[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 38.605476] audit: type=1800 audit(1547468716.441:25): pid=7754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 38.633456] audit: type=1800 audit(1547468716.441:26): pid=7754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 38.662352] audit: type=1800 audit(1547468716.441:27): pid=7754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.10.29' (ECDSA) to the list of known hosts.
syzkaller login: [ 49.915667] IPVS: ftp: loaded support on port[0] = 21
[ 49.979008] chnl_net:caif_netlink_parms(): no params data found
[ 50.011599] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.018391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 50.025488] device bridge_slave_0 entered promiscuous mode
[ 50.032586] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.039052] bridge0: port 2(bridge_slave_1) entered disabled state
[ 50.046065] device bridge_slave_1 entered promiscuous mode
[ 50.062793] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 50.072139] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 50.090259] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 50.098005] team0: Port device team_slave_0 added
[ 50.103361] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 50.110701] team0: Port device team_slave_1 added
[ 50.115955] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 50.123212] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 50.205478] device hsr_slave_0 entered promiscuous mode
[ 50.274073] device hsr_slave_1 entered promiscuous mode
[ 50.343886] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 50.350776] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 50.364913] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.371336] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 50.378257] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.384653] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 50.417634] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 50.424436] 8021q: adding VLAN 0 to HW filter on device bond0
[ 50.432700] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 50.441440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 50.451569] bridge0: port 1(bridge_slave_0) entered disabled state
[ 50.459813] bridge0: port 2(bridge_slave_1) entered disabled state
[ 50.466979] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 50.478090] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 50.484667] 8021q: adding VLAN 0 to HW filter on device team0
[ 50.493110] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 50.501544] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.507937] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 50.524905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 50.532465] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.538880] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 50.546355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 50.554263] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 50.568186] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 50.578409] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 50.589473] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 50.596774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 50.604733] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 50.612366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 50.619974] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 50.631177] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 50.642191] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 50.663531] kasan: CONFIG_KASAN_INLINE enabled
[ 50.663601] ==================================================================
[ 50.668215] BUG: KASAN: stack-out-of-bounds in debug_object_deactivate+0x385/0x4b0
[ 50.675569] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 50.683276] Read of size 8 at addr ffff8880a854cab8 by task swapper/0/0
[ 50.690622] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 50.697358]
[ 50.703590] CPU: 1 PID: 7907 Comm: syz-executor466 Not tainted 4.20.0+ #3
[ 50.705207] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.20.0+ #3
[ 50.712118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.718250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.727607] RIP: 0010:debug_object_deactivate+0x16c/0x4b0
[ 50.736948] Call Trace:
[ 50.742482] Code: c1 ea 03 42 80 3c 2a 00 0f 85 49 02 00 00 4d 8b 24 24 4d 85 e4 0f 84 d1 00 00 00 49 8d 7c 24 18 83 c3 01 48 89 fa 48 c1 ea 03 <42> 80 3c 2a 00 0f 85 fa 01 00 00 49 3b 4c 24 18 75 c0 49 8d 7c 24
[ 50.745049]
[ 50.763946] RSP: 0018:ffff8880ae707b80 EFLAGS: 00010006
