[   58.877079][   T27] audit: type=1800 audit(1583921155.094:26): pid=8422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   58.911103][   T27] audit: type=1800 audit(1583921155.094:27): pid=8422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   58.959424][   T27] audit: type=1800 audit(1583921155.094:28): pid=8422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   59.648637][   T27] audit: type=1800 audit(1583921155.904:29): pid=8422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.108' (ECDSA) to the list of known hosts.
2020/03/11 10:06:05 fuzzer started
syzkaller login: [   69.275337][ T8571] check_preemption_disabled: 1 callbacks suppressed
[   69.275350][ T8571] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/8571
[   69.291073][ T8571] caller is __mod_memcg_state+0x27/0x1a0
[   69.296904][ T8571] CPU: 0 PID: 8571 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   69.306523][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.316584][ T8571] Call Trace:
[   69.319895][ T8571]  dump_stack+0x188/0x20d
[   69.324236][ T8571]  __this_cpu_preempt_check.cold+0x84/0x90
[   69.330094][ T8571]  __mod_memcg_state+0x27/0x1a0
[   69.334968][ T8571]  split_huge_page_to_list+0x124b/0x3380
[   69.340626][ T8571]  ? mark_held_locks+0xe0/0xe0
[   69.345497][ T8571]  ? lock_downgrade+0x7f0/0x7f0
[   69.350367][ T8571]  ? can_split_huge_page+0x480/0x480
[   69.355652][ T8571]  ? pmd_val+0x7c/0xf0
[   69.359857][ T8571]  ? pmd_pfn+0x125/0x1c0
[   69.364104][ T8571]  ? enabled_store+0x190/0x190
[   69.368877][ T8571]  madvise_free_huge_pmd+0x873/0xb90
[   69.374202][ T8571]  madvise_free_pte_range+0x6ff/0x2650
[   69.379669][ T8571]  ? mem_cgroup_uncharge+0xf0/0xf0
[   69.384778][ T8571]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   69.391455][ T8571]  __walk_page_range+0xcfb/0x2070
[   69.396498][ T8571]  ? walk_page_test+0x78/0x180
[   69.401290][ T8571]  walk_page_range+0x1bd/0x3a0
[   69.406049][ T8571]  ? __walk_page_range+0x2070/0x2070
[   69.411356][ T8571]  ? madvise_free_single_vma+0x2c1/0x550
[   69.417009][ T8571]  madvise_free_single_vma+0x384/0x550
[   69.422467][ T8571]  ? madvise_pageout+0x3b0/0x3b0
[   69.427408][ T8571]  ? lock_acquire+0x197/0x420
[   69.432091][ T8571]  ? userfaultfd_remove+0xf0/0x2b0
[   69.437213][ T8571]  ? vmacache_find+0x62/0x300
[   69.441891][ T8571]  ? find_vma+0x2b/0x170
[   69.446137][ T8571]  do_madvise+0x5ba/0x1b80
[   69.450862][ T8571]  ? lock_downgrade+0x7f0/0x7f0
[   69.455844][ T8571]  ? madvise_free_pte_range+0x2650/0x2650
[   69.461582][ T8571]  ? ktime_get+0x1f8/0x2f0
[   69.466028][ T8571]  ? __x64_sys_futex+0x376/0x4f0
[   69.470978][ T8571]  ? switch_fpu_return+0x1db/0x4b0
[   69.476266][ T8571]  ? fpregs_mark_activate+0x320/0x320
[   69.481641][ T8571]  ? __x64_sys_madvise+0xae/0x120
[   69.486659][ T8571]  ? trace_hardirqs_on+0x55/0x220
[   69.491700][ T8571]  __x64_sys_madvise+0xae/0x120
[   69.496650][ T8571]  do_syscall_64+0xf6/0x7d0
[   69.501156][ T8571]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   69.507057][ T8571] RIP: 0033:0x460bf7
[   69.510973][ T8571] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   69.530584][ T8571] RSP: 002b:00007ffe925b5fa0 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   69.539012][ T8571] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   69.546996][ T8571] RDX: 0000000000000008 RSI: 000000000000a000 RDI: 000000c0002ba000
[   69.555052][ T8571] RBP: 00007ffe925b5fe0 R08: 000000c000200000 R09: 000000c0002c4000
[   69.563020][ T8571] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000000
[   69.570986][ T8571] R13: 0000000000e8da20 R14: 0000000000000000 R15: 0000000000000000
[   69.579074][ T8571] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/8571
[   69.588056][ T8571] caller is __mod_memcg_state+0xca/0x1a0
[   69.593704][ T8571] CPU: 0 PID: 8571 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   69.603155][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.613313][ T8571] Call Trace:
[   69.616617][ T8571]  dump_stack+0x188/0x20d
[   69.620954][ T8571]  __this_cpu_preempt_check.cold+0x84/0x90
[   69.626781][ T8571]  __mod_memcg_state+0xca/0x1a0
[   69.631688][ T8571]  split_huge_page_to_list+0x124b/0x3380
[   69.637354][ T8571]  ? mark_held_locks+0xe0/0xe0
[   69.642208][ T8571]  ? lock_downgrade+0x7f0/0x7f0
[   69.647182][ T8571]  ? can_split_huge_page+0x480/0x480
[   69.652470][ T8571]  ? pmd_val+0x7c/0xf0
[   69.656574][ T8571]  ? pmd_pfn+0x125/0x1c0
[   69.660821][ T8571]  ? enabled_store+0x190/0x190
[   69.665593][ T8571]  madvise_free_huge_pmd+0x873/0xb90
[   69.670890][ T8571]  madvise_free_pte_range+0x6ff/0x2650
[   69.676369][ T8571]  ? mem_cgroup_uncharge+0xf0/0xf0
[   69.681478][ T8571]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   69.688155][ T8571]  __walk_page_range+0xcfb/0x2070
[   69.693191][ T8571]  ? walk_page_test+0x78/0x180
[   69.697952][ T8571]  walk_page_range+0x1bd/0x3a0
[   69.702711][ T8571]  ? __walk_page_range+0x2070/0x2070
