Hello,

FYI this happens in mainline kernel 4.14.0-13151-g5a78775.
This looks like a new regression after 4.14.

It occurs in 3 out of 3 boots.

[    0.000000] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
[    0.000000] random: fast init done
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0
[    0.000000] ==================================================================
[    0.000000] BUG: KASAN: use-after-scope in pcpu_setup_first_chunk+0x1e3b/0x29e2:
						pcpu_setup_first_chunk at mm/percpu.c:2118 (discriminator 3)
[    0.000000] Write of size 8 at addr ffffffff83c07d38 by task swapper/0
[    0.000000]
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.14.0-13151-g5a78775 #2
[    0.000000] Call Trace:
[    0.000000]  print_address_description+0x2d/0x3d0:
						print_address_description at mm/kasan/report.c:253
[    0.000000]  ? pcpu_setup_first_chunk+0x1e3b/0x29e2:
						pcpu_setup_first_chunk at mm/percpu.c:2118 (discriminator 3)
[    0.000000]  kasan_report+0x1f4/0x3b0:
						kasan_report_error at mm/kasan/report.c:352
						 (inlined by) kasan_report at mm/kasan/report.c:409
[    0.000000]  pcpu_setup_first_chunk+0x1e3b/0x29e2:
						pcpu_setup_first_chunk at mm/percpu.c:2118 (discriminator 3)
[    0.000000]  ? pcpu_free_alloc_info+0x83/0x83:
						pcpu_setup_first_chunk at mm/percpu.c:2003
[    0.000000]  ? memblock_virt_alloc_internal+0x5a5/0xa05:
						memblock_virt_alloc_internal at mm/memblock.c:1304 (discriminator 1)
[    0.000000]  ? memblock_virt_alloc_try_nid_nopanic+0x1f9/0x220:
						memset at include/linux/string.h:326
						 (inlined by) memblock_virt_alloc_try_nid_nopanic at mm/memblock.c:1412
[    0.000000]  setup_per_cpu_areas+0x2f3/0x3be:
						setup_per_cpu_areas at mm/percpu.c:2720
[    0.000000]  start_kernel+0x7a2/0x11e8:
						start_kernel at init/main.c:542
[    0.000000]  ? thread_stack_cache_init+0x2e/0x2e
[    0.000000]  ? memcpy_orig+0x16/0x110:
						memcpy_orig at arch/x86/lib/memcpy_64.S:77
[    0.000000]  secondary_startup_64+0xa5/0xb0:
						secondary_startup_64 at arch/x86/kernel/head_64.S:237
[    0.000000]
[    0.000000] Memory state around the buggy address:
[    0.000000]  ffffffff83c07c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[    0.000000]  ffffffff83c07c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[    0.000000] >ffffffff83c07d00: 00 00 00 f1 f1 f1 f1 f8 f2 f2 f2 f2 f2 f2 f2 00

Attached the full dmesg, kconfig and reproduce scripts.

Thanks,
Fengguang