./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4040526785

<...>
Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts.
execve("./syz-executor4040526785", ["./syz-executor4040526785"], 0x7ffded17da30 /* 10 vars */) = 0
brk(NULL)                               = 0x555556527000
brk(0x555556527c40)                     = 0x555556527c40
arch_prctl(ARCH_SET_FS, 0x555556527300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555565275d0)         = 4997
set_robust_list(0x5555565275e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7ffa66611030, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7ffa66611700}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7ffa666110d0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ffa66611700}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor4040526785", 4096) = 28
brk(0x555556548c40)                     = 0x555556548c40
brk(0x555556549000)                     = 0x555556549000
mprotect(0x7ffa666d2000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4998 attached
, child_tidptr=0x5555565275d0) = 4998
[pid  4998] set_robust_list(0x5555565275e0, 24) = 0
[pid  4998] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  4998] socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI) = 3
[pid  4998] openat(AT_FDCWD, "/dev/vhci", O_RDWR) = 4
[pid  4998] dup2(4, 202)                = 202
[pid  4998] close(4)                    = 0
[pid  4998] write(202, "\xff\x00", 2)   = 2
[pid  4998] read(202, "\xff\x00\x00\x00", 4) = 4
[pid  4998] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ffa65dff000
[pid  4998] mprotect(0x7ffa65e00000, 8388608, PROT_READ|PROT_WRITE) = 0
[pid  4998] clone(child_stack=0x7ffa665ff3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[2], tls=0x7ffa665ff700, child_tidptr=0x7ffa665ff9d0) = 2
[pid  4998] ioctl(3, HCIDEVUP./strace-static-x86_64: Process 5001 attached
 <unfinished ...>
[pid  5001] set_robust_list(0x7ffa665ff9e0, 24) = 0
[pid  5001] read(202, "\x01\x03\x0c\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x03\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x03\x10\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x03\x10", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x01\x10\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x01\x10", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x09\x10\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x0a", iov_len=2}, {iov_base="\x01\x09\x10", iov_len=3}, {iov_base="\x00\xaa\xaa\xaa\xaa\xaa\xaa", iov_len=7}], 4) = 13
[pid  5001] read(202, "\x01\x05\x10\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x0b", iov_len=2}, {iov_base="\x01\x05\x10", iov_len=3}, {iov_base="\x00\xfd\x03\x60\x04\x00\x06\x00", iov_len=8}], 4) = 14
[pid  5001] read(202, "\x01\x23\x0c\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x23\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x14\x0c\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x14\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x25\x0c\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x25\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x38\x0c\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x38\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x39\x0c\x00", 1024) = 4
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x39\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  5001] read(202, "\x01\x16\x0c\x02\x00\x7d", 1024) = 6
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x16\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255
[pid  4998] <... ioctl resumed>, 0)     = -1 EALREADY (Operation already in progress)
[pid  5001] read(202,  <unfinished ...>
[pid  4998] ioctl(3, HCISETSCAN <unfinished ...>
[pid  5001] <... read resumed>"\x01\x1a\x0c\x01\x02", 1024) = 5
[pid  5001] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x04", iov_len=2}, {iov_base="\x01\x1a\x0c", iov_len=3}, {iov_base="\x00", iov_len=1}], 4) = 7
[pid  4998] <... ioctl resumed>, 0x7ffff846a354) = 0
[pid  5001] madvise(0x7ffa65dff000, 8372224, MADV_DONTNEED <unfinished ...>
[pid  4998] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x04\x0a", iov_len=2}, {iov_base="\xaa\xaa\xaa\xaa\xaa\x10\x00\x00\x00\x01", iov_len=10}], 3 <unfinished ...>
[pid  5001] <... madvise resumed>)      = 0
[pid  4998] <... writev resumed>)       = 13
[pid  5001] exit(0 <unfinished ...>
[pid  4998] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x03\x0b", iov_len=2}, {iov_base="\x00\xc8\x00\xaa\xaa\xaa\xaa\xaa\x10\x01\x00", iov_len=11}], 3 <unfinished ...>
[pid  5001] <... exit resumed>)         = ?
