Oops: general protection fault, probably for non-canonical address 0xfd1ffbf8ed0e0000: 0000 [#1] SMP KASAN NOPTI
KASAN: maybe wild-memory-access in range [0xe8ffffc768700000-0xe8ffffc768700007]
CPU: 0 UID: 0 PID: 5917 Comm: kworker/0:4 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: rcu_gp srcu_invoke_callbacks
RIP: 0010:rcu_cblist_dequeue+0x5d/0xc0 kernel/rcu/rcu_segcblist.c:75
Code: 33 4d 85 f6 74 69 4c 8d 7b 10 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 4d f3 7a 00 49 ff 0f 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 34 f3 7a 00 4d 8b 3e 43 80 7c 25
RSP: 0018:ffffc900042ef950 EFLAGS: 00010216
RAX: 1d1ffff8ed0e0000 RBX: ffffc900042ef9e0 RCX: 0000000000000000
RDX: 0000000000000006 RSI: ffffffff8d9823c9 RDI: ffffc900042ef9e0
RBP: ffffc900042efa70 R08: ffffffff8fa10df7 R09: 1ffffffff1f421be
R10: dffffc0000000000 R11: fffffbfff1f421bf R12: dffffc0000000000
R13: 1ffff9200085df3c R14: e8ffffc768700000 R15: ffffc900042ef9f0
FS:  0000000000000000(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6cdb999000 CR3: 0000000055983000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 srcu_invoke_callbacks+0x1ed/0x450 kernel/rcu/srcutree.c:1800
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:rcu_cblist_dequeue+0x5d/0xc0 kernel/rcu/rcu_segcblist.c:75
Code: 33 4d 85 f6 74 69 4c 8d 7b 10 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 4d f3 7a 00 49 ff 0f 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 34 f3 7a 00 4d 8b 3e 43 80 7c 25
RSP: 0018:ffffc900042ef950 EFLAGS: 00010216
RAX: 1d1ffff8ed0e0000 RBX: ffffc900042ef9e0 RCX: 0000000000000000
RDX: 0000000000000006 RSI: ffffffff8d9823c9 RDI: ffffc900042ef9e0
RBP: ffffc900042efa70 R08: ffffffff8fa10df7 R09: 1ffffffff1f421be
R10: dffffc0000000000 R11: fffffbfff1f421bf R12: dffffc0000000000
R13: 1ffff9200085df3c R14: e8ffffc768700000 R15: ffffc900042ef9f0
FS:  0000000000000000(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6cdb990000 CR3: 0000000077650000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
   0:	33 4d 85             	xor    -0x7b(%rbp),%ecx
   3:	f6 74 69 4c          	divb   0x4c(%rcx,%rbp,2)
   7:	8d 7b 10             	lea    0x10(%rbx),%edi
   a:	4c 89 f8             	mov    %r15,%rax
   d:	48 c1 e8 03          	shr    $0x3,%rax
  11:	42 80 3c 20 00       	cmpb   $0x0,(%rax,%r12,1)
  16:	74 08                	je     0x20
  18:	4c 89 ff             	mov    %r15,%rdi
  1b:	e8 4d f3 7a 00       	call   0x7af36d
  20:	49 ff 0f             	decq   (%r15)
  23:	4c 89 f0             	mov    %r14,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	42 80 3c 20 00       	cmpb   $0x0,(%rax,%r12,1) <-- trapping instruction
  2f:	74 08                	je     0x39
  31:	4c 89 f7             	mov    %r14,%rdi
  34:	e8 34 f3 7a 00       	call   0x7af36d
  39:	4d 8b 3e             	mov    (%r14),%r15
  3c:	43                   	rex.XB
  3d:	80                   	.byte 0x80
  3e:	7c 25                	jl     0x65