[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   70.230480][   T27] audit: type=1800 audit(1583834658.568:25): pid=9527 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   70.251893][   T27] audit: type=1800 audit(1583834658.568:26): pid=9527 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   70.302498][   T27] audit: type=1800 audit(1583834658.568:27): pid=9527 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts.
2020/03/10 10:04:28 fuzzer started
syzkaller login: [   79.715583][ T9676] check_preemption_disabled: 3 callbacks suppressed
[   79.715604][ T9676] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/9676
[   79.731583][ T9676] caller is __mod_memcg_state+0x27/0x1a0
[   79.737341][ T9676] CPU: 0 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   79.746801][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   79.756854][ T9676] Call Trace:
[   79.760156][ T9676]  dump_stack+0x188/0x20d
[   79.764506][ T9676]  __this_cpu_preempt_check.cold+0x84/0x90
[   79.770315][ T9676]  __mod_memcg_state+0x27/0x1a0
[   79.775174][ T9676]  split_huge_page_to_list+0x124b/0x3380
[   79.780832][ T9676]  ? madvise_free_huge_pmd+0x869/0xb90
[   79.786298][ T9676]  ? can_split_huge_page+0x480/0x480
[   79.791582][ T9676]  ? pmd_val+0x7c/0xf0
[   79.795654][ T9676]  ? enabled_store+0x190/0x190
[   79.800428][ T9676]  madvise_free_huge_pmd+0x873/0xb90
[   79.805835][ T9676]  madvise_free_pte_range+0x6ff/0x2650
[   79.811324][ T9676]  ? __walk_page_range+0x122/0x2070
[   79.816537][ T9676]  ? __walk_page_range+0x13d/0x2070
[   79.821738][ T9676]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   79.828422][ T9676]  __walk_page_range+0xcfb/0x2070
[   79.833494][ T9676]  ? walk_page_test+0x78/0x180
[   79.838277][ T9676]  walk_page_range+0x1bd/0x3a0
[   79.843049][ T9676]  ? __walk_page_range+0x2070/0x2070
[   79.848346][ T9676]  ? madvise_free_single_vma+0x2c1/0x550
[   79.854025][ T9676]  madvise_free_single_vma+0x384/0x550
[   79.859490][ T9676]  ? madvise_pageout+0x3b0/0x3b0
[   79.864443][ T9676]  ? lock_acquire+0x197/0x420
[   79.869123][ T9676]  ? userfaultfd_remove+0xf0/0x2b0
[   79.874264][ T9676]  ? vmacache_find+0x62/0x300
[   79.878984][ T9676]  ? find_vma+0x2b/0x170
[   79.883244][ T9676]  do_madvise+0x5ba/0x1b80
[   79.887665][ T9676]  ? lock_downgrade+0x7f0/0x7f0
[   79.892544][ T9676]  ? madvise_free_pte_range+0x2650/0x2650
[   79.898262][ T9676]  ? ktime_get+0x1f8/0x2f0
[   79.902688][ T9676]  ? __x64_sys_futex+0x376/0x4f0
[   79.907645][ T9676]  ? switch_fpu_return+0x1db/0x4b0
[   79.912863][ T9676]  ? fpregs_mark_activate+0x320/0x320
[   79.918275][ T9676]  ? __x64_sys_madvise+0xae/0x120
[   79.923440][ T9676]  __x64_sys_madvise+0xae/0x120
[   79.928297][ T9676]  ? lockdep_hardirqs_on+0x417/0x5d0
[   79.933583][ T9676]  do_syscall_64+0xf6/0x7d0
[   79.938093][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   79.943986][ T9676] RIP: 0033:0x460bf7
[   79.947881][ T9676] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   79.967482][ T9676] RSP: 002b:00007ffd0ac43f30 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   79.975908][ T9676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   79.983877][ T9676] RDX: 0000000000000008 RSI: 0000000000012000 RDI: 000000c0002ac000
[   79.991842][ T9676] RBP: 00007ffd0ac43f70 R08: 000000c000200000 R09: 000000c0002be000
[   79.999816][ T9676] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000033
[   80.007911][ T9676] R13: 0000000000000000 R14: 0000000000ac76de R15: 0000000000000000
[   80.016052][ T9676] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/9676
[   80.024959][ T9676] caller is __mod_memcg_state+0xca/0x1a0
[   80.030592][ T9676] CPU: 0 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   80.040032][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.050081][ T9676] Call Trace:
[   80.053461][ T9676]  dump_stack+0x188/0x20d
[   80.057801][ T9676]  __this_cpu_preempt_check.cold+0x84/0x90
[   80.063745][ T9676]  __mod_memcg_state+0xca/0x1a0
[   80.068624][ T9676]  split_huge_page_to_list+0x124b/0x3380
[   80.074292][ T9676]  ? madvise_free_huge_pmd+0x869/0xb90
[   80.079755][ T9676]  ? can_split_huge_page+0x480/0x480
[   80.085037][ T9676]  ? pmd_val+0x7c/0xf0
[   80.089111][ T9676]  ? enabled_store+0x190/0x190
[   80.093889][ T9676]  madvise_free_huge_pmd+0x873/0xb90
[   80.099195][ T9676]  madvise_free_pte_range+0x6ff/0x2650
[   80.104798][ T9676]  ? __walk_page_range+0x122/0x2070
[   80.110001][ T9676]  ? __walk_page_range+0x13d/0x2070
[   80.115216][ T9676]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   80.121905][ T9676]  __walk_page_range+0xcfb/0x2070
[   80.126970][ T9676]  ? walk_page_test+0x78/0x180
[   80.131738][ T9676]  walk_page_range+0x1bd/0x3a0
[   80.136508][ T9676]  ? __walk_page_range+0x2070/0x2070
[   80.141810][ T9676]  ? madvise_free_single_vma+0x2c1/0x550
[   80.147458][ T9676]  madvise_free_single_vma+0x384/0x550
[   80.152924][ T9676]  ? madvise_pageout+0x3b0/0x3b0
[   80.157866][ T9676]  ? lock_acquire+0x197/0x420
[   80.162544][ T9676]  ? userfaultfd_remove+0xf0/0x2b0
[   80.167672][ T9676]  ? vmacache_find+0x62/0x300
[   80.172359][ T9676]  ? find_vma+0x2b/0x170
[   80.176612][ T9676]  do_madvise+0x5ba/0x1b80
[   80.181023][ T9676]  ? lock_downgrade+0x7f0/0x7f0
[   80.185897][ T9676]  ? madvise_free_pte_range+0x2650/0x2650
[   80.191609][ T9676]  ? ktime_get+0x1f8/0x2f0
[   80.196031][ T9676]  ? __x64_sys_futex+0x376/0x4f0
[   80.200991][ T9676]  ? switch_fpu_return+0x1db/0x4b0
[   80.206113][ T9676]  ? fpregs_mark_activate+0x320/0x320
[   80.211492][ T9676]  ? __x64_sys_madvise+0xae/0x120
[   80.216514][ T9676]  __x64_sys_madvise+0xae/0x120
[   80.221380][ T9676]  ? lockdep_hardirqs_on+0x417/0x5d0
[   80.226697][ T9676]  do_syscall_64+0xf6/0x7d0
[   80.231204][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.237087][ T9676] RIP: 0033:0x460bf7
