On Wed, Aug 06, 2025 at 07:40:19PM +0800, cen zhang wrote: > Hello maintainers, > > I would like to report a kernel panic found using syzkaller on a 6.16.0-rc6. > > The kernel log shows two distinct but closely timed crash reports, > which I guess are related. > > 1. An XFS assertion failure: Assertion failed: flags & > IOMAP_DIO_OVERWRITE_ONLY, file: fs/xfs/xfs_file.c, line: 876 triggered > by a write() system call in xfs_file_dio_write_unaligned. > > 2. A KASAN use-after-free report on a task_struct object, triggered > during an ioctl() call (likely FICLONE or FIDEDUPERANGE). The crash > occurs in rwsem_down_write_slowpath when trying to lock an inode via > xfs_reflink_remap_prep. > > Unfortunately, I have not been able to create a standalone C > reproducer, and attempts to use syzkaller's repro tool on the syz-prog > have not reliably triggered the bug again. Thanks for the report, but it will be really hard to do anything without a reproducer. I case you are still trying to create one it would be great to hear if you have one!
