INFO: task syz-executor.1:13351 blocked for more than 140 seconds. Not tainted 4.14.163-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28528 13351 7125 0x80000004 Call Trace: context_switch kernel/sched/core.c:2808 [inline] __schedule+0x7b8/0x1cd0 kernel/sched/core.c:3384 schedule+0x92/0x1c0 kernel/sched/core.c:3428 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x1f6/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x18/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:66 [inline] down_read+0x49/0xb0 kernel/locking/rwsem.c:26 __do_page_fault+0x894/0xb80 arch/x86/mm/fault.c:1356 do_page_fault+0x71/0x511 arch/x86/mm/fault.c:1495 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1122 RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:70 RSP: 0018:ffff88809e237a78 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000000c0ac10 ================================================================== BUG: KASAN: stack-out-of-bounds in __show_regs.cold+0xa5/0x560 arch/x86/kernel/process_64.c:83 Read of size 8 at addr ffff88809e237a38 by task khungtaskd/1053 CPU: 0 PID: 1053 Comm: khungtaskd Not tainted 4.14.163-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 print_address_description.cold+0x7c/0x1dc mm/kasan/report.c:252 kasan_report_error mm/kasan/report.c:351 [inline] kasan_report mm/kasan/report.c:409 [inline] kasan_report.cold+0xa9/0x2af mm/kasan/report.c:393 __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:430 __show_regs.cold+0xa5/0x560 arch/x86/kernel/process_64.c:83 show_regs_if_on_stack.constprop.0+0x39/0x3c arch/x86/kernel/dumpstack.c:93 show_trace_log_lvl+0x250/0x26b arch/x86/kernel/dumpstack.c:218 show_stack+0x39/0x3b arch/x86/kernel/dumpstack.c:237 sched_show_task kernel/sched/core.c:5168 [inline] sched_show_task.cold+0x2f0/0x351 kernel/sched/core.c:5143 check_hung_task kernel/hung_task.c:128 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:188 [inline] watchdog.cold+0xa6/0xc7 kernel/hung_task.c:274 kthread+0x319/0x430 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 The buggy address belongs to the page: page:ffffea0002788dc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0xfffe0000000000() raw: 00fffe0000000000 0000000000000000 0000000000000000 00000000ffffffff raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88809e237900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff88809e237980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff88809e237a00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f3 f3 00 ^ ffff88809e237a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff88809e237b00: 00 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2 00 f2 f2 ==================================================================