Warning: Permanently added '10.128.1.122' (ED25519) to the list of known hosts.
executing program
[   73.589854][ T5083] kernel profiling enabled (shift: 25)
[   73.596963][    C1] ==================================================================
[   73.605066][    C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xd2/0x170
[   73.612328][    C1] Read of size 8 at addr ffffc900036bf880 by task syz-executor162/5083
[   73.620612][    C1] 
[   73.622932][    C1] CPU: 1 PID: 5083 Comm: syz-executor162 Not tainted 6.9.0-rc6-syzkaller-00113-g49a73b1652c5 #0
[   73.633359][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   73.643409][    C1] Call Trace:
[   73.646688][    C1]  <IRQ>
[   73.649540][    C1]  dump_stack_lvl+0x241/0x360
[   73.654236][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.659451][    C1]  ? __pfx__printk+0x10/0x10
[   73.664051][    C1]  ? _printk+0xd5/0x120
[   73.668207][    C1]  print_report+0x169/0x550
[   73.672721][    C1]  ? __pfx_raise_softirq+0x10/0x10
[   73.677825][    C1]  ? rcu_read_lock_sched_held+0x8d/0x130
[   73.683452][    C1]  ? __virt_addr_valid+0xbd/0x520
[   73.688481][    C1]  ? profile_pc+0xd2/0x170
[   73.692901][    C1]  kasan_report+0x143/0x180
[   73.697594][    C1]  ? profile_pc+0xd2/0x170
[   73.702013][    C1]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[   73.707908][    C1]  profile_pc+0xd2/0x170
[   73.712153][    C1]  profile_tick+0xd7/0x150
[   73.716685][    C1]  tick_nohz_handler+0x386/0x500
[   73.721655][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[   73.727122][    C1]  __hrtimer_run_queues+0x55b/0xd50
[   73.732328][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[   73.738054][    C1]  ? ktime_get_update_offsets_now+0x411/0x430
[   73.744120][    C1]  hrtimer_interrupt+0x396/0x990
[   73.749079][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[   73.755067][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[   73.760712][    C1]  </IRQ>
[   73.763636][    C1]  <TASK>
[   73.766572][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   73.772562][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[   73.779075][    C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ee 8f 6f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> d3 8c da f5 65 8b 05 34 a8 78 74 85 c0 74 43 48 c7 04 24 0e 36
[   73.798777][    C1] RSP: 0018:ffffc900036bf880 EFLAGS: 00000206
[   73.804847][    C1] RAX: 7c801f6a8be4c700 RBX: 1ffff920006d7f14 RCX: ffffffff8172ffba
[   73.812834][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcab8a0 RDI: 0000000000000001
[   73.820845][    C1] RBP: ffffc900036bf910 R08: ffffffff92f355cf R09: 1ffffffff25e6ab9
[   73.828906][    C1] R10: dffffc0000000000 R11: fffffbfff25e6aba R12: dffffc0000000000
[   73.836879][    C1] R13: 1ffff920006d7f10 R14: ffffc900036bf8a0 R15: 0000000000000246
[   73.844871][    C1]  ? mark_lock+0x9a/0x350
[   73.849219][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   73.855728][    C1]  ? _find_next_zero_bit+0x105/0x140
[   73.861042][    C1]  ? _find_first_zero_bit+0xd4/0x100
[   73.866332][    C1]  ida_alloc_range+0x821/0xa80
[   73.871413][    C1]  ? __pfx_ida_alloc_range+0x10/0x10
[   73.876739][    C1]  ? __proc_create+0x6d8/0xa50
[   73.881525][    C1]  proc_register+0x3f/0x4f0
[   73.886034][    C1]  ? __pfx_profile_online_cpu+0x10/0x10
[   73.891589][    C1]  proc_create+0x230/0x2c0
[   73.896016][    C1]  ? __pfx_proc_create+0x10/0x10