[   80.240979][ T9676] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   80.260583][ T9676] RSP: 002b:00007ffd0ac43f30 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   80.268992][ T9676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   80.276955][ T9676] RDX: 0000000000000008 RSI: 0000000000012000 RDI: 000000c0002ac000
[   80.284924][ T9676] RBP: 00007ffd0ac43f70 R08: 000000c000200000 R09: 000000c0002be000
[   80.292889][ T9676] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000033
[   80.300859][ T9676] R13: 0000000000000000 R14: 0000000000ac76de R15: 0000000000000000
[   80.309014][ T9676] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/9676
[   80.318108][ T9676] caller is __mod_memcg_state+0x87/0x1a0
[   80.323810][ T9676] CPU: 0 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   80.333263][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.343312][ T9676] Call Trace:
[   80.346608][ T9676]  dump_stack+0x188/0x20d
[   80.350945][ T9676]  __this_cpu_preempt_check.cold+0x84/0x90
[   80.356882][ T9676]  __mod_memcg_state+0x87/0x1a0
[   80.361739][ T9676]  split_huge_page_to_list+0x124b/0x3380
[   80.367404][ T9676]  ? madvise_free_huge_pmd+0x869/0xb90
[   80.372881][ T9676]  ? can_split_huge_page+0x480/0x480
[   80.378167][ T9676]  ? pmd_val+0x7c/0xf0
[   80.382241][ T9676]  ? enabled_store+0x190/0x190
[   80.387033][ T9676]  madvise_free_huge_pmd+0x873/0xb90
[   80.392510][ T9676]  madvise_free_pte_range+0x6ff/0x2650
[   80.397980][ T9676]  ? __walk_page_range+0x122/0x2070
[   80.403174][ T9676]  ? __walk_page_range+0x13d/0x2070
[   80.408374][ T9676]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   80.415190][ T9676]  __walk_page_range+0xcfb/0x2070
[   80.420276][ T9676]  ? walk_page_test+0x78/0x180
[   80.425081][ T9676]  walk_page_range+0x1bd/0x3a0
[   80.430017][ T9676]  ? __walk_page_range+0x2070/0x2070
[   80.435332][ T9676]  ? madvise_free_single_vma+0x2c1/0x550
[   80.440984][ T9676]  madvise_free_single_vma+0x384/0x550
[   80.446456][ T9676]  ? madvise_pageout+0x3b0/0x3b0
[   80.451402][ T9676]  ? lock_acquire+0x197/0x420
[   80.456084][ T9676]  ? userfaultfd_remove+0xf0/0x2b0
[   80.461204][ T9676]  ? vmacache_find+0x62/0x300
[   80.465890][ T9676]  ? find_vma+0x2b/0x170
[   80.470138][ T9676]  do_madvise+0x5ba/0x1b80
[   80.474549][ T9676]  ? lock_downgrade+0x7f0/0x7f0
[   80.479431][ T9676]  ? madvise_free_pte_range+0x2650/0x2650
[   80.485143][ T9676]  ? ktime_get+0x1f8/0x2f0
[   80.489564][ T9676]  ? __x64_sys_futex+0x376/0x4f0
[   80.494512][ T9676]  ? switch_fpu_return+0x1db/0x4b0
[   80.499624][ T9676]  ? fpregs_mark_activate+0x320/0x320
[   80.505024][ T9676]  ? __x64_sys_madvise+0xae/0x120
[   80.510275][ T9676]  __x64_sys_madvise+0xae/0x120
[   80.515144][ T9676]  ? lockdep_hardirqs_on+0x417/0x5d0
[   80.520434][ T9676]  do_syscall_64+0xf6/0x7d0
[   80.524948][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.530840][ T9676] RIP: 0033:0x460bf7
[   80.534738][ T9676] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   80.554337][ T9676] RSP: 002b:00007ffd0ac43f30 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   80.562745][ T9676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   80.570798][ T9676] RDX: 0000000000000008 RSI: 0000000000012000 RDI: 000000c0002ac000
[   80.578764][ T9676] RBP: 00007ffd0ac43f70 R08: 000000c000200000 R09: 000000c0002be000
[   80.586730][ T9676] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000033
[   80.594696][ T9676] R13: 0000000000000000 R14: 0000000000ac76de R15: 0000000000000000
2020/03/10 10:04:30 connecting to host at 10.128.0.26:43187
2020/03/10 10:04:30 checking machine...
2020/03/10 10:04:30 checking revisions...
2020/03/10 10:04:30 testing simple program...
[   82.665033][ T9694] IPVS: ftp: loaded support on port[0] = 21
2020/03/10 10:04:31 building call list...
[   82.798513][ T9698] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/9698
[   82.807682][ T9698] caller is __mod_memcg_state+0x27/0x1a0
[   82.813549][ T9698] CPU: 0 PID: 9698 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   82.823005][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   82.833056][ T9698] Call Trace:
[   82.836375][ T9698]  dump_stack+0x188/0x20d
[   82.840721][ T9698]  __this_cpu_preempt_check.cold+0x84/0x90
[   82.846624][ T9698]  __mod_memcg_state+0x27/0x1a0
[   82.851488][ T9698]  split_huge_page_to_list+0x124b/0x3380
[   82.857145][ T9698]  ? madvise_free_huge_pmd+0x869/0xb90
[   82.862613][ T9698]  ? can_split_huge_page+0x480/0x480
[   82.867896][ T9698]  ? pmd_val+0x7c/0xf0
[   82.871970][ T9698]  ? enabled_store+0x190/0x190
[   82.876746][ T9698]  madvise_free_huge_pmd+0x873/0xb90
[   82.882049][ T9698]  madvise_free_pte_range+0x6ff/0x2650
[   82.887516][ T9698]  ? mark_lock+0xbc/0x1220
[   82.891938][ T9698]  ? mark_held_locks+0x9f/0xe0
[   82.896698][ T9698]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   82.903819][ T9698]  __walk_page_range+0xcfb/0x2070
[   82.908879][ T9698]  ? walk_page_test+0x78/0x180
[   82.913646][ T9698]  walk_page_range+0x1bd/0x3a0
[   82.918418][ T9698]  ? __walk_page_range+0x2070/0x2070
[   82.923711][ T9698]  ? madvise_free_single_vma+0x2c1/0x550
[   82.929355][ T9698]  madvise_free_single_vma+0x384/0x550
[   82.934816][ T9698]  ? madvise_pageout+0x3b0/0x3b0
[   82.939760][ T9698]  ? lock_acquire+0x197/0x420
[   82.944470][ T9698]  ? userfaultfd_remove+0xf0/0x2b0
[   82.949593][ T9698]  ? vmacache_find+0x62/0x300
[   82.954268][ T9698]  ? vmacache_update+0xce/0x140
[   82.959117][ T9698]  ? find_vma+0x2b/0x170
[   82.963371][ T9698]  do_madvise+0x5ba/0x1b80
[   82.967787][ T9698]  ? unuse_pde+0x2c/0x80
[   82.972056][ T9698]  ? madvise_free_pte_range+0x2650/0x2650
[   82.977773][ T9698]  ? wait_for_completion+0x3c0/0x3c0
[   82.983064][ T9698]  ? fput_many+0x2f/0x1a0
