Warning: Permanently added '10.128.1.184' (ED25519) to the list of known hosts.
executing program
[   85.345761][ T5036] syz-executor331[5036]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   85.405074][ T5036] loop0: detected capacity change from 0 to 8192
[   85.414830][ T5036] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   85.427859][ T5036] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   85.437387][ T5036] REISERFS (device loop0): using ordered data mode
[   85.444014][ T5036] reiserfs: using flush barriers
[   85.456074][ T5036] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   85.473049][ T5036] REISERFS (device loop0): checking transaction log (loop0)
[   85.481927][ T5036] REISERFS (device loop0): Using r5 hash to sort names
[   85.492904][ T5036] reiserfs: enabling write barrier flush mode
[   85.506822][ T4494] BUG: unable to handle page fault for address: 00000076000400c8
[   85.510911][    C1] ==================================================================
[   85.514667][ T4494] #PF: supervisor read access in kernel mode
[   85.522772][    C1] BUG: KASAN: out-of-bounds in tick_sched_handle+0x15d/0x170
[   85.528912][ T4494] #PF: error_code(0x0000) - not-present page
[   85.536285][    C1] Read of size 8 at addr ffffc900039befc0 by task syz-executor331/5036
[   85.542331][ T4494] PGD 0 P4D 0 
[   85.542362][ T4494] Oops: 0000 [#1] PREEMPT SMP KASAN
[   85.550616][    C1] 
[   85.550630][    C1] CPU: 1 PID: 5036 Comm: syz-executor331 Not tainted 6.5.0-next-20230831-syzkaller #0
[   85.553988][ T4494] CPU: 0 PID: 4494 Comm: udevd Not tainted 6.5.0-next-20230831-syzkaller #0
[   85.559175][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   85.561495][ T4494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   85.571033][    C1] Call Trace:
[   85.579804][ T4494] RIP: 0010:kmem_cache_alloc_bulk+0x16a/0x7c0
[   85.589868][    C1]  <IRQ>
[   85.599912][ T4494] Code: 00 0f 85 1b 05 00 00 45 31 d2 4c 89 3c 24 65 48 8b 0c 25 c0 bc 03 00 4d 89 d7 48 89 4d 28 31 ed 48 89 4c 24 18 eb 2d 8b 43 28 <48> 8b 04 07 49 89 04 24 49 89 3b 0f 1f 44 00 00 4c 8b 1c 24 41 81
[   85.603199][    C1]  dump_stack_lvl+0xd9/0x1b0
[   85.609256][ T4494] RSP: 0018:ffffc900031af878 EFLAGS: 00010006
[   85.612123][    C1]  print_report+0xc4/0x620
[   85.631716][ T4494] 
[   85.631726][ T4494] RAX: 0000000000000080 RBX: ffff88801364d000 RCX: ffff88807d56bb80
[   85.636311][    C1]  ? __virt_addr_valid+0x5e/0x2d0
[   85.642383][ T4494] RDX: 0000000000000000 RSI: ffffffff8ae925a0 RDI: 0000007600040048
[   85.646798][    C1]  kasan_report+0xda/0x110
[   85.649118][ T4494] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff1d9c40a
[   85.657087][    C1]  ? tick_sched_handle+0x15d/0x170
[   85.662100][ T4494] R10: 0000000000000000 R11: ffff888073edee10 R12: ffff8880b9841830
[   85.670095][    C1]  ? tick_sched_handle+0x15d/0x170
[   85.674503][ T4494] R13: 000000000000000e R14: ffff888073edee10 R15: 0000000000000000
[   85.682476][    C1]  ? tick_sched_do_timer+0x2e0/0x2e0
[   85.687607][ T4494] FS:  00007ff1acb30c80(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   85.695651][    C1]  tick_sched_handle+0x15d/0x170