[pid  4998] <... writev resumed>)       = 14
[pid  5001] +++ exited with 0 +++
[pid  4998] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\v\v", iov_len=2}, {iov_base="\x00\xc8\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=11}], 3) = 14
[pid  4998] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x3e\x13", iov_len=2}, {iov_base="\x01\x00\xc9\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\x11\x00\x00\x00\x00\x00\x00\x00", iov_len=19}], 3) = 22
[pid  4998] close(3)                    = 0
[pid  4998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  4998] setsid()                    = 1
[pid  4998] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  4998] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  4998] unshare(CLONE_NEWNS)        = 0
[pid  4998] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  4998] unshare(CLONE_NEWIPC)       = 0
[pid  4998] unshare(CLONE_NEWCGROUP)    = 0
[pid  4998] unshare(CLONE_NEWUTS)       = 0
[pid  4998] unshare(CLONE_SYSVSEM)      = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "16777216", 8)     = 8
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "536870912", 9)    = 9
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "8192", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024", 4)         = 4
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "1024 1048576 500 1024", 21) = 21
[pid  4998] close(3)                    = 0
[pid  4998] getpid()                    = 1
[pid  4998] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  4998] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
syzkaller login: [   41.408489][ T4999] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   41.416993][ T4999] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   41.424962][ T4999] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   41.434623][ T4999] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   41.443407][ T4999] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   41.451548][ T4999] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[pid  4998] unshare(CLONE_NEWNET)       = 0
[pid  4998] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  4998] write(3, "0 65535", 7)      = 7
[pid  4998] close(3)                    = 0
[pid  4998] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid  4998] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid  4998] close(3)                    = 0
[pid  4998] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  4998] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  4998] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x29\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1c\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  4998] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4998] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  4998] recvfrom(3, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x45\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  4998] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4998] sendto(3, [{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  4998] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  4998] access("/proc/net", R_OK)   = 0
[pid  4998] access("/proc/net/unix", R_OK) = 0
[pid  4998] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  4998] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  4998] close(4)                    = 0
[pid  4998] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  4998] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4998] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  4998] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  4998] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  4998] close(4)                    = 0
[pid  4998] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  4998] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4998] sendto(3, [{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  4998] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  4998] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  4998] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  4998] close(4)                    = 0
[pid  4998] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  4998] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4998] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  4998] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  4998] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  4998] close(4)                    = 0
[pid  4998] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[   41.535892][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.543986][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.553515][  T754] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[pid  4998] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4998] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  4998] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  4998] close(4)                    = 0
[pid  4998] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  4998] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  4998] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0b\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[pid  4998] close(4)                    = 0
[pid  4998] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  4998] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  4998] close(4)                    = 0
[pid  4998] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  4998] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  4998] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x00\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x00\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[pid  4998] close(4)                    = 0
[pid  4998] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  4998] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  4998] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[pid  4998] close(4)                    = 0
[pid  4998] close(3)                    = 0
[pid  4998] mkdir("/dev/binderfs", 0777) = 0
[pid  4998] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  4998] symlink("/dev/binderfs", "./binderfs") = 0
[pid  4998] memfd_create("syzkaller", 0) = 3
[pid  4998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffa5d9ff000
[pid  4998] write(3, "\xce\xfa\xad\x1b\x00\x0e\x00\x00\xff\x7f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x73\x79\x7a\x6b\x61\x6c\x73\x79\x7a\x6b\x61\x6c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid  4998] munmap(0x7ffa5d9ff000, 32768) = 0
[pid  4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[   41.576800][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.584730][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.594025][  T754] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   41.609348][ T4998] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4998 'syz-executor404'
[pid  4998] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  4998] close(3)                    = 0
[pid  4998] mkdir("./file0", 0777)      = 0
[pid  4998] mount("/dev/loop0", "./file0", "bfs", 0, "") = 0
[pid  4998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  4998] chdir("./file0")            = 0
[pid  4998] ioctl(4, LOOP_CLR_FD)       = 0
[pid  4998] close(4)                    = 0
[pid  4998] clone(child_stack=0x20000000, flags=0) = 3
[pid  4998] clone(child_stack=0x20000000, flags=0) = 4
