[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[ 28.410357] kauditd_printk_skb: 7 callbacks suppressed
[ 28.410371] audit: type=1800 audit(1542590926.245:29): pid=5844 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[ 28.450565] audit: type=1800 audit(1542590926.255:30): pid=5844 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.10.56' (ECDSA) to the list of known hosts.
syzkaller login: [ 35.684841] IPVS: ftp: loaded support on port[0] = 21
[ 35.844278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 35.851062] bridge0: port 1(bridge_slave_0) entered disabled state
[ 35.858322] device bridge_slave_0 entered promiscuous mode
[ 35.876465] bridge0: port 2(bridge_slave_1) entered blocking state
[ 35.882831] bridge0: port 2(bridge_slave_1) entered disabled state
[ 35.889967] device bridge_slave_1 entered promiscuous mode
[ 35.907442] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 35.926741] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 35.975659] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 35.996254] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 36.071676] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 36.079137] team0: Port device team_slave_0 added
[ 36.096708] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 36.103789] team0: Port device team_slave_1 added
[ 36.120158] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 36.139607] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 36.159037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 36.178494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[ 36.321915] bridge0: port 2(bridge_slave_1) entered blocking state
[ 36.328360] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 36.335282] bridge0: port 1(bridge_slave_0) entered blocking state
[ 36.341631] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[ 36.848705] 8021q: adding VLAN 0 to HW filter on device bond0
[ 36.899037] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 36.949744] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 36.956385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 36.963563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 37.014406] 8021q: adding VLAN 0 to HW filter on device team0
[ 37.391139] syz-executor496 (6238) used greatest stack depth: 15648 bytes left
[ 48.565267] WARNING: CPU: 1 PID: 0 at kernel/sched/sched.h:1015 update_load_avg+0x1539/0x2470
[ 48.565370] ==================================================================
[ 48.574094] BUG: KASAN: stack-out-of-bounds in debug_object_deactivate+0x3a8/0x450
[ 48.581436] Kernel panic - not syncing: panic_on_warn set ...
[ 48.589142] Read of size 8 at addr ffff8881dae000e0 by task syz-executor496/6371
[ 48.595009] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.20.0-rc2+ #302
[ 48.602516]
[ 48.609167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 48.620111] Call Trace:
[ 48.622690]
[ 48.624844] dump_stack+0x244/0x39d
[ 48.628478] ? dump_stack_print_info.cold.1+0x20/0x20
[ 48.633674] panic+0x2ad/0x55c
[ 48.636881] ? add_taint.cold.5+0x16/0x16
[ 48.641040] ? __warn.cold.8+0x5/0x45
[ 48.644838] ? __warn+0xe8/0x1d0
[ 48.648206] ? update_load_avg+0x1539/0x2470
[ 48.652610] __warn.cold.8+0x20/0x45
[ 48.656320] ? rcu_softirq_qs+0x20/0x20
[ 48.660292] ? update_load_avg+0x1539/0x2470
[ 48.664699] report_bug+0x254/0x2d0
[ 48.668325] do_error_trap+0x11b/0x200
