BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor4/16735
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 16735 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 928da1f81d8ddef1 ffff8800b8adf640 ffffffff81cc9b0f
 0000000000000000 ffffffff839fd4a0 ffff8800b8adf680 ffffffff81d28d18
 ffffffff83ced1a0 1ffff1001715bed7 ffff8800b966a240 ffff8800b966a000
Call Trace:
 [<ffffffff81cc9b0f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b0f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d18>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28d83>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff830dc140>] tcp_try_coalesce+0x200/0x4b0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4278
 [<ffffffff830e5c2e>] tcp_queue_rcv+0xfe/0x720 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4485
 [<ffffffff830ffe91>] tcp_send_rcvq+0x391/0x4a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4531
 [<ffffffff830d208c>] tcp_sendmsg+0x1d1c/0x36a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp.c:1134
 [<ffffffff8319020c>] inet_sendmsg+0x26c/0x430 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/af_inet.c:755
 [<ffffffff82d93fc5>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d93fc5>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d941ea>] sock_write_iter+0x1ea/0x3d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:834
 [<ffffffff814f7d87>] do_iter_readv_writev+0xf7/0x1d0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:664
 [<ffffffff814f93de>] do_readv_writev+0x27e/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:808
 [<ffffffff814f98bd>] vfs_writev+0x5d/0xa0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:847
 [<ffffffff814fbf53>] SYSC_writev /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:880 [inline]
 [<ffffffff814fbf53>] SyS_writev+0xd3/0x260 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:872
 [<ffffffff8374aaf6>] entry_SYSCALL_64_fastpath+0x16/0x76
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=14917 sclass=netlink_audit_socket
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=14917 sclass=netlink_audit_socket
sg_write: data in/out 785250869/41 bytes for SCSI command 0x4d-- guessing data in;
   program syz-executor5 not setting count and/or reply_len properly
netlink: 13 bytes leftover after parsing attributes in process `syz-executor0'.
netlink: 13 bytes leftover after parsing attributes in process `syz-executor0'.
device gre0 entered promiscuous mode
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=14917 sclass=netlink_audit_socket
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=14917 sclass=netlink_audit_socket
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2078 sclass=netlink_route_socket
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2078 sclass=netlink_route_socket
device gre0 entered promiscuous mode
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
netlink: 13 bytes leftover after parsing attributes in process `syz-executor5'.
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
netlink: 13 bytes leftover after parsing attributes in process `syz-executor5'.
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket
proc: unrecognized mount option "3Ü]Î¥…¯ýRöÎñG6%’àíÔUªp°Ç\I.í‹·2»ø„£‡&cÜWïøÆŠ\Û°a$BŸc5…þçUâ(åã}WòÏ8‹óÙã0ˆù¡Yƒ^TKÒ•›ÞÙ¢Þ.; zÉ_ù7†#z`²wµœr(*Kû:”z™…ÍÍZ ª	´" or missing value
proc: unrecognized mount option "3Ü]Î¥…¯ýRöÎñG6%’àíÔUªp°Ç\I.í‹·2»ø„£‡&cÜWïøÆŠ\Û°a$BŸc5…þçUâ(åã}WòÏ8‹óÙã0ˆù¡Yƒ^TKÒ•›ÞÙ¢Þ.; zÉ_ù7†#z`²wµœr(*Kû:”z™…ÍÍZ ª	´" or missing value
device gre0 entered promiscuous mode
netlink: 2 bytes leftover after parsing attributes in process `syz-executor0'.
IPv6: Can't replace route, no match found
netlink: 2 bytes leftover after parsing attributes in process `syz-executor0'.
IPv6: Can't replace route, no match found
device gre0 entered promiscuous mode
netlink: 13 bytes leftover after parsing attributes in process `syz-executor7'.
netlink: 13 bytes leftover after parsing attributes in process `syz-executor7'.
netlink: 2 bytes leftover after parsing attributes in process `syz-executor3'.
IPv6: Can't replace route, no match found
netlink: 2 bytes leftover after parsing attributes in process `syz-executor3'.
IPv6: Can't replace route, no match found
device gre0 entered promiscuous mode
netlink: 2 bytes leftover after parsing attributes in process `syz-executor5'.
IPv6: Can't replace route, no match found
netlink: 2 bytes leftover after parsing attributes in process `syz-executor5'.
IPv6: Can't replace route, no match found