Oops: general protection fault, probably for non-canonical address 0xfffd1bfff8c3b100: 0000 [#1] SMP KASAN NOPTI
KASAN: maybe wild-memory-access in range [0xffe8ffffc61d8800-0xffe8ffffc61d8807]
CPU: 0 UID: 0 PID: 8568 Comm: kworker/0:5 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: rcu_gp srcu_invoke_callbacks
RIP: 0010:rcu_cblist_dequeue+0x5d/0xc0 kernel/rcu/rcu_segcblist.c:75
Code: 33 4d 85 f6 74 69 4c 8d 7b 10 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 8d fa 7a 00 49 ff 0f 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 74 fa 7a 00 4d 8b 3e 43 80 7c 25
RSP: 0018:ffffc90003257950 EFLAGS: 00010216
RAX: 1ffd1ffff8c3b100 RBX: ffffc900032579e0 RCX: 0000000000000000
RDX: 0000000000000006 RSI: ffffffff8d982071 RDI: ffffc900032579e0
RBP: ffffc90003257a70 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e
R10: dffffc0000000000 R11: fffffbfff1f4209f R12: dffffc0000000000
R13: 1ffff9200064af3c R14: ffe8ffffc61d8800 R15: ffffc900032579f0
FS:  0000000000000000(0000) GS:ffff888125c50000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000f5dfe4 CR3: 0000000054377000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 srcu_invoke_callbacks+0x1ed/0x450 kernel/rcu/srcutree.c:1800
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:rcu_cblist_dequeue+0x5d/0xc0 kernel/rcu/rcu_segcblist.c:75
Code: 33 4d 85 f6 74 69 4c 8d 7b 10 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 8d fa 7a 00 49 ff 0f 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 74 fa 7a 00 4d 8b 3e 43 80 7c 25
RSP: 0018:ffffc90003257950 EFLAGS: 00010216
RAX: 1ffd1ffff8c3b100 RBX: ffffc900032579e0 RCX: 0000000000000000
RDX: 0000000000000006 RSI: ffffffff8d982071 RDI: ffffc900032579e0
RBP: ffffc90003257a70 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e
R10: dffffc0000000000 R11: fffffbfff1f4209f R12: dffffc0000000000
R13: 1ffff9200064af3c R14: ffe8ffffc61d8800 R15: ffffc900032579f0
FS:  0000000000000000(0000) GS:ffff888125c50000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1b832d9e9c CR3: 0000000086a7b000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
   0:	33 4d 85             	xor    -0x7b(%rbp),%ecx
   3:	f6 74 69 4c          	divb   0x4c(%rcx,%rbp,2)
   7:	8d 7b 10             	lea    0x10(%rbx),%edi
   a:	4c 89 f8             	mov    %r15,%rax
   d:	48 c1 e8 03          	shr    $0x3,%rax
  11:	42 80 3c 20 00       	cmpb   $0x0,(%rax,%r12,1)
  16:	74 08                	je     0x20
  18:	4c 89 ff             	mov    %r15,%rdi
  1b:	e8 8d fa 7a 00       	call   0x7afaad
  20:	49 ff 0f             	decq   (%r15)
  23:	4c 89 f0             	mov    %r14,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	42 80 3c 20 00       	cmpb   $0x0,(%rax,%r12,1) <-- trapping instruction
  2f:	74 08                	je     0x39
  31:	4c 89 f7             	mov    %r14,%rdi
  34:	e8 74 fa 7a 00       	call   0x7afaad
  39:	4d 8b 3e             	mov    (%r14),%r15
  3c:	43                   	rex.XB
  3d:	80                   	.byte 0x80
  3e:	7c 25                	jl     0x65