[   73.900961][    C1]  ? __pfx_profile_online_cpu+0x10/0x10
[   73.906519][    C1]  ? cpus_read_unlock+0xa6/0x140
[   73.911470][    C1]  ? __cpuhp_setup_state+0x46/0x60
[   73.916585][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[   73.921793][    C1]  create_proc_profile+0xba/0x120
[   73.926828][    C1]  profiling_store+0x81/0xc0
[   73.931414][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[   73.936701][    C1]  vfs_write+0xa84/0xcb0
[   73.940944][    C1]  ? kasan_quarantine_put+0xdc/0x230
[   73.946225][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[   73.951430][    C1]  ? __pfx_vfs_write+0x10/0x10
[   73.956200][    C1]  ? __fdget_pos+0x272/0x320
[   73.960795][    C1]  ksys_write+0x1a0/0x2c0
[   73.965129][    C1]  ? __pfx_ksys_write+0x10/0x10
[   73.969980][    C1]  ? do_syscall_64+0x102/0x240
[   73.974752][    C1]  ? do_syscall_64+0xb6/0x240
[   73.979446][    C1]  do_syscall_64+0xf5/0x240
[   73.983948][    C1]  ? clear_bhb_loop+0x35/0x90
[   73.988627][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.994514][    C1] RIP: 0033:0x7fb250b7e379
[   73.998937][    C1] Code: d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   74.018542][    C1] RSP: 002b:00007ffce2b0a3d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   74.026959][    C1] RAX: ffffffffffffffda RBX: 00007ffce2b0a4f0 RCX: 00007fb250b7e379
[   74.034936][    C1] RDX: 0000000000000015 RSI: 0000000020000280 RDI: 0000000000000003
[   74.042903][    C1] RBP: 00007ffce2b0a4f0 R08: 00007ffce2b0a164 R09: 0000000000000000
[   74.050869][    C1] R10: 0000000000000014 R11: 0000000000000246 R12: 00007ffce2b0a4f8
[   74.058845][    C1] R13: 000000000000000c R14: 0000000000000003 R15: 0000000000000004
[   74.066821][    C1]  </TASK>
[   74.069866][    C1] 
[   74.072181][    C1] The buggy address belongs to stack of task syz-executor162/5083
[   74.079969][    C1]  and is located at offset 0 in frame:
[   74.085498][    C1]  _raw_spin_unlock_irqrestore+0x0/0x140
[   74.091135][    C1] 
[   74.093449][    C1] This frame has 1 object:
[   74.097852][    C1]  [32, 40) 'flags.i.i.i.i'
[   74.097863][    C1] 
[   74.104657][    C1] The buggy address belongs to the virtual mapping at
[   74.104657][    C1]  [ffffc900036b8000, ffffc900036c1000) created by:
[   74.104657][    C1]  copy_process+0x5d1/0x3df0
[   74.122283][    C1] 
[   74.124603][    C1] The buggy address belongs to the physical page:
[   74.131001][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x786ea
[   74.139759][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   74.146862][    C1] page_type: 0xffffffff()
[   74.151192][    C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[   74.159778][    C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   74.168350][    C1] page dumped because: kasan: bad access detected
[   74.174753][    C1] page_owner tracks the page as allocated
[   74.180456][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5081, tgid 492802309 (sshd), ts 5081, free_ts 67844067814
[   74.198769][    C1]  post_alloc_hook+0x1ea/0x210
[   74.203531][    C1]  get_page_from_freelist+0x3410/0x35b0
[   74.209094][    C1]  __alloc_pages+0x256/0x6c0
[   74.213682][    C1]  alloc_pages_mpol+0x3e8/0x680
[   74.218526][    C1]  __vmalloc_node_range+0x9a4/0x1490
[   74.223805][    C1]  dup_task_struct+0x3e9/0x7d0
[   74.228563][    C1]  copy_process+0x5d1/0x3df0
[   74.233143][    C1]  kernel_clone+0x226/0x8f0