[   69.708001][ T8571]  ? madvise_free_single_vma+0x2c1/0x550
[   69.713638][ T8571]  madvise_free_single_vma+0x384/0x550
[   69.719100][ T8571]  ? madvise_pageout+0x3b0/0x3b0
[   69.724049][ T8571]  ? lock_acquire+0x197/0x420
[   69.728725][ T8571]  ? userfaultfd_remove+0xf0/0x2b0
[   69.733835][ T8571]  ? vmacache_find+0x62/0x300
[   69.738510][ T8571]  ? find_vma+0x2b/0x170
[   69.742763][ T8571]  do_madvise+0x5ba/0x1b80
[   69.747171][ T8571]  ? lock_downgrade+0x7f0/0x7f0
[   69.752031][ T8571]  ? madvise_free_pte_range+0x2650/0x2650
[   69.759309][ T8571]  ? ktime_get+0x1f8/0x2f0
[   69.763724][ T8571]  ? __x64_sys_futex+0x376/0x4f0
[   69.768663][ T8571]  ? switch_fpu_return+0x1db/0x4b0
[   69.773776][ T8571]  ? fpregs_mark_activate+0x320/0x320
[   69.779148][ T8571]  ? __x64_sys_madvise+0xae/0x120
[   69.784167][ T8571]  ? trace_hardirqs_on+0x55/0x220
[   69.789188][ T8571]  __x64_sys_madvise+0xae/0x120
[   69.794038][ T8571]  do_syscall_64+0xf6/0x7d0
[   69.798562][ T8571]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   69.804446][ T8571] RIP: 0033:0x460bf7
[   69.808336][ T8571] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   69.827940][ T8571] RSP: 002b:00007ffe925b5fa0 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   69.836439][ T8571] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   69.844404][ T8571] RDX: 0000000000000008 RSI: 000000000000a000 RDI: 000000c0002ba000
[   69.852368][ T8571] RBP: 00007ffe925b5fe0 R08: 000000c000200000 R09: 000000c0002c4000
[   69.860330][ T8571] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000000
[   69.868302][ T8571] R13: 0000000000e8da20 R14: 0000000000000000 R15: 0000000000000000
[   69.876381][ T8571] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/8571
[   69.885452][ T8571] caller is __mod_memcg_state+0x87/0x1a0
[   69.891139][ T8571] CPU: 0 PID: 8571 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   69.900606][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.910652][ T8571] Call Trace:
[   69.913943][ T8571]  dump_stack+0x188/0x20d
[   69.918291][ T8571]  __this_cpu_preempt_check.cold+0x84/0x90
[   69.924095][ T8571]  __mod_memcg_state+0x87/0x1a0
[   69.928945][ T8571]  split_huge_page_to_list+0x124b/0x3380
[   69.934576][ T8571]  ? mark_held_locks+0xe0/0xe0
[   69.939337][ T8571]  ? lock_downgrade+0x7f0/0x7f0
[   69.944186][ T8571]  ? can_split_huge_page+0x480/0x480
[   69.949464][ T8571]  ? pmd_val+0x7c/0xf0
[   69.953529][ T8571]  ? pmd_pfn+0x125/0x1c0
[   69.957766][ T8571]  ? enabled_store+0x190/0x190
[   69.962617][ T8571]  madvise_free_huge_pmd+0x873/0xb90
[   69.967999][ T8571]  madvise_free_pte_range+0x6ff/0x2650
[   69.973459][ T8571]  ? mem_cgroup_uncharge+0xf0/0xf0
[   69.978567][ T8571]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   69.985242][ T8571]  __walk_page_range+0xcfb/0x2070
[   69.990279][ T8571]  ? walk_page_test+0x78/0x180
[   69.995037][ T8571]  walk_page_range+0x1bd/0x3a0
[   69.999809][ T8571]  ? __walk_page_range+0x2070/0x2070
[   70.005116][ T8571]  ? madvise_free_single_vma+0x2c1/0x550
[   70.010750][ T8571]  madvise_free_single_vma+0x384/0x550
[   70.016218][ T8571]  ? madvise_pageout+0x3b0/0x3b0
[   70.021153][ T8571]  ? lock_acquire+0x197/0x420
[   70.025824][ T8571]  ? userfaultfd_remove+0xf0/0x2b0
[   70.030938][ T8571]  ? vmacache_find+0x62/0x300
[   70.035612][ T8571]  ? find_vma+0x2b/0x170
[   70.039853][ T8571]  do_madvise+0x5ba/0x1b80
[   70.044263][ T8571]  ? lock_downgrade+0x7f0/0x7f0
[   70.049122][ T8571]  ? madvise_free_pte_range+0x2650/0x2650
[   70.054836][ T8571]  ? ktime_get+0x1f8/0x2f0
[   70.059254][ T8571]  ? __x64_sys_futex+0x376/0x4f0
[   70.064195][ T8571]  ? switch_fpu_return+0x1db/0x4b0
[   70.069304][ T8571]  ? fpregs_mark_activate+0x320/0x320
[   70.074700][ T8571]  ? __x64_sys_madvise+0xae/0x120
[   70.079718][ T8571]  ? trace_hardirqs_on+0x55/0x220
[   70.084744][ T8571]  __x64_sys_madvise+0xae/0x120
[   70.089775][ T8571]  do_syscall_64+0xf6/0x7d0
[   70.094282][ T8571]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.100170][ T8571] RIP: 0033:0x460bf7
[   70.104067][ T8571] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   70.123680][ T8571] RSP: 002b:00007ffe925b5fa0 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   70.132092][ T8571] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   70.140063][ T8571] RDX: 0000000000000008 RSI: 000000000000a000 RDI: 000000c0002ba000
[   70.148549][ T8571] RBP: 00007ffe925b5fe0 R08: 000000c000200000 R09: 000000c0002c4000
[   70.156686][ T8571] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000000
[   70.164661][ T8571] R13: 0000000000e8da20 R14: 0000000000000000 R15: 0000000000000000
2020/03/11 10:06:07 connecting to host at 10.128.0.26:41103
2020/03/11 10:06:07 checking machine...
2020/03/11 10:06:07 checking revisions...
2020/03/11 10:06:07 testing simple program...
[   71.875897][ T8589] IPVS: ftp: loaded support on port[0] = 21
2020/03/11 10:06:08 building call list...