[ 48.672213] do_invalid_op+0x36/0x40
[ 48.675923] ? update_load_avg+0x1539/0x2470
[ 48.680331] invalid_op+0x14/0x20
[ 48.683782] RIP: 0010:update_load_avg+0x1539/0x2470
[ 48.688796] Code: e8 fc e1 69 00 e9 8b f8 ff ff 48 8d 7a 18 be ff ff ff ff 48 89 95 30 fb ff ff e8 52 e5 07 00 48 8b 95 30 fb ff ff 85 c0 75 29 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 f9 48 c1 e9 03 80 3c 01
[ 48.707695] RSP: 0018:ffff8881daf07238 EFLAGS: 00010046
[ 48.713057] RAX: 0000000000000000 RBX: ffff8881b3b487c0 RCX: 0000000000000000
[ 48.720319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000086
[ 48.727582] RBP: ffff8881daf07750 R08: 0000000000000000 R09: 0000000000000001
[ 48.734849] R10: 0000000000000000 R11: ffff8881daf2d850 R12: ffff8881bf344bc0
[ 48.742128] R13: ffff8881daf07728 R14: 0000000000000000 R15: ffff8881b3b48930
[ 48.749421] ? update_load_avg+0x152e/0x2470
[ 48.753833] ? __lock_acquire+0x62f/0x4c20
[ 48.758096] ? attach_entity_load_avg+0x860/0x860
[ 48.762957] ? mark_held_locks+0x130/0x130
[ 48.767235] ? print_usage_bug+0xc0/0xc0
[ 48.771321] ? account_entity_enqueue+0x3a3/0x660
[ 48.776174] ? print_usage_bug+0xc0/0xc0
[ 48.780246] ? print_usage_bug+0xc0/0xc0
[ 48.784307] ? print_usage_bug+0xc0/0xc0
[ 48.788368] ? rcu_pm_notify+0xc0/0xc0
[ 48.792253] ? trace_hardirqs_on+0x310/0x310
[ 48.796660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 48.802197] ? check_preemption_disabled+0x48/0x280
[ 48.807215] ? __lock_acquire+0x62f/0x4c20
[ 48.811470] ? __lock_acquire+0x62f/0x4c20
[ 48.815757] ? mark_held_locks+0x130/0x130
[ 48.819997] ? mark_held_locks+0x130/0x130
[ 48.824229] ? print_usage_bug+0xc0/0xc0
[ 48.828293] ? trace_hardirqs_off+0xb8/0x310
[ 48.832702] ? rcu_pm_notify+0xc0/0xc0
[ 48.836588] ? trace_hardirqs_on+0x310/0x310
[ 48.840999] ? zap_class+0x640/0x640
[ 48.844717] ? update_blocked_averages+0x156/0x1e00
[ 48.849734] ? zap_class+0x640/0x640
[ 48.853459] ? __update_load_avg_se+0xae0/0xae0
[ 48.858128] ? __lock_is_held+0xb5/0x140
[ 48.862196] update_blocked_averages+0xcc7/0x1e00
[ 48.867039] ? nohz_balance_enter_idle+0x6c0/0x6c0
[ 48.871994] ? set_next_entity+0xc70/0xc70
[ 48.876231] ? __run_timers+0xa20/0xc70
[ 48.880221] ? _raw_spin_unlock_irq+0x27/0x80
[ 48.884726] ? _raw_spin_unlock_irq+0x27/0x80
[ 48.889220] ? lockdep_hardirqs_on+0x296/0x5b0
[ 48.893801] ? trace_hardirqs_on+0xbd/0x310
[ 48.898133] ? kasan_check_read+0x11/0x20
[ 48.902289] ? __run_timers+0xa20/0xc70
[ 48.906318] ? trace_hardirqs_off_caller+0x310/0x310
[ 48.911424] ? zap_class+0x640/0x640
[ 48.915159] ? _raw_spin_unlock_irq+0x60/0x80
[ 48.919649] ? __run_timers+0xa4a/0xc70
[ 48.923625] ? timer_fixup_init+0x70/0x70
[ 48.927773] ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 48.932793] ? zap_class+0x640/0x640
[ 48.936668] ? enqueue_hrtimer+0x1a5/0x560
[ 48.940902] ? hrtimer_update_softirq_timer+0xa0/0xa0
[ 48.946094] ? find_held_lock+0x36/0x1c0
[ 48.950158] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 48.955699] ? check_preemption_disabled+0x48/0x280
[ 48.960716] run_rebalance_domains+0x37c/0x500
[ 48.965301] ? _nohz_idle_balance+0x7a0/0x7a0
[ 48.969804] ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 48.975349] ? rcu_pm_notify+0xc0/0xc0
[ 48.979256] __do_softirq+0x308/0xb7e
[ 48.983057] ? ktime_get_raw_ts64+0x4d0/0x4d0
[ 48.987549] ? lock_downgrade+0x900/0x900
[ 48.991697] ? __irqentry_text_end+0x1f9658/0x1f9658
