------------[ cut here ]------------ WARNING: CPU: 2 PID: 11953 at include/linux/cpumask.h:144 cpu_max_bits_warn include/linux/cpumask.h:144 [inline] WARNING: CPU: 2 PID: 11953 at include/linux/cpumask.h:144 cpumask_check include/linux/cpumask.h:151 [inline] WARNING: CPU: 2 PID: 11953 at include/linux/cpumask.h:144 cpumask_clear_cpu include/linux/cpumask.h:528 [inline] WARNING: CPU: 2 PID: 11953 at include/linux/cpumask.h:144 __mm_cid_put kernel/sched/sched.h:3256 [inline] WARNING: CPU: 2 PID: 11953 at include/linux/cpumask.h:144 sched_mm_cid_remote_clear+0x374/0x4f0 kernel/sched/core.c:11874 Modules linked in: CPU: 2 PID: 11953 Comm: syz-executor.2 Not tainted 6.9.0-syzkaller-09699-geb6a9339efeb #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 RIP: 0010:cpu_max_bits_warn include/linux/cpumask.h:144 [inline] RIP: 0010:cpumask_check include/linux/cpumask.h:151 [inline] RIP: 0010:cpumask_clear_cpu include/linux/cpumask.h:528 [inline] RIP: 0010:__mm_cid_put kernel/sched/sched.h:3256 [inline] RIP: 0010:sched_mm_cid_remote_clear+0x374/0x4f0 kernel/sched/core.c:11874 Code: 00 e9 48 fe ff ff 4d 85 ed 89 44 24 48 0f 84 52 ff ff ff e8 9e d2 36 00 9c 58 f6 c4 02 0f 85 41 01 00 00 fb e9 47 ff ff ff 90 <0f> 0b 90 e9 0b ff ff ff e8 5f 01 16 00 84 c0 0f 85 d6 fd ff ff e8 RSP: 0018:ffffc9000306fcf8 EFLAGS: 00010002 RAX: 000000000000002d RBX: ffffe8ffad03f2a8 RCX: ffffffff815efa28 RDX: 00000000ffffffff RSI: 0000000000000004 RDI: ffffc9000306fd40 RBP: ffff8880119a2548 R08: 0000000000000001 R09: fffff5200060dfa8 R10: 0000000000000003 R11: 0000000000000000 R12: 1ffff9200060dfa0 R13: 0000000000000200 R14: ffffc9000306fd40 R15: ffff88802c03ec00 FS: 0000000000000000(0000) GS:ffff88802c200000(0063) knlGS:000000005744d400 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 0000000032c36000 CR3: 000000005edda000 CR4: 0000000000350ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: sched_mm_cid_remote_clear_old kernel/sched/core.c:11907 [inline] task_mm_cid_work+0x39a/0x920 kernel/sched/core.c:11957 task_work_run+0x14e/0x250 kernel/task_work.c:180 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] irqentry_exit_to_user_mode+0x259/0x280 kernel/entry/common.c:231 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0023:0xf731ac6c Code: 24 14 8d 74 26 00 8b 45 08 8b 4d 0c 83 c5 08 89 ce 39 d0 19 fe 72 ef 89 44 24 0c 8b 44 24 10 89 4c 24 10 8b 74 24 14 83 e8 08 <89> f9 39 f2 19 d9 73 15 8d 74 26 00 8b 70 f8 8b 58 fc 83 e8 08 89 RSP: 002b:00000000ffc98d10 EFLAGS: 00000282 RAX: 00000000f6e61ad0 RBX: 00000000ffffffff RCX: 0000000000000000 RDX: 00000000813c8777 RSI: 00000000813c8332 RDI: 00000000ffffffff RBP: 00000000f6e1a910 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 ---------------- Code disassembly (best guess): 0: 24 14 and $0x14,%al 2: 8d 74 26 00 lea 0x0(%rsi,%riz,1),%esi 6: 8b 45 08 mov 0x8(%rbp),%eax 9: 8b 4d 0c mov 0xc(%rbp),%ecx c: 83 c5 08 add $0x8,%ebp f: 89 ce mov %ecx,%esi 11: 39 d0 cmp %edx,%eax 13: 19 fe sbb %edi,%esi 15: 72 ef jb 0x6 17: 89 44 24 0c mov %eax,0xc(%rsp) 1b: 8b 44 24 10 mov 0x10(%rsp),%eax 1f: 89 4c 24 10 mov %ecx,0x10(%rsp) 23: 8b 74 24 14 mov 0x14(%rsp),%esi 27: 83 e8 08 sub $0x8,%eax * 2a: 89 f9 mov %edi,%ecx <-- trapping instruction 2c: 39 f2 cmp %esi,%edx 2e: 19 d9 sbb %ebx,%ecx 30: 73 15 jae 0x47 32: 8d 74 26 00 lea 0x0(%rsi,%riz,1),%esi 36: 8b 70 f8 mov -0x8(%rax),%esi 39: 8b 58 fc mov -0x4(%rax),%ebx 3c: 83 e8 08 sub $0x8,%eax 3f: 89 .byte 0x89