[   72.007210][ T8585] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/8585
[   72.016220][ T8585] caller is __mod_memcg_state+0x27/0x1a0
[   72.021936][ T8585] CPU: 0 PID: 8585 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   72.031387][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.041550][ T8585] Call Trace:
[   72.044845][ T8585]  dump_stack+0x188/0x20d
[   72.049206][ T8585]  __this_cpu_preempt_check.cold+0x84/0x90
[   72.055021][ T8585]  __mod_memcg_state+0x27/0x1a0
[   72.059878][ T8585]  split_huge_page_to_list+0x124b/0x3380
[   72.065519][ T8585]  ? mark_held_locks+0xe0/0xe0
[   72.070321][ T8585]  ? can_split_huge_page+0x480/0x480
[   72.075603][ T8585]  ? pmd_val+0x7c/0xf0
[   72.079665][ T8585]  ? pmd_pfn+0x125/0x1c0
[   72.083904][ T8585]  ? enabled_store+0x190/0x190
[   72.088672][ T8585]  madvise_free_huge_pmd+0x873/0xb90
[   72.093959][ T8585]  madvise_free_pte_range+0x6ff/0x2650
[   72.099428][ T8585]  ? kmem_cache_free+0x7f/0x320
[   72.104278][ T8585]  ? do_madvise+0xbb3/0x1b80
[   72.108877][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   72.113901][ T8585]  ? mem_cgroup_uncharge+0xf0/0xf0
[   72.119009][ T8585]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   72.125702][ T8585]  __walk_page_range+0xcfb/0x2070
[   72.130759][ T8585]  ? walk_page_test+0x78/0x180
[   72.135523][ T8585]  walk_page_range+0x1bd/0x3a0
[   72.140288][ T8585]  ? __walk_page_range+0x2070/0x2070
[   72.145578][ T8585]  ? madvise_free_single_vma+0x2c1/0x550
[   72.151213][ T8585]  madvise_free_single_vma+0x384/0x550
[   72.156672][ T8585]  ? madvise_pageout+0x3b0/0x3b0
[   72.161613][ T8585]  ? lock_acquire+0x197/0x420
[   72.166302][ T8585]  ? userfaultfd_remove+0xf0/0x2b0
[   72.171419][ T8585]  ? vmacache_find+0x62/0x300
[   72.176093][ T8585]  ? vmacache_update+0xce/0x140
[   72.180943][ T8585]  ? find_vma+0x2b/0x170
[   72.185192][ T8585]  do_madvise+0x5ba/0x1b80
[   72.189608][ T8585]  ? unuse_pde+0x2c/0x80
[   72.193858][ T8585]  ? madvise_free_pte_range+0x2650/0x2650
[   72.199663][ T8585]  ? wait_for_completion+0x3c0/0x3c0
[   72.205048][ T8585]  ? fput_many+0x2f/0x1a0
[   72.209375][ T8585]  ? ksys_read+0x19f/0x250
[   72.213789][ T8585]  ? kernel_write+0x120/0x120
[   72.218470][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   72.223502][ T8585]  ? trace_hardirqs_on+0x55/0x220
[   72.228527][ T8585]  __x64_sys_madvise+0xae/0x120
[   72.233389][ T8585]  do_syscall_64+0xf6/0x7d0
[   72.237897][ T8585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   72.243782][ T8585] RIP: 0033:0x460bf7
[   72.247677][ T8585] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   72.267659][ T8585] RSP: 002b:000000c0002cbc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   72.276174][ T8585] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   72.284150][ T8585] RDX: 0000000000000008 RSI: 000000000005c000 RDI: 000000c0001f6000
[   72.292119][ T8585] RBP: 000000c0002cbc90 R08: 000000c000000000 R09: 000000c000252000
[   72.300087][ T8585] R10: 00007fffffffffff R11: 0000000000000246 R12: 000000000000001f
[   72.308053][ T8585] R13: 0000000000000040 R14: 0000000000000001 R15: 0000000000000001
[   72.316187][ T8585] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/8585
[   72.325099][ T8585] caller is __mod_memcg_state+0xca/0x1a0
[   72.330803][ T8585] CPU: 0 PID: 8585 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   72.340271][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.350321][ T8585] Call Trace:
[   72.353617][ T8585]  dump_stack+0x188/0x20d
[   72.357950][ T8585]  __this_cpu_preempt_check.cold+0x84/0x90
[   72.363751][ T8585]  __mod_memcg_state+0xca/0x1a0
[   72.368604][ T8585]  split_huge_page_to_list+0x124b/0x3380
[   72.374238][ T8585]  ? mark_held_locks+0xe0/0xe0
[   72.379004][ T8585]  ? can_split_huge_page+0x480/0x480
[   72.384282][ T8585]  ? pmd_val+0x7c/0xf0
[   72.388351][ T8585]  ? pmd_pfn+0x125/0x1c0
[   72.392592][ T8585]  ? enabled_store+0x190/0x190
[   72.397360][ T8585]  madvise_free_huge_pmd+0x873/0xb90
[   72.402831][ T8585]  madvise_free_pte_range+0x6ff/0x2650
[   72.408291][ T8585]  ? kmem_cache_free+0x7f/0x320
[   72.413145][ T8585]  ? do_madvise+0xbb3/0x1b80
[   72.417731][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   72.422756][ T8585]  ? mem_cgroup_uncharge+0xf0/0xf0
[   72.427872][ T8585]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   72.434544][ T8585]  __walk_page_range+0xcfb/0x2070
[   72.439582][ T8585]  ? walk_page_test+0x78/0x180
[   72.444345][ T8585]  walk_page_range+0x1bd/0x3a0
[   72.449142][ T8585]  ? __walk_page_range+0x2070/0x2070
[   72.454432][ T8585]  ? madvise_free_single_vma+0x2c1/0x550
[   72.460068][ T8585]  madvise_free_single_vma+0x384/0x550
[   72.465555][ T8585]  ? madvise_pageout+0x3b0/0x3b0
[   72.470617][ T8585]  ? lock_acquire+0x197/0x420
[   72.475316][ T8585]  ? userfaultfd_remove+0xf0/0x2b0
[   72.480457][ T8585]  ? vmacache_find+0x62/0x300
[   72.485160][ T8585]  ? vmacache_update+0xce/0x140
[   72.490023][ T8585]  ? find_vma+0x2b/0x170
[   72.494310][ T8585]  do_madvise+0x5ba/0x1b80
[   72.498828][ T8585]  ? unuse_pde+0x2c/0x80
[   72.505079][ T8585]  ? madvise_free_pte_range+0x2650/0x2650
[   72.511033][ T8585]  ? wait_for_completion+0x3c0/0x3c0
[   72.516407][ T8585]  ? fput_many+0x2f/0x1a0
[   72.520743][ T8585]  ? ksys_read+0x19f/0x250
[   72.525328][ T8585]  ? kernel_write+0x120/0x120
[   72.530017][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   72.535405][ T8585]  ? trace_hardirqs_on+0x55/0x220