[ 48.996802] ? pvclock_read_flags+0x160/0x160
[ 49.001300] ? lapic_next_event+0x5a/0x90
[ 49.005447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.011009] ? kvm_clock_read+0x18/0x30
[ 49.014998] ? kvm_sched_clock_read+0x9/0x20
[ 49.019417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.025009] ? check_preemption_disabled+0x48/0x280
[ 49.030038] irq_exit+0x17f/0x1c0
[ 49.033492] smp_apic_timer_interrupt+0x1cb/0x760
[ 49.038333] ? smp_reschedule_interrupt+0x109/0x650
[ 49.043347] ? smp_call_function_single_interrupt+0x650/0x650
[ 49.049230] ? interrupt_entry+0xb5/0xc0
[ 49.053307] ? trace_hardirqs_off_caller+0xbb/0x310
[ 49.058319] ? trace_hardirqs_off_caller+0xbb/0x310
[ 49.063335] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 49.068691] ? trace_hardirqs_on_caller+0x310/0x310
[ 49.073705] ? trace_hardirqs_on_caller+0x310/0x310
[ 49.078720] ? task_prio+0x50/0x50
[ 49.082261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.087797] ? check_preemption_disabled+0x48/0x280
[ 49.092816] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 49.097659] apic_timer_interrupt+0xf/0x20
[ 49.101885]
[ 49.104154] RIP: 0010:native_safe_halt+0x6/0x10
[ 49.108831] Code: e9 2c ff ff ff 48 89 c7 48 89 45 d8 e8 33 22 e6 f9 48 8b 45 d8 e9 ca fe ff ff 48 89 df e8 22 22 e6 f9 eb 82 55 48 89 e5 fb f4 <5d> c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 f4 5d c3 90 90 90 90 90
[ 49.127726] RSP: 0018:ffff8881d9b27cb8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 49.135434] RAX: dffffc0000000000 RBX: 1ffff1103b364f9b RCX: 0000000000000000
[ 49.142705] RDX: 1ffffffff12a3f71 RSI: 0000000000000001 RDI: ffffffff8951fb88
[ 49.149972] RBP: ffff8881d9b27cb8 R08: ffff8881d9b14340 R09: 0000000000000000
[ 49.157253] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881d9b27d78
[ 49.164544] R13: ffffffff8a1640e0 R14: 0000000000000000 R15: 0000000000000001
[ 49.171830] default_idle+0xbf/0x490
[ 49.175551] ? rcu_dynticks_eqs_enter+0x4f/0x80
[ 49.180220] ? __sched_text_end+0x1/0x1
[ 49.184203] ? rcu_idle_enter+0x39a/0x530
[ 49.188363] ? rcu_eqs_special_set+0x1c0/0x1c0
[ 49.192945] ? tsc_verify_tsc_adjust+0x137/0x450
[ 49.197703] ? trace_hardirqs_off_caller+0x310/0x310
[ 49.202805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.208342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.213875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.219416] arch_cpu_idle+0x10/0x20
[ 49.223129] default_idle_call+0x6d/0x90
[ 49.227222] do_idle+0x49b/0x5c0
[ 49.230591] ? arch_cpu_idle_exit+0x70/0x70
[ 49.234970] cpu_startup_entry+0x18/0x20
[ 49.239058] start_secondary+0x487/0x5f0
[ 49.243150] ? set_cpu_sibling_map+0x1890/0x1890
[ 49.247925] secondary_startup_64+0xa4/0xb0
[ 49.252254] CPU: 0 PID: 6371 Comm: syz-executor496 Not tainted 4.20.0-rc2+ #302
[ 49.252257]
[ 49.252265] ======================================================
[ 49.252286] WARNING: possible circular locking dependency detected
[ 49.252297] 4.20.0-rc2+ #302 Not tainted
[ 49.252301] ------------------------------------------------------
[ 49.252305] swapper/1/0 is trying to acquire lock:
[ 49.252307] 00000000cee8b2f6 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70
[ 49.252320]
[ 49.252324] but task is already holding lock:
[ 49.252327] 000000008d358a10 (&rq->lock){-.-.}, at: update_blocked_averages+0x156/0x1e00
[ 49.252340]
[ 49.252345] which lock already depends on the new lock.