[ 50.766093] dump_stack+0x1db/0x2d0
[ 50.771436] RAX: 1ffffffff16d4c90 RBX: 0000000000000009 RCX: ffff8880ae726620
[ 50.775061] ? dump_stack_print_info.cold+0x20/0x20
[ 50.782332] RDX: 0000000000000003 RSI: 0000000000000004 RDI: 0000000000000019
[ 50.782342] RBP: ffff8880ae707c70 R08: 1ffff11015ce0f5c R09: ffffffff899ae220
[ 50.787361] ? kasan_check_read+0x11/0x20
[ 50.794613] R10: 0000000000000082 R11: 0000000000000003 R12: 0000000000000001
[ 50.801884] ? do_raw_spin_lock+0x156/0x360
[ 50.806017] R13: dffffc0000000000 R14: 1ffff11015ce0f74 R15: ffffffff8b6a6488
[ 50.813286] ? debug_object_deactivate+0x385/0x4b0
[ 50.817592] FS: 0000000001eec880(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
[ 50.824862] print_address_description.cold+0x7c/0x20d
[ 50.829774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 50.837993] ? debug_object_deactivate+0x385/0x4b0
[ 50.843255] CR2: 00000000200000c0 CR3: 00000000a1bf5000 CR4: 00000000001406e0
[ 50.849137] kasan_report.cold+0x8c/0x2ba
[ 50.854049] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 50.861340] __asan_report_load8_noabort+0x14/0x20
[ 50.865464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 50.872746] debug_object_deactivate+0x385/0x4b0
[ 50.877655] Call Trace:
[ 50.884923] ? debug_stats_show+0x100/0x100
[ 50.889664]
[ 50.892249] ? add_lock_to_list.isra.0+0x450/0x450
[ 50.896557] ? clockevents_program_event+0x15f/0x380
[ 50.898700] ? __lock_is_held+0xb6/0x140
[ 50.903619] ? debug_stats_show+0x100/0x100
[ 50.908717] __hrtimer_run_queues+0x225/0x1050
[ 50.912769] ? __lock_is_held+0xb6/0x140
[ 50.917085] ? trace_hardirqs_on_caller+0x310/0x310
[ 50.921656] __hrtimer_run_queues+0x225/0x1050
[ 50.925756] ? hrtimer_start_range_ns+0xda0/0xda0
[ 50.930763] ? trace_hardirqs_on_caller+0x310/0x310
[ 50.935354] ? kvm_clock_read+0x18/0x30
[ 50.940188] ? hrtimer_start_range_ns+0xda0/0xda0
[ 50.945191] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 50.949158] ? kvm_clock_read+0x18/0x30
[ 50.953986] ? ktime_get_update_offsets_now+0x3d5/0x5e0
[ 50.959033] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 50.963001] ? do_timer+0x50/0x50
[ 50.968385] ? ktime_get_update_offsets_now+0x3d5/0x5e0
[ 50.973393] ? nr_iowait_cpu+0x9c/0x150
[ 50.976838] ? do_timer+0x50/0x50
[ 50.982189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 50.986156] ? add_lock_to_list.isra.0+0x450/0x450
[ 50.989602] hrtimer_interrupt+0x314/0x770
[ 50.995129] ? rcu_softirq_qs+0x20/0x20
[ 51.000053] smp_apic_timer_interrupt+0x18d/0x760
[ 51.004277] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 51.008243] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 51.013090] hrtimer_interrupt+0x314/0x770
[ 51.018790] ? smp_call_function_single_interrupt+0x640/0x640
[ 51.023625] smp_apic_timer_interrupt+0x18d/0x760
[ 51.027851] ? trace_hardirqs_off+0x310/0x310
[ 51.033775] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 51.038609] ? task_prio+0x50/0x50
[ 51.043094] ? smp_call_function_single_interrupt+0x640/0x640
[ 51.047925] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 51.051451] ? trace_hardirqs_off+0x310/0x310
[ 51.057346] ? check_preemption_disabled+0x48/0x290
[ 51.062877] ? task_prio+0x50/0x50
[ 51.067366] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 51.072418] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 51.075950] apic_timer_interrupt+0xf/0x20
[ 51.080782] ? check_preemption_disabled+0x48/0x290
[ 51.086299]
[ 51.090595] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 51.095601] RIP: 0010:native_safe_halt+0x2/0x10
[ 51.097835] apic_timer_interrupt+0xf/0x20
[ 51.102662] Code: ff ff ff 48 89 c7 48 89 45 d8 e8 c9 1a ce f9 48 8b 45 d8 e9 ce fe ff ff 48 89 df e8 b8 1a ce f9 eb 82 90 90 90 90 90 90 fb f4 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f4 c3 90 90 90 90 90 90
[ 51.107335]
[ 51.111565] RSP: 0018:ffffffff89807c60 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 51.130456] Modules linked in:
[ 51.132687] RAX: 1ffffffff1324a09 RBX: 1ffffffff1300f8f RCX: 0000000000000000
[ 51.140382]
[ 51.140388] ======================================================
[ 51.140393] WARNING: possible circular locking dependency detected
[ 51.140396] 4.20.0+ #3 Not tainted
[ 51.140401] ------------------------------------------------------
[ 51.140406] syz-executor466/7907 is trying to acquire lock:
[ 51.140409] 000000004bb77632 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70
[ 51.140423]
[ 51.140428] but task is already holding lock:
[ 51.140431] 00000000bf17e612 (&obj_hash[i].lock){-.-.}, at: debug_object_deactivate+0x101/0x4b0
[ 51.140445]
[ 51.140449] which lock already depends on the new lock.