[   72.540860][ T8585]  __x64_sys_madvise+0xae/0x120
[   72.545739][ T8585]  do_syscall_64+0xf6/0x7d0
[   72.550243][ T8585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   72.556148][ T8585] RIP: 0033:0x460bf7
[   72.560767][ T8585] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   72.581062][ T8585] RSP: 002b:000000c0002cbc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   72.590202][ T8585] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   72.599843][ T8585] RDX: 0000000000000008 RSI: 000000000005c000 RDI: 000000c0001f6000
[   72.607920][ T8585] RBP: 000000c0002cbc90 R08: 000000c000000000 R09: 000000c000252000
[   72.615887][ T8585] R10: 00007fffffffffff R11: 0000000000000246 R12: 000000000000001f
[   72.624124][ T8585] R13: 0000000000000040 R14: 0000000000000001 R15: 0000000000000001
[   72.632191][ T8585] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/8585
[   72.641241][ T8585] caller is __mod_memcg_state+0x87/0x1a0
[   72.646873][ T8585] CPU: 0 PID: 8585 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   72.656492][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.666821][ T8585] Call Trace:
[   72.670129][ T8585]  dump_stack+0x188/0x20d
[   72.675538][ T8585]  __this_cpu_preempt_check.cold+0x84/0x90
[   72.681358][ T8585]  __mod_memcg_state+0x87/0x1a0
[   72.686214][ T8585]  split_huge_page_to_list+0x124b/0x3380
[   72.692461][ T8585]  ? mark_held_locks+0xe0/0xe0
[   72.697232][ T8585]  ? can_split_huge_page+0x480/0x480
[   72.702531][ T8585]  ? pmd_val+0x7c/0xf0
[   72.706595][ T8585]  ? pmd_pfn+0x125/0x1c0
[   72.710839][ T8585]  ? enabled_store+0x190/0x190
[   72.715606][ T8585]  madvise_free_huge_pmd+0x873/0xb90
[   72.720898][ T8585]  madvise_free_pte_range+0x6ff/0x2650
[   72.726372][ T8585]  ? kmem_cache_free+0x7f/0x320
[   72.731218][ T8585]  ? do_madvise+0xbb3/0x1b80
[   72.735982][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   72.741038][ T8585]  ? mem_cgroup_uncharge+0xf0/0xf0
[   72.746157][ T8585]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   72.752846][ T8585]  __walk_page_range+0xcfb/0x2070
[   72.757905][ T8585]  ? walk_page_test+0x78/0x180
[   72.762756][ T8585]  walk_page_range+0x1bd/0x3a0
[   72.767528][ T8585]  ? __walk_page_range+0x2070/0x2070
[   72.772842][ T8585]  ? madvise_free_single_vma+0x2c1/0x550
[   72.778510][ T8585]  madvise_free_single_vma+0x384/0x550
[   72.783977][ T8585]  ? madvise_pageout+0x3b0/0x3b0
[   72.788919][ T8585]  ? lock_acquire+0x197/0x420
[   72.793599][ T8585]  ? userfaultfd_remove+0xf0/0x2b0
[   72.798724][ T8585]  ? vmacache_find+0x62/0x300
[   72.803399][ T8585]  ? vmacache_update+0xce/0x140
[   72.808245][ T8585]  ? find_vma+0x2b/0x170
[   72.812491][ T8585]  do_madvise+0x5ba/0x1b80
[   72.816900][ T8585]  ? unuse_pde+0x2c/0x80
[   72.821149][ T8585]  ? madvise_free_pte_range+0x2650/0x2650
[   72.826872][ T8585]  ? wait_for_completion+0x3c0/0x3c0
[   72.832157][ T8585]  ? fput_many+0x2f/0x1a0
[   72.836497][ T8585]  ? ksys_read+0x19f/0x250
[   72.840921][ T8585]  ? kernel_write+0x120/0x120
[   72.845608][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   72.850631][ T8585]  ? trace_hardirqs_on+0x55/0x220
[   72.855653][ T8585]  __x64_sys_madvise+0xae/0x120
[   72.860510][ T8585]  do_syscall_64+0xf6/0x7d0
[   72.865010][ T8585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   72.870892][ T8585] RIP: 0033:0x460bf7
[   72.874783][ T8585] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   72.894381][ T8585] RSP: 002b:000000c0002cbc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   72.902788][ T8585] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   72.910909][ T8585] RDX: 0000000000000008 RSI: 000000000005c000 RDI: 000000c0001f6000
[   72.918893][ T8585] RBP: 000000c0002cbc90 R08: 000000c000000000 R09: 000000c000252000
[   72.926863][ T8585] R10: 00007fffffffffff R11: 0000000000000246 R12: 000000000000001f
[   72.934842][ T8585] R13: 0000000000000040 R14: 0000000000000001 R15: 0000000000000001
[   73.021526][ T8585] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/8585
[   73.031065][ T8585] caller is __mod_memcg_state+0x27/0x1a0
[   73.036692][ T8585] CPU: 0 PID: 8585 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   73.046183][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.056262][ T8585] Call Trace:
[   73.059561][ T8585]  dump_stack+0x188/0x20d
[   73.063873][ T8585]  __this_cpu_preempt_check.cold+0x84/0x90
[   73.069660][ T8585]  __mod_memcg_state+0x27/0x1a0
[   73.074492][ T8585]  split_huge_page_to_list+0x124b/0x3380
[   73.080115][ T8585]  ? mark_held_locks+0xe0/0xe0
[   73.084855][ T8585]  ? release_pages+0x656/0x19b0
[   73.089686][ T8585]  ? can_split_huge_page+0x480/0x480
[   73.094950][ T8585]  ? pmd_val+0x7c/0xf0
[   73.099516][ T8585]  ? pmd_pfn+0x125/0x1c0
[   73.103737][ T8585]  ? enabled_store+0x190/0x190
[   73.108567][ T8585]  madvise_free_huge_pmd+0x873/0xb90
[   73.113860][ T8585]  madvise_free_pte_range+0x6ff/0x2650
[   73.119311][ T8585]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   73.126038][ T8585]  __walk_page_range+0xcfb/0x2070
[   73.131456][ T8585]  ? walk_page_test+0x78/0x180
[   73.136236][ T8585]  walk_page_range+0x1bd/0x3a0
[   73.141256][ T8585]  ? __walk_page_range+0x2070/0x2070
[   73.146625][ T8585]  ? madvise_free_single_vma+0x2c1/0x550
[   73.152247][ T8585]  madvise_free_single_vma+0x384/0x550
[   73.157730][ T8585]  ? madvise_pageout+0x3b0/0x3b0