[   74.237642][    C1]  __x64_sys_clone+0x258/0x2a0
[   74.242402][    C1]  do_syscall_64+0xf5/0x240
[   74.246909][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.252810][    C1] page last free pid 5078 tgid 5078 stack trace:
[   74.259125][    C1]  free_unref_page_prepare+0x986/0xab0
[   74.264593][    C1]  free_unref_folios+0x1f2/0xc10
[   74.269531][    C1]  folios_put_refs+0x93a/0xa60
[   74.274291][    C1]  free_pages_and_swap_cache+0x5c8/0x690
[   74.279935][    C1]  tlb_flush_mmu+0x3a3/0x680
[   74.284525][    C1]  tlb_finish_mmu+0xd4/0x200
[   74.289115][    C1]  exit_mmap+0x4bb/0xd60
[   74.293363][    C1]  __mmput+0x115/0x3c0
[   74.297429][    C1]  exit_mm+0x220/0x310
[   74.301495][    C1]  do_exit+0x99e/0x27e0
[   74.305744][    C1]  do_group_exit+0x207/0x2c0
[   74.310335][    C1]  __x64_sys_exit_group+0x3f/0x40
[   74.315358][    C1]  do_syscall_64+0xf5/0x240
[   74.319871][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.326023][    C1] 
[   74.328354][    C1] Memory state around the buggy address:
[   74.333996][    C1]  ffffc900036bf780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   74.342063][    C1]  ffffc900036bf800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   74.350122][    C1] >ffffc900036bf880: f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00 00 00 00 00
[   74.358179][    C1]                    ^
[   74.362267][    C1]  ffffc900036bf900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   74.370320][    C1]  ffffc900036bf980: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00
[   74.378371][    C1] ==================================================================
[   74.386421][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   74.393604][    C1] CPU: 1 PID: 5083 Comm: syz-executor162 Not tainted 6.9.0-rc6-syzkaller-00113-g49a73b1652c5 #0
[   74.404007][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   74.414238][    C1] Call Trace:
[   74.417527][    C1]  <IRQ>
[   74.420367][    C1]  dump_stack_lvl+0x241/0x360
[   74.425049][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.430248][    C1]  ? __pfx__printk+0x10/0x10
[   74.434840][    C1]  ? rcu_is_watching+0x15/0xb0
[   74.439605][    C1]  ? vscnprintf+0x5d/0x90
[   74.443928][    C1]  panic+0x349/0x860
[   74.447823][    C1]  ? __pfx_lock_release+0x10/0x10
[   74.452865][    C1]  ? check_panic_on_warn+0x21/0xb0
[   74.457989][    C1]  ? __pfx_panic+0x10/0x10
[   74.462407][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[   74.467622][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   74.473518][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   74.479861][    C1]  check_panic_on_warn+0x86/0xb0
[   74.484801][    C1]  ? profile_pc+0xd2/0x170
[   74.489225][    C1]  end_report+0x77/0x160
[   74.493479][    C1]  kasan_report+0x154/0x180
[   74.498510][    C1]  ? profile_pc+0xd2/0x170
[   74.502949][    C1]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[   74.508884][    C1]  profile_pc+0xd2/0x170
[   74.513148][    C1]  profile_tick+0xd7/0x150
[   74.517593][    C1]  tick_nohz_handler+0x386/0x500
[   74.522535][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[   74.527998][    C1]  __hrtimer_run_queues+0x55b/0xd50
[   74.533201][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[   74.538936][    C1]  ? ktime_get_update_offsets_now+0x411/0x430
[   74.545001][    C1]  hrtimer_interrupt+0x396/0x990
