kasan: CONFIG_KASAN_INLINE enabled
==================================================================
BUG: KASAN: stack-out-of-bounds in pgd_val arch/x86/include/asm/paravirt.h:414 [inline]
BUG: KASAN: stack-out-of-bounds in p4d_page_vaddr arch/x86/include/asm/pgtable.h:895 [inline]
BUG: KASAN: stack-out-of-bounds in pud_offset arch/x86/include/asm/pgtable.h:907 [inline]
BUG: KASAN: stack-out-of-bounds in vmalloc_fault+0x6d0/0x770 arch/x86/mm/fault.c:397
kasan: GPF could be caused by NULL-ptr deref or user memory access
Read of size 8 at addr ffff8881da96cff8 by task syz-executor3/6133
general protection fault: 0000 [#1] PREEMPT SMP KASAN

CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
CPU: 1 PID: 6133 Comm: syz-executor3 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:lookup_object lib/debugobjects.c:156 [inline]
RIP: 0010:debug_object_deactivate+0x191/0x450 lib/debugobjects.c:542
Call Trace:
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 24, size 64)!
 <IRQ>
------------[ cut here ]------------
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
Bad or missing usercopy whitelist? Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 24, size 2)!
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 40, size 2)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
 print_address_description.cold.7+0x9/0x1ff mm/kasan/report.c:256
invalid opcode: 0000 [#2] PREEMPT SMP KASAN
 kasan_report_error mm/kasan/report.c:354 [inline]
 kasan_report.cold.8+0x242/0x309 mm/kasan/report.c:412
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:433
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
 pgd_val arch/x86/include/asm/paravirt.h:414 [inline]
 p4d_page_vaddr arch/x86/include/asm/pgtable.h:895 [inline]
 pud_offset arch/x86/include/asm/pgtable.h:907 [inline]
 vmalloc_fault+0x6d0/0x770 arch/x86/mm/fault.c:397
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 24, size 64)!
 do_kern_addr_fault arch/x86/mm/fault.c:1203 [inline]
 __do_page_fault+0x860/0xe60 arch/x86/mm/fault.c:1487
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
 do_page_fault+0xf2/0x7e0 arch/x86/mm/fault.c:1520
invalid opcode: 0000 [#3] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 32, size 64)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
invalid opcode: 0000 [#4] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1143
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:cpuacct_account_field+0x1d6/0x3d0 kernel/sched/cpuacct.c:366
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
Code: 3c 29 00 0f 85 ad 01 00 00 48 c7 c6 20 80 27 89 48 03 1c c6 4a 8d 3c 33 48 89 f8 48 c1 e8 03 42 80 3c 28 00 0f 85 b8 01 00 00 <4e> 01 24 33 49 8d bf 28 01 00 00 48 89 f8 48 c1 e8 03 42 80 3c 28
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 40, size 64)!
RSP: 0018:ffff8881daf078a8 EFLAGS: 00010046
------------[ cut here ]------------
RAX: 1ffffd1ffffb72ea RBX: ffffe8ffffdb9740 RCX: 1ffffffff124f005
kernel BUG at mm/usercopy.c:102!
RDX: 0000000000010000 RSI: ffffffff89278020 RDI: ffffe8ffffdb9750
invalid opcode: 0000 [#5] PREEMPT SMP KASAN
RBP: ffff8881daf07940 R08: ffff8881bcac4100 R09: ffffed103b5e5b5f
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
R10: ffffed103b5e5b5f R11: ffff8881daf2dafb R12: 000000000094a444
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
R13: dffffc0000000000 R14: 0000000000000010 R15: ffff8881bdb730c0
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 48, size 64)!
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 48, size 2)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
 cgroup_account_cputime_field include/linux/cgroup.h:775 [inline]
 task_group_account_field kernel/sched/cputime.c:108 [inline]
 account_system_index_time+0x1e8/0x5d0 kernel/sched/cputime.c:171
invalid opcode: 0000 [#6] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 24, size 64)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
 irqtime_account_process_tick.isra.6+0x35b/0x490 kernel/sched/cputime.c:388
invalid opcode: 0000 [#7] PREEMPT SMP KASAN
 account_process_tick+0x282/0x350 kernel/sched/cputime.c:483
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 update_process_times+0x21/0x70 kernel/time/timer.c:1634
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
 tick_sched_handle+0x9f/0x180 kernel/time/tick-sched.c:164
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 32, size 64)!
 tick_sched_timer+0x45/0x130 kernel/time/tick-sched.c:1274
------------[ cut here ]------------
 __run_hrtimer kernel/time/hrtimer.c:1398 [inline]
 __hrtimer_run_queues+0x41c/0x10d0 kernel/time/hrtimer.c:1460
kernel BUG at mm/usercopy.c:102!
invalid opcode: 0000 [#8] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 48, size 64)!
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 40, size 2)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
invalid opcode: 0000 [#9] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 hrtimer_interrupt+0x313/0x780 kernel/time/hrtimer.c:1518
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1034 [inline]
 smp_apic_timer_interrupt+0x1a1/0x760 arch/x86/kernel/apic/apic.c:1059
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 16, size 64)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
invalid opcode: 0000 [#10] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
------------[ cut here ]------------
kernel BUG at mm/slab.c:4425!
invalid opcode: 0000 [#11] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__check_heap_object+0xa7/0xb5 mm/slab.c:4450
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 40, size 64)!
