executing program
syzkaller login: [   20.400563] ------------[ cut here ]------------
[   20.401643] WARNING: CPU: 0 PID: 2929 at drivers/ata/libata-sff.c:2799 ata_bmdma_qc_issue+0x2a5/0x550
[   20.403014] Kernel panic - not syncing: panic_on_warn set ...
[   20.403014] 
[   20.403911] CPU: 0 PID: 2929 Comm: syzkaller698056 Not tainted 4.13.0-rc4-next-20170811 #1
[   20.405027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[   20.406206] Call Trace:
[   20.406490]  dump_stack+0x194/0x257
[   20.406870]  ? arch_local_irq_restore+0x53/0x53
[   20.407496]  panic+0x1e4/0x417
[   20.407856]  ? __warn+0x1d9/0x1d9
[   20.408229]  ? show_regs_print_info+0x65/0x65
[   20.408737]  ? ata_bmdma_qc_issue+0x2a5/0x550
[   20.409224]  __warn+0x1c4/0x1d9
[   20.409609]  ? ata_bmdma_qc_issue+0x2a5/0x550
[   20.410109]  report_bug+0x211/0x2d0
[   20.410671]  fixup_bug+0x40/0x90
[   20.411784]  do_trap+0x260/0x390
[   20.413001]  ? hlock_class+0x140/0x140
[   20.413371]  do_error_trap+0x120/0x390
[   20.413784]  ? do_trap+0x390/0x390
[   20.414285]  ? ata_bmdma_qc_issue+0x2a5/0x550
[   20.414804]  ? check_noncircular+0x20/0x20
[   20.415372]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   20.416158]  do_invalid_op+0x1b/0x20
[   20.416768]  invalid_op+0x1e/0x30
[   20.417287] RIP: 0010:ata_bmdma_qc_issue+0x2a5/0x550
[   20.417863] RSP: 0018:ffff88006ab868b0 EFLAGS: 00010097
[   20.418807] RAX: ffff88006970c640 RBX: ffff88003c6b01f8 RCX: 0000001422da621a
[   20.420062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000101f7
[   20.420801] RBP: ffff88006ab868e8 R08: 00000000ffffffff R09: 000000003daf805b
[   20.421551] R10: 0000000000000004 R11: ffffed00078d6046 R12: ffff88003c6b0080
[   20.422300] R13: ffff88003c6b0220 R14: ffff88003c6b0200 R15: ffff88003c6b1f40
[   20.423054]  ata_qc_issue+0x698/0xea0
[   20.423483]  ? ata_qc_complete_multiple+0x200/0x200
[   20.423935]  ? lock_release+0xa40/0xa40
[   20.424302]  ? blk_rq_map_sg+0x681/0x1bc0
[   20.424697]  ? check_noncircular+0x20/0x20
[   20.425151]  ? ata_scsi_pass_thru+0x16c/0x1a60
[   20.425623]  ? ata_scsi_security_inout_xlat+0x820/0x820
[   20.425984]  ata_scsi_translate+0x34a/0x5e0
[   20.426308]  ? ata_scsi_security_inout_xlat+0x820/0x820
[   20.426823]  ata_scsi_queuecmd+0x2ae/0x6b0
[   20.427228]  scsi_dispatch_cmd+0x432/0xb60
[   20.427637]  ? scsi_init_request+0x2f0/0x2f0
[   20.428138]  ? sg_init_table+0x2b/0x60
[   20.428561]  ? scsi_init_sgtable+0x1f5/0x2c0
[   20.429025]  ? blk_mq_complete_request+0x30/0x30
[   20.429508]  ? scsi_init_io+0x222/0x410
[   20.429926]  ? scsi_io_completion+0x16b0/0x16b0
[   20.430434]  ? memset+0x31/0x40
[   20.430927]  scsi_queue_rq+0x155a/0x1e00
[   20.431540]  ? scsi_prep_fn+0x510/0x510
[   20.432123]  ? print_usage_bug+0x480/0x480
[   20.432857]  ? unwind_get_return_address+0x61/0xa0
[   20.433664]  ? __save_stack_trace+0x7e/0xd0
[   20.434203]  ? blk_mq_get_tag+0x34a/0xe50
