[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 28.410357] kauditd_printk_skb: 7 callbacks suppressed [ 28.410371] audit: type=1800 audit(1542590926.245:29): pid=5844 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 28.450565] audit: type=1800 audit(1542590926.255:30): pid=5844 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.56' (ECDSA) to the list of known hosts. syzkaller login: [ 35.684841] IPVS: ftp: loaded support on port[0] = 21 [ 35.844278] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.851062] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.858322] device bridge_slave_0 entered promiscuous mode [ 35.876465] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.882831] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.889967] device bridge_slave_1 entered promiscuous mode [ 35.907442] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.926741] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.975659] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 35.996254] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 36.071676] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 36.079137] team0: Port device team_slave_0 added [ 36.096708] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 36.103789] team0: Port device team_slave_1 added [ 36.120158] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 36.139607] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 36.159037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.178494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 36.321915] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.328360] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.335282] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.341631] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 36.848705] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.899037] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 36.949744] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 36.956385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 36.963563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.014406] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.391139] syz-executor496 (6238) used greatest stack depth: 15648 bytes left [ 48.565267] WARNING: CPU: 1 PID: 0 at kernel/sched/sched.h:1015 update_load_avg+0x1539/0x2470 [ 48.565370] ================================================================== [ 48.574094] BUG: KASAN: stack-out-of-bounds in debug_object_deactivate+0x3a8/0x450 [ 48.581436] Kernel panic - not syncing: panic_on_warn set ... [ 48.589142] Read of size 8 at addr ffff8881dae000e0 by task syz-executor496/6371 [ 48.595009] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.20.0-rc2+ #302 [ 48.602516] [ 48.609167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.620111] Call Trace: [ 48.622690] [ 48.624844] dump_stack+0x244/0x39d [ 48.628478] ? dump_stack_print_info.cold.1+0x20/0x20 [ 48.633674] panic+0x2ad/0x55c [ 48.636881] ? add_taint.cold.5+0x16/0x16 [ 48.641040] ? __warn.cold.8+0x5/0x45 [ 48.644838] ? __warn+0xe8/0x1d0 [ 48.648206] ? update_load_avg+0x1539/0x2470 [ 48.652610] __warn.cold.8+0x20/0x45 [ 48.656320] ? rcu_softirq_qs+0x20/0x20 [ 48.660292] ? update_load_avg+0x1539/0x2470 [ 48.664699] report_bug+0x254/0x2d0 [ 48.668325] do_error_trap+0x11b/0x200 [ 48.672213] do_invalid_op+0x36/0x40 [ 48.675923] ? update_load_avg+0x1539/0x2470 [ 48.680331] invalid_op+0x14/0x20 [ 48.683782] RIP: 0010:update_load_avg+0x1539/0x2470 [ 48.688796] Code: e8 fc e1 69 00 e9 8b