[ 49.252362]
[ 49.252365]
[ 49.252369] the existing dependency chain (in reverse order) is:
[ 49.252371]
[ 49.252374] -> #2 (&rq->lock){-.-.}:
[ 49.252386] _raw_spin_lock+0x2d/0x40
[ 49.252390] task_fork_fair+0xb0/0x6d0
[ 49.252393] sched_fork+0x443/0xba0
[ 49.252397] copy_process+0x25b8/0x87a0
[ 49.252400] _do_fork+0x1cb/0x11d0
[ 49.252404] kernel_thread+0x34/0x40
[ 49.252408] rest_init+0x28/0x372
[ 49.252411] arch_call_rest_init+0xe/0x1b
[ 49.252415] start_kernel+0x9f0/0xa2b
[ 49.252419] x86_64_start_reservations+0x2e/0x30
[ 49.252426] x86_64_start_kernel+0x76/0x79
[ 49.252429] secondary_startup_64+0xa4/0xb0
[ 49.252432]
[ 49.252434] -> #1 (&p->pi_lock){-.-.}:
[ 49.252446] _raw_spin_lock_irqsave+0x99/0xd0
[ 49.252466] try_to_wake_up+0xdc/0x1490
[ 49.252470] wake_up_process+0x10/0x20
[ 49.252473] __up.isra.1+0x1c0/0x2a0
[ 49.252476] up+0x13c/0x1c0
[ 49.252480] __up_console_sem+0xbe/0x1b0
[ 49.252484] console_unlock+0x811/0x1190
[ 49.252487] vprintk_emit+0x391/0x990
[ 49.252491] vprintk_default+0x28/0x30
[ 49.252495] vprintk_func+0x7e/0x181
[ 49.252498] printk+0xa7/0xcf
[ 49.252502] do_exit.cold.18+0x57/0x16f
[ 49.252506] do_group_exit+0x177/0x440
[ 49.252510] __x64_sys_exit_group+0x3e/0x50
[ 49.252514] do_syscall_64+0x1b9/0x820
[ 49.252518] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 49.252520]
[ 49.252522] -> #0 ((console_sem).lock){-.-.}:
[ 49.252535] lock_acquire+0x1ed/0x520
[ 49.252539] _raw_spin_lock_irqsave+0x99/0xd0
[ 49.252542] down_trylock+0x13/0x70
[ 49.252546] __down_trylock_console_sem+0xae/0x1f0
[ 49.252550] console_trylock+0x15/0xa0
[ 49.252554] vprintk_emit+0x372/0x990
[ 49.252557] vprintk_default+0x28/0x30
[ 49.252561] vprintk_func+0x7e/0x181
[ 49.252564] printk+0xa7/0xcf
[ 49.252567] __warn+0x9e/0x1d0
[ 49.252571] report_bug+0x254/0x2d0
[ 49.252575] do_error_trap+0x11b/0x200
[ 49.252579] do_invalid_op+0x36/0x40
[ 49.252582] invalid_op+0x14/0x20
[ 49.252586] update_load_avg+0x1539/0x2470
[ 49.252590] update_blocked_averages+0xcc7/0x1e00
[ 49.252594] run_rebalance_domains+0x37c/0x500
[ 49.252598] __do_softirq+0x308/0xb7e
[ 49.252601] irq_exit+0x17f/0x1c0
[ 49.252605] smp_apic_timer_interrupt+0x1cb/0x760
[ 49.252609] apic_timer_interrupt+0xf/0x20
[ 49.252612] native_safe_halt+0x6/0x10
[ 49.252616] default_idle+0xbf/0x490
[ 49.252619] arch_cpu_idle+0x10/0x20
[ 49.252623] default_idle_call+0x6d/0x90
[ 49.252626] do_idle+0x49b/0x5c0
[ 49.252630] cpu_startup_entry+0x18/0x20
[ 49.252634] start_secondary+0x487/0x5f0
[ 49.252638] secondary_startup_64+0xa4/0xb0
[ 49.252640]
[ 49.252644] other info that might help us debug this:
[ 49.252646]
[ 49.252649] Chain exists of:
[ 49.252651] (console_sem).lock --> &p->pi_lock --> &rq->lock
[ 49.252697]
[ 49.252701] Possible unsafe locking scenario:
