? __smc_connect+0xa90/0xa90
61. [ 138.538409] ? find_valid_gpt+0x1950/0x1950
62. [ 138.539429] ? sock_get_poll_head+0x460/0x460
63. [ 138.540273] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
64. [ 138.541067] ? sock_get_poll_head+0x460/0x460
65. [ 138.541871] ? adfspart_check_ADFS+0x582/0x9e0
66. [ 138.542621] vfs_poll+0x77/0x2a0
67. [ 138.543320] ? adfspart_check_CUMANA+0x920/0x920
68. [ 138.544246] do_sys_poll+0x6fd/0x1100
69. [ 138.545014] ? cmdline_partition+0x202/0x2a0
70. [ 138.545876] ? compat_core_sys_select+0xae0/0xae0
71. [ 138.546755] ? add_part+0x2f0/0x2f0
72. [ 138.547848] ? perf_trace_lock+0x900/0x900
73. [ 138.548754] ? ldm_ldmdb_add+0x2bc0/0x2bc0
74. [ 138.549627] ? exit_robust_list+0x290/0x290
75. [ 138.550264] check_partition+0x379/0x6ad
76. [ 138.551202] ? kasan_check_read+0x11/0x20
77. [ 138.551962] ? check_partition+0x379/0x6ad
78. [ 138.552829] ? graph_lock+0x170/0x170
79. [ 138.553769] rescan_partitions+0x172/0x910
80. [ 138.554502] ? find_held_lock+0x36/0x1c0
81. [ 138.555337] __blkdev_reread_part+0x1ad/0x230
82. [ 138.556176] ? set_fd_set.part.5+0x70/0x70
83. [ 138.557023] blkdev_reread_part+0x26/0x40
84. [ 138.557835] ? pvclock_read_flags+0x160/0x160
85. [ 138.558656] loop_reread_partitions+0x159/0x180
86. [ 138.559485] ? ktime_get_ts64+0x405/0x510
87. [ 138.560237] ? __loop_update_dio+0x6a0/0x6a0
88. [ 138.561067] ? __sanitizer_cov_trace_cmp8+0x18/0x20
89. [ 138.561823] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
90. [ 138.562714] ? timespec64_add_safe+0x1f4/0x2d0
91. [ 138.563554] loop_set_status+0xb95/0x1010
92. [ 138.564342] ? nsec_to_clock_t+0x30/0x30
93. [ 138.565186] loop_set_status64+0xaa/0x100
94. [ 138.566108] ? do_gettimeofday+0x170/0x170
95. [ 138.566930] ? loop_set_status_old+0x920/0x920
96. [ 138.567793] ? poll_select_set_timeout+0x14f/0x220
97. [ 138.568769] ? __sanitizer_cov_trace_switch+0x53/0x90
98. [ 138.569843] ? do_restart_poll+0x2d0/0x2d0
99. [ 138.570704] lo_ioctl+0x6f5/0x2190
100. [ 138.571536] __x64_sys_poll+0x189/0x510
101. [ 138.572329] ? lo_rw_aio_complete+0x430/0x430
102. [ 138.573116] ? __ia32_sys_pselect6+0x270/0x270
103. [ 138.573936] blkdev_ioctl+0x9d2/0x2070
104. [ 138.574847] ? do_syscall_64+0x92/0x800
105. [ 138.575814] ? blkpg_ioctl+0xc40/0xc40
106. [ 138.576826] do_syscall_64+0x1b1/0x800
107. [ 138.577633] ? lock_downgrade+0x8e0/0x8e0
108. [ 138.578338] ? finish_task_switch+0x1ca/0x840
109. [ 138.579126] ? kasan_check_read+0x11/0x20
110. [ 138.579981] ? syscall_return_slowpath+0x5c0/0x5c0
111. [ 138.580842] ? rcu_is_watching+0x85/0x140
112. [ 138.581637] ? syscall_return_slowpath+0x30f/0x5c0
113. [ 138.582428] ? rcu_report_qs_rnp+0x790/0x790
114. [ 138.583185] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
115. [ 138.583956] ? __fget+0x40c/0x650
116. [ 138.584783] ? trace_hardirqs_off_thunk+0x1a/0x1c
117. [ 138.585686] ? expand_files.part.8+0x9a0/0x9a0
118. [ 138.586505] entry_SYSCALL_64_after_hwframe+0x49/0xbe
119. [ 138.587462] ? trace_hardirqs_off+0xd/0x10
120. [ 138.588284] RIP: 0033:0x455449
121. [ 138.588291] Code:
122. [ 138.589264] ? _raw_spin_unlock_irqrestore+0x63/0xc0
123. [ 138.590089] 6d
124. [ 138.591123] block_ioctl+0xee/0x130
125. [ 138.591809] b6 fb
126. [ 138.592771] ? blkdev_fallocate+0x400/0x400
127. [ 138.593634] ff c3
128. [ 138.594681] do_vfs_ioctl+0x1cf/0x16f0
129. [ 138.595514] 66
130. [ 138.596164] ? rcu_pm_notify+0xc0/0xc0
131. [ 138.596571] 2e
132. [ 138.597568] ? ioctl_preallocate+0x2e0/0x2e0
133. [ 138.597921] 0f 1f
134. [ 138.598621] ? fget_raw+0x20/0x20
135. [ 138.599024] 84 00