[   73.162755][ T8585]  ? lock_acquire+0x197/0x420
[   73.167416][ T8585]  ? userfaultfd_remove+0xf0/0x2b0
[   73.172605][ T8585]  ? vmacache_find+0x62/0x300
[   73.177270][ T8585]  ? find_vma+0x2b/0x170
[   73.181601][ T8585]  do_madvise+0x5ba/0x1b80
[   73.186228][ T8585]  ? madvise_free_pte_range+0x2650/0x2650
[   73.191925][ T8585]  ? up_read+0x1a8/0x750
[   73.196276][ T8585]  ? handle_mm_fault+0x29e/0x660
[   73.201235][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   73.207893][ T8585]  ? trace_hardirqs_on+0x55/0x220
[   73.212921][ T8585]  __x64_sys_madvise+0xae/0x120
[   73.217866][ T8585]  do_syscall_64+0xf6/0x7d0
[   73.222698][ T8585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   73.228567][ T8585] RIP: 0033:0x460bf7
[   73.232443][ T8585] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   73.252046][ T8585] RSP: 002b:000000c0002cbc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   73.260526][ T8585] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   73.268476][ T8585] RDX: 0000000000000008 RSI: 0000000000040000 RDI: 000000c0003ea000
[   73.276433][ T8585] RBP: 000000c0002cbc90 R08: 000000c000200000 R09: 000000c00042a000
[   73.284417][ T8585] R10: 00000000000ffe00 R11: 0000000000000246 R12: 0000000000000002
[   73.292460][ T8585] R13: 0000000000e8da20 R14: 000000000045ecf0 R15: 0000000000000000
[   73.300500][ T8585] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/8585
[   73.309497][ T8585] caller is __mod_memcg_state+0xca/0x1a0
[   73.315124][ T8585] CPU: 0 PID: 8585 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   73.324660][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.334710][ T8585] Call Trace:
[   73.338015][ T8585]  dump_stack+0x188/0x20d
[   73.342340][ T8585]  __this_cpu_preempt_check.cold+0x84/0x90
[   73.348143][ T8585]  __mod_memcg_state+0xca/0x1a0
[   73.352980][ T8585]  split_huge_page_to_list+0x124b/0x3380
[   73.358613][ T8585]  ? mark_held_locks+0xe0/0xe0
[   73.363362][ T8585]  ? release_pages+0x656/0x19b0
[   73.368209][ T8585]  ? can_split_huge_page+0x480/0x480
[   73.373598][ T8585]  ? pmd_val+0x7c/0xf0
[   73.377653][ T8585]  ? pmd_pfn+0x125/0x1c0
[   73.381878][ T8585]  ? enabled_store+0x190/0x190
[   73.386629][ T8585]  madvise_free_huge_pmd+0x873/0xb90
[   73.391906][ T8585]  madvise_free_pte_range+0x6ff/0x2650
[   73.397346][ T8585]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   73.404017][ T8585]  __walk_page_range+0xcfb/0x2070
[   73.409047][ T8585]  ? walk_page_test+0x78/0x180
[   73.413856][ T8585]  walk_page_range+0x1bd/0x3a0
[   73.418621][ T8585]  ? __walk_page_range+0x2070/0x2070
[   73.423897][ T8585]  ? madvise_free_single_vma+0x2c1/0x550
[   73.429533][ T8585]  madvise_free_single_vma+0x384/0x550
[   73.435047][ T8585]  ? madvise_pageout+0x3b0/0x3b0
[   73.439984][ T8585]  ? lock_acquire+0x197/0x420
[   73.444648][ T8585]  ? userfaultfd_remove+0xf0/0x2b0
[   73.449765][ T8585]  ? vmacache_find+0x62/0x300
[   73.454425][ T8585]  ? find_vma+0x2b/0x170
[   73.458650][ T8585]  do_madvise+0x5ba/0x1b80
[   73.463063][ T8585]  ? madvise_free_pte_range+0x2650/0x2650
[   73.468774][ T8585]  ? up_read+0x1a8/0x750
[   73.472995][ T8585]  ? handle_mm_fault+0x29e/0x660
[   73.477923][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   73.482963][ T8585]  ? trace_hardirqs_on+0x55/0x220
[   73.487970][ T8585]  __x64_sys_madvise+0xae/0x120
[   73.492802][ T8585]  do_syscall_64+0xf6/0x7d0
[   73.497300][ T8585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   73.503617][ T8585] RIP: 0033:0x460bf7
[   73.507624][ T8585] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   73.527217][ T8585] RSP: 002b:000000c0002cbc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   73.535807][ T8585] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   73.543769][ T8585] RDX: 0000000000000008 RSI: 0000000000040000 RDI: 000000c0003ea000
[   73.551745][ T8585] RBP: 000000c0002cbc90 R08: 000000c000200000 R09: 000000c00042a000
[   73.559705][ T8585] R10: 00000000000ffe00 R11: 0000000000000246 R12: 0000000000000002
[   73.567681][ T8585] R13: 0000000000e8da20 R14: 000000000045ecf0 R15: 0000000000000000
[   73.575719][ T8585] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/8585
[   73.584781][ T8585] caller is __mod_memcg_state+0x87/0x1a0
[   73.590449][ T8585] CPU: 0 PID: 8585 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   73.599893][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.609935][ T8585] Call Trace:
[   73.613231][ T8585]  dump_stack+0x188/0x20d
[   73.617555][ T8585]  __this_cpu_preempt_check.cold+0x84/0x90
[   73.623342][ T8585]  __mod_memcg_state+0x87/0x1a0
[   73.628177][ T8585]  split_huge_page_to_list+0x124b/0x3380
[   73.633790][ T8585]  ? mark_held_locks+0xe0/0xe0
[   73.638560][ T8585]  ? release_pages+0x656/0x19b0
[   73.643424][ T8585]  ? can_split_huge_page+0x480/0x480
[   73.648706][ T8585]  ? pmd_val+0x7c/0xf0
[   73.652769][ T8585]  ? pmd_pfn+0x125/0x1c0
[   73.657125][ T8585]  ? enabled_store+0x190/0x190
[   73.661909][ T8585]  madvise_free_huge_pmd+0x873/0xb90
[   73.667220][ T8585]  madvise_free_pte_range+0x6ff/0x2650
[   73.672676][ T8585]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   73.679350][ T8585]  __walk_page_range+0xcfb/0x2070
[   73.684363][ T8585]  ? walk_page_test+0x78/0x180
[   73.689107][ T8585]  walk_page_range+0x1bd/0x3a0
[   73.693861][ T8585]  ? __walk_page_range+0x2070/0x2070
