------------[ cut here ]------------ DEBUG_LOCKS_WARN_ON(!hlock->nest_lock) ------------[ cut here ]------------ ================================================================== BUG: unable to handle kernel paging request at 000077a1d78c0361 BUG: KASAN: stack-out-of-bounds in update_curr+0x9b3/0xbd0 kernel/sched/fair.c:827 #PF error: [INSTR] Read of size 8 at addr ffff8881d9b2c620 by task syz-executor826/6146 ------------[ cut here ]------------ kernel BUG at mm/slab.c:4412! CPU: 0 PID: 6146 Comm: syz-executor826 Not tainted 4.20.0-rc6-next-20181217+ #172 invalid opcode: 0000 [#1] PREEMPT SMP KASAN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 CPU: 1 PID: -560855296 Comm: ksoftirqd/1 Not tainted 4.20.0-rc6-next-20181217+ #172 Call Trace: Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__check_heap_object+0xa7/0xb5 mm/slab.c:4412 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x244/0x39d lib/dump_stack.c:113 Code: 48 c7 c7 ad aa 35 89 e8 37 d9 0a 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 be 48 01 d0 48 29 c8 48 39 f0 72 b3 5d c3 <0f> 0b 48 c7 c7 ad aa 35 89 e8 9d e1 0a 00 44 89 e9 48 c7 c7 68 ab RSP: 0018:ffff8881d9b2bcc0 EFLAGS: 00010046 RAX: 0000000000000005 RBX: 1ffff1103b36579f RCX: 000000000000000a RDX: ffff8881d9b2a100 RSI: 0000000000000008 RDI: ffff8881d9b2be78 RBP: ffff8881d9b2bcc0 R08: ffff8881d9b2c440 R09: ffff8881da980dc0 R10: 0000000000000b88 R11: 0000000000000000 R12: ffff8881d9b2be78 print_address_description.cold.4+0x9/0x1ff mm/kasan/report.c:187 R13: 0000000000000008 R14: ffffea000766ca80 R15: 0000000000000001 FS: 0000000000000000(0000) GS:ffff8881dad00000(0000) knlGS:0000000000000000 kasan_report.cold.5+0x1b/0x39 mm/kasan/report.c:317 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000130 CR3: 00000001c2126000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 __asan_report_load8_noabort+0x14/0x20 mm/kasan/generic_report.c:135 Call Trace: update_curr+0x9b3/0xbd0 kernel/sched/fair.c:827 Modules linked in: ---[ end trace 5e89050f588ec397 ]--- RIP: 0010:__check_heap_object+0xa7/0xb5 mm/slab.c:4412 Code: 48 c7 c7 ad aa 35 89 e8 37 d9 0a 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 be 48 01 d0 48 29 c8 48 39 f0 72 b3 5d c3 <0f> 0b 48 c7 c7 ad aa 35 89 e8 9d e1 0a 00 44 89 e9 48 c7 c7 68 ab RSP: 0018:ffff8881d9b2bcc0 EFLAGS: 00010046 RAX: 0000000000000005 RBX: 1ffff1103b36579f RCX: 000000000000000a RDX: ffff8881d9b2a100 RSI: 0000000000000008 RDI: ffff8881d9b2be78 RBP: ffff8881d9b2bcc0 R08: ffff8881d9b2c440 R09: ffff8881da980dc0 R10: 0000000000000b88 R11: 0000000000000000 R12: ffff8881d9b2be78 R13: 0000000000000008 R14: ffffea000766ca80 R15: 0000000000000001 enqueue_entity+0x3f5/0x20a0 kernel/sched/fair.c:3881 FS: 0000000000000000(0000) GS:ffff8881dad00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000130 CR3: 00000001c2126000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400