 </IRQ>
------------[ cut here ]------------
RIP: 0010:rep_nop arch/x86/include/asm/processor.h:660 [inline]
RIP: 0010:cpu_relax arch/x86/include/asm/processor.h:665 [inline]
RIP: 0010:bit_spin_lock include/linux/bit_spinlock.h:30 [inline]
RIP: 0010:hlist_bl_lock include/linux/list_bl.h:122 [inline]
RIP: 0010:___d_drop+0x2e7/0x470 fs/dcache.c:462
kernel BUG at mm/usercopy.c:102!
Code: ff 65 8b 05 4b 91 2b 7e 31 ff 89 c6 89 85 68 ff ff ff e8 0c 29 a9 ff 8b 85 68 ff ff ff 85 c0 0f 84 cd 00 00 00 e8 e9 27 a9 ff <f3> 90 48 8b 85 70 ff ff ff 80 38 00 0f 85 c5 00 00 00 49 8b 04 24
invalid opcode: 0000 [#12] PREEMPT SMP KASAN
RSP: 0018:ffff8881a2ed6f20 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
RAX: ffff8881bcac4100 RBX: ffff8881c1ed2580 RCX: ffffffff81d65ccd
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RDX: 0000000000000000 RSI: ffffffff81d65ca7 RDI: 0000000000000007
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
RBP: ffff8881a2ed6fb8 R08: ffff8881bcac4100 R09: ffffed10383da4c0
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 48, size 64)!
R10: ffffed10383da4c0 R11: ffff8881c1ed2603 R12: ffffc9000022ed50
usercopy: Kernel memory overwrite attempt detected to SLAB object 'debug_objects_cache' (offset 40, size 2)!
R13: 1ffff110345dade6 R14: 0000000000000001 R15: ffff8881a2ed6f90
------------[ cut here ]------------
kernel BUG at mm/slab.c:4425!
invalid opcode: 0000 [#13] PREEMPT SMP KASAN
CPU: 0 PID: 2534 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #340
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 __d_drop.part.18+0x15/0x80 fs/dcache.c:470
RIP: 0010:__check_heap_object+0xa7/0xb5 mm/slab.c:4450
 __d_drop fs/dcache.c:469 [inline]
 __dentry_kill+0x202/0x7a0 fs/dcache.c:547
Code: 48 c7 c7 7d 01 15 89 e8 f7 e1 0a 00 5d c3 41 8b 91 04 01 00 00 48 29 c7 48 39 d7 77 be 48 01 d0 48 29 c8 48 39 f0 72 b3 5d c3 <0f> 0b 48 c7 c7 7d 01 15 89 e8 5d ea 0a 00 44 89 e9 48 c7 c7 38 02
RSP: 0018:ffff8881da9415f0 EFLAGS: 00010046
RAX: 0000000000000001 RBX: 1ffff1103b5282c5 RCX: 000000000000000c
RDX: ffff8881da940500 RSI: 0000000000000002 RDI: ffff8881da941798
RBP: ffff8881da9415f0 R08: ffff8881b3f40280 R09: ffff8881da800dc0
R10: 0000000000001068 R11: 0000000000000000 R12: ffff8881da941798
R13: 0000000000000002 R14: ffffea00076a5000 R15: 0000000000000001
FS:  00007ff7fa9c3700(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
 shrink_dentry_list+0x32f/0x800 fs/dcache.c:1065
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000930004 CR3: 00000001c2361000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 prune_dcache_sb+0x12f/0x1c0 fs/dcache.c:1157
Call Trace:
Modules linked in:
---[ end trace 283b3002ebc87c87 ]---
RIP: 0010:lookup_object lib/debugobjects.c:156 [inline]
RIP: 0010:debug_object_deactivate+0x191/0x450 lib/debugobjects.c:542
 super_cache_scan+0x270/0x480 fs/super.c:102
Code: 02 00 00 48 8b 1b 41 bf 01 00 00 00 48 85 db 74 46 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 18 41 83 c7 01 48 89 fe 48 c1 ee 03 <80> 3c 06 00 0f 85 04 02 00 00 48 3b 53 18 0f 84 53 01 00 00 48 89
 do_shrink_slab+0x501/0xd30 mm/vmscan.c:557
RSP: 0018:ffff8881da946e80 EFLAGS: 00010006
RAX: dffffc0000000000 RBX: 0aaaaaaaaaaa0000 RCX: 0000000000000001
RDX: ffff8881dae26620 RSI: 0155555555554003 RDI: 0aaaaaaaaaaa0018
RBP: ffff8881da946f38 R08: ffffed103b528dbd R09: ffffed103b528dbc
R10: ffffed103b528dbc R11: 0000000000000003 R12: 1ffff1103b528dd2
R13: ffffffff8b295028 R14: ffffffff895a9620 R15: 0000000000000005
FS:  00007ff7fa9c3700(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 shrink_slab_memcg mm/vmscan.c:622 [inline]
 shrink_slab+0x6f6/0x8c0 mm/vmscan.c:694
CR2: 0000000000930004 CR3: 00000001c2361000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400