[   20.435306]  ? __blk_mq_tag_idle+0x70/0x70
[   20.435977]  ? print_usage_bug+0x480/0x480
[   20.436483]  ? print_usage_bug+0x480/0x480
[   20.436922]  ? __lock_acquire+0x6aa/0x3bc0
[   20.437405]  ? find_held_lock+0x35/0x1d0
[   20.438221]  ? finish_wait+0x490/0x490
[   20.439004]  ? check_noncircular+0x20/0x20
[   20.440227]  ? __is_insn_slot_addr+0x1fc/0x330
[   20.441129]  ? blk_mq_get_driver_tag+0x327/0x9c0
[   20.441813]  ? check_noncircular+0x20/0x20
[   20.442413]  ? blk_mq_check_expired+0x220/0x220
[   20.442969]  ? scsi_prep_fn+0x510/0x510
[   20.443503]  blk_mq_dispatch_rq_list+0x8bc/0x1720
[   20.444125]  ? find_held_lock+0x35/0x1d0
[   20.444639]  ? blk_mq_try_issue_directly+0x210/0x210
[   20.445645]  ? dd_dispatch_request+0x3b2/0xc50
[   20.446349]  ? lock_downgrade+0x990/0x990
[   20.447032]  ? do_raw_spin_trylock+0x190/0x190
[   20.447628]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   20.448156]  ? depot_save_stack+0x3b5/0x490
[   20.448684]  ? _raw_spin_unlock+0x22/0x30
[   20.449102]  ? dd_dispatch_request+0x3b2/0xc50
[   20.449588]  ? save_stack_trace+0x16/0x20
[   20.450024]  ? save_stack+0x43/0xd0
[   20.450484]  ? dd_merged_requests+0x5d0/0x5d0
[   20.451253]  ? check_noncircular+0x20/0x20
[   20.451750]  ? check_noncircular+0x20/0x20
[   20.452379]  ? SyS_write+0xef/0x220
[   20.453063]  ? entry_SYSCALL_64_fastpath+0x1f/0xbe
[   20.453921]  ? check_noncircular+0x20/0x20
[   20.454396]  ? save_stack+0xa3/0xd0
[   20.454886]  ? save_stack_trace+0x16/0x20
[   20.455390]  ? save_stack+0x43/0xd0
[   20.455770]  ? kasan_kmalloc+0xaa/0xd0
[   20.456162]  ? __kmalloc+0x120/0x710
[   20.456603]  ? bio_copy_user_iov+0x2d1/0xe70
[   20.457029]  ? blk_rq_map_user_iov+0x28c/0x7f0
[   20.457512]  ? blk_rq_map_user+0x111/0x180
[   20.457838]  ? sg_common_write.isra.17+0x11fa/0x1c10
[   20.458241]  ? __vfs_write+0xef/0x970
[   20.458563]  ? dd_insert_requests+0x721/0xad0
[   20.458941]  ? lock_downgrade+0x990/0x990
[   20.459410]  ? rcu_read_lock_sched_held+0x108/0x120
[   20.459950]  ? blk_mq_sched_try_insert_merge+0x100/0x100
[   20.460628]  blk_mq_sched_dispatch_requests+0x752/0xb40
[   20.462084]  ? rcu_pm_notify+0xc0/0xc0
[   20.462652]  ? blk_mq_sched_assign_ioc+0x1a0/0x1a0
[   20.463406]  ? lock_acquire+0x1d5/0x580
[   20.463851]  ? lock_acquire+0x1d5/0x580
[   20.464312]  ? __blk_mq_run_hw_queue+0x154/0x280
[   20.464799]  ? blk_queue_split+0x20b0/0x20b0
[   20.465293]  ? bio_copy_user_iov+0x77f/0xe70
[   20.465771]  ? lock_release+0xa40/0xa40
[   20.466180]  ? bio_phys_segments+0x47/0x90
[   20.466614]  __blk_mq_run_hw_queue+0x1aa/0x280
[   20.467149]  __blk_mq_delay_run_hw_queue+0x175/0x1b0
[   20.467664]  blk_mq_run_hw_queue+0x1e/0x30
[   20.468172]  blk_mq_sched_insert_request+0x275/0x890
[   20.468697]  ? __blk_rq_unmap_user+0x90/0x90
[   20.469170]  ? blk_mq_sched_restart+0x8d0/0x8d0
[   20.469644]  ? blk_queue_exit+0x162/0x270
[   20.470121]  ? import_single_range+0x1ee/0x2e0