[ 49.252703]
[ 49.252707] CPU0 CPU1
[ 49.252711] ---- ----
[ 49.252713] lock(&rq->lock);
[ 49.252722] lock(&p->pi_lock);
[ 49.252731] lock(&rq->lock);
[ 49.252739] lock((console_sem).lock);
[ 49.252747]
[ 49.252750] *** DEADLOCK ***
[ 49.252753]
[ 49.252756] 1 lock held by swapper/1/0:
[ 49.252759] #0: 000000008d358a10 (&rq->lock){-.-.}, at: update_blocked_averages+0x156/0x1e00
[ 49.252775]
[ 49.252778] stack backtrace:
[ 49.252783] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.20.0-rc2+ #302
[ 49.252791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.252794] Call Trace:
[ 49.252796]
[ 49.252800] dump_stack+0x244/0x39d
[ 49.252805] ? dump_stack_print_info.cold.1+0x20/0x20
[ 49.252808] ? vprintk_func+0x85/0x181
[ 49.252813] print_circular_bug.isra.35.cold.54+0x1bd/0x27d
[ 49.252817] ? save_trace+0xe0/0x290
[ 49.252821] __lock_acquire+0x3399/0x4c20
[ 49.252825] ? widen_string+0xe0/0x2e0
[ 49.252829] ? mark_held_locks+0x130/0x130
[ 49.252832] ? string+0x225/0x2d0
[ 49.252836] ? widen_string+0x2e0/0x2e0
[ 49.252840] ? update_load_avg+0x1539/0x2470
[ 49.252844] ? update_load_avg+0x1539/0x2470
[ 49.252848] ? flags_string+0x350/0x350
[ 49.252853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.252857] ? put_dec_trunc8+0x273/0x300
[ 49.252860] ? put_dec+0x3b/0xf0
[ 49.252864] ? update_load_avg+0x1539/0x2470
[ 49.252869] ? zap_class+0x640/0x640
[ 49.252873] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 49.252877] lock_acquire+0x1ed/0x520
[ 49.252881] ? down_trylock+0x13/0x70
[ 49.252885] ? lock_release+0xa00/0xa00
[ 49.252889] ? trace_hardirqs_off+0xb8/0x310
[ 49.252893] ? vprintk_emit+0x1de/0x990
[ 49.252897] ? trace_hardirqs_on+0x310/0x310
[ 49.252901] ? trace_hardirqs_off+0xb8/0x310
[ 49.252905] ? log_store+0x344/0x4c0
[ 49.252908] ? vprintk_emit+0x372/0x990
[ 49.252913] _raw_spin_lock_irqsave+0x99/0xd0
[ 49.252916] ? down_trylock+0x13/0x70
[ 49.252920] down_trylock+0x13/0x70
[ 49.252925] __down_trylock_console_sem+0xae/0x1f0
[ 49.252928] console_trylock+0x15/0xa0
[ 49.252932] vprintk_emit+0x372/0x990
[ 49.252936] ? wake_up_klogd+0x180/0x180
[ 49.252940] ? tg_unthrottle_up+0x220/0x220
[ 49.252968] ? __sanitizer_cov_trace_switch+0x53/0x90
[ 49.252973] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 49.252977] ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 49.252981] ? __check_object_size+0xb1/0x782
[ 49.252985] ? usercopy_warn+0x110/0x110
[ 49.252989] ? attach_entity_load_avg+0x860/0x860
[ 49.252993] ? update_load_avg+0x1539/0x2470
[ 49.252997] vprintk_default+0x28/0x30
[ 49.253015] vprintk_func+0x7e/0x181
[ 49.253018] printk+0xa7/0xcf
[ 49.253022] ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 49.253026] ? update_load_avg+0x1539/0x2470
[ 49.253029] __warn+0x9e/0x1d0