[   85.700756][ T4494] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.708744][    C1]  tick_sched_timer+0xe9/0x110
[   85.714016][ T4494] CR2: 00000076000400c8 CR3: 00000000290ce000 CR4: 00000000003506f0
[   85.723023][    C1]  __hrtimer_run_queues+0x647/0xc10
[   85.727950][ T4494] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   85.734616][    C1]  ? enqueue_hrtimer+0x310/0x310
[   85.739371][ T4494] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   85.747332][    C1]  ? ktime_get_update_offsets_now+0x3bc/0x610
[   85.752517][ T4494] Call Trace:
[   85.752530][ T4494]  <TASK>
[   85.760513][    C1]  hrtimer_interrupt+0x31b/0x800
[   85.765432][ T4494]  ? show_regs+0x8f/0xa0
[   85.773408][    C1]  __sysvec_apic_timer_interrupt+0x105/0x3f0
[   85.779453][ T4494]  ? __die+0x2c/0x80
[   85.782821][    C1]  sysvec_apic_timer_interrupt+0x8e/0xc0
[   85.785749][ T4494]  ? page_fault_oops+0x398/0xad0
[   85.790674][    C1]  </IRQ>
[   85.794908][ T4494]  ? kasan_save_stack+0x43/0x50
[   85.800873][    C1]  <TASK>
[   85.800887][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   85.804861][ T4494]  ? dump_pagetable+0x530/0x530
[   85.810501][    C1] RIP: 0010:memmove+0x28/0x1b0
[   85.815498][ T4494]  ? kmem_cache_alloc+0x172/0x3b0
[   85.818430][    C1] Code: c3 90 f3 0f 1e fa 48 89 f8 48 39 fe 7d 0f 49 89 f0 49 01 d0 49 39 f8 0f 8f b5 00 00 00 48 83 fa 20 0f 82 01 01 00 00 48 89 d1 <f3> a4 c3 48 81 fa a8 02 00 00 72 05 40 38 fe 74 47 48 83 ea 20 48
[   85.823284][ T4494]  ? mas_alloc_nodes+0x182/0x830
[   85.826213][    C1] RSP: 0018:ffffc900039befe8 EFLAGS: 00010286
[   85.832180][ T4494]  ? mas_node_count_gfp+0x105/0x130
[   85.837109][    C1] 
[   85.837118][    C1] RAX: ffff8880738a0fb4 RBX: 0000000000000002 RCX: ffffffffff476b24
[   85.841866][ T4494]  ? mas_expected_entries+0x116/0x200
[   85.846878][    C1] RDX: ffffffffffffffe3 RSI: ffff88807442a463 RDI: ffff88807442a473
[   85.866475][ T4494]  ? dup_mmap+0x4f8/0x1d80
[   85.871406][    C1] RBP: 0000000000000020 R08: ffff8880738a0f87 R09: 0000766972705f73
[   85.877459][ T4494]  ? copy_process+0x6c11/0x7400
[   85.882737][    C1] R10: 667265736965722e R11: 0000766972705f73 R12: 0000000000000001
[   85.885076][ T4494]  ? kernel_clone+0xfd/0x930
[   85.893054][    C1] R13: 0000000000000003 R14: ffff8880738a0fa4 R15: 0000000000000010
[   85.898427][ T4494]  ? __do_sys_clone+0xba/0x100
[   85.906590][    C1]  leaf_paste_entries+0x43c/0x920
[   85.910988][ T4494]  ? do_syscall_64+0x38/0xb0
[   85.919229][    C1]  </TASK>
[   85.923799][ T4494]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.931854][    C1] 
[   85.931863][    C1] The buggy address belongs to stack of task syz-executor331/5036
[   85.936533][ T4494]  ? do_user_addr_fault+0x53d/0x1010
[   85.944493][    C1] 
[   85.944504][    C1] The buggy address belongs to the virtual mapping at
[   85.944504][    C1]  [ffffc900039b8000, ffffc900039c1000) created by:
[   85.944504][    C1]  kernel_clone+0xfd/0x930
[   85.949276][ T4494]  ? exc_page_fault+0x5c/0xd0
[   85.954330][    C1] 
[   85.954339][    C1] The buggy address belongs to the physical page:
[   85.958911][ T4494]  ? asm_exc_page_fault+0x26/0x30
[   85.961929][    C1] page:ffffea00005ed700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x17b5c
