BUG: unable to handle kernel paging request at ffffe8ff1fc00008
PGD 1cc14a067 P4D 1cc14a067 PUD 0 
Oops: 0000 [#1] SMP PTI
CPU: 0 PID: 26047 Comm: syz-executor4 Not tainted 4.18.0-rc5+ #28
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:do_slab_free mm/slub.c:2943 [inline]
RIP: 0010:slab_free mm/slub.c:2977 [inline]
RIP: 0010:kmem_cache_free+0x728/0x2c30 mm/slub.c:2992
Code: 00 00 48 83 7d a0 00 0f 85 ed fe ff ff 4c 8b 3b 49 89 dc 48 89 df e8 47 7d 03 00 48 8b 18 44 8b 32 48 85 db 0f 85 dd fe ff ff <65> 49 8b 47 08 48 89 85 78 ff ff ff 48 85 db 0f 85 d5 fe ff ff 65 
RSP: 0018:ffff88021fc0fb70 EFLAGS: 00010246
RAX: ffff8801a733e000 RBX: 0000000000000000 RCX: ffff88012bb1a000
RDX: ffff88012bb1a000 RSI: aaaaaaaaaaaab000 RDI: ffffea000705e640
RBP: ffff88021fc0fcc8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000d00 R11: ffffffff815fb310 R12: ffff88012ba66000
R13: 0000000000000000 R14: 0000000000000000 R15: 000060fd00000000
FS:  0000000000eee940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffe8ff1fc00008 CR3: 00000000af8b2000 CR4: 00000000001406f0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 free_task_struct kernel/fork.c:162 [inline]
 free_task kernel/fork.c:390 [inline]
 __put_task_struct+0x676/0x900 kernel/fork.c:666
 put_task_struct include/linux/sched/task.h:96 [inline]
 delayed_put_task_struct+0x2c8/0x320 kernel/exit.c:181
 __rcu_reclaim kernel/rcu/rcu.h:178 [inline]
 rcu_do_batch kernel/rcu/tree.c:2558 [inline]
 invoke_rcu_callbacks kernel/rcu/tree.c:2818 [inline]
 __rcu_process_callbacks kernel/rcu/tree.c:2785 [inline]
 rcu_process_callbacks+0x13b0/0x1b30 kernel/rcu/tree.c:2802
 __do_softirq+0x55f/0x934 kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:369 [inline]
 irq_exit+0x22a/0x270 kernel/softirq.c:410
 exiting_irq+0xe/0x10 arch/x86/include/asm/apic.h:527
 smp_apic_timer_interrupt+0x64/0x90 arch/x86/kernel/apic/apic.c:1055
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:868
 </IRQ>
RIP: 0010:msan_get_shadow_origin_ptr+0x4a/0x300 mm/kmsan/kmsan_instr.c:256
Code: 48 89 45 d0 48 c7 c0 00 20 a1 8b 49 c7 c6 00 00 a1 8b 85 d2 4c 0f 45 f0 48 c7 c0 00 30 a1 8b 48 c7 c3 00 10 a1 8b 48 0f 45 d8 <80> 3c 25 00 f0 a0 8b 00 0f 84 08 02 00 00 65 4c 8b 2c 25 80 fc 02 
RSP: 0018:ffff8800a9edfcd0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
RAX: ffffffff8ba13000 RBX: ffffffff8ba13000 RCX: ffff88012a670000
RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8800a9edfe62
RBP: ffff8800a9edfd28 R08: ffffffff7fffff00 R09: ffff8800b801fe01
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
R13: 0000000000000000 R14: ffffffff8ba12000 R15: ffff8800a9edfe62
 __msan_metadata_ptr_for_store_1+0x13/0x20 mm/kmsan/kmsan_instr.c:347
 __hrtimer_init kernel/time/hrtimer.c:1288 [inline]
 hrtimer_init+0x45a/0x5f0 kernel/time/hrtimer.c:1309
 hrtimer_init_on_stack include/linux/hrtimer.h:378 [inline]
 hrtimer_nanosleep kernel/time/hrtimer.c:1741 [inline]
 __do_sys_nanosleep kernel/time/hrtimer.c:1777 [inline]
 __se_sys_nanosleep+0x388/0x740 kernel/time/hrtimer.c:1764
 __x64_sys_nanosleep+0x92/0xc0 kernel/time/hrtimer.c:1764
 do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x63/0xe7
RIP: 0033:0x4811e1
Code: 75 14 b8 23 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 02 f9 ff c3 48 83 ec 08 e8 6a 74 fd ff 48 89 04 24 b8 23 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 74 fd ff 48 89 d0 48 83 c4 08 48 3d 01 
RSP: 002b:0000000000a3e940 EFLAGS: 00000293 ORIG_RAX: 0000000000000023
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004811e1
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a3e950
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000a3e930 R11: 0000000000000293 R12: 0000000000083d35
R13: 0000000000000002 R14: 000000000072bea0 R15: 0000000000000001
Modules linked in:
Dumping ftrace buffer:
   (ftrace buffer empty)
CR2: ffffe8ff1fc00008
---[ end trace 378f65d005a02b96 ]---
BUG: unable to handle kernel paging request at ffffe8ff1fd00008
PGD 1cc14a067 
RIP: 0010:do_slab_free mm/slub.c:2943 [inline]
RIP: 0010:slab_free mm/slub.c:2977 [inline]
RIP: 0010:kmem_cache_free+0x728/0x2c30 mm/slub.c:2992
P4D 1cc14a067 
Code: 
PUD 0 
00 
00 
Oops: 0000 [#2] SMP PTI
48 83 
CPU: 1 PID: 4605 Comm: syz-executor0 Tainted: G      D           4.18.0-rc5+ #28
7d a0 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
00 0f 
RIP: 0010:slab_alloc_node mm/slub.c:2661 [inline]
RIP: 0010:kmem_cache_alloc_node+0x2e9/0xcb0 mm/slub.c:2762
85 ed 
Code: 
fe 
ff 
ff ff 
48 89 
4c 8b 
55 a0 
3b 49 
48 
89 dc 
83 7d 
48 89 
b8 
df e8 
00 
47 
0f 
7d 03 
85 e3 
00 48 
01 
8b 
00 00 
18 44 
4c 8b 
8b 32 
3a 
48 85 
48 
db 0f 
89 d7 
85 dd 
e8 46 
fe ff 
9b 03 
ff <65> 
00 48 
49 8b 
8b 18 
47 08 
44 8b 
48 
32 48 
89 85 
85 
78 ff 
db 0f 
ff ff 
85 da 
48 85 
01 00 
db 
00 
0f 
<65> 49 
85 d5 
8b 47 
fe ff 
08 48 
ff 65 
89 85 
50 ff 
RSP: 0018:ffff88021fc0fb70 EFLAGS: 00010246
ff ff 
48 
RAX: ffff8801a733e000 RBX: 0000000000000000 RCX: ffff88012bb1a000
85 
RDX: ffff88012bb1a000 RSI: aaaaaaaaaaaab000 RDI: ffffea000705e640
RBP: ffff88021fc0fcc8 R08: 0000000000000001 R09: 0000000000000000
db 0f 
R10: 0000000000000d00 R11: ffffffff815fb310 R12: ffff88012ba66000
85 d2 
R13: 0000000000000000 R14: 0000000000000000 R15: 000060fd00000000
FS:  0000000000eee940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
01 00 
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
00 
CR2: ffffe8ff1fc00008 CR3: 00000000af8b2000 CR4: 00000000001406f0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
65 
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
RSP: 0018:ffff8801412afa18 EFLAGS: 00010246