[ 49.253032] ? rcu_softirq_qs+0x20/0x20
[ 49.253036] ? update_load_avg+0x1539/0x2470
[ 49.253040] report_bug+0x254/0x2d0
[ 49.253043] do_error_trap+0x11b/0x200
[ 49.253047] do_invalid_op+0x36/0x40
[ 49.253050] ? update_load_avg+0x1539/0x2470
[ 49.253054] invalid_op+0x14/0x20
[ 49.253058] RIP: 0010:update_load_avg+0x1539/0x2470
[ 49.253069] Code: e8 fc e1 69 00 e9 8b f8 ff ff 48 8d 7a 18 be ff ff ff ff 48 89 95 30 fb ff ff e8 52 e5 07 00 48 8b 95 30 fb ff ff 85 c0 75 29 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 f9 48 c1 e9 03 80 3c 01
[ 49.253073] RSP: 0018:ffff8881daf07238 EFLAGS: 00010046
[ 49.253081] RAX: 0000000000000000 RBX: ffff8881b3b487c0 RCX: 0000000000000000
[ 49.253086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000086
[ 49.253092] RBP: ffff8881daf07750 R08: 0000000000000000 R09: 0000000000000001
[ 49.253097] R10: 0000000000000000 R11: ffff8881daf2d850 R12: ffff8881bf344bc0
[ 49.253103] R13: ffff8881daf07728 R14: 0000000000000000 R15: ffff8881b3b48930
[ 49.253107] ? update_load_avg+0x152e/0x2470
[ 49.253111] ? __lock_acquire+0x62f/0x4c20
[ 49.253115] ? attach_entity_load_avg+0x860/0x860
[ 49.253118] ? mark_held_locks+0x130/0x130
[ 49.253122] ? print_usage_bug+0xc0/0xc0
[ 49.253126] ? account_entity_enqueue+0x3a3/0x660
[ 49.253130] ? print_usage_bug+0xc0/0xc0
[ 49.253133] ? print_usage_bug+0xc0/0xc0
[ 49.253137] ? print_usage_bug+0xc0/0xc0
[ 49.253141] ? rcu_pm_notify+0xc0/0xc0
[ 49.253145] ? trace_hardirqs_on+0x310/0x310
[ 49.253149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.253153] ? check_preemption_disabled+0x48/0x280
[ 49.253157] ? __lock_acquire+0x62f/0x4c20
[ 49.253161] ? __lock_acquire+0x62f/0x4c20
[ 49.253164] ? mark_held_locks+0x130/0x130
[ 49.253168] ? mark_held_locks+0x130/0x130
[ 49.253172] ? print_usage_bug+0xc0/0xc0
[ 49.253176] ? trace_hardirqs_off+0xb8/0x310
[ 49.253179] ? rcu_pm_notify+0xc0/0xc0
[ 49.253183] ? trace_hardirqs_on+0x310/0x310
[ 49.253187] ? zap_class+0x640/0x640
[ 49.253191] ? update_blocked_averages+0x156/0x1e00
[ 49.253194] ? zap_class+0x640/0x640
[ 49.253198] ? __update_load_avg_se+0xae0/0xae0
[ 49.253202] ? __lock_is_held+0xb5/0x140
[ 49.253206] update_blocked_averages+0xcc7/0x1e00
[ 49.253210] ? nohz_balance_enter_idle+0x6c0/0x6c0
[ 49.253213] ? set_next_entity+0xc70/0xc70
[ 49.253217] ? __run_timers+0xa20/0xc70
[ 49.253221] ? _raw_spin_unlock_irq+0x27/0x80
[ 49.253225] ? _raw_spin_unlock_irq+0x27/0x80
[ 49.253229] ? lockdep_hardirqs_on+0x296/0x5b0
[ 49.253233] ? trace_hardirqs_on+0xbd/0x310
[ 49.253236] ? kasan_check_read+0x11/0x20
[ 49.253240] ? __run_timers+0xa20/0xc70
[ 49.253244] ? trace_hardirqs_off_caller+0x310/0x310
[ 49.253248] ? zap_class+0x640/0x640
[ 49.253266] ? _raw_spin_unlock_irq+0x60/0x80
[ 49.253270] ? __run_timers+0xa4a/0xc70