f8 ff ff 48 8d 7a 18 be ff ff ff ff 48 89 95 30 fb ff ff e8 52 e5 07 00 48 8b 95 30 fb ff ff 85 c0 75 29 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 f9 48 c1 e9 03 80 3c 01 [ 48.707695] RSP: 0018:ffff8881daf07238 EFLAGS: 00010046 [ 48.713057] RAX: 0000000000000000 RBX: ffff8881b3b487c0 RCX: 0000000000000000 [ 48.720319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000086 [ 48.727582] RBP: ffff8881daf07750 R08: 0000000000000000 R09: 0000000000000001 [ 48.734849] R10: 0000000000000000 R11: ffff8881daf2d850 R12: ffff8881bf344bc0 [ 48.742128] R13: ffff8881daf07728 R14: 0000000000000000 R15: ffff8881b3b48930 [ 48.749421] ? update_load_avg+0x152e/0x2470 [ 48.753833] ? __lock_acquire+0x62f/0x4c20 [ 48.758096] ? attach_entity_load_avg+0x860/0x860 [ 48.762957] ? mark_held_locks+0x130/0x130 [ 48.767235] ? print_usage_bug+0xc0/0xc0 [ 48.771321] ? account_entity_enqueue+0x3a3/0x660 [ 48.776174] ? print_usage_bug+0xc0/0xc0 [ 48.780246] ? print_usage_bug+0xc0/0xc0 [ 48.784307] ? print_usage_bug+0xc0/0xc0 [ 48.788368] ? rcu_pm_notify+0xc0/0xc0 [ 48.792253] ? trace_hardirqs_on+0x310/0x310 [ 48.796660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 48.802197] ? check_preemption_disabled+0x48/0x280 [ 48.807215] ? __lock_acquire+0x62f/0x4c20 [ 48.811470] ? __lock_acquire+0x62f/0x4c20 [ 48.815757] ? mark_held_locks+0x130/0x130 [ 48.819997] ? mark_held_locks+0x130/0x130 [ 48.824229] ? print_usage_bug+0xc0/0xc0 [ 48.828293] ? trace_hardirqs_off+0xb8/0x310 [ 48.832702] ? rcu_pm_notify+0xc0/0xc0 [ 48.836588] ? trace_hardirqs_on+0x310/0x310 [ 48.840999] ? zap_class+0x640/0x640 [ 48.844717] ? update_blocked_averages+0x156/0x1e00 [ 48.849734] ? zap_class+0x640/0x640 [ 48.853459] ? __update_load_avg_se+0xae0/0xae0 [ 48.858128] ? __lock_is_held+0xb5/0x140 [ 48.862196] update_blocked_averages+0xcc7/0x1e00 [ 48.867039] ? nohz_balance_enter_idle+0x6c0/0x6c0 [ 48.871994] ? set_next_entity+0xc70/0xc70 [ 48.876231] ? __run_timers+0xa20/0xc70 [ 48.880221] ? _raw_spin_unlock_irq+0x27/0x80 [ 48.884726] ? _raw_spin_unlock_irq+0x27/0x80 [ 48.889220] ? lockdep_hardirqs_on+0x296/0x5b0 [ 48.893801] ? trace_hardirqs_on+0xbd/0x310 [ 48.898133] ? kasan_check_read+0x11/0x20 [ 48.902289] ? __run_timers+0xa20/0xc70 [ 48.906318] ? trace_hardirqs_off_caller+0x310/0x310 [ 48.911424] ? zap_class+0x640/0x640 [ 48.915159] ? _raw_spin_unlock_irq+0x60/0x80 [ 48.919649] ? __run_timers+0xa4a/0xc70 [ 48.923625] ? timer_fixup_init+0x70/0x70 [ 48.927773] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 48.932793] ? zap_class+0x640/0x640 [ 48.936668] ? enqueue_hrtimer+0x1a5/0x560 [ 48.940902] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 48.946094] ? find_held_lock+0x36/0x1c0 [ 48.950158] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 48.955699] ? check_preemption_disabled+0x48/0x280 [ 48.960716] run_rebalance_domains+0x37c/0x500 [ 48.965301] ? _nohz_idle_balance+0x7a0/0x7a0 [ 48.969804] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 48.975349] ? rcu_pm_notify+0xc0/0xc0 [ 48.979256] __do_softirq+0x308/0xb7e [ 48.983057] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 48.987549] ? lock_downgrade+0x900/0x900 [ 48.991697] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 48.996802] ? pvclock_read_flags+0x160/0x160 [ 49.001300] ? lapic_next_event+0x5a/0x90 [ 49.005447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.011009] ? kvm_clock_read+0x18/0x30 [ 49.014998] ? kvm_sched_clock_read+0x9/0x20 [ 49.019417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.025009] ? check_preemption_disabled+0x48/0x280 [ 49.030038] irq_exit+0x17f/0x1c0 [ 49.033492] smp_apic_timer_interrupt+0x1cb/0x760 [ 49.038333] ? smp_reschedule_interrupt+0x109/0x650 [ 49.043347] ? smp_call_function_single_interrupt+0x650/0x650 [ 49.049230] ? interrupt_entry+0xb5/0xc0 [ 49.053307] ? trace_hardirqs_off_caller+0xbb/0x310 [ 49.058319] ? trace_hardirqs_off_caller+0xbb/0x310 [ 49.063335] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.068691] ? trace_hardirqs_on_caller+0x310/0x310 [ 49.073705] ? trace_hardirqs_on_caller+0x310/0x310 [ 49.078720] ? task_prio+0x50/0x50 [ 49.082261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.087797] ? check_preemption_disabled+0x48/0x280 [ 49.092816] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.097659] apic_timer_interrupt+0xf/0x20 [ 49.101885] [ 49.104154] RIP: 0010:native_safe_halt+0x6/0x10 [ 49.108831] Code: e9 2c ff ff ff 48 89 c7 48 89 45 d8 e8 33 22 e6 f9 48 8b 45 d8 e9 ca fe ff ff 48 89 df e8 22 22 e6 f9 eb 82 55 48 89 e5 fb f4 <5d> c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 f4 5d c3 90 90 90 90 90 [ 49.127726] RSP: 0018:ffff8881d9b27cb8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 49.135434] RAX: dffffc0000000000 RBX: 1ffff1103b364f9b RCX: 0000000000000000 [ 49.142705] RDX: 1ffffffff12a3f71 RSI: 0000000000000001 RDI: ffffffff8951fb88 [ 49.149972] RBP: ffff8881d9b27cb8 R08: ffff8881d9b14340 R09: 0000000000000000 [ 49.157253] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881d9b27d78 [ 49.164544] R13: ffffffff8a1640e0 R14: 0000000000000000 R15: 0000000000000001 [ 49.171830] default_idle+0xbf/0x490 [ 49.175551] ? rcu_dynticks_eqs_enter+0x4f/0x80 [ 49.180220] ? __sched_text_end+0x1/0x1 [ 49.184203] ? rcu_idle_enter+0x39a/0x530 [ 49.188363] ? rcu_eqs_special_set+0x1c0/0x1c0 [ 49.192945] ? tsc_verify_tsc_adjust+0x137/0x450 [ 49.197703] ? trace_hardirqs_off_caller+0x310/0x310 [ 49.202805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.208342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.213875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.219416] arch_cpu_idle+0x10/0x20 [ 49.223129] default_idle_call+0x6d/0x90 [ 49.227222] do_idle+0x49b/0x5c0 [ 49.230591] ? arch_cpu_idle_exit+0x70/0x70 [ 49.234970] cpu_startup_entry+0x18/0x20 [ 49.239058] start_secondary+0x487/0x5f0 [ 49.243150] ? set_cpu_sibling_map+0x1890/0x1890 [ 49.247925] secondary_startup_64+0xa4/0xb0 [ 49.252254] CPU: 0 PID: 6371 Comm: syz-executor496 Not tainted 4.20.0-rc2+ #302 [ 49.252257] [ 49.252265] ====================================================== [ 49.252286] WARNING: possible circular locking dependency detected [ 49.252297] 4.20.0-rc2+ #302 Not tainted [ 49.252301] ------------------------------------------------------ [ 49.252305] swapper/1/0 is trying to acquire lock: [ 49.252307] 00000000cee8b2f6 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70 [ 49.252320] [ 49.252324] but task is already holding lock: [ 49.252327] 000000008d358a10 (&rq->lock){-.-.}, at: update_blocked_averages+0x156/0x1e00 [ 49.252340] [ 49.252345] which lock already depends on the new lock. [ 49.252362] [ 49.252365] [ 49.252369] the existing dependency chain (in reverse order) is: [ 49.252371] [ 49.252374] -> #2 (&rq->lock){-.-.}: [ 49.252386] _raw_spin_lock+0x2d/0x40 [ 49.252390] task_fork_fair+0xb0/0x6d0 [ 49.252393] sched_fork+0x443/0xba0 [ 49.252397] copy_process+0x25b8/0x87a0 [ 49.252400] _do_fork+0x1cb/0x11d0 [ 49.252404] kernel_thread+0x34/0x40 [ 49.252408] rest_init+0x28/0x372 [ 49.252411] arch_call_rest_init+0xe/0x1b [ 49.252415] start_kernel+0x9f0/0xa2b [ 49.252419] x86_64_start_reservations+0x2e/0x30 [ 49.252426] x86_64_start_kernel+0x76/0x79 [ 49.252429] secondary_startup_64+0xa4/0xb0 [ 49.252432] [ 49.252434] -> #1 (&p->pi_lock){-.