[   73.699134][ T8585]  ? madvise_free_single_vma+0x2c1/0x550
[   73.704772][ T8585]  madvise_free_single_vma+0x384/0x550
[   73.710304][ T8585]  ? madvise_pageout+0x3b0/0x3b0
[   73.715234][ T8585]  ? lock_acquire+0x197/0x420
[   73.719919][ T8585]  ? userfaultfd_remove+0xf0/0x2b0
[   73.725019][ T8585]  ? vmacache_find+0x62/0x300
[   73.729680][ T8585]  ? find_vma+0x2b/0x170
[   73.733902][ T8585]  do_madvise+0x5ba/0x1b80
[   73.738315][ T8585]  ? madvise_free_pte_range+0x2650/0x2650
[   73.744046][ T8585]  ? up_read+0x1a8/0x750
[   73.748279][ T8585]  ? handle_mm_fault+0x29e/0x660
[   73.753232][ T8585]  ? __x64_sys_madvise+0xae/0x120
[   73.758252][ T8585]  ? trace_hardirqs_on+0x55/0x220
[   73.763296][ T8585]  __x64_sys_madvise+0xae/0x120
[   73.768139][ T8585]  do_syscall_64+0xf6/0x7d0
[   73.772627][ T8585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   73.778502][ T8585] RIP: 0033:0x460bf7
[   73.782375][ T8585] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   73.801974][ T8585] RSP: 002b:000000c0002cbc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   73.810365][ T8585] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   73.818334][ T8585] RDX: 0000000000000008 RSI: 0000000000040000 RDI: 000000c0003ea000
[   73.826360][ T8585] RBP: 000000c0002cbc90 R08: 000000c000200000 R09: 000000c00042a000
[   73.834322][ T8585] R10: 00000000000ffe00 R11: 0000000000000246 R12: 0000000000000002
[   73.842298][ T8585] R13: 0000000000e8da20 R14: 000000000045ecf0 R15: 0000000000000000
[   73.937013][    T7] tipc: TX() has been purged, node left!
[   74.524993][ T8579] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/8579
[   74.534140][ T8579] caller is __mod_memcg_state+0x27/0x1a0
[   74.539812][ T8579] CPU: 1 PID: 8579 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   74.549299][ T8579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.559337][ T8579] Call Trace:
[   74.562615][ T8579]  dump_stack+0x188/0x20d
[   74.566937][ T8579]  __this_cpu_preempt_check.cold+0x84/0x90
[   74.572728][ T8579]  __mod_memcg_state+0x27/0x1a0
[   74.577558][ T8579]  split_huge_page_to_list+0x124b/0x3380
[   74.583171][ T8579]  ? mark_held_locks+0xe0/0xe0
[   74.587930][ T8579]  ? release_pages+0x656/0x19b0
[   74.592776][ T8579]  ? can_split_huge_page+0x480/0x480
[   74.598125][ T8579]  ? pmd_val+0x7c/0xf0
[   74.602182][ T8579]  ? pmd_pfn+0x125/0x1c0
[   74.606410][ T8579]  ? enabled_store+0x190/0x190
[   74.611197][ T8579]  madvise_free_huge_pmd+0x873/0xb90
[   74.616483][ T8579]  madvise_free_pte_range+0x6ff/0x2650
[   74.621936][ T8579]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   74.628595][ T8579]  __walk_page_range+0xcfb/0x2070
[   74.633609][ T8579]  ? walk_page_test+0x78/0x180
[   74.638365][ T8579]  walk_page_range+0x1bd/0x3a0
[   74.643126][ T8579]  ? __walk_page_range+0x2070/0x2070
[   74.648406][ T8579]  ? madvise_free_single_vma+0x2c1/0x550
[   74.654031][ T8579]  madvise_free_single_vma+0x384/0x550
[   74.659492][ T8579]  ? madvise_pageout+0x3b0/0x3b0
[   74.664410][ T8579]  ? lock_acquire+0x197/0x420
[   74.669086][ T8579]  ? userfaultfd_remove+0xf0/0x2b0
executing program
[   74.674211][ T8579]  ? vmacache_find+0x62/0x300
[   74.678875][ T8579]  ? vmacache_update+0xce/0x140
[   74.683720][ T8579]  ? find_vma+0x2b/0x170
[   74.687972][ T8579]  do_madvise+0x5ba/0x1b80
[   74.692384][ T8579]  ? unuse_pde+0x2c/0x80
[   74.696634][ T8579]  ? madvise_free_pte_range+0x2650/0x2650
[   74.702355][ T8579]  ? __x64_sys_futex+0x376/0x4f0
[   74.707284][ T8579]  ? fput_many+0x2f/0x1a0
[   74.711607][ T8579]  ? do_futex+0x1b10/0x1b10
[   74.716108][ T8579]  ? ksys_read+0x19f/0x250
[   74.720522][ T8579]  ? kernel_write+0x120/0x120
[   74.725191][ T8579]  ? __x64_sys_madvise+0xae/0x120
[   74.730200][ T8579]  ? trace_hardirqs_on+0x55/0x220
[   74.735225][ T8579]  __x64_sys_madvise+0xae/0x120
[   74.740060][ T8579]  do_syscall_64+0xf6/0x7d0
[   74.744562][ T8579]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   74.750443][ T8579] RIP: 0033:0x460bf7
[   74.754321][ T8579] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   74.773920][ T8579] RSP: 002b:000000c0000e1c50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   74.782309][ T8579] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   74.790537][ T8579] RDX: 0000000000000008 RSI: 0000000000200000 RDI: 000000c0005aa000
[   74.798492][ T8579] RBP: 000000c0000e1c90 R08: 000000c000400000 R09: 000000c0007aa000
[   74.806449][ T8579] R10: 00000000007ffe00 R11: 0000000000000246 R12: 000000000149fb60
[   74.814407][ T8579] R13: 0000000000e8da20 R14: 0000000000000000 R15: 0000000000000000
[   74.822590][ T8579] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/8579
[   74.831539][ T8579] caller is __mod_memcg_state+0xca/0x1a0
[   74.837212][ T8579] CPU: 1 PID: 8579 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   74.846666][ T8579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.856702][ T8579] Call Trace:
[   74.859978][ T8579]  dump_stack+0x188/0x20d
[   74.864291][ T8579]  __this_cpu_preempt_check.cold+0x84/0x90
[   74.870103][ T8579]  __mod_memcg_state+0xca/0x1a0
[   74.874936][ T8579]  split_huge_page_to_list+0x124b/0x3380
[   74.880584][ T8579]  ? mark_held_locks+0xe0/0xe0
[   74.885337][ T8579]  ? release_pages+0x656/0x19b0
[   74.890186][ T8579]  ? can_split_huge_page+0x480/0x480
[   74.895489][ T8579]  ? pmd_val+0x7c/0xf0
[   74.899547][ T8579]  ? pmd_pfn+0x125/0x1c0
[   74.903803][ T8579]  ? enabled_store+0x190/0x190
