BUG: unable to handle page fault for address: ffffffff9175c704 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD e73a067 P4D e73a067 PUD e73b063 PMD 14d9c9063 PTE 800fffffee8a3062 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 51 Comm: kworker/1:1 Not tainted 6.13.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 Workqueue: rcu_gp process_srcu RIP: 0010:debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline] RIP: 0010:do_raw_spin_lock+0x8b/0x370 kernel/locking/spinlock_debug.c:115 Code: f1 f1 f1 04 f3 f3 f3 48 89 f1 48 89 74 24 38 48 89 04 16 48 8d 5f 04 48 89 d8 48 c1 e8 03 0f b6 04 10 84 c0 0f 85 f6 01 00 00 <8b> 03 3d ad 4e ad de 0f 85 62 01 00 00 4d 8d 6c 24 10 4c 89 e8 48 RSP: 0018:ffffc90000bb77a0 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffffffff9175c704 RCX: 1ffff92000176efc RDX: dffffc0000000000 RSI: 1ffff92000176efc RDI: ffffffff9175c700 RBP: ffffc90000bb7870 R08: ffffffff90184ef7 R09: 1ffffffff20309de R10: dffffc0000000000 R11: fffffbfff20309df R12: ffffffff9175c700 R13: 1ffff92000176f10 R14: ffffffff9175c700 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffff9175c704 CR3: 00000000684e8000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline] _raw_spin_lock_irqsave+0xe1/0x120 kernel/locking/spinlock.c:162 lock_timer_base+0x112/0x240 kernel/time/timer.c:1050 __mod_timer+0x1ca/0xeb0 kernel/time/timer.c:1131 srcu_queue_delayed_work_on kernel/rcu/srcutree.c:834 [inline] srcu_schedule_cbs_sdp kernel/rcu/srcutree.c:843 [inline] srcu_gp_end kernel/rcu/srcutree.c:910 [inline] srcu_advance_state kernel/rcu/srcutree.c:1747 [inline] process_srcu+0x542/0x12e0 kernel/rcu/srcutree.c:1851 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Modules linked in: CR2: ffffffff9175c704 ---[ end trace 0000000000000000 ]--- RIP: 0010:debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline] RIP: 0010:do_raw_spin_lock+0x8b/0x370 kernel/locking/spinlock_debug.c:115 Code: f1 f1 f1 04 f3 f3 f3 48 89 f1 48 89 74 24 38 48 89 04 16 48 8d 5f 04 48 89 d8 48 c1 e8 03 0f b6 04 10 84 c0 0f 85 f6 01 00 00 <8b> 03 3d ad 4e ad de 0f 85 62 01 00 00 4d 8d 6c 24 10 4c 89 e8 48 RSP: 0018:ffffc90000bb77a0 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffffffff9175c704 RCX: 1ffff92000176efc RDX: dffffc0000000000 RSI: 1ffff92000176efc RDI: ffffffff9175c700 RBP: ffffc90000bb7870 R08: ffffffff90184ef7 R09: 1ffffffff20309de R10: dffffc0000000000 R11: fffffbfff20309df R12: ffffffff9175c700 R13: 1ffff92000176f10 R14: ffffffff9175c700 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffff9175c704 CR3: 00000000684e8000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: f1 int1 1: f1 int1 2: f1 int1 3: 04 f3 add $0xf3,%al 5: f3 f3 48 89 f1 repz repz mov %rsi,%rcx a: 48 89 74 24 38 mov %rsi,0x38(%rsp) f: 48 89 04 16 mov %rax,(%rsi,%rdx,1) 13: 48 8d 5f 04 lea 0x4(%rdi),%rbx 17: 48 89 d8 mov %rbx,%rax 1a: 48 c1 e8 03 shr $0x3,%rax 1e: 0f b6 04 10 movzbl (%rax,%rdx,1),%eax 22: 84 c0 test %al,%al 24: 0f 85 f6 01 00 00 jne 0x220 * 2a: 8b 03 mov (%rbx),%eax <-- trapping instruction 2c: 3d ad 4e ad de cmp $0xdead4ead,%eax 31: 0f 85 62 01 00 00 jne 0x199 37: 4d 8d 6c 24 10 lea 0x10(%r12),%r13 3c: 4c 89 e8 mov %r13,%rax 3f: 48 rex.W