-.}: [ 49.252446] _raw_spin_lock_irqsave+0x99/0xd0 [ 49.252466] try_to_wake_up+0xdc/0x1490 [ 49.252470] wake_up_process+0x10/0x20 [ 49.252473] __up.isra.1+0x1c0/0x2a0 [ 49.252476] up+0x13c/0x1c0 [ 49.252480] __up_console_sem+0xbe/0x1b0 [ 49.252484] console_unlock+0x811/0x1190 [ 49.252487] vprintk_emit+0x391/0x990 [ 49.252491] vprintk_default+0x28/0x30 [ 49.252495] vprintk_func+0x7e/0x181 [ 49.252498] printk+0xa7/0xcf [ 49.252502] do_exit.cold.18+0x57/0x16f [ 49.252506] do_group_exit+0x177/0x440 [ 49.252510] __x64_sys_exit_group+0x3e/0x50 [ 49.252514] do_syscall_64+0x1b9/0x820 [ 49.252518] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.252520] [ 49.252522] -> #0 ((console_sem).lock){-.-.}: [ 49.252535] lock_acquire+0x1ed/0x520 [ 49.252539] _raw_spin_lock_irqsave+0x99/0xd0 [ 49.252542] down_trylock+0x13/0x70 [ 49.252546] __down_trylock_console_sem+0xae/0x1f0 [ 49.252550] console_trylock+0x15/0xa0 [ 49.252554] vprintk_emit+0x372/0x990 [ 49.252557] vprintk_default+0x28/0x30 [ 49.252561] vprintk_func+0x7e/0x181 [ 49.252564] printk+0xa7/0xcf [ 49.252567] __warn+0x9e/0x1d0 [ 49.252571] report_bug+0x254/0x2d0 [ 49.252575] do_error_trap+0x11b/0x200 [ 49.252579] do_invalid_op+0x36/0x40 [ 49.252582] invalid_op+0x14/0x20 [ 49.252586] update_load_avg+0x1539/0x2470 [ 49.252590] update_blocked_averages+0xcc7/0x1e00 [ 49.252594] run_rebalance_domains+0x37c/0x500 [ 49.252598] __do_softirq+0x308/0xb7e [ 49.252601] irq_exit+0x17f/0x1c0 [ 49.252605] smp_apic_timer_interrupt+0x1cb/0x760 [ 49.252609] apic_timer_interrupt+0xf/0x20 [ 49.252612] native_safe_halt+0x6/0x10 [ 49.252616] default_idle+0xbf/0x490 [ 49.252619] arch_cpu_idle+0x10/0x20 [ 49.252623] default_idle_call+0x6d/0x90 [ 49.252626] do_idle+0x49b/0x5c0 [ 49.252630] cpu_startup_entry+0x18/0x20 [ 49.252634] start_secondary+0x487/0x5f0 [ 49.252638] secondary_startup_64+0xa4/0xb0 [ 49.252640] [ 49.252644] other info that might help us debug this: [ 49.252646] [ 49.252649] Chain exists of: [ 49.252651] (console_sem).lock --> &p->pi_lock --> &rq->lock [ 49.252697] [ 49.252701] Possible unsafe locking scenario: [ 49.252703] [ 49.252707] CPU0 CPU1 [ 49.252711] ---- ---- [ 49.252713] lock(&rq->lock); [ 49.252722] lock(&p->pi_lock); [ 49.252731] lock(&rq->lock); [ 49.252739] lock((console_sem).lock); [ 49.252747] [ 49.252750] *** DEADLOCK *** [ 49.252753] [ 49.252756] 1 lock held by swapper/1/0: [ 49.252759] #0: 000000008d358a10 (&rq->lock){-.-.}, at: update_blocked_averages+0x156/0x1e00 [ 49.252775] [ 49.252778] stack backtrace: [ 49.252783] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.20.0-rc2+ #302 [ 49.252791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.252794] Call Trace: [ 49.252796] [ 49.252800] dump_stack+0x244/0x39d [ 49.252805] ? dump_stack_print_info.cold.1+0x20/0x20 [ 49.252808] ? vprintk_func+0x85/0x181 [ 49.252813] print_circular_bug.isra.35.cold.54+0x1bd/0x27d [ 49.252817] ? save_trace+0xe0/0x290 [ 49.252821] __lock_acquire+0x3399/0x4c20 [ 49.252825] ? widen_string+0xe0/0x2e0 [ 49.252829] ? mark_held_locks+0x130/0x130 [ 49.252832] ? string+0x225/0x2d0 [ 49.252836] ? widen_string+0x2e0/0x2e0 [ 49.252840] ? update_load_avg+0x1539/0x2470 [ 49.252844] ? update_load_avg+0x1539/0x2470 [ 49.252848] ? flags_string+0x350/0x350 [ 49.252853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.252857] ? put_dec_trunc8+0x273/0x300 [ 49.252860] ? put_dec+0x3b/0xf0 [ 49.252864] ? update_load_avg+0x1539/0x2470 [ 49.252869] ? zap_class+0x640/0x640 [ 49.252873] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 49.252877] lock_acquire+0x1ed/0x520 [ 49.252881] ? down_trylock+0x13/0x70 [ 49.252885] ? lock_release+0xa00/0xa00 [ 49.252889] ? trace_hardirqs_off+0xb8/0x310 [ 49.252893] ? vprintk_emit+0x1de/0x990 [ 49.252897] ? trace_hardirqs_on+0x310/0x310 [ 49.252901] ? trace_hardirqs_off+0xb8/0x310 [ 49.252905] ? log_store+0x344/0x4c0 [ 49.252908] ? vprintk_emit+0x372/0x990 [ 49.252913] _raw_spin_lock_irqsave+0x99/0xd0 [ 49.252916] ? down_trylock+0x13/0x70 [ 49.252920] down_trylock+0x13/0x70 [ 49.252925] __down_trylock_console_sem+0xae/0x1f0 [ 49.252928] console_trylock+0x15/0xa0 [ 49.252932] vprintk_emit+0x372/0x990 [ 49.252936] ? wake_up_klogd+0x180/0x180 [ 49.252940] ? tg_unthrottle_up+0x220/0x220 [ 49.252968] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 49.252973] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.252977] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 49.252981] ? __check_object_size+0xb1/0x782 [ 49.252985] ? usercopy_warn+0x110/0x110 [ 49.252989] ? attach_entity_load_avg+0x860/0x860 [ 49.252993] ? update_load_avg+0x1539/0x2470 [ 49.252997] vprintk_default+0x28/0x30 [ 49.253015] vprintk_func+0x7e/0x181 [ 49.253018] printk+0xa7/0xcf [ 49.253022] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 49.253026] ? update_load_avg+0x1539/0x2470 [ 49.253029] __warn+0x9e/0x1d0 [ 49.253032] ? rcu_softirq_qs+0x20/0x20 [ 49.253036] ? update_load_avg+0x1539/0x2470 [ 49.253040] report_bug+0x254/0x2d0 [ 49.253043] do_error_trap+0x11b/0x200 [ 49.253047] do_invalid_op+0x36/0x40 [ 49.253050] ? update_load_avg+0x1539/0x2470 [ 49.253054] invalid_op+0x14/0x20 [ 49.253058] RIP: 0010:update_load_avg+0x1539/0x2470 [ 49.253069] Code: e8 fc e1 69 00 e9 8b f8 ff ff 48 8d 7a 18 be ff ff ff ff 48 89 95 30 fb ff ff e8 52 e5 07 00 48 8b 95 30 fb ff ff 85 c0 75 29 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 f9 48 c1 e9 03 80 3c 01 [ 49.253073] RSP: 0018:ffff8881daf07238 EFLAGS: 00010046 [ 49.253081] RAX: 0000000000000000 RBX: ffff8881b3b487c0 RCX: 0000000000000000 [ 49.253086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000086 [ 49.253092] RBP: ffff8881daf07750 R08: 0000000000000000 R09: 0000000000000001 [ 49.253097] R10: 0000000000000000 R11: ffff8881daf2d850 R12: ffff8881bf344bc0 [ 49.253103] R13: ffff8881daf07728 R14: 0000000000000000 R15: ffff8881b3b48930 [ 49.253107] ? update_load_avg+0x152e/0x2470 [ 49.253111] ? __lock_acquire+0x62f/0x4c20 [ 49.253115] ? attach_entity_load_avg+0x860/0x860 [ 49.253118] ? mark_held_locks+0x130/0x130 [ 49.253122] ? print_usage_bug+0xc0/0xc0 [ 49.253126] ? account_entity_enqueue+0x3a3/0x660 [ 49.253130] ? print_usage_bug+0xc0/0xc0 [ 49.253133] ? print_usage_bug+0xc0/0xc0 [ 49.253137] ? print_usage_bug+0xc0/0xc0 [ 49.253141] ? rcu_pm_notify+0xc0/0xc0 [ 49.253145] ? trace_hardirqs_on+0x310/0x310 [ 49.253149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.253153] ? check_preemption_disabled+0x48/0x280 [ 49.253157] ? __lock_acquire+0x62f/0x4c20 [ 49.253161] ? __lock_acquire+0x62f/0x4c20 [ 49.253164] ? mark_held_locks+0x130/0x130 [ 49.253168] ? mark_held_locks+0x130/0x130 [ 49.253172] ? print_usage_bug+0xc0/0xc0 [ 49.253176] ? trace_hardirqs_off+0xb8/0x310 [ 49.253179] ? rcu_pm_notify+0xc0/0xc0 [ 49.253183] ? trace_hardirqs_on+0x310/0x310 [ 49.253187] ? zap_class+0x640/0x640 [ 49.253191] ? update_blocked_averages+0x156/0x1e00 [ 49.253194] ? zap_class+0x640/0x640 [ 49.253198] ? __update_load_avg_se+0xae0/0xae0 [ 49.253202] ? __lock_is_held+0xb5/0x140 [ 49.253206] update_blocked_averages+0xcc7/0x1e00 [ 49.253210] ? nohz_balance_enter_idle+0x6c0/0x6c0 [ 49.253213] ? set_next_entity+0xc70/0xc70 [ 49.253217] ? __run_timers+0xa20/0xc70 [ 49.253221] ? _raw_spin_unlock_irq+0x27/0x80 [ 49.253225] ? _raw_spin_unlock_irq+0x27/0x80 [ 49.253229] ? lockdep_hardirqs_on+0x296/0x5b0 [ 49.253233] ? trace_hardirqs_on+0xbd/0x310 [ 49.253236] ? kasan_check_read+0x11/0x20 [ 49.253240] ? __run_timers+0xa20/0xc70 [ 49.253244] ? trace_hardirqs_off_caller+0x310/0x310 [ 49.253248] ? zap_class+0x640/0x640 [ 49.253266] ? _raw_spin_unlock_irq+0x60/0x80 [ 49.253270] ? __run_timers+0xa4a/0xc70 [ 49.253274] ? timer_fixup_init+0x70/0x70 [ 49.253278] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 49.253282] ? zap_class+0x640/0x640 [ 49.253286] ? enqueue_hrtimer+0x1a5/0x560 [ 49.253290] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 49.253294] ? find_held_lock+0x36/0x1c0 [ 49.253298] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.253302] ? check_preemption_disabled+0x48/0x280 [ 49.253307] run_rebalance_domains+0x37c/0x500 [ 49.253311] ? _nohz_idle_balance+0x7a0/0x7a0 [ 49.253316] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 49.253320] ? rcu_pm_notify+0xc0/0xc0 [ 49.253323] __do_softirq+0x308/0xb7e [ 49.253327] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 49.253331] ? lock_downgrade+0x900/0x900 [ 49.253336] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 49.253339] ? pvclock_read_flags+0x160/0x160 [ 49.253343] ? lapic_next_event+0x5a/0x90 [ 49.253350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.253354] ? kvm_clock_read+0x18/0x30 [ 49.253358] ? kvm_sched_clock_read+0x9/0x20 [ 49.253362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.253367] ? check_preemption_disabled+0x48/0x280 [ 49.253370] irq_exit+0x17f/0x1c0 [ 49.253374] smp_apic_timer_interrupt+0x1cb/0x760 [ 49.253379] ? smp_reschedule_interrupt+0x109/0x650 [ 49.253383] ? smp_call_function_single_interrupt+0x650/0x650 [ 49.253386] ? inte [ 49.253392] Lost 38 message(s)! [ 50.298315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.307660] Call Trace: [ 50.310249] [ 50.311869] The buggy address belongs to the page: [ 50.316796] page:ffffea00076b8000 count:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 50.324931] flags: 0x2fffc0000001000(reserved) [ 50.329519] raw: 02fffc0000001000 ffffea00076b8008 ffffea00076b8008 0000000000000000 [ 50.337401] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 50.345272] page dumped because: kasan: bad access detected [ 50.350969] [ 50.352588] Memory state around the buggy address: [ 50.357516] ffff8881dadfff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 50.364867] ffff8881dae00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 50.372221] >ffff8881dae00080: f1 00 f2 f2 f2 f2 f2 f2 f2 f8 f2 f2 f2 00 00 00 [ 50.379575] ^ [ 50.386060] ffff8881dae00100: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 50.393439] ffff8881dae00180: f1 f8 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 [ 50.400803] ================================================================== [ 50.408174] kasan: CONFIG_KASAN_INLINE enabled [ 50.412743] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 50.420103] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 50.426333] CPU: 0 PID: 6371 Comm: syz-executor496 Tainted: G B 4.20.0-rc2+ #302 [ 50.431303] Shutting down cpus with NMI