[ 51.140451]
[ 51.140454]
[ 51.140459] the existing dependency chain (in reverse order) is:
[ 51.140461]
[ 51.140463] -> #3 (&obj_hash[i].lock){-.-.}:
[ 51.140477] _raw_spin_lock_irqsave+0x95/0xcd
[ 51.140481] __debug_object_init+0xf6/0x12d0
[ 51.140484] debug_object_init+0x16/0x20
[ 51.140488] hrtimer_init+0x97/0x480
[ 51.140491] init_dl_task_timer+0x1b/0x50
[ 51.140495] __sched_fork+0x2bf/0x5b0
[ 51.140498] init_idle+0x75/0x670
[ 51.140502] sched_init+0xb10/0xbe8
[ 51.140506] start_kernel+0x440/0x8bd
[ 51.140510] x86_64_start_reservations+0x29/0x2b
[ 51.140514] x86_64_start_kernel+0x77/0x7b
[ 51.140518] secondary_startup_64+0xa4/0xb0
[ 51.140520]
[ 51.140522] -> #2 (&rq->lock){-.-.}:
[ 51.140535] _raw_spin_lock+0x2f/0x40
[ 51.140539] task_fork_fair+0xb5/0x7a0
[ 51.140543] sched_fork+0x437/0xb90
[ 51.140547] copy_process+0x1ff6/0x8730
[ 51.140550] _do_fork+0x1a9/0x1170
[ 51.140554] kernel_thread+0x34/0x40
[ 51.140558] rest_init+0x28/0x37b
[ 51.140562] arch_call_rest_init+0xe/0x1b
[ 51.140565] start_kernel+0x882/0x8bd
[ 51.140570] x86_64_start_reservations+0x29/0x2b
[ 51.140574] x86_64_start_kernel+0x77/0x7b
[ 51.140578] secondary_startup_64+0xa4/0xb0
[ 51.140580]
[ 51.140582] -> #1 (&p->pi_lock){-.-.}:
[ 51.140595] _raw_spin_lock_irqsave+0x95/0xcd
[ 51.140599] try_to_wake_up+0xb9/0x1480
[ 51.140603] wake_up_process+0x10/0x20
[ 51.140606] __up.isra.0+0x1c0/0x2a0
[ 51.140610] up+0x13e/0x1c0
[ 51.140614] __up_console_sem+0xb7/0x1c0
[ 51.140617] console_unlock+0x778/0x11e0
[ 51.140621] vprintk_emit+0x370/0x960
[ 51.140625] vprintk_default+0x28/0x30
[ 51.140628] vprintk_func+0x7e/0x189
[ 51.140632] printk+0xba/0xed
[ 51.140635] do_exit.cold+0x155/0x16a
[ 51.140639] do_group_exit+0x177/0x430
[ 51.140643] __x64_sys_exit_group+0x44/0x50
[ 51.140647] do_syscall_64+0x1a3/0x800
[ 51.140651] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 51.140653]
[ 51.140656] -> #0 ((console_sem).lock){-.-.}:
[ 51.140669] lock_acquire+0x1db/0x570
[ 51.140673] _raw_spin_lock_irqsave+0x95/0xcd
[ 51.140677] down_trylock+0x13/0x70
[ 51.140681] __down_trylock_console_sem+0xa8/0x210
[ 51.140685] console_trylock+0x15/0xa0
[ 51.140689] vprintk_emit+0x351/0x960
[ 51.140692] vprintk_default+0x28/0x30
[ 51.140696] vprintk_func+0x7e/0x189
[ 51.140700] printk+0xba/0xed
[ 51.140703] kasan_die_handler.cold+0x11/0x23
[ 51.140707] notifier_call_chain+0x179/0x380
[ 51.140712] atomic_notifier_call_chain+0x96/0x190
[ 51.140715] notify_die+0x1b2/0x270
[ 51.140719] do_general_protection+0x13d/0x300
[ 51.140723] general_protection+0x1e/0x30
[ 51.140727] debug_object_deactivate+0x16c/0x4b0
[ 51.140731] __hrtimer_run_queues+0x225/0x1050
[ 51.140735] hrtimer_interrupt+0x314/0x770
[ 51.140740] smp_apic_timer_interrupt+0x18d/0x760
[ 51.140744] apic_timer_interrupt+0xf/0x20
[ 51.140746]
[ 51.140751] other info that might help us debug this:
[ 51.140753]
[ 51.140756] Chain exists of:
[ 51.140758] (console_sem).lock --> &rq->lock --> &obj_hash[i].lock
[ 51.140774]
[ 51.140778] Possible unsafe locking scenario:
[ 51.140781]
[ 51.140784] CPU0 CPU1