136. [ 138.599855] ? putname+0xf2/0x130
137. [ 138.599866] ? rcu_read_lock_sched_held+0x108/0x120
138. [ 138.600272] 00 00
139. [ 138.601017] ? kmem_cache_free+0x25c/0x2d0
140. [ 138.601372] 00 00
141. [ 138.602117] ? putname+0xf7/0x130
142. [ 138.602472] 66 90
143. [ 138.603316] ? do_sys_open+0x3c3/0x740
144. [ 138.603782] 48 89
145. [ 138.604449] ? security_file_ioctl+0x94/0xc0
146. [ 138.604877] f8 48
147. [ 138.605541] ksys_ioctl+0xa9/0xd0
148. [ 138.606515] 89 f7
149. [ 138.606981] __x64_sys_ioctl+0x73/0xb0
150. [ 138.607807] 48 89
151. [ 138.608268] do_syscall_64+0x1b1/0x800
152. [ 138.608915] d6
153. [ 138.609363] ? finish_task_switch+0x1ca/0x840
154. [ 138.609374] ? syscall_return_slowpath+0x5c0/0x5c0
155. [ 138.610106] 48
156. [ 138.610558] ? syscall_return_slowpath+0x30f/0x5c0
157. [ 138.611380] 89 ca
158. [ 138.611811] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
159. [ 138.612453] 4d 89
160. [ 138.612879] ? trace_hardirqs_off_thunk+0x1a/0x1c
161. [ 138.613604] c2 4d
162. [ 138.614114] entry_SYSCALL_64_after_hwframe+0x49/0xbe
163. [ 138.614841] 89 c8
164. [ 138.615211] RIP: 0033:0x4552b7
165. [ 138.615216] Code:
166. [ 138.616113] 4c 8b
167. [ 138.617083] 48
168. [ 138.617480] 4c
169. [ 138.618433] 83 c4
170. [ 138.618863] 24
171. [ 138.619896] 08 48
172. [ 138.620311] 08 0f
173. [ 138.621220] 89 d8
174. [ 138.621675] 05 <48>
175. [ 138.622707] 5b 5d
176. [ 138.623149] 3d
177. [ 138.623785] c3 66
178. [ 138.624238] 01
179. [ 138.624634] 0f 1f
180. [ 138.625032] f0 ff
181. [ 138.625402] 84
182. [ 138.625805] ff 0f
183. [ 138.626199] 00 00
184. [ 138.626618] 83
185. [ 138.627055] 00
186. [ 138.627499] 3b
187. [ 138.627935] 00 00
188. [ 138.628378] b6 fb
189. [ 138.628748] 48
190. [ 138.629156] ff
191. [ 138.629542] 89 e8
192. [ 138.629962] c3
193. [ 138.630389] 48
194. [ 138.630779] 66 2e
195. [ 138.631193] f7
196. [ 138.631599] 0f 1f
197. [ 138.631966] d8 48
198. [ 138.632337] 84
199. [ 138.632729] 39
200. [ 138.633173] 00
201. [ 138.633568] c3 0f
202. [ 138.633950] 00 00
203. [ 138.634313] 92 c0
204. [ 138.634728] 00
205. [ 138.635104] eb 92
206. [ 138.635869] 66 90
207. [ 138.636259] RSP: 002b:00007f3a970f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
208. [ 138.636676] b8
209. [ 138.637081] RAX: ffffffffffffffda RBX: 000000000070bea0 RCX: 0000000000455449
210. [ 138.637091] RDX: 000000000000039b RSI: 0000000000000004 RDI: 0000000020000080
211. [ 138.637472] 10 00
212. [ 138.637848] RBP: 00007f3a970f56d4 R08: 0000000000000000 R09: 0000000000000000
213. [ 138.638206] 00
214. [ 138.638649] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
215. [ 138.638657] R13: 00000000006e3268 R14: 00000000004a7936 R15: 0000000000000000
216. [ 138.639065] 00
217. [ 138.639473] Modules linked in:
218. [ 138.639836] 0f 05
219. [ 138.640713] <48> 3d
220. [ 138.642218] Dumping ftrace buffer:
221. [ 138.642580] 01
222. [ 138.643988] (ftrace buffer empty)
223. [ 138.645381] f0 ff
224. [ 138.645801] CR2: 0000000000000000
225. [ 138.647189] ff
226. [ 138.647831] ---[ end trace ce85462a718a8425 ]---
227. [ 138.649055] 0f 83 cd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
228. [ 138.649097] RSP: 002b:00007faa9ea61a18 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
229. [ 138.649105] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 00000000004552b7
230. [ 138.649110] RDX: 00007faa9ea61b50 RSI: 0000000000004c04 RDI: 0000000000000015
231. [ 138.649115] RBP: 00007faa9ea626d4 R08: 0000000000000001 R09: 000000000000000a
232. [ 138.649120] R10: 0000000000000000 R11: 0000000000000202 R12: 00007faa9ea61a40