[   82.987389][ T9698]  ? ksys_read+0x19f/0x250
[   82.991802][ T9698]  ? kernel_write+0x120/0x120
[   82.996485][ T9698]  ? __x64_sys_madvise+0xae/0x120
[   83.001878][ T9698]  __x64_sys_madvise+0xae/0x120
[   83.006737][ T9698]  ? lockdep_hardirqs_on+0x417/0x5d0
[   83.012031][ T9698]  do_syscall_64+0xf6/0x7d0
[   83.016541][ T9698]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   83.022428][ T9698] RIP: 0033:0x460bf7
[   83.026321][ T9698] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   83.045922][ T9698] RSP: 002b:000000c000313c50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   83.054436][ T9698] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   83.062414][ T9698] RDX: 0000000000000008 RSI: 0000000000058000 RDI: 000000c0001f8000
[   83.070392][ T9698] RBP: 000000c000313c90 R08: 000000c000000000 R09: 000000c000250000
[   83.078357][ T9698] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000002
[   83.086325][ T9698] R13: 0000000000e8da20 R14: 000000000045ecf0 R15: 0000000000000000
[   83.094446][ T9698] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/9698
[   83.103337][ T9698] caller is __mod_memcg_state+0xca/0x1a0
[   83.108984][ T9698] CPU: 0 PID: 9698 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   83.118423][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   83.128472][ T9698] Call Trace:
[   83.131767][ T9698]  dump_stack+0x188/0x20d
[   83.136112][ T9698]  __this_cpu_preempt_check.cold+0x84/0x90
[   83.141948][ T9698]  __mod_memcg_state+0xca/0x1a0
[   83.146832][ T9698]  split_huge_page_to_list+0x124b/0x3380
[   83.152501][ T9698]  ? madvise_free_huge_pmd+0x869/0xb90
[   83.157979][ T9698]  ? can_split_huge_page+0x480/0x480
[   83.163265][ T9698]  ? pmd_val+0x7c/0xf0
[   83.167344][ T9698]  ? enabled_store+0x190/0x190
[   83.172130][ T9698]  madvise_free_huge_pmd+0x873/0xb90
[   83.177432][ T9698]  madvise_free_pte_range+0x6ff/0x2650
[   83.182889][ T9698]  ? mark_lock+0xbc/0x1220
[   83.187314][ T9698]  ? mark_held_locks+0x9f/0xe0
[   83.192075][ T9698]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   83.198756][ T9698]  __walk_page_range+0xcfb/0x2070
[   83.203819][ T9698]  ? walk_page_test+0x78/0x180
[   83.208591][ T9698]  walk_page_range+0x1bd/0x3a0
[   83.213353][ T9698]  ? __walk_page_range+0x2070/0x2070
[   83.218649][ T9698]  ? madvise_free_single_vma+0x2c1/0x550
[   83.224301][ T9698]  madvise_free_single_vma+0x384/0x550
[   83.229762][ T9698]  ? madvise_pageout+0x3b0/0x3b0
[   83.234707][ T9698]  ? lock_acquire+0x197/0x420
[   83.239384][ T9698]  ? userfaultfd_remove+0xf0/0x2b0
[   83.244508][ T9698]  ? vmacache_find+0x62/0x300
[   83.249188][ T9698]  ? vmacache_update+0xce/0x140
[   83.254044][ T9698]  ? find_vma+0x2b/0x170
[   83.258298][ T9698]  do_madvise+0x5ba/0x1b80
[   83.262722][ T9698]  ? unuse_pde+0x2c/0x80
[   83.266997][ T9698]  ? madvise_free_pte_range+0x2650/0x2650
[   83.272819][ T9698]  ? wait_for_completion+0x3c0/0x3c0
[   83.278140][ T9698]  ? fput_many+0x2f/0x1a0
[   83.282527][ T9698]  ? ksys_read+0x19f/0x250
[   83.286946][ T9698]  ? kernel_write+0x120/0x120
[   83.291637][ T9698]  ? __x64_sys_madvise+0xae/0x120
[   83.296673][ T9698]  __x64_sys_madvise+0xae/0x120
[   83.301538][ T9698]  ? lockdep_hardirqs_on+0x417/0x5d0
[   83.306823][ T9698]  do_syscall_64+0xf6/0x7d0
[   83.311332][ T9698]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   83.317228][ T9698] RIP: 0033:0x460bf7
[   83.321122][ T9698] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   83.341687][ T9698] RSP: 002b:000000c000313c50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   83.350277][ T9698] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   83.358245][ T9698] RDX: 0000000000000008 RSI: 0000000000058000 RDI: 000000c0001f8000
[   83.366220][ T9698] RBP: 000000c000313c90 R08: 000000c000000000 R09: 000000c000250000
[   83.374195][ T9698] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000002
[   83.382171][ T9698] R13: 0000000000e8da20 R14: 000000000045ecf0 R15: 0000000000000000
[   83.390349][ T9698] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/9698
[   83.399411][ T9698] caller is __mod_memcg_state+0x87/0x1a0
[   83.405088][ T9698] CPU: 0 PID: 9698 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   83.416269][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   83.426319][ T9698] Call Trace:
[   83.429611][ T9698]  dump_stack+0x188/0x20d
[   83.433951][ T9698]  __this_cpu_preempt_check.cold+0x84/0x90
[   83.439757][ T9698]  __mod_memcg_state+0x87/0x1a0
[   83.444616][ T9698]  split_huge_page_to_list+0x124b/0x3380
[   83.450275][ T9698]  ? madvise_free_huge_pmd+0x869/0xb90
[   83.455743][ T9698]  ? can_split_huge_page+0x480/0x480
[   83.461029][ T9698]  ? pmd_val+0x7c/0xf0
[   83.465103][ T9698]  ? enabled_store+0x190/0x190
[   83.469878][ T9698]  madvise_free_huge_pmd+0x873/0xb90
[   83.475287][ T9698]  madvise_free_pte_range+0x6ff/0x2650
[   83.480762][ T9698]  ? mark_lock+0xbc/0x1220
[   83.485203][ T9698]  ? mark_held_locks+0x9f/0xe0
[   83.490585][ T9698]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   83.497272][ T9698]  __walk_page_range+0xcfb/0x2070
[   83.502350][ T9698]  ? walk_page_test+0x78/0x180
[   83.507117][ T9698]  walk_page_range+0x1bd/0x3a0
[   83.511888][ T9698]  ? __walk_page_range+0x2070/0x2070
[   83.517186][ T9698]  ? madvise_free_single_vma+0x2c1/0x550
[   83.522827][ T9698]  madvise_free_single_vma+0x384/0x550
[   83.528286][ T9698]  ? madvise_pageout+0x3b0/0x3b0
[   83.533226][ T9698]  ? lock_acquire+0x197/0x420
[   83.537901][ T9698]  ? userfaultfd_remove+0xf0/0x2b0
[   83.543334][ T9698]  ? vmacache_find+0x62/0x300
[   83.548029][ T9698]  ? vmacache_update+0xce/0x140
[   83.552891][ T9698]  ? find_vma+0x2b/0x170
[   83.557153][ T9698]  do_madvise+0x5ba/0x1b80
[   83.561564][ T9698]  ? unuse_pde+0x2c/0x80
[   83.565831][ T9698]  ? madvise_free_pte_range+0x2650/0x2650