[ 51.140788] ---- ----
[ 51.140791] lock(&obj_hash[i].lock);
[ 51.140799] lock(&rq->lock);
[ 51.140808] lock(&obj_hash[i].lock);
[ 51.140816] lock((console_sem).lock);
[ 51.140829]
[ 51.140832] *** DEADLOCK ***
[ 51.140834]
[ 51.140838] 6 locks held by syz-executor466/7907:
[ 51.140841] #0: 000000000ef89f7e (&tfile->napi_mutex){+.+.}, at: tun_get_user+0x125f/0x4150
[ 51.140857] #1: 000000002e28d845 (rcu_read_lock){....}, at: netif_receive_skb_internal+0x9c/0x690
[ 51.140873] #2: 000000002e28d845 (rcu_read_lock){....}, at: ip_local_deliver_finish+0x13a/0x390
[ 51.140890] #3: 000000006ea68e3b (hrtimer_bases.lock){-.-.}, at: hrtimer_interrupt+0xff/0x770
[ 51.140906] #4: 00000000bf17e612 (&obj_hash[i].lock){-.-.}, at: debug_object_deactivate+0x101/0x4b0
[ 51.140923] #5: 000000002e28d845 (rcu_read_lock){....}, at: atomic_notifier_call_chain+0x0/0x190
[ 51.140939]
[ 51.140942] stack backtrace:
[ 51.140948] CPU: 1 PID: 7907 Comm: syz-executor466 Not tainted 4.20.0+ #3
[ 51.140954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 51.140958] Call Trace:
[ 51.140960]
[ 51.140964] dump_stack+0x1db/0x2d0
[ 51.140969] ? dump_stack_print_info.cold+0x20/0x20
[ 51.140972] ? print_stack_trace+0x77/0xb0
[ 51.140976] ? vprintk_func+0x86/0x189
[ 51.140981] print_circular_bug.isra.0.cold+0x1cc/0x28f
[ 51.140985] __lock_acquire+0x3014/0x4a30
[ 51.140989] ? mark_held_locks+0x100/0x100
[ 51.140993] ? add_lock_to_list.isra.0+0x450/0x450
[ 51.140998] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 51.141002] ? add_lock_to_list.isra.0+0x450/0x450
[ 51.141006] ? pvclock_read_flags+0x160/0x160
[ 51.141010] lock_acquire+0x1db/0x570
[ 51.141014] ? down_trylock+0x13/0x70
[ 51.141017] ? lock_release+0xc40/0xc40
[ 51.141022] ? trace_hardirqs_on_caller+0x310/0x310
[ 51.141026] ? trace_hardirqs_off+0xb8/0x310
[ 51.141030] _raw_spin_lock_irqsave+0x95/0xcd
[ 51.141033] ? down_trylock+0x13/0x70
[ 51.141037] ? vprintk_emit+0x351/0x960
[ 51.141041] down_trylock+0x13/0x70
[ 51.141045] ? vprintk_emit+0x351/0x960
[ 51.141049] __down_trylock_console_sem+0xa8/0x210
[ 51.141053] console_trylock+0x15/0xa0
[ 51.141056] vprintk_emit+0x351/0x960
[ 51.141060] ? wake_up_klogd+0x180/0x180
[ 51.141064] ? __lock_acquire+0x572/0x4a30
[ 51.141068] ? print_usage_bug+0xd0/0xd0
[ 51.141072] vprintk_default+0x28/0x30
[ 51.141075] vprintk_func+0x7e/0x189
[ 51.141079] printk+0xba/0xed
[ 51.141083] ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 51.141087] ? lock_downgrade+0x910/0x910
[ 51.141091] ? print_usage_bug+0xd0/0xd0
[ 51.141095] ? kasan_die_handler.cold+0x5/0x23
[ 51.141099] ? kasan_die_handler+0x1a/0x31
[ 51.141103] kasan_die_handler.cold+0x11/0x23
[ 51.141108] notifier_call_chain+0x179/0x380
[ 51.141112] ? unregister_die_notifier+0x30/0x30
[ 51.141116] ? rcu_softirq_qs+0x20/0x20
[ 51.141120] ? rcu_softirq_qs+0x20/0x20
[ 51.141124] atomic_notifier_call_chain+0x96/0x190
[ 51.141127] notify_die+0x1b2/0x270
[ 51.141132] ? __atomic_notifier_call_chain+0x1a0/0x1a0
[ 51.141136] ? debug_object_deactivate+0x16c/0x4b0