[   74.908557][ T8579]  madvise_free_huge_pmd+0x873/0xb90
[   74.913850][ T8579]  madvise_free_pte_range+0x6ff/0x2650
[   74.919330][ T8579]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   74.925985][ T8579]  __walk_page_range+0xcfb/0x2070
[   74.931003][ T8579]  ? walk_page_test+0x78/0x180
[   74.935758][ T8579]  walk_page_range+0x1bd/0x3a0
[   74.940514][ T8579]  ? __walk_page_range+0x2070/0x2070
[   74.945809][ T8579]  ? madvise_free_single_vma+0x2c1/0x550
[   74.951426][ T8579]  madvise_free_single_vma+0x384/0x550
[   74.957920][ T8579]  ? madvise_pageout+0x3b0/0x3b0
[   74.962906][ T8579]  ? lock_acquire+0x197/0x420
[   74.967591][ T8579]  ? userfaultfd_remove+0xf0/0x2b0
[   74.972692][ T8579]  ? vmacache_find+0x62/0x300
[   74.977457][ T8579]  ? vmacache_update+0xce/0x140
[   74.984568][ T8579]  ? find_vma+0x2b/0x170
[   74.988811][ T8579]  do_madvise+0x5ba/0x1b80
[   74.993225][ T8579]  ? unuse_pde+0x2c/0x80
[   74.997472][ T8579]  ? madvise_free_pte_range+0x2650/0x2650
[   75.003177][ T8579]  ? __x64_sys_futex+0x376/0x4f0
[   75.008094][ T8579]  ? fput_many+0x2f/0x1a0
[   75.012397][ T8579]  ? do_futex+0x1b10/0x1b10
[   75.016876][ T8579]  ? ksys_read+0x19f/0x250
[   75.021473][ T8579]  ? kernel_write+0x120/0x120
[   75.026296][ T8579]  ? __x64_sys_madvise+0xae/0x120
[   75.031833][ T8579]  ? trace_hardirqs_on+0x55/0x220
[   75.036986][ T8579]  __x64_sys_madvise+0xae/0x120
[   75.041824][ T8579]  do_syscall_64+0xf6/0x7d0
[   75.046313][ T8579]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   75.052317][ T8579] RIP: 0033:0x460bf7
[   75.056197][ T8579] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   75.075796][ T8579] RSP: 002b:000000c0000e1c50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   75.084249][ T8579] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   75.092329][ T8579] RDX: 0000000000000008 RSI: 0000000000200000 RDI: 000000c0005aa000
[   75.100296][ T8579] RBP: 000000c0000e1c90 R08: 000000c000400000 R09: 000000c0007aa000
[   75.108245][ T8579] R10: 00000000007ffe00 R11: 0000000000000246 R12: 000000000149fb60
[   75.116194][ T8579] R13: 0000000000e8da20 R14: 0000000000000000 R15: 0000000000000000
[   75.124227][ T8579] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/8579
[   75.133280][ T8579] caller is __mod_memcg_state+0x87/0x1a0
[   75.138925][ T8579] CPU: 1 PID: 8579 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   75.148384][ T8579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.158436][ T8579] Call Trace:
[   75.161713][ T8579]  dump_stack+0x188/0x20d
[   75.166024][ T8579]  __this_cpu_preempt_check.cold+0x84/0x90
[   75.171916][ T8579]  __mod_memcg_state+0x87/0x1a0
[   75.176746][ T8579]  split_huge_page_to_list+0x124b/0x3380
[   75.182360][ T8579]  ? mark_held_locks+0xe0/0xe0
[   75.187112][ T8579]  ? release_pages+0x656/0x19b0
[   75.191953][ T8579]  ? can_split_huge_page+0x480/0x480
[   75.197215][ T8579]  ? pmd_val+0x7c/0xf0
[   75.201267][ T8579]  ? pmd_pfn+0x125/0x1c0
[   75.205495][ T8579]  ? enabled_store+0x190/0x190
[   75.211193][ T8579]  madvise_free_huge_pmd+0x873/0xb90
[   75.216468][ T8579]  madvise_free_pte_range+0x6ff/0x2650
[   75.221911][ T8579]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   75.228561][ T8579]  __walk_page_range+0xcfb/0x2070
[   75.233574][ T8579]  ? walk_page_test+0x78/0x180
[   75.238408][ T8579]  walk_page_range+0x1bd/0x3a0
[   75.243154][ T8579]  ? __walk_page_range+0x2070/0x2070
[   75.248420][ T8579]  ? madvise_free_single_vma+0x2c1/0x550
[   75.254032][ T8579]  madvise_free_single_vma+0x384/0x550
[   75.259483][ T8579]  ? madvise_pageout+0x3b0/0x3b0
[   75.264425][ T8579]  ? lock_acquire+0x197/0x420
[   75.269093][ T8579]  ? userfaultfd_remove+0xf0/0x2b0
[   75.274199][ T8579]  ? vmacache_find+0x62/0x300
[   75.278860][ T8579]  ? vmacache_update+0xce/0x140
[   75.283710][ T8579]  ? find_vma+0x2b/0x170
[   75.287939][ T8579]  do_madvise+0x5ba/0x1b80
[   75.292478][ T8579]  ? unuse_pde+0x2c/0x80
[   75.296828][ T8579]  ? madvise_free_pte_range+0x2650/0x2650
[   75.302555][ T8579]  ? __x64_sys_futex+0x376/0x4f0
[   75.307486][ T8579]  ? fput_many+0x2f/0x1a0
[   75.311863][ T8579]  ? do_futex+0x1b10/0x1b10
[   75.316358][ T8579]  ? ksys_read+0x19f/0x250
[   75.320773][ T8579]  ? kernel_write+0x120/0x120
[   75.325511][ T8579]  ? __x64_sys_madvise+0xae/0x120
[   75.330529][ T8579]  ? trace_hardirqs_on+0x55/0x220
[   75.335589][ T8579]  __x64_sys_madvise+0xae/0x120
[   75.340985][ T8579]  do_syscall_64+0xf6/0x7d0
[   75.345493][ T8579]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   75.351463][ T8579] RIP: 0033:0x460bf7
[   75.355388][ T8579] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   75.375247][ T8579] RSP: 002b:000000c0000e1c50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   75.383807][ T8579] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   75.391779][ T8579] RDX: 0000000000000008 RSI: 0000000000200000 RDI: 000000c0005aa000
[   75.399981][ T8579] RBP: 000000c0000e1c90 R08: 000000c000400000 R09: 000000c0007aa000
[   75.408009][ T8579] R10: 00000000007ffe00 R11: 0000000000000246 R12: 000000000149fb60
[   75.416005][ T8579] R13: 0000000000e8da20 R14: 0000000000000000 R15: 0000000000000000
[   75.759749][ T8579] ------------[ cut here ]------------
[   75.765440][ T8579] WARNING: CPU: 0 PID: 8579 at sound/core/oss/pcm_plugin.c:126 snd_pcm_plug_alloc+0x29a/0x330
[   75.775651][ T8579] Kernel panic - not syncing: panic_on_warn set ...