[   20.470582]  ? blk_rq_map_user+0x11c/0x180
[   20.471094]  ? blk_rq_unmap_user+0xe0/0xe0
[   20.471555]  ? blk_mq_alloc_request+0x122/0x280
[   20.472090]  ? blk_mq_get_request+0x1620/0x1620
[   20.472595]  ? refcount_add+0x60/0x60
[   20.473033]  blk_execute_rq_nowait+0x16d/0x310
[   20.473518]  ? sg_release+0x1f0/0x1f0
[   20.473931]  sg_common_write.isra.17+0xf80/0x1c10
[   20.474472]  ? lock_release+0xa40/0xa40
[   20.474926]  ? sg_open+0x1180/0x1180
[   20.475420]  ? __might_fault+0x110/0x1d0
[   20.475851]  ? check_stack_object+0x68/0x140
[   20.476355]  ? __check_object_size+0x268/0x500
[   20.476841]  ? lock_release+0xa40/0xa40
[   20.477529]  ? __might_sleep+0x95/0x190
[   20.478166]  sg_write+0x7a0/0xc90
[   20.478534]  ? sg_ioctl+0x2ec0/0x2ec0
[   20.478926]  ? __kernel_text_address+0xae/0xe0
[   20.479465]  ? unwind_get_return_address+0x61/0xa0
[   20.479990]  ? __save_stack_trace+0x7e/0xd0
[   20.480567]  ? depot_save_stack+0x12c/0x490
[   20.480937]  ? putname+0xee/0x130
[   20.481241]  ? save_stack+0xa3/0xd0
[   20.481539]  ? save_stack_trace+0x16/0x20
[   20.481866]  ? save_stack+0x43/0xd0
[   20.482145]  ? kasan_slab_free+0x6e/0xc0
[   20.482726]  ? kmem_cache_free+0x71/0x240
[   20.483093]  ? putname+0xee/0x130
[   20.483588]  ? do_sys_open+0x31b/0x6d0
[   20.484160]  ? SyS_open+0x2d/0x40
[   20.484641]  ? entry_SYSCALL_64_fastpath+0x1f/0xbe
[   20.485364]  ? sg_ioctl+0x2ec0/0x2ec0
[   20.485892]  __vfs_write+0xef/0x970
[   20.486421]  ? rcu_note_context_switch+0x710/0x710
[   20.487127]  ? default_llseek+0x290/0x290
[   20.487640]  ? __might_sleep+0x95/0x190
[   20.488074]  ? _cond_resched+0x14/0x30
[   20.489093]  ? __inode_security_revalidate+0xd9/0x130
[   20.490084]  ? avc_policy_seqno+0x9/0x20
[   20.490455]  ? selinux_file_permission+0x82/0x460
[   20.490979]  ? security_file_permission+0x89/0x1e0
[   20.492489]  ? rw_verify_area+0xe5/0x2b0
[   20.493585]  ? __fdget_raw+0x20/0x20
[   20.494562]  vfs_write+0x189/0x510
[   20.495546]  SyS_write+0xef/0x220
[   20.496553]  ? SyS_read+0x220/0x220
[   20.497560]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   20.498355]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   20.499329]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[   20.500040] RIP: 0033:0x439159
[   20.500483] RSP: 002b:00007fff352c9f28 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[   20.501935] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000439159
[   20.504064] RDX: 0000000000000090 RSI: 0000000020012000 RDI: 0000000000000003
[   20.504763] RBP: 0000000000000086 R08: 00000000000000fe R09: 0000000000000000
[   20.505635] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[   20.506797] R13: 0000000000401db0 R14: 0000000000401e40 R15: 0000000000000000
[   20.508324] Dumping ftrace buffer:
[   20.508902]    (ftrace buffer empty)
[   20.509435] Kernel Offset: disabled
[   20.509944] Rebooting in 86400 seconds..