R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007f8d779e6038 R14: 00007f8d779e5fa0 R15: 00007ffda95ebf28
 </TASK>
CFI failure at __traceiter_sched_switch+0x9b/0xd0 include/trace/events/sched.h:222 (target: tp_stub_func+0x0/0x10; expected type: 0xee1f7a69)
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 7004 Comm: syz.9.1584 Tainted: G        W          syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
RIP: 0010:__traceiter_sched_switch+0x9b/0xd0 include/trace/events/sched.h:222
Code: 80 3c 30 00 74 05 e8 84 75 69 00 49 8b 7d 08 44 89 e6 48 8b 55 c8 48 8b 4d c0 44 8b 45 d4 41 ba 97 85 e0 11 45 03 57 fc 74 02 <0f> 0b 41 ff d7 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74
RSP: 0000:ffffc90001907a50 EFLAGS: 00010096
RAX: 1ffff11023dd0386 RBX: ffff88811ee81c28 RCX: ffff888144018000
RDX: ffff88810df20000 RSI: 0000000000000001 RDI: ffffc9000237f000
RBP: ffffc90001907a90 R08: 0000000000000000 R09: fffffbfff0ee4dde
R10: 00000000b720eca3 R11: 1ffffffff0ee4ddd R12: 0000000000000001
R13: ffff88811ee81c28 R14: dffffc0000000000 R15: ffffffff81713a70
FS:  00007f8d785846c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f8d78581e50 CR3: 000000012bb51000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000009900 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 trace_sched_switch include/trace/events/sched.h:222 [inline]
 __schedule+0x1263/0x14e0 kernel/sched/core.c:6747
 preempt_schedule_irq+0x9b/0x110 kernel/sched/core.c:7062
 raw_irqentry_exit_cond_resched+0x29/0x30 kernel/entry/common.c:396
 irqentry_exit+0x37/0x40 kernel/entry/common.c:439
 sysvec_apic_timer_interrupt+0x64/0xc0 arch/x86/kernel/apic/apic.c:1118
 asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:691
RIP: 0010:vma_start_read include/linux/mm.h:652 [inline]
RIP: 0010:lock_vma_under_rcu+0xf2/0x4d0 mm/memory.c:5612
Code: ff e8 52 77 37 03 48 85 c0 0f 84 f2 02 00 00 49 89 c7 4c 89 64 24 30 4d 8d 6f 28 4c 89 6c 24 20 49 c1 ed 03 43 0f b6 44 35 00 <84> c0 4c 89 f3 0f 85 34 02 00 00 45 8b 67 28 49 8d 47 10 49 89 c6
RSP: 0000:ffffc90001907d40 EFLAGS: 00000a02
RAX: 0000000000000000 RBX: ffff8881213c4500 RCX: ffff88810df20000
RDX: 0000000000000000 RSI: ffffffff876d68e0 RDI: ffff88812be4220c
RBP: ffffc90001907e50 R08: ffff88810df20000 R09: 0000000000000003
R10: 0000000000000009 R11: 0000000000000000 R12: 00007f8d78581e50
R13: 1ffff11029d0e570 R14: dffffc0000000000 R15: ffff88814e872b58
 do_user_addr_fault+0x2fc/0x1050 arch/x86/mm/fault.c:1315
 handle_page_fault arch/x86/mm/fault.c:1466 [inline]
 exc_page_fault+0x51/0xb0 arch/x86/mm/fault.c:1522
 asm_exc_page_fault+0x27/0x30 arch/x86/include/asm/idtentry.h:608
RIP: 0033:0x7f8d7773c4cb
Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
RSP: 002b:00007f8d78581e10 EFLAGS: 00010246
RAX: 00007f8d78583f30 RBX: 00007f8d779b7640 RCX: 0000000000000000
RDX: 00007f8d78583f78 RSI: 00007f8d777eedf8 RDI: 00007f8d78581e30
RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007f8d779e6038 R14: 00007f8d779e5fa0 R15: 00007ffda95ebf28
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__traceiter_sched_switch+0x9b/0xd0 include/trace/events/sched.h:222
Code: 80 3c 30 00 74 05 e8 84 75 69 00 49 8b 7d 08 44 89 e6 48 8b 55 c8 48 8b 4d c0 44 8b 45 d4 41 ba 97 85 e0 11 45 03 57 fc 74 02 <0f> 0b 41 ff d7 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74
RSP: 0000:ffffc90001907a50 EFLAGS: 00010096
RAX: 1ffff11023dd0386 RBX: ffff88811ee81c28 RCX: ffff888144018000
RDX: ffff88810df20000 RSI: 0000000000000001 RDI: ffffc9000237f000
RBP: ffffc90001907a90 R08: 0000000000000000 R09: fffffbfff0ee4dde
R10: 00000000b720eca3 R11: 1ffffffff0ee4ddd R12: 0000000000000001
R13: ffff88811ee81c28 R14: dffffc0000000000 R15: ffffffff81713a70
FS:  00007f8d785846c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f8d78581e50 CR3: 000000012bb51000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000009900 DR6: 00000000ffff0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	e8 52 77 37 03       	call   0x3377757
   5:	48 85 c0             	test   %rax,%rax
   8:	0f 84 f2 02 00 00    	je     0x300
   e:	49 89 c7             	mov    %rax,%r15
  11:	4c 89 64 24 30       	mov    %r12,0x30(%rsp)
  16:	4d 8d 6f 28          	lea    0x28(%r15),%r13
  1a:	4c 89 6c 24 20       	mov    %r13,0x20(%rsp)
  1f:	49 c1 ed 03          	shr    $0x3,%r13
  23:	43 0f b6 44 35 00    	movzbl 0x0(%r13,%r14,1),%eax
* 29:	84 c0                	test   %al,%al <-- trapping instruction
  2b:	4c 89 f3             	mov    %r14,%rbx
  2e:	0f 85 34 02 00 00    	jne    0x268
  34:	45 8b 67 28          	mov    0x28(%r15),%r12d
  38:	49 8d 47 10          	lea    0x10(%r15),%rax
  3c:	49 89 c6             	mov    %rax,%r14