[   83.571558][ T9698]  ? wait_for_completion+0x3c0/0x3c0
[   83.576856][ T9698]  ? fput_many+0x2f/0x1a0
[   83.581183][ T9698]  ? ksys_read+0x19f/0x250
[   83.585604][ T9698]  ? kernel_write+0x120/0x120
[   83.590314][ T9698]  ? __x64_sys_madvise+0xae/0x120
[   83.595337][ T9698]  __x64_sys_madvise+0xae/0x120
[   83.600187][ T9698]  ? lockdep_hardirqs_on+0x417/0x5d0
[   83.605475][ T9698]  do_syscall_64+0xf6/0x7d0
[   83.609983][ T9698]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   83.617754][ T9698] RIP: 0033:0x460bf7
[   83.621646][ T9698] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   83.641333][ T9698] RSP: 002b:000000c000313c50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   83.649740][ T9698] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   83.657703][ T9698] RDX: 0000000000000008 RSI: 0000000000058000 RDI: 000000c0001f8000
[   83.665673][ T9698] RBP: 000000c000313c90 R08: 000000c000000000 R09: 000000c000250000
[   83.673636][ T9698] R10: 00007fffffffffff R11: 0000000000000246 R12: 0000000000000002
[   83.681830][ T9698] R13: 0000000000e8da20 R14: 000000000045ecf0 R15: 0000000000000000
[   83.743015][    T7] 
[   83.745586][    T7] =============================
[   83.750427][    T7] WARNING: suspicious RCU usage
[   83.756815][    T7] 5.6.0-rc5-next-20200310-syzkaller #0 Not tainted
[   83.763646][    T7] -----------------------------
[   83.768502][    T7] net/openvswitch/conntrack.c:1898 RCU-list traversed in non-reader section!!
[   83.777915][    T7] 
[   83.777915][    T7] other info that might help us debug this:
[   83.777915][    T7] 
[   83.788383][    T7] 
[   83.788383][    T7] rcu_scheduler_active = 2, debug_locks = 1
[   83.792860][ T9680] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/9680
[   83.797722][    T7] 3 locks held by kworker/u4:0/7:
[   83.805476][ T9680] caller is __mod_memcg_state+0x27/0x1a0
[   83.810549][    T7]  #0: ffff8880a9771d28 ((wq_completion)netns){+.+.}, at: process_one_work+0x82a/0x1690
[   83.816130][ T9680] CPU: 1 PID: 9680 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   83.816138][ T9680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   83.816143][ T9680] Call Trace:
[   83.816162][ T9680]  dump_stack+0x188/0x20d
[   83.826272][    T7]  #1: ffffc90000cdfdd0 (net_cleanup_work){+.+.}, at: process_one_work+0x85e/0x1690
[   83.835317][ T9680]  __this_cpu_preempt_check.cold+0x84/0x90
[   83.835335][ T9680]  __mod_memcg_state+0x27/0x1a0
[   83.835357][ T9680]  split_huge_page_to_list+0x124b/0x3380
[   83.835391][ T9680]  ? madvise_free_huge_pmd+0x869/0xb90
[   83.845803][    T7]  #2: ffffffff8a547288 (pernet_ops_rwsem){++++}, at: cleanup_net+0x9b/0xa50
[   83.848698][ T9680]  ? can_split_huge_page+0x480/0x480
[   83.853276][    T7] 
[   83.853276][    T7] stack backtrace:
[   83.862369][ T9680]  ? pmd_val+0x7c/0xf0
[   83.862390][ T9680]  ? enabled_store+0x190/0x190
[   83.862416][ T9680]  madvise_free_huge_pmd+0x873/0xb90
[   83.862447][ T9680]  madvise_free_pte_range+0x6ff/0x2650
[   83.923504][ T9680]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   83.930170][ T9680]  __walk_page_range+0xcfb/0x2070
[   83.935204][ T9680]  ? walk_page_test+0x78/0x180
[   83.939953][ T9680]  walk_page_range+0x1bd/0x3a0
[   83.944706][ T9680]  ? __walk_page_range+0x2070/0x2070
[   83.949997][ T9680]  ? madvise_free_single_vma+0x2c1/0x550
[   83.955629][ T9680]  madvise_free_single_vma+0x384/0x550
[   83.961073][ T9680]  ? madvise_pageout+0x3b0/0x3b0
[   83.965999][ T9680]  ? lock_acquire+0x197/0x420
[   83.970662][ T9680]  ? userfaultfd_remove+0xf0/0x2b0
[   83.975766][ T9680]  ? vmacache_find+0x62/0x300
[   83.980445][ T9680]  ? find_vma+0x2b/0x170
[   83.984694][ T9680]  do_madvise+0x5ba/0x1b80
[   83.989096][ T9680]  ? do_page_fault+0x58b/0x12da
[   83.993968][ T9680]  ? madvise_free_pte_range+0x2650/0x2650
[   83.999829][ T9680]  ? up_read+0x1a8/0x750
[   84.004075][ T9680]  ? handle_mm_fault+0x29e/0x660
[   84.009012][ T9680]  ? __x64_sys_madvise+0xae/0x120
[   84.014024][ T9680]  __x64_sys_madvise+0xae/0x120
[   84.018867][ T9680]  ? lockdep_hardirqs_on+0x417/0x5d0
[   84.024142][ T9680]  do_syscall_64+0xf6/0x7d0
[   84.028642][ T9680]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   84.034517][ T9680] RIP: 0033:0x460bf7
[   84.038398][ T9680] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   84.057983][ T9680] RSP: 002b:000000c00004fc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   84.066377][ T9680] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   84.074337][ T9680] RDX: 0000000000000008 RSI: 0000000000070000 RDI: 000000c0003c6000
[   84.082290][ T9680] RBP: 000000c00004fc90 R08: 000000c000200000 R09: 000000c000436000
[   84.090246][ T9680] R10: 00000000000ffe00 R11: 0000000000000246 R12: 000000000000007f
[   84.098632][ T9680] R13: 00007f8eccb876d0 R14: 0000000000000040 R15: 00000000000000e8
[   84.106616][    T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   84.106763][ T9680] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/9680
[   84.116078][    T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   84.116103][    T7] Workqueue: netns cleanup_net
[   84.116110][    T7] Call Trace:
[   84.116131][    T7]  dump_stack+0x188/0x20d
[   84.116158][    T7]  ovs_ct_exit+0x3db/0x558
[   84.125296][ T9680] caller is __mod_memcg_state+0xca/0x1a0
[   84.135288][    T7]  ovs_exit_net+0x1df/0xba0
[   84.135318][    T7]  ? ovs_dp_cmd_del+0x270/0x270
[   84.166924][    T7]  ? __mutex_unlock_slowpath+0xe2/0x660
[   84.172463][    T7]  ? ovs_dp_cmd_del+0x270/0x270
[   84.177304][    T7]  ops_exit_list.isra.0+0xa8/0x150
[   84.182406][    T7]  cleanup_net+0x511/0xa50
[   84.186812][    T7]  ? unregister_pernet_device+0x70/0x70
[   84.192347][    T7]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   84.198325][    T7]  process_one_work+0x94b/0x1690
