INFO: task syz-executor.1:4245 can't die for more than 143 seconds.
task:syz-executor.1  state:R  running task     stack:24952 pid: 4245 ppid:  3636 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4986 [inline]
 __schedule+0xab2/0x4d90 kernel/sched/core.c:6296
 preempt_schedule_irq+0x4e/0x90 kernel/sched/core.c:6711
 irqentry_exit+0x31/0x80 kernel/entry/common.c:425
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:lock_acquire+0x1ef/0x510 kernel/locking/lockdep.c:5607
Code: 8a a5 7e 83 f8 01 0f 85 b4 02 00 00 9c 58 f6 c4 02 0f 85 9f 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
RSP: 0046:ffffffff8bb818a0 EFLAGS: 00000000
RAX: ffffffff8953ea14 RBX: 0000000000000001 RCX: 0000000000000010
RDX: 0000000000000246 RSI: ffffc90010ad7708 RDI: 0000000000000018
RBP: ffffffff8953f6e5 R08: f2323185097e4900 R09: 0000000000000018
==================================================================
BUG: KASAN: out-of-bounds in __show_regs.cold+0x1a1/0x481 arch/x86/kernel/process_64.c:87
Read of size 8 at addr ffffc90010ad76a0 by task khungtaskd/27

CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.16.0-rc4-next-20211210-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 print_address_description.constprop.0.cold+0xf/0x3ed mm/kasan/report.c:255
 __kasan_report mm/kasan/report.c:442 [inline]
 kasan_report.cold+0x83/0xdf mm/kasan/report.c:459
 __show_regs.cold+0x1a1/0x481 arch/x86/kernel/process_64.c:87
 show_trace_log_lvl+0x25b/0x2ba arch/x86/kernel/dumpstack.c:298
 sched_show_task kernel/sched/core.c:8570 [inline]
 sched_show_task+0x433/0x5b0 kernel/sched/core.c:8544
 check_killed_task kernel/hung_task.c:186 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:244 [inline]
 watchdog.cold+0x74/0x1de kernel/hung_task.c:413
 kthread+0x405/0x4f0 kernel/kthread.c:345
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>


Memory state around the buggy address:
 ffffc90010ad7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffffc90010ad7600: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f3 f3
>ffffc90010ad7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                  ^
 ffffc90010ad7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1
 ffffc90010ad7780: f1 f1 f1 04 f2 04 f3 f3 f3 00 00 00 00 00 00 00
==================================================================
----------------
Code disassembly (best guess):
   0:	8a a5 7e 83 f8 01    	mov    0x1f8837e(%rbp),%ah
   6:	0f 85 b4 02 00 00    	jne    0x2c0
   c:	9c                   	pushfq
   d:	58                   	pop    %rax
   e:	f6 c4 02             	test   $0x2,%ah
  11:	0f 85 9f 02 00 00    	jne    0x2b6
  17:	48 83 7c 24 08 00    	cmpq   $0x0,0x8(%rsp)
  1d:	74 01                	je     0x20
  1f:	fb                   	sti
  20:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  27:	fc ff df
* 2a:	48 01 c3             	add    %rax,%rbx <-- trapping instruction
  2d:	48 c7 03 00 00 00 00 	movq   $0x0,(%rbx)
  34:	48 c7 43 08 00 00 00 	movq   $0x0,0x8(%rbx)
  3b:	00
  3c:	48                   	rex.W
  3d:	8b                   	.byte 0x8b
  3e:	84                   	.byte 0x84
  3f:	24                   	.byte 0x24