[   75.782218][ T8579] CPU: 0 PID: 8579 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200311-syzkaller #0
[   75.791654][ T8579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.801794][ T8579] Call Trace:
[   75.805183][ T8579]  dump_stack+0x188/0x20d
[   75.809502][ T8579]  ? snd_pcm_plug_alloc+0x250/0x330
[   75.814684][ T8579]  panic+0x2e3/0x75c
[   75.818562][ T8579]  ? add_taint.cold+0x16/0x16
[   75.823221][ T8579]  ? printk+0xba/0xed
[   75.827185][ T8579]  ? kmsg_dump_rewind_nolock+0xd9/0xd9
[   75.832699][ T8579]  ? __warn.cold+0x14/0x35
[   75.837099][ T8579]  ? __warn+0xd5/0x1c8
[   75.841152][ T8579]  ? snd_pcm_plug_alloc+0x29a/0x330
[   75.846338][ T8579]  __warn.cold+0x2f/0x35
[   75.850581][ T8579]  ? snd_pcm_plug_alloc+0x29a/0x330
[   75.855824][ T8579]  report_bug+0x27b/0x2f0
[   75.860156][ T8579]  do_error_trap+0x12b/0x220
[   75.864725][ T8579]  ? snd_pcm_plug_alloc+0x29a/0x330
[   75.870023][ T8579]  do_invalid_op+0x32/0x40
[   75.874571][ T8579]  ? snd_pcm_plug_alloc+0x29a/0x330
[   75.879771][ T8579]  invalid_op+0x23/0x30
[   75.883925][ T8579] RIP: 0010:snd_pcm_plug_alloc+0x29a/0x330
[   75.889719][ T8579] Code: ff ff 45 31 e4 e8 46 f2 7f fb 44 89 e0 5b 5d 41 5c 41 5d 41 5e c3 e8 35 f2 7f fb 0f 0b 41 bc fa ff ff ff eb e0 e8 26 f2 7f fb <0f> 0b 41 bc fa ff ff ff eb d1 e8 17 f2 7f fb 0f 0b 41 bc fa ff ff
[   75.909307][ T8579] RSP: 0018:ffffc90002127b88 EFLAGS: 00010293
[   75.915365][ T8579] RAX: ffff88809a6ca580 RBX: ffff8880a74a7600 RCX: ffffffff85f2d2c6
[   75.923312][ T8579] RDX: 0000000000000000 RSI: ffffffff85f2d44a RDI: 0000000000000007
[   75.931278][ T8579] RBP: 0000000000000000 R08: ffff88809a6ca580 R09: ffffed1042acc81f
[   75.939229][ T8579] R10: ffff8882156640f3 R11: ffffed1042acc81e R12: ffff8880a74a7658
[   75.947197][ T8579] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888215664000
[   75.955465][ T8579]  ? snd_pcm_plug_alloc+0x116/0x330
[   75.960664][ T8579]  ? snd_pcm_plug_alloc+0x29a/0x330
[   75.965864][ T8579]  ? snd_pcm_plug_alloc+0x29a/0x330
[   75.971211][ T8579]  snd_pcm_oss_change_params_locked+0x1c05/0x34b0
[   75.977677][ T8579]  ? _snd_pcm_hw_param_set.constprop.0+0x510/0x510
[   75.984169][ T8579]  ? trace_hardirqs_off+0x50/0x220
[   75.989273][ T8579]  ? trace_hardirqs_on+0x55/0x220
[   75.994281][ T8579]  ? snd_pcm_oss_sync.isra.0+0x7d0/0x7d0
[   75.999899][ T8579]  snd_pcm_oss_change_params+0x76/0xd0
[   76.005335][ T8579]  snd_pcm_oss_make_ready+0xb7/0x170
[   76.010597][ T8579]  snd_pcm_oss_sync.isra.0+0x1be/0x7d0
[   76.016049][ T8579]  ? snd_pcm_oss_sync.isra.0+0x7d0/0x7d0
[   76.021932][ T8579]  snd_pcm_oss_release+0x210/0x280
[   76.027036][ T8579]  __fput+0x2da/0x850
[   76.031007][ T8579]  task_work_run+0xf4/0x1b0
[   76.035508][ T8579]  exit_to_usermode_loop+0x2fa/0x360
[   76.040771][ T8579]  do_syscall_64+0x6b1/0x7d0
[   76.045358][ T8579]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   76.051228][ T8579] RIP: 0033:0x4afb40
[   76.055125][ T8579] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[   76.074725][ T8579] RSP: 002b:000000c0001af588 EFLAGS: 00000212 ORIG_RAX: 0000000000000003
[   76.083260][ T8579] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40
[   76.091400][ T8579] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   76.099469][ T8579] RBP: 000000c0001af5c8 R08: 0000000000000000 R09: 0000000000000000
[   76.107550][ T8579] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000004
[   76.115545][ T8579] R13: 0000000000000003 R14: 0000000000000200 R15: 0000000000000000
[   76.125264][ T8579] Kernel Offset: disabled
[   76.129842][ T8579] Rebooting in 86400 seconds..