[   84.203262][    T7]  ? pwq_dec_nr_in_flight+0x310/0x310
[   84.208617][    T7]  ? do_raw_spin_lock+0x129/0x2e0
[   84.213640][    T7]  worker_thread+0x96/0xe20
[   84.218140][    T7]  ? process_one_work+0x1690/0x1690
[   84.223331][    T7]  kthread+0x357/0x430
[   84.227386][    T7]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   84.233090][    T7]  ret_from_fork+0x24/0x30
[   84.237515][ T9680] CPU: 1 PID: 9680 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   84.246975][ T9680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   84.257111][ T9680] Call Trace:
[   84.260390][ T9680]  dump_stack+0x188/0x20d
[   84.264713][ T9680]  __this_cpu_preempt_check.cold+0x84/0x90
[   84.270498][ T9680]  __mod_memcg_state+0xca/0x1a0
[   84.275335][ T9680]  split_huge_page_to_list+0x124b/0x3380
[   84.280956][ T9680]  ? madvise_free_huge_pmd+0x869/0xb90
[   84.286397][ T9680]  ? can_split_huge_page+0x480/0x480
[   84.291663][ T9680]  ? pmd_val+0x7c/0xf0
[   84.295769][ T9680]  ? enabled_store+0x190/0x190
[   84.300533][ T9680]  madvise_free_huge_pmd+0x873/0xb90
[   84.305818][ T9680]  madvise_free_pte_range+0x6ff/0x2650
[   84.311264][ T9680]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   84.317931][ T9680]  __walk_page_range+0xcfb/0x2070
[   84.322951][ T9680]  ? walk_page_test+0x78/0x180
[   84.327715][ T9680]  walk_page_range+0x1bd/0x3a0
[   84.332461][ T9680]  ? __walk_page_range+0x2070/0x2070
[   84.337729][ T9680]  ? madvise_free_single_vma+0x2c1/0x550
[   84.343349][ T9680]  madvise_free_single_vma+0x384/0x550
[   84.348786][ T9680]  ? madvise_pageout+0x3b0/0x3b0
[   84.353719][ T9680]  ? lock_acquire+0x197/0x420
[   84.358375][ T9680]  ? userfaultfd_remove+0xf0/0x2b0
[   84.363485][ T9680]  ? vmacache_find+0x62/0x300
[   84.368152][ T9680]  ? find_vma+0x2b/0x170
[   84.372394][ T9680]  do_madvise+0x5ba/0x1b80
[   84.376799][ T9680]  ? do_page_fault+0x58b/0x12da
[   84.381827][ T9680]  ? madvise_free_pte_range+0x2650/0x2650
[   84.387593][ T9680]  ? up_read+0x1a8/0x750
[   84.391879][ T9680]  ? handle_mm_fault+0x29e/0x660
[   84.396858][ T9680]  ? __x64_sys_madvise+0xae/0x120
[   84.401910][ T9680]  __x64_sys_madvise+0xae/0x120
[   84.406796][ T9680]  ? lockdep_hardirqs_on+0x417/0x5d0
[   84.412072][ T9680]  do_syscall_64+0xf6/0x7d0
[   84.416583][ T9680]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   84.422470][ T9680] RIP: 0033:0x460bf7
[   84.426349][ T9680] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   84.445951][ T9680] RSP: 002b:000000c00004fc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   84.454342][ T9680] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   84.462293][ T9680] RDX: 0000000000000008 RSI: 0000000000070000 RDI: 000000c0003c6000
[   84.470243][ T9680] RBP: 000000c00004fc90 R08: 000000c000200000 R09: 000000c000436000
[   84.478209][ T9680] R10: 00000000000ffe00 R11: 0000000000000246 R12: 000000000000007f
[   84.486193][ T9680] R13: 00007f8eccb876d0 R14: 0000000000000040 R15: 00000000000000e8
[   84.494352][ T9680] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/9680
[   84.503413][ T9680] caller is __mod_memcg_state+0x87/0x1a0
[   84.509026][ T9680] CPU: 1 PID: 9680 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   84.518455][ T9680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   84.528490][ T9680] Call Trace:
[   84.531772][ T9680]  dump_stack+0x188/0x20d
[   84.536105][ T9680]  __this_cpu_preempt_check.cold+0x84/0x90
[   84.541905][ T9680]  __mod_memcg_state+0x87/0x1a0
[   84.546743][ T9680]  split_huge_page_to_list+0x124b/0x3380
[   84.552375][ T9680]  ? madvise_free_huge_pmd+0x869/0xb90
[   84.557828][ T9680]  ? can_split_huge_page+0x480/0x480
[   84.563094][ T9680]  ? pmd_val+0x7c/0xf0
[   84.567161][ T9680]  ? enabled_store+0x190/0x190
[   84.571911][ T9680]  madvise_free_huge_pmd+0x873/0xb90
[   84.577185][ T9680]  madvise_free_pte_range+0x6ff/0x2650
[   84.582631][ T9680]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   84.589288][ T9680]  __walk_page_range+0xcfb/0x2070
[   84.594321][ T9680]  ? walk_page_test+0x78/0x180
[   84.599066][ T9680]  walk_page_range+0x1bd/0x3a0
[   84.603814][ T9680]  ? __walk_page_range+0x2070/0x2070
[   84.609110][ T9680]  ? madvise_free_single_vma+0x2c1/0x550
[   84.614737][ T9680]  madvise_free_single_vma+0x384/0x550
[   84.620184][ T9680]  ? madvise_pageout+0x3b0/0x3b0
[   84.625119][ T9680]  ? lock_acquire+0x197/0x420
[   84.629775][ T9680]  ? userfaultfd_remove+0xf0/0x2b0
[   84.634872][ T9680]  ? vmacache_find+0x62/0x300
[   84.639532][ T9680]  ? find_vma+0x2b/0x170
[   84.643772][ T9680]  do_madvise+0x5ba/0x1b80
[   84.648173][ T9680]  ? do_page_fault+0x58b/0x12da
[   84.653014][ T9680]  ? madvise_free_pte_range+0x2650/0x2650
[   84.658733][ T9680]  ? up_read+0x1a8/0x750
[   84.662978][ T9680]  ? handle_mm_fault+0x29e/0x660
[   84.667902][ T9680]  ? __x64_sys_madvise+0xae/0x120
[   84.672920][ T9680]  __x64_sys_madvise+0xae/0x120
[   84.677757][ T9680]  ? lockdep_hardirqs_on+0x417/0x5d0
[   84.683032][ T9680]  do_syscall_64+0xf6/0x7d0
[   84.687533][ T9680]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   84.693415][ T9680] RIP: 0033:0x460bf7
[   84.697290][ T9680] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   84.716872][ T9680] RSP: 002b:000000c00004fc50 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   84.725262][ T9680] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   84.733215][ T9680] RDX: 0000000000000008 RSI: 0000000000070000 RDI: 000000c0003c6000
[   84.741223][ T9680] RBP: 000000c00004fc90 R08: 000000c000200000 R09: 000000c000436000
[   84.749182][ T9680] R10: 00000000000ffe00 R11: 0000000000000246 R12: 000000000000007f
[   84.757194][ T9680] R13: 00007f8eccb876d0 R14: 0000000000000040 R15: 00000000000000e8
[   84.951917][    T7] tipc: TX() has been purged, node left!
