------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(!hlock->nest_lock)
------------[ cut here ]------------
==================================================================
BUG: unable to handle kernel paging request at 000077a1d78c0361
BUG: KASAN: stack-out-of-bounds in update_curr+0x9b3/0xbd0 kernel/sched/fair.c:827
#PF error: [INSTR]
Read of size 8 at addr ffff8881d9b2c620 by task syz-executor826/6146
------------[ cut here ]------------

kernel BUG at mm/slab.c:4412!
CPU: 0 PID: 6146 Comm: syz-executor826 Not tainted 4.20.0-rc6-next-20181217+ #172
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
CPU: 1 PID: -560855296 Comm: ksoftirqd/1 Not tainted 4.20.0-rc6-next-20181217+ #172
Call Trace:
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__check_heap_object+0xa7/0xb5 mm/slab.c:4412
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
Code: 48 c7 c7 ad aa 35 89 e8 37 d9 0a 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 be 48 01 d0 48 29 c8 48 39 f0 72 b3 5d c3 <0f> 0b 48 c7 c7 ad aa 35 89 e8 9d e1 0a 00 44 89 e9 48 c7 c7 68 ab
RSP: 0018:ffff8881d9b2bcc0 EFLAGS: 00010046
RAX: 0000000000000005 RBX: 1ffff1103b36579f RCX: 000000000000000a
RDX: ffff8881d9b2a100 RSI: 0000000000000008 RDI: ffff8881d9b2be78
RBP: ffff8881d9b2bcc0 R08: ffff8881d9b2c440 R09: ffff8881da980dc0
R10: 0000000000000b88 R11: 0000000000000000 R12: ffff8881d9b2be78
 print_address_description.cold.4+0x9/0x1ff mm/kasan/report.c:187
R13: 0000000000000008 R14: ffffea000766ca80 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8881dad00000(0000) knlGS:0000000000000000
 kasan_report.cold.5+0x1b/0x39 mm/kasan/report.c:317
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000130 CR3: 00000001c2126000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 __asan_report_load8_noabort+0x14/0x20 mm/kasan/generic_report.c:135
Call Trace:
 update_curr+0x9b3/0xbd0 kernel/sched/fair.c:827
Modules linked in:
---[ end trace 5e89050f588ec397 ]---
RIP: 0010:__check_heap_object+0xa7/0xb5 mm/slab.c:4412
Code: 48 c7 c7 ad aa 35 89 e8 37 d9 0a 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 be 48 01 d0 48 29 c8 48 39 f0 72 b3 5d c3 <0f> 0b 48 c7 c7 ad aa 35 89 e8 9d e1 0a 00 44 89 e9 48 c7 c7 68 ab
RSP: 0018:ffff8881d9b2bcc0 EFLAGS: 00010046
RAX: 0000000000000005 RBX: 1ffff1103b36579f RCX: 000000000000000a
RDX: ffff8881d9b2a100 RSI: 0000000000000008 RDI: ffff8881d9b2be78
RBP: ffff8881d9b2bcc0 R08: ffff8881d9b2c440 R09: ffff8881da980dc0
R10: 0000000000000b88 R11: 0000000000000000 R12: ffff8881d9b2be78
R13: 0000000000000008 R14: ffffea000766ca80 R15: 0000000000000001
 enqueue_entity+0x3f5/0x20a0 kernel/sched/fair.c:3881
FS:  0000000000000000(0000) GS:ffff8881dad00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000130 CR3: 00000001c2126000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400