BUG: unable to handle kernel paging request at ffffe8ff1fc00008
PGD 1cc14a067 P4D 1cc14a067 PUD 0
Oops: 0000 [#1] SMP PTI
CPU: 0 PID: 26047 Comm: syz-executor4 Not tainted 4.18.0-rc5+ #28
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:do_slab_free mm/slub.c:2943 [inline]
RIP: 0010:slab_free mm/slub.c:2977 [inline]
RIP: 0010:kmem_cache_free+0x728/0x2c30 mm/slub.c:2992
Code: 00 00 48 83 7d a0 00 0f 85 ed fe ff ff 4c 8b 3b 49 89 dc 48 89 df e8 47 7d 03 00 48 8b 18 44 8b 32 48 85 db 0f 85 dd fe ff ff <65> 49 8b 47 08 48 89 85 78 ff ff ff 48 85 db 0f 85 d5 fe ff ff 65
RSP: 0018:ffff88021fc0fb70 EFLAGS: 00010246
RAX: ffff8801a733e000 RBX: 0000000000000000 RCX: ffff88012bb1a000
RDX: ffff88012bb1a000 RSI: aaaaaaaaaaaab000 RDI: ffffea000705e640
RBP: ffff88021fc0fcc8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000d00 R11: ffffffff815fb310 R12: ffff88012ba66000
R13: 0000000000000000 R14: 0000000000000000 R15: 000060fd00000000
FS: 0000000000eee940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffe8ff1fc00008 CR3: 00000000af8b2000 CR4: 00000000001406f0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
<IRQ>
free_task_struct kernel/fork.c:162 [inline]
free_task kernel/fork.c:390 [inline]
__put_task_struct+0x676/0x900 kernel/fork.c:666
put_task_struct include/linux/sched/task.h:96 [inline]
delayed_put_task_struct+0x2c8/0x320 kernel/exit.c:181
__rcu_reclaim kernel/rcu/rcu.h:178 [inline]
rcu_do_batch kernel/rcu/tree.c:2558 [inline]
invoke_rcu_callbacks kernel/rcu/tree.c:2818 [inline]
__rcu_process_callbacks kernel/rcu/tree.c:2785 [inline]
rcu_process_callbacks+0x13b0/0x1b30 kernel/rcu/tree.c:2802
__do_softirq+0x55f/0x934 kernel/softirq.c:288
invoke_softirq kernel/softirq.c:369 [inline]
irq_exit+0x22a/0x270 kernel/softirq.c:410
exiting_irq+0xe/0x10 arch/x86/include/asm/apic.h:527
smp_apic_timer_interrupt+0x64/0x90 arch/x86/kernel/apic/apic.c:1055
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:868
</IRQ>
RIP: 0010:msan_get_shadow_origin_ptr+0x4a/0x300 mm/kmsan/kmsan_instr.c:256
Code: 48 89 45 d0 48 c7 c0 00 20 a1 8b 49 c7 c6 00 00 a1 8b 85 d2 4c 0f 45 f0 48 c7 c0 00 30 a1 8b 48 c7 c3 00 10 a1 8b 48 0f 45 d8 <80> 3c 25 00 f0 a0 8b 00 0f 84 08 02 00 00 65 4c 8b 2c 25 80 fc 02
RSP: 0018:ffff8800a9edfcd0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
RAX: ffffffff8ba13000 RBX: ffffffff8ba13000 RCX: ffff88012a670000
RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8800a9edfe62
RBP: ffff8800a9edfd28 R08: ffffffff7fffff00 R09: ffff8800b801fe01
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
R13: 0000000000000000 R14: ffffffff8ba12000 R15: ffff8800a9edfe62
__msan_metadata_ptr_for_store_1+0x13/0x20 mm/kmsan/kmsan_instr.c:347
__hrtimer_init kernel/time/hrtimer.c:1288 [inline]
hrtimer_init+0x45a/0x5f0 kernel/time/hrtimer.c:1309
hrtimer_init_on_stack include/linux/hrtimer.h:378 [inline]
hrtimer_nanosleep kernel/time/hrtimer.c:1741 [inline]
__do_sys_nanosleep kernel/time/hrtimer.c:1777 [inline]
__se_sys_nanosleep+0x388/0x740 kernel/time/hrtimer.c:1764
__x64_sys_nanosleep+0x92/0xc0 kernel/time/hrtimer.c:1764
do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x63/0xe7
RIP: 0033:0x4811e1
Code: 75 14 b8 23 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 02 f9 ff c3 48 83 ec 08 e8 6a 74 fd ff 48 89 04 24 b8 23 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 74 fd ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:0000000000a3e940 EFLAGS: 00000293 ORIG_RAX: 0000000000000023
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004811e1
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a3e950
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000a3e930 R11: 0000000000000293 R12: 0000000000083d35
R13: 0000000000000002 R14: 000000000072bea0 R15: 0000000000000001
Modules linked in:
Dumping ftrace buffer:
(ftrace buffer empty)
CR2: ffffe8ff1fc00008
---[ end trace 378f65d005a02b96 ]---
BUG: unable to handle kernel paging request at ffffe8ff1fd00008
PGD 1cc14a067
RIP: 0010:do_slab_free mm/slub.c:2943 [inline]
RIP: 0010:slab_free mm/slub.c:2977 [inline]
RIP: 0010:kmem_cache_free+0x728/0x2c30 mm/slub.c:2992
P4D 1cc14a067
Code:
PUD 0
00
00
Oops: 0000 [#2] SMP PTI
48 83
CPU: 1 PID: 4605 Comm: syz-executor0 Tainted: G D 4.18.0-rc5+ #28
7d a0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
00 0f
RIP: 0010:slab_alloc_node mm/slub.c:2661 [inline]
RIP: 0010:kmem_cache_alloc_node+0x2e9/0xcb0 mm/slub.c:2762
85 ed
Code:
fe
ff
ff ff
48 89
4c 8b
55 a0
3b 49
48
89 dc
83 7d
48 89
b8
df e8
00
47
0f
7d 03
85 e3
00 48
01
8b
00 00
18 44
4c 8b
8b 32
3a
48 85
48
db 0f
89 d7
85 dd
e8 46
fe ff
9b 03
ff <65>
00 48
49 8b
8b 18
47 08
44 8b
48
32 48
89 85
85
78 ff
db 0f
ff ff
85 da
48 85
01 00
db
00
0f
<65> 49
85 d5
8b 47
fe ff
08 48
ff 65
89 85
50 ff
RSP: 0018:ffff88021fc0fb70 EFLAGS: 00010246
ff ff
48
RAX: ffff8801a733e000 RBX: 0000000000000000 RCX: ffff88012bb1a000
85
RDX: ffff88012bb1a000 RSI: aaaaaaaaaaaab000 RDI: ffffea000705e640
RBP: ffff88021fc0fcc8 R08: 0000000000000001 R09: 0000000000000000
db 0f
R10: 0000000000000d00 R11: ffffffff815fb310 R12: ffff88012ba66000
85 d2
R13: 0000000000000000 R14: 0000000000000000 R15: 000060fd00000000
FS: 0000000000eee940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
01 00
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
00
CR2: ffffe8ff1fc00008 CR3: 00000000af8b2000 CR4: 00000000001406f0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
65
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
RSP: 0018:ffff8801412afa18 EFLAGS: 00010246