[ 51.141140] ? debug_object_deactivate+0x16c/0x4b0
[ 51.141144] ? search_exception_tables+0x49/0x50
[ 51.141148] ? fixup_exception+0xad/0xe0
[ 51.141152] do_general_protection+0x13d/0x300
[ 51.141156] general_protection+0x1e/0x30
[ 51.141160] RIP: 0010:debug_object_deactivate+0x16c/0x4b0
[ 51.141172] Code: c1 ea 03 42 80 3c 2a 00 0f 85 49 02 00 00 4d 8b 24 24 4d 85 e4 0f 84 d1 00 00 00 49 8d 7c 24 18 83 c3 01 48 89 fa 48 c1 ea 03 <42> 80 3c 2a 00 0f 85 fa 01 00 00 49 3b 4c 24 18 75 c0 49 8d 7c 24
[ 51.141176] RSP: 0018:ffff8880ae707b80 EFLAGS: 00010006
[ 51.141184] RAX: 1ffffffff16d4c90 RBX: 0000000000000009 RCX: ffff8880ae726620
[ 51.141190] RDX: 0000000000000003 RSI: 0000000000000004 RDI: 0000000000000019
[ 51.141195] RBP: ffff8880ae707c70 R08: 1ffff11015ce0f5c R09: ffffffff899ae220
[ 51.141200] R10: 0000000000000082 R11: 0000000000000003 R12: 0000000000000001
[ 51.141206] R13: dffffc0000000000 R14: 1ffff11015ce0f74 R15: ffffffff8b6a6488
[ 51.141210] ? clockevents_program_event+0x15f/0x380
[ 51.141214] ? debug_stats_show+0x100/0x100
[ 51.141218] ? __lock_is_held+0xb6/0x140
[ 51.141222] __hrtimer_run_queues+0x225/0x1050
[ 51.141226] ? trace_hardirqs_on_caller+0x310/0x310
[ 51.141231] ? hrtimer_start_range_ns+0xda0/0xda0
[ 51.141234] ? kvm_clock_read+0x18/0x30
[ 51.141239] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 51.141243] ? ktime_get_update_offsets_now+0x3d5/0x5e0
[ 51.141246] ? do_timer+0x50/0x50
[ 51.141251] ? add_lock_to_list.isra.0+0x450/0x450
[ 51.141254] ? rcu_softirq_qs+0x20/0x20
[ 51.141259] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 51.141263] hrtimer_interrupt+0x314/0x770
[ 51.141267] smp_apic_timer_interrupt+0x18d/0x760
[ 51.141272] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 51.141277] ? smp_call_function_single_interrupt+0x640/0x640
[ 51.141281] ? trace_hardirqs_off+0x310/0x310
[ 51.141284] ? task_prio+0x50/0x50
[ 51.141289] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 51.141293] ? check_preemption_disabled+0x48/0x290
[ 51.141298] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 51.141319] apic_timer_interrupt+0xf/0x20
[ 51.141322]
[ 51.141333] ---[ end trace 9991f0df0986b6d9 ]---
[ 51.143568] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffffff8987b73c
[ 51.150844] RIP: 0010:debug_object_deactivate+0x16c/0x4b0
[ 51.152452] RBP: ffffffff89807d20 R08: ffffffff8987aec0 R09: 0000000000000000
[ 51.158782] Code: c1 ea 03 42 80 3c 2a 00 0f 85 49 02 00 00 4d 8b 24 24 4d 85 e4 0f 84 d1 00 00 00 49 8d 7c 24 18 83 c3 01 48 89 fa 48 c1 ea 03 <42> 80 3c 2a 00 0f 85 fa 01 00 00 49 3b 4c 24 18 75 c0 49 8d 7c 24
[ 51.165088] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 51.168618] RSP: 0018:ffff8880ae707b80 EFLAGS: 00010006
[ 51.174926] R13: ffffffff89807cf8 R14: 0000000000000000 R15: ffffffff89925038
[ 51.180628] RAX: 1ffffffff16d4c90 RBX: 0000000000000009 RCX: ffff8880ae726620
[ 51.188430] ? default_idle+0xb5/0x490
[ 51.190031] RDX: 0000000000000003 RSI: 0000000000000004 RDI: 0000000000000019
[ 51.194520] ? rcu_dynticks_eqs_enter+0x4f/0x80