[   84.994169][    T7] 
[   84.996624][    T7] =============================
[   85.001471][    T7] WARNING: suspicious RCU usage
[   85.006690][    T7] 5.6.0-rc5-next-20200310-syzkaller #0 Not tainted
[   85.013462][    T7] -----------------------------
[   85.018358][    T7] net/ipv4/ipmr.c:1757 RCU-list traversed in non-reader section!!
[   85.027275][    T7] 
[   85.027275][    T7] other info that might help us debug this:
[   85.027275][    T7] 
[   85.037871][    T7] 
[   85.037871][    T7] rcu_scheduler_active = 2, debug_locks = 1
[   85.046228][    T7] 4 locks held by kworker/u4:0/7:
[   85.051310][    T7]  #0: ffff8880a9771d28 ((wq_completion)netns){+.+.}, at: process_one_work+0x82a/0x1690
[   85.061293][    T7]  #1: ffffc90000cdfdd0 (net_cleanup_work){+.+.}, at: process_one_work+0x85e/0x1690
[   85.070967][    T7]  #2: ffffffff8a547288 (pernet_ops_rwsem){++++}, at: cleanup_net+0x9b/0xa50
[   85.080066][    T7]  #3: ffffffff8a553000 (rtnl_mutex){+.+.}, at: ip6gre_exit_batch_net+0x88/0x700
[   85.089468][    T7] 
[   85.089468][    T7] stack backtrace:
[   85.095610][    T7] CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   85.104975][    T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.115033][    T7] Workqueue: netns cleanup_net
[   85.119804][    T7] Call Trace:
[   85.123117][    T7]  dump_stack+0x188/0x20d
[   85.127465][    T7]  ipmr_device_event+0x240/0x2b0
[   85.132419][    T7]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   85.138328][    T7]  notifier_call_chain+0xc0/0x230
[   85.143367][    T7]  call_netdevice_notifiers_info+0xb5/0x130
[   85.149263][    T7]  rollback_registered_many+0x75c/0xe70
[   85.154812][    T7]  ? netif_set_real_num_tx_queues+0x700/0x700
[   85.161083][    T7]  ? lock_downgrade+0x7f0/0x7f0
[   85.165958][    T7]  unregister_netdevice_many.part.0+0x16/0x1e0
[   85.172104][    T7]  unregister_netdevice_many+0x36/0x50
[   85.177627][    T7]  ip6gre_exit_batch_net+0x4e8/0x700
[   85.182931][    T7]  ? ip6gre_tunnel_link+0xf0/0xf0
[   85.188019][    T7]  ? rcu_read_lock_held_common+0x130/0x130
[   85.194007][    T7]  ? ip6gre_tunnel_link+0xf0/0xf0
[   85.199045][    T7]  ops_exit_list.isra.0+0x103/0x150
[   85.204249][    T7]  cleanup_net+0x511/0xa50
[   85.208661][    T7]  ? unregister_pernet_device+0x70/0x70
[   85.214294][    T7]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   85.220272][    T7]  process_one_work+0x94b/0x1690
[   85.225359][    T7]  ? pwq_dec_nr_in_flight+0x310/0x310
[   85.230742][    T7]  ? do_raw_spin_lock+0x129/0x2e0
[   85.235788][    T7]  worker_thread+0x96/0xe20
[   85.240311][    T7]  ? process_one_work+0x1690/0x1690
[   85.245721][    T7]  kthread+0x357/0x430
[   85.249895][    T7]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[   85.255626][    T7]  ret_from_fork+0x24/0x30
executing program
[   85.624949][ T9676] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-fuzzer/9676
[   85.633953][ T9676] caller is __mod_memcg_state+0x27/0x1a0
[   85.639582][ T9676] CPU: 0 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   85.649014][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.659076][ T9676] Call Trace:
[   85.662353][ T9676]  dump_stack+0x188/0x20d
[   85.666668][ T9676]  __this_cpu_preempt_check.cold+0x84/0x90
[   85.672457][ T9676]  __mod_memcg_state+0x27/0x1a0
[   85.677294][ T9676]  split_huge_page_to_list+0x124b/0x3380
[   85.682946][ T9676]  ? madvise_free_huge_pmd+0x869/0xb90
[   85.688474][ T9676]  ? can_split_huge_page+0x480/0x480
[   85.693752][ T9676]  ? pmd_val+0x7c/0xf0
[   85.697817][ T9676]  ? enabled_store+0x190/0x190
[   85.702567][ T9676]  madvise_free_huge_pmd+0x873/0xb90
[   85.707838][ T9676]  madvise_free_pte_range+0x6ff/0x2650
[   85.713289][ T9676]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   85.720028][ T9676]  __walk_page_range+0xcfb/0x2070
[   85.725060][ T9676]  ? walk_page_test+0x78/0x180
[   85.729804][ T9676]  walk_page_range+0x1bd/0x3a0
[   85.734756][ T9676]  ? __walk_page_range+0x2070/0x2070
[   85.740025][ T9676]  ? madvise_free_single_vma+0x2c1/0x550
[   85.745642][ T9676]  madvise_free_single_vma+0x384/0x550
[   85.751082][ T9676]  ? madvise_pageout+0x3b0/0x3b0
[   85.756006][ T9676]  ? lock_acquire+0x197/0x420
[   85.760664][ T9676]  ? userfaultfd_remove+0xf0/0x2b0
[   85.765777][ T9676]  ? vmacache_find+0x62/0x300
[   85.770438][ T9676]  ? vmacache_update+0xce/0x140
[   85.775274][ T9676]  ? find_vma+0x2b/0x170
[   85.780741][ T9676]  do_madvise+0x5ba/0x1b80
[   85.785144][ T9676]  ? unuse_pde+0x2c/0x80
[   85.789405][ T9676]  ? madvise_free_pte_range+0x2650/0x2650
[   85.795114][ T9676]  ? __x64_sys_futex+0x376/0x4f0
[   85.800051][ T9676]  ? fput_many+0x2f/0x1a0
[   85.804377][ T9676]  ? do_futex+0x1b10/0x1b10
[   85.808908][ T9676]  ? ksys_read+0x19f/0x250
[   85.813311][ T9676]  ? kernel_write+0x120/0x120
[   85.817986][ T9676]  ? __x64_sys_madvise+0xae/0x120
[   85.823001][ T9676]  __x64_sys_madvise+0xae/0x120
[   85.827922][ T9676]  ? lockdep_hardirqs_on+0x417/0x5d0
[   85.833283][ T9676]  do_syscall_64+0xf6/0x7d0
[   85.837784][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   85.843661][ T9676] RIP: 0033:0x460bf7
[   85.847582][ T9676] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   85.867170][ T9676] RSP: 002b:00007ffd0ac43d10 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   85.875575][ T9676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   85.883533][ T9676] RDX: 0000000000000008 RSI: 0000000000200000 RDI: 000000c0005b6000
[   85.891493][ T9676] RBP: 00007ffd0ac43d50 R08: 000000c000400000 R09: 000000c0007b6000
[   85.899568][ T9676] R10: 00000000007ffe00 R11: 0000000000000246 R12: 0000000000000000
[   85.907526][ T9676] R13: 00007f8eccb87008 R14: 0000000000000001 R15: 0000000000000001
[   85.915761][ T9676] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-fuzzer/9676
[   85.924843][ T9676] caller is __mod_memcg_state+0xca/0x1a0