[   74.549949][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[   74.555931][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[   74.561585][    C1]  </IRQ>
[   74.564511][    C1]  <TASK>
[   74.567437][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   74.573419][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[   74.579922][    C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ee 8f 6f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> d3 8c da f5 65 8b 05 34 a8 78 74 85 c0 74 43 48 c7 04 24 0e 36
[   74.599518][    C1] RSP: 0018:ffffc900036bf880 EFLAGS: 00000206
[   74.605582][    C1] RAX: 7c801f6a8be4c700 RBX: 1ffff920006d7f14 RCX: ffffffff8172ffba
[   74.613554][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcab8a0 RDI: 0000000000000001
[   74.621608][    C1] RBP: ffffc900036bf910 R08: ffffffff92f355cf R09: 1ffffffff25e6ab9
[   74.629576][    C1] R10: dffffc0000000000 R11: fffffbfff25e6aba R12: dffffc0000000000
[   74.637541][    C1] R13: 1ffff920006d7f10 R14: ffffc900036bf8a0 R15: 0000000000000246
[   74.645521][    C1]  ? mark_lock+0x9a/0x350
[   74.649861][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   74.656191][    C1]  ? _find_next_zero_bit+0x105/0x140
[   74.661493][    C1]  ? _find_first_zero_bit+0xd4/0x100
[   74.666866][    C1]  ida_alloc_range+0x821/0xa80
[   74.671649][    C1]  ? __pfx_ida_alloc_range+0x10/0x10
[   74.676943][    C1]  ? __proc_create+0x6d8/0xa50
[   74.681713][    C1]  proc_register+0x3f/0x4f0
[   74.686218][    C1]  ? __pfx_profile_online_cpu+0x10/0x10
[   74.691770][    C1]  proc_create+0x230/0x2c0
[   74.696193][    C1]  ? __pfx_proc_create+0x10/0x10
[   74.701135][    C1]  ? __pfx_profile_online_cpu+0x10/0x10
[   74.706682][    C1]  ? cpus_read_unlock+0xa6/0x140
[   74.711615][    C1]  ? __cpuhp_setup_state+0x46/0x60
[   74.716742][    C1]  ? __pfx_sysfs_kf_write+0x10/0x10
[   74.721943][    C1]  create_proc_profile+0xba/0x120
[   74.726970][    C1]  profiling_store+0x81/0xc0
[   74.731561][    C1]  kernfs_fop_write_iter+0x3a1/0x500
[   74.736848][    C1]  vfs_write+0xa84/0xcb0
[   74.741097][    C1]  ? kasan_quarantine_put+0xdc/0x230
[   74.746383][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[   74.751597][    C1]  ? __pfx_vfs_write+0x10/0x10
[   74.756372][    C1]  ? __fdget_pos+0x272/0x320
[   74.760970][    C1]  ksys_write+0x1a0/0x2c0
[   74.765307][    C1]  ? __pfx_ksys_write+0x10/0x10
[   74.770159][    C1]  ? do_syscall_64+0x102/0x240
[   74.774943][    C1]  ? do_syscall_64+0xb6/0x240
[   74.779625][    C1]  do_syscall_64+0xf5/0x240
[   74.784129][    C1]  ? clear_bhb_loop+0x35/0x90
[   74.788806][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.794706][    C1] RIP: 0033:0x7fb250b7e379
[   74.799119][    C1] Code: d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   74.818725][    C1] RSP: 002b:00007ffce2b0a3d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   74.827138][    C1] RAX: ffffffffffffffda RBX: 00007ffce2b0a4f0 RCX: 00007fb250b7e379
[   74.835125][    C1] RDX: 0000000000000015 RSI: 0000000020000280 RDI: 0000000000000003
[   74.843112][    C1] RBP: 00007ffce2b0a4f0 R08: 00007ffce2b0a164 R09: 0000000000000000
[   74.851085][    C1] R10: 0000000000000014 R11: 0000000000000246 R12: 00007ffce2b0a4f8
[   74.859067][    C1] R13: 000000000000000c R14: 0000000000000003 R15: 0000000000000004
[   74.867068][    C1]  </TASK>
[   74.870495][    C1] Kernel Offset: disabled
[   74.874841][    C1] Rebooting in 86400 seconds..