[ 49.253274] ? timer_fixup_init+0x70/0x70
[ 49.253278] ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 49.253282] ? zap_class+0x640/0x640
[ 49.253286] ? enqueue_hrtimer+0x1a5/0x560
[ 49.253290] ? hrtimer_update_softirq_timer+0xa0/0xa0
[ 49.253294] ? find_held_lock+0x36/0x1c0
[ 49.253298] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.253302] ? check_preemption_disabled+0x48/0x280
[ 49.253307] run_rebalance_domains+0x37c/0x500
[ 49.253311] ? _nohz_idle_balance+0x7a0/0x7a0
[ 49.253316] ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 49.253320] ? rcu_pm_notify+0xc0/0xc0
[ 49.253323] __do_softirq+0x308/0xb7e
[ 49.253327] ? ktime_get_raw_ts64+0x4d0/0x4d0
[ 49.253331] ? lock_downgrade+0x900/0x900
[ 49.253336] ? __irqentry_text_end+0x1f9658/0x1f9658
[ 49.253339] ? pvclock_read_flags+0x160/0x160
[ 49.253343] ? lapic_next_event+0x5a/0x90
[ 49.253350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.253354] ? kvm_clock_read+0x18/0x30
[ 49.253358] ? kvm_sched_clock_read+0x9/0x20
[ 49.253362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 49.253367] ? check_preemption_disabled+0x48/0x280
[ 49.253370] irq_exit+0x17f/0x1c0
[ 49.253374] smp_apic_timer_interrupt+0x1cb/0x760
[ 49.253379] ? smp_reschedule_interrupt+0x109/0x650
[ 49.253383] ? smp_call_function_single_interrupt+0x650/0x650
[ 49.253386] ? inte
[ 49.253392] Lost 38 message(s)!
[ 50.298315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.307660] Call Trace:
[ 50.310249]
[ 50.311869] The buggy address belongs to the page:
[ 50.316796] page:ffffea00076b8000 count:1 mapcount:0 mapping:0000000000000000 index:0x0
[ 50.324931] flags: 0x2fffc0000001000(reserved)
[ 50.329519] raw: 02fffc0000001000 ffffea00076b8008 ffffea00076b8008 0000000000000000
[ 50.337401] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 50.345272] page dumped because: kasan: bad access detected
[ 50.350969]
[ 50.352588] Memory state around the buggy address:
[ 50.357516] ffff8881dadfff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.364867] ffff8881dae00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1
[ 50.372221] >ffff8881dae00080: f1 00 f2 f2 f2 f2 f2 f2 f2 f8 f2 f2 f2 00 00 00
[ 50.379575] ^
[ 50.386060] ffff8881dae00100: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1
[ 50.393439] ffff8881dae00180: f1 f8 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00
[ 50.400803] ==================================================================
[ 50.408174] kasan: CONFIG_KASAN_INLINE enabled
[ 50.412743] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 50.420103] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 50.426333] CPU: 0 PID: 6371 Comm: syz-executor496 Tainted: G B 4.20.0-rc2+ #302
[ 50.431303] Shutting down cpus with NMI