[   85.930463][ T9676] CPU: 0 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   85.940014][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.950051][ T9676] Call Trace:
[   85.953600][ T9676]  dump_stack+0x188/0x20d
[   85.957929][ T9676]  __this_cpu_preempt_check.cold+0x84/0x90
[   85.963773][ T9676]  __mod_memcg_state+0xca/0x1a0
[   85.968618][ T9676]  split_huge_page_to_list+0x124b/0x3380
[   85.974294][ T9676]  ? madvise_free_huge_pmd+0x869/0xb90
[   85.979746][ T9676]  ? can_split_huge_page+0x480/0x480
[   85.985168][ T9676]  ? pmd_val+0x7c/0xf0
[   85.989316][ T9676]  ? enabled_store+0x190/0x190
[   85.994080][ T9676]  madvise_free_huge_pmd+0x873/0xb90
[   85.999566][ T9676]  madvise_free_pte_range+0x6ff/0x2650
[   86.005033][ T9676]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   86.011742][ T9676]  __walk_page_range+0xcfb/0x2070
[   86.016778][ T9676]  ? walk_page_test+0x78/0x180
[   86.021528][ T9676]  walk_page_range+0x1bd/0x3a0
[   86.026277][ T9676]  ? __walk_page_range+0x2070/0x2070
[   86.031549][ T9676]  ? madvise_free_single_vma+0x2c1/0x550
[   86.037172][ T9676]  madvise_free_single_vma+0x384/0x550
[   86.042615][ T9676]  ? madvise_pageout+0x3b0/0x3b0
[   86.047589][ T9676]  ? lock_acquire+0x197/0x420
[   86.052262][ T9676]  ? userfaultfd_remove+0xf0/0x2b0
[   86.057361][ T9676]  ? vmacache_find+0x62/0x300
[   86.062029][ T9676]  ? vmacache_update+0xce/0x140
[   86.066858][ T9676]  ? find_vma+0x2b/0x170
[   86.071082][ T9676]  do_madvise+0x5ba/0x1b80
[   86.075688][ T9676]  ? unuse_pde+0x2c/0x80
[   86.079932][ T9676]  ? madvise_free_pte_range+0x2650/0x2650
[   86.085637][ T9676]  ? __x64_sys_futex+0x376/0x4f0
[   86.090554][ T9676]  ? fput_many+0x2f/0x1a0
[   86.094863][ T9676]  ? do_futex+0x1b10/0x1b10
[   86.099348][ T9676]  ? ksys_read+0x19f/0x250
[   86.103744][ T9676]  ? kernel_write+0x120/0x120
[   86.108440][ T9676]  ? __x64_sys_madvise+0xae/0x120
[   86.113530][ T9676]  __x64_sys_madvise+0xae/0x120
[   86.118361][ T9676]  ? lockdep_hardirqs_on+0x417/0x5d0
[   86.123626][ T9676]  do_syscall_64+0xf6/0x7d0
[   86.128113][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.134023][ T9676] RIP: 0033:0x460bf7
[   86.137897][ T9676] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   86.157493][ T9676] RSP: 002b:00007ffd0ac43d10 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   86.165887][ T9676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   86.173850][ T9676] RDX: 0000000000000008 RSI: 0000000000200000 RDI: 000000c0005b6000
[   86.181811][ T9676] RBP: 00007ffd0ac43d50 R08: 000000c000400000 R09: 000000c0007b6000
[   86.189765][ T9676] R10: 00000000007ffe00 R11: 0000000000000246 R12: 0000000000000000
[   86.197720][ T9676] R13: 00007f8eccb87008 R14: 0000000000000001 R15: 0000000000000001
[   86.205787][ T9676] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-fuzzer/9676
[   86.214845][ T9676] caller is __mod_memcg_state+0x87/0x1a0
[   86.220459][ T9676] CPU: 0 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   86.229888][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.240016][ T9676] Call Trace:
[   86.243309][ T9676]  dump_stack+0x188/0x20d
[   86.247659][ T9676]  __this_cpu_preempt_check.cold+0x84/0x90
[   86.253552][ T9676]  __mod_memcg_state+0x87/0x1a0
[   86.258445][ T9676]  split_huge_page_to_list+0x124b/0x3380
[   86.264596][ T9676]  ? madvise_free_huge_pmd+0x869/0xb90
[   86.270040][ T9676]  ? can_split_huge_page+0x480/0x480
[   86.275392][ T9676]  ? pmd_val+0x7c/0xf0
[   86.279445][ T9676]  ? enabled_store+0x190/0x190
[   86.284196][ T9676]  madvise_free_huge_pmd+0x873/0xb90
[   86.289487][ T9676]  madvise_free_pte_range+0x6ff/0x2650
[   86.294942][ T9676]  ? madvise_cold_or_pageout_pte_range+0x3400/0x3400
[   86.301599][ T9676]  __walk_page_range+0xcfb/0x2070
[   86.307576][ T9676]  ? walk_page_test+0x78/0x180
[   86.312324][ T9676]  walk_page_range+0x1bd/0x3a0
[   86.317068][ T9676]  ? __walk_page_range+0x2070/0x2070
[   86.322339][ T9676]  ? madvise_free_single_vma+0x2c1/0x550
[   86.328012][ T9676]  madvise_free_single_vma+0x384/0x550
[   86.333454][ T9676]  ? madvise_pageout+0x3b0/0x3b0
[   86.338372][ T9676]  ? lock_acquire+0x197/0x420
[   86.343047][ T9676]  ? userfaultfd_remove+0xf0/0x2b0
[   86.348152][ T9676]  ? vmacache_find+0x62/0x300
[   86.352816][ T9676]  ? vmacache_update+0xce/0x140
[   86.357665][ T9676]  ? find_vma+0x2b/0x170
[   86.361911][ T9676]  do_madvise+0x5ba/0x1b80
[   86.366307][ T9676]  ? unuse_pde+0x2c/0x80
[   86.370673][ T9676]  ? madvise_free_pte_range+0x2650/0x2650
[   86.376387][ T9676]  ? __x64_sys_futex+0x376/0x4f0
[   86.381349][ T9676]  ? fput_many+0x2f/0x1a0
[   86.385665][ T9676]  ? do_futex+0x1b10/0x1b10
[   86.390151][ T9676]  ? ksys_read+0x19f/0x250
[   86.394547][ T9676]  ? kernel_write+0x120/0x120
[   86.399209][ T9676]  ? __x64_sys_madvise+0xae/0x120
[   86.404351][ T9676]  __x64_sys_madvise+0xae/0x120
[   86.409183][ T9676]  ? lockdep_hardirqs_on+0x417/0x5d0
[   86.414498][ T9676]  do_syscall_64+0xf6/0x7d0
[   86.419117][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.424988][ T9676] RIP: 0033:0x460bf7
[   86.428863][ T9676] Code: 8b 24 24 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 48 c7 c0 1c 00 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14
[   86.448448][ T9676] RSP: 002b:00007ffd0ac43d10 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   86.456854][ T9676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000460bf7
[   86.464806][ T9676] RDX: 0000000000000008 RSI: 0000000000200000 RDI: 000000c0005b6000
[   86.472756][ T9676] RBP: 00007ffd0ac43d50 R08: 000000c000400000 R09: 000000c0007b6000
[   86.480705][ T9676] R10: 00000000007ffe00 R11: 0000000000000246 R12: 0000000000000000
[   86.488663][ T9676] R13: 00007f8eccb87008 R14: 0000000000000001 R15: 0000000000000001
[   86.856392][ T9676] ------------[ cut here ]------------
[   86.862311][ T9676] WARNING: CPU: 1 PID: 9676 at sound/core/oss/pcm_plugin.c:126 snd_pcm_plug_alloc+0x29a/0x330
[   86.872618][ T9676] Kernel panic - not syncing: panic_on_warn set ...