[   85.967987][ T4494]  ? kmem_cache_alloc_bulk+0x16a/0x7c0
[   85.970339][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.978234][ T4494]  ? kmem_cache_alloc_bulk+0x10d/0x7c0
[   85.983655][    C1] page_type: 0xffffffff()
[   85.985977][ T4494]  ? kmem_cache_alloc+0x34e/0x3b0
[   86.003415][    C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[   86.008072][ T4494]  mas_alloc_nodes+0x39c/0x830
[   86.010400][    C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   86.016796][ T4494]  mas_node_count_gfp+0x105/0x130
[   86.021803][    C1] page dumped because: kasan: bad access detected
[   86.031939][ T4494]  mas_expected_entries+0x116/0x200
[   86.037383][    C1] page_owner tracks the page as allocated
[   86.044479][ T4494]  dup_mmap+0x4f8/0x1d80
[   86.050005][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5033, tgid 5033 (sshd), ts 84997712827, free_ts 79594215173
[   86.054329][ T4494]  ? lock_release+0x4bf/0x680
[   86.059356][    C1]  post_alloc_hook+0x2cf/0x340
[   86.067929][ T4494]  ? debug_object_destroy+0x210/0x210
[   86.072769][    C1]  get_page_from_freelist+0xf17/0x2e50
[   86.081518][ T4494]  ? reacquire_held_locks+0x4b0/0x4b0
[   86.086552][    C1]  __alloc_pages+0x1d0/0x4a0
[   86.092995][ T4494]  ? replace_mm_exe_file+0x680/0x680
[   86.098179][    C1]  alloc_pages+0x1a9/0x270
[   86.103900][ T4494]  ? _raw_spin_unlock_irqrestore+0x3b/0x70
[   86.108151][    C1]  __vmalloc_node_range+0xa6e/0x1540
[   86.126977][ T4494]  ? mm_init+0xb2f/0xf60
[   86.131639][    C1]  copy_process+0x13f1/0x7400
[   86.136398][ T4494]  copy_process+0x6c11/0x7400
[   86.141754][    C1]  kernel_clone+0xfd/0x930
[   86.147323][ T4494]  ? lock_release+0x4bf/0x680
[   86.152710][    C1]  __do_sys_clone+0xba/0x100
[   86.157300][ T4494]  ? sk_setsockopt+0xd51/0x3a00
[   86.162571][    C1]  do_syscall_64+0x38/0xb0
[   86.167069][ T4494]  ? pidfd_prepare+0x80/0x80
[   86.172850][    C1]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.178123][ T4494]  ? sk_setsockopt+0xd51/0x3a00
[   86.182625][    C1] page last free stack trace:
[   86.187324][ T4494]  ? __local_bh_enable_ip+0xa4/0x120
[   86.192108][    C1]  free_unref_page_prepare+0x476/0xa40
[   86.196517][ T4494]  ? sk_setsockopt+0x409/0x3a00
[   86.201211][    C1]  free_unref_page+0x33/0x3b0
[   86.205916][ T4494]  ? sock_set_timestamping+0x8a0/0x8a0
[   86.210761][    C1]  __folio_put+0xc3/0x110
[   86.215198][ T4494]  ? preempt_count_sub+0x150/0x150
[   86.219864][    C1]  anon_pipe_buf_release+0x3fa/0x4b0
[   86.225768][ T4494]  ? reacquire_held_locks+0x4b0/0x4b0
[   86.230702][    C1]  pipe_read+0x635/0x1270
[   86.235388][ T4494]  ? lock_release+0x4bf/0x680
[   86.240760][    C1]  vfs_read+0x7ef/0x930
[   86.246219][ T4494]  kernel_clone+0xfd/0x930
[   86.251057][    C1]  ksys_read+0x1f0/0x250
[   86.255739][ T4494]  ? create_io_thread+0xe0/0xe0
[   86.261744][    C1]  do_syscall_64+0x38/0xb0
[   86.266108][ T4494]  ? rcu_is_watching+0x12/0xb0
[   86.271302][    C1]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.276687][ T4494]  ? kfree+0x108/0x140
[   86.282105][    C1] 
[   86.282114][    C1] Memory state around the buggy address:
[   86.286430][ T4494]  __do_sys_clone+0xba/0x100