[ 51.203347] RBP: ffff8880ae707c70 R08: 1ffff11015ce0f5c R09: ffffffff899ae220
[ 51.204980] ? __sched_text_end+0x4/0x4
[ 51.210342] R10: 0000000000000082 R11: 0000000000000003 R12: 0000000000000001
[ 51.211971] ? rcu_idle_enter+0x408/0x530
[ 51.213586] R13: dffffc0000000000 R14: 1ffff11015ce0f74 R15: ffffffff8b6a6488
[ 51.219723] ? rcu_eqs_special_set+0x1c0/0x1c0
[ 51.221356] FS: 0000000001eec880(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
[ 51.225757] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 51.230760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 51.235682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 51.240245] CR2: 00000000200000c0 CR3: 00000000a1bf5000 CR4: 00000000001406e0
[ 51.244477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 51.249131] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 51.253453] arch_cpu_idle+0x10/0x20
[ 51.257411] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 51.261554] default_idle_call+0x36/0x90
[ 51.265912] Kernel panic - not syncing: Fatal exception in interrupt
[ 51.271234] do_idle+0x386/0x5d0
[ 52.238804] ? __schedule+0x1e90/0x1e90
[ 52.242776] ? arch_cpu_idle_exit+0x80/0x80
[ 52.247096] ? check_preemption_disabled+0x48/0x290
[ 52.252111] cpu_startup_entry+0x1b/0x20
[ 52.256170] rest_init+0x245/0x37b
[ 52.259708] arch_call_rest_init+0xe/0x1b
[ 52.263849] start_kernel+0x882/0x8bd
[ 52.267644] ? mem_encrypt_init+0xb/0xb
[ 52.271618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 52.277150] ? x86_family+0x41/0x50
[ 52.280770] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 52.286317] x86_64_start_reservations+0x29/0x2b
[ 52.291077] x86_64_start_kernel+0x77/0x7b
[ 52.295315] secondary_startup_64+0xa4/0xb0
[ 52.299640]
[ 52.301283] Allocated by task 1:
[ 52.304639] (stack is not available)
[ 52.308342]
[ 52.309958] Freed by task 806276096:
[ 52.313681] BUG: unable to handle kernel paging request at 0000000000003d4c
[ 52.320767] #PF error: [normal kernel read fault]
[ 52.325600] PGD a8276067 P4D a8276067 PUD 97159067 PMD 0
[ 52.331142] Oops: 0000 [#2] PREEMPT SMP KASAN
[ 52.335632] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G D 4.20.0+ #3
[ 52.343153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 52.352506] RIP: 0010:depot_fetch_stack+0x18/0x30
[ 52.357345] Code: ff 48 89 df e8 e9 3f 20 fe e9 f1 fd ff ff 90 90 90 90 89 f8 c1 ef 11 25 ff ff 1f 00 81 e7 f0 3f 00 00 48 03 3c c5 60 64 f4 8b <8b> 47 0c 48 83 c7 18 c7 46 10 00 00 00 00 48 89 7e 08 89 46 04 89
[ 52.376243] RSP: 0018:ffff8880ae607ab0 EFLAGS: 00010002
[ 52.381598] RAX: 00000000000494fe RBX: ffff8880a854caec RCX: 0000000000000000
[ 52.388862] RDX: 0000000000000000 RSI: ffff8880ae607ab8 RDI: 0000000000003d40
[ 52.396127] RBP: ffff8880ae607ae0 R08: 0000000000000018 R09: ffffed1015cc3ef9
[ 52.403391] R10: ffffed1015cc3ef8 R11: ffff8880ae61f7c7 R12: ffffea0002a15300
[ 52.410651] R13: ffff8880a854cab8 R14: ffff88812c3ebe40 R15: ffff8880a854cae0
[ 52.417918] FS: 0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[ 52.418633] Shutting down cpus with NMI