[   86.879185][ T9676] CPU: 1 PID: 9676 Comm: syz-fuzzer Not tainted 5.6.0-rc5-next-20200310-syzkaller #0
[   86.888621][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.898747][ T9676] Call Trace:
[   86.902027][ T9676]  dump_stack+0x188/0x20d
[   86.906434][ T9676]  ? snd_pcm_plug_alloc+0x230/0x330
[   86.911611][ T9676]  panic+0x2e3/0x75c
[   86.915684][ T9676]  ? add_taint.cold+0x16/0x16
[   86.920370][ T9676]  ? printk+0xba/0xed
[   86.924347][ T9676]  ? kmsg_dump_rewind_nolock+0xd9/0xd9
[   86.929896][ T9676]  ? __warn.cold+0x14/0x35
[   86.934302][ T9676]  ? __warn+0xd5/0x1c8
[   86.938352][ T9676]  ? snd_pcm_plug_alloc+0x29a/0x330
[   86.943531][ T9676]  __warn.cold+0x2f/0x35
[   86.947756][ T9676]  ? snd_pcm_plug_alloc+0x29a/0x330
[   86.952938][ T9676]  report_bug+0x27b/0x2f0
[   86.957721][ T9676]  do_error_trap+0x12b/0x220
[   86.962301][ T9676]  ? snd_pcm_plug_alloc+0x29a/0x330
[   86.967485][ T9676]  do_invalid_op+0x32/0x40
[   86.971884][ T9676]  ? snd_pcm_plug_alloc+0x29a/0x330
[   86.977068][ T9676]  invalid_op+0x23/0x30
[   86.981227][ T9676] RIP: 0010:snd_pcm_plug_alloc+0x29a/0x330
[   86.987286][ T9676] Code: ff ff 45 31 e4 e8 16 10 80 fb 44 89 e0 5b 5d 41 5c 41 5d 41 5e c3 e8 05 10 80 fb 0f 0b 41 bc fa ff ff ff eb e0 e8 f6 0f 80 fb <0f> 0b 41 bc fa ff ff ff eb d1 e8 e7 0f 80 fb 0f 0b 41 bc fa ff ff
[   87.006988][ T9676] RSP: 0018:ffffc9000203fb88 EFLAGS: 00010293
[   87.013035][ T9676] RAX: ffff8880a7d3c2c0 RBX: ffff8880a3958000 RCX: ffffffff85f2b4e6
[   87.021994][ T9676] RDX: 0000000000000000 RSI: ffffffff85f2b66a RDI: 0000000000000007
[   87.029969][ T9676] RBP: 0000000000000000 R08: ffff8880a7d3c2c0 R09: fffffbfff1854720
[   87.037927][ T9676] R10: ffffffff8c2a38ff R11: fffffbfff185471f R12: ffff8880a3958058
[   87.045880][ T9676] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88809a4f5800
[   87.053971][ T9676]  ? snd_pcm_plug_alloc+0x116/0x330
[   87.059177][ T9676]  ? snd_pcm_plug_alloc+0x29a/0x330
[   87.064414][ T9676]  ? snd_pcm_plug_alloc+0x29a/0x330
[   87.069597][ T9676]  snd_pcm_oss_change_params_locked+0x1c05/0x34b0
[   87.076021][ T9676]  ? _snd_pcm_hw_param_set.constprop.0+0x510/0x510
[   87.082606][ T9676]  ? mark_lock+0xbc/0x1220
[   87.087018][ T9676]  ? snd_pcm_oss_sync.isra.0+0x7d0/0x7d0
[   87.092630][ T9676]  snd_pcm_oss_change_params+0x76/0xd0
[   87.098071][ T9676]  snd_pcm_oss_make_ready+0xb7/0x170
[   87.103342][ T9676]  snd_pcm_oss_sync.isra.0+0x1be/0x7d0
[   87.108890][ T9676]  ? snd_pcm_oss_sync.isra.0+0x7d0/0x7d0
[   87.114511][ T9676]  snd_pcm_oss_release+0x210/0x280
[   87.119760][ T9676]  __fput+0x2da/0x850
[   87.123743][ T9676]  task_work_run+0xf4/0x1b0
[   87.128328][ T9676]  exit_to_usermode_loop+0x2fa/0x360
[   87.133615][ T9676]  do_syscall_64+0x6b1/0x7d0
[   87.138192][ T9676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   87.144061][ T9676] RIP: 0033:0x4afb40
[   87.147942][ T9676] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[   87.167535][ T9676] RSP: 002b:000000c0001e7588 EFLAGS: 00000212 ORIG_RAX: 0000000000000003
[   87.175978][ T9676] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40
[   87.184005][ T9676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   87.192006][ T9676] RBP: 000000c0001e75c8 R08: 0000000000000000 R09: 0000000000000000
[   87.199961][ T9676] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000006
[   87.207920][ T9676] R13: 0000000000000005 R14: 0000000000000200 R15: 0000000000000000
[   87.217531][ T9676] Kernel Offset: disabled
[   87.221927][ T9676] Rebooting in 86400 seconds..