[   86.291197][    C1]  ffffc900039bee80: 48 00 04 00 76 00 00 00 01 00 00 00 02 00 00 00
[   86.295363][ T4494]  ? kernel_clone+0x930/0x930
[   86.299872][    C1]  ffffc900039bef00: 48 00 04 00 76 00 00 00 01 00 00 00 02 00 00 00
[   86.304122][ T4494]  ? rcu_is_watching+0x12/0xb0
[   86.308962][    C1] >ffffc900039bef80: 48 00 04 00 76 00 00 00 01 00 00 00 02 00 00 00
[   86.313368][ T4494]  ? trace_irq_enable.constprop.0+0xd0/0x100
[   86.318120][    C1]                                            ^
[   86.324034][ T4494]  do_syscall_64+0x38/0xb0
[   86.328102][    C1]  ffffc900039bf000: 48 00 04 00 76 00 00 00 01 00 00 00 02 00 00 00
[   86.330421][ T4494]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.336072][    C1]  ffffc900039bf080: 48 00 04 00 76 00 00 00 01 00 00 00 02 00 00 00
[   86.340677][ T4494] RIP: 0033:0x7ff1ac6fca12
[   86.348756][    C1] ==================================================================
[   86.348774][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   86.353439][ T4494] Code: 41 5d 41 5e 41 5f c3 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 10 48 8b 15 e7 43 0f 00 f7 d8 64 89 02 48 83
[   86.353468][ T4494] RSP: 002b:00007fffc6413228 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   86.353493][ T4494] RAX: ffffffffffffffda RBX: 0000562ccc95ee01 RCX: 00007ff1ac6fca12
[   86.353511][ T4494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[   86.353526][ T4494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000562ccc94b910
[   86.353542][ T4494] R10: 00007ff1acb30f50 R11: 0000000000000246 R12: 0000562ccc973450
[   86.353559][ T4494] R13: 0000000000000000 R14: 0000000000000000 R15: 0000562ccc94b910
[   86.353587][ T4494]  </TASK>
[   86.353594][ T4494] Modules linked in:
[   86.353605][ T4494] CR2: 00000076000400c8
[   86.353615][ T4494] ---[ end trace 0000000000000000 ]---
[   86.353624][ T4494] RIP: 0010:kmem_cache_alloc_bulk+0x16a/0x7c0
[   86.353673][ T4494] Code: 00 0f 85 1b 05 00 00 45 31 d2 4c 89 3c 24 65 48 8b 0c 25 c0 bc 03 00 4d 89 d7 48 89 4d 28 31 ed 48 89 4c 24 18 eb 2d 8b 43 28 <48> 8b 04 07 49 89 04 24 49 89 3b 0f 1f 44 00 00 4c 8b 1c 24 41 81
[   86.353697][ T4494] RSP: 0018:ffffc900031af878 EFLAGS: 00010006
[   86.353717][ T4494] RAX: 0000000000000080 RBX: ffff88801364d000 RCX: ffff88807d56bb80
[   86.353735][ T4494] RDX: 0000000000000000 RSI: ffffffff8ae925a0 RDI: 0000007600040048
[   86.353752][ T4494] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff1d9c40a
[   86.353768][ T4494] R10: 0000000000000000 R11: ffff888073edee10 R12: ffff8880b9841830
[   86.353786][ T4494] R13: 000000000000000e R14: ffff888073edee10 R15: 0000000000000000
[   86.353803][ T4494] FS:  00007ff1acb30c80(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   86.353831][ T4494] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.353850][ T4494] CR2: 00000076000400c8 CR3: 00000000290ce000 CR4: 00000000003506f0
[   86.353867][ T4494] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   86.353882][ T4494] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   87.477941][    C1] Shutting down cpus with NMI
[   87.769422][    C1] Kernel Offset: disabled
[   87.773791][    C1] Rebooting in 86400 seconds..