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5004 attached
./strace-static-x86_64: Process 5005 attached
) = 5
./strace-static-x86_64: Process 5006 attached
[pid  5005] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5004] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] clone(child_stack=0x20000000, flags=0) = 6
[pid  4998] clone(child_stack=0x20000000, flags=0) = 7
[pid  4998] clone(child_stack=0x20000000, flags=0) = 8
[pid  4998] clone(child_stack=0x20000000, flags=0) = 9
[pid  4998] clone(child_stack=0x20000000, flags=0) = 10
[pid  4998] clone(child_stack=0x20000000, flags=0) = 11
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5009 attached
 <unfinished ...>
[pid  5009] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5008 attached
[pid  5008] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5010 attached
[   41.623206][ T4998] loop0: detected capacity change from 0 to 64
[pid  5010] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5013 attached
./strace-static-x86_64: Process 5012 attached
./strace-static-x86_64: Process 5011 attached
./strace-static-x86_64: Process 5007 attached
[pid  5006] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 12
[pid  4998] clone(child_stack=0x20000000, flags=0) = 13
[pid  4998] clone(child_stack=0x20000000, flags=0) = 14
[pid  4998] clone(child_stack=0x20000000, flags=0) = 15
[pid  4998] clone(child_stack=0x20000000, flags=0) = 16
[pid  4998] clone(child_stack=0x20000000, flags=0 <unfinished ...>
[pid  5007] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  5011] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 17
[pid  4998] clone(child_stack=0x20000000, flags=0 <unfinished ...>
[pid  5012] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 18
[pid  4998] clone(child_stack=0x20000000, flags=0 <unfinished ...>
[pid  5013] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 19
[pid  4998] clone(child_stack=0x20000000, flags=0) = 20
[pid  4998] clone(child_stack=0x20000000, flags=0) = 21
[pid  4998] clone(child_stack=0x20000000, flags=0) = 22
[pid  4998] clone(child_stack=0x20000000, flags=0) = 23
[pid  4998] clone(child_stack=0x20000000, flags=0) = 24
[pid  4998] clone(child_stack=0x20000000, flags=0) = 25
[pid  4998] clone(child_stack=0x20000000, flags=0) = 26
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5021 attached
 <unfinished ...>
[pid  5021] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 27
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5024 attached
 <unfinished ...>
[pid  5024] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 28
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5026 attached
 <unfinished ...>
[pid  5026] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5027 attached
[pid  5027] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 29
[   41.658518][ T5009] ------------[ cut here ]------------
[   41.664082][ T5009] WARNING: CPU: 1 PID: 5009 at fs/buffer.c:1130 mark_buffer_dirty+0x376/0x3e0
[   41.673085][ T5009] Modules linked in:
[   41.677008][ T5009] CPU: 1 PID: 5009 Comm: syz-executor404 Not tainted 6.4.0-rc4-syzkaller-00198-g9e87b63ed37e #0
[   41.687479][ T5009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   41.697570][ T5009] RIP: 0010:mark_buffer_dirty+0x376/0x3e0
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5029 attached
 <unfinished ...>
[pid  5029] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 30
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5030 attached
 <unfinished ...>
[pid  5030] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 31
[pid  4998] clone(child_stack=0x20000000, flags=0) = 32
[pid  4998] clone(child_stack=0x20000000, flags=0) = 33
[pid  4998] clone(child_stack=0x20000000, flags=0) = 34
[pid  4998] clone(child_stack=0x20000000, flags=0./strace-static-x86_64: Process 5032 attached
 <unfinished ...>
[pid  5032] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid  4998] <... clone resumed>)        = 35
[pid  4998] close(3)                    = 0
[pid  4998] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  4998] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  4998] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  4998] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  4998] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  4998] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  4998] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  4998] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  4998] exit_group(1)               = ?
./strace-static-x86_64: Process 5035 attached
[pid  5035] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5036 attached
[pid  5036] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5014 attached
[pid  5014] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5015 attached
[pid  5015] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5016 attached
[pid  5016] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5017 attached
[pid  5017] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5018 attached
[pid  5018] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5019 attached
[pid  5019] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5020 attached
[   41.703316][ T5009] Code: e9 8f 77 8d ff e8 8a 77 8d ff 48 89 ef e8 b2 13 e8 ff 5b 5d e9 7b 77 8d ff e8 76 77 8d ff 0f 0b e9 10 fe ff ff e8 6a 77 8d ff <0f> 0b e9 b7 fc ff ff e8 5e 77 8d ff 0f 0b e9 d6 fc ff ff 48 89 df
[   41.723017][ T5009] RSP: 0018:ffffc90003aeefc0 EFLAGS: 00010293
[   41.729133][ T5009] RAX: 0000000000000000 RBX: ffff888074a5c488 RCX: 0000000000000000
[   41.737170][ T5009] RDX: ffff8880287e1dc0 RSI: ffffffff81f6ced6 RDI: 0000000000000001
[   41.745163][ T5009] RBP: ffff8880749f1000 R08: 0000000000000001 R09: 0000000000000000
[pid  5020] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5022 attached
[pid  5022] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5023 attached
[pid  5023] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5025 attached
[pid  5025] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5028 attached
[pid  5028] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5031 attached
[pid  5031] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5034 attached
[pid  5034] +++ killed by SIGKILL +++
./strace-static-x86_64: Process 5033 attached
[pid  5033] +++ killed by SIGKILL +++
[   41.753389][ T5009] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88807c87c000
[   41.761489][ T5009] R13: ffffed100f90f82c R14: ffff888074a5c488 R15: 0000000000000012
[   41.769514][ T5009] FS:  0000555556527300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   41.778467][ T5009] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.785131][ T5009] CR2: 0000000000000000 CR3: 0000000079ccb000 CR4: 0000000000350ee0
[   41.793130][ T5009] Call Trace:
[   41.796423][ T5009]  <TASK>
[   41.799366][ T5009]  ? __warn+0xe6/0x390
[   41.803423][ T5009]  ? mark_buffer_dirty+0x376/0x3e0
[   41.808567][ T5009]  ? report_bug+0x2da/0x500
[   41.813137][ T5009]  ? handle_bug+0x3c/0x70
[   41.817492][ T5009]  ? exc_invalid_op+0x18/0x50
[   41.822172][ T5009]  ? asm_exc_invalid_op+0x1a/0x20
[   41.827231][ T5009]  ? mark_buffer_dirty+0x376/0x3e0
[   41.832354][ T5009]  ? mark_buffer_dirty+0x376/0x3e0
[   41.837494][ T5009]  bfs_get_block+0x39b/0xdd0
[   41.842097][ T5009]  __block_write_begin_int+0x3bd/0x14b0
[   41.847844][ T5009]  ? bfs_write_begin+0xd0/0xd0
[   41.852627][ T5009]  ? folio_wait_stable+0x96/0xe0
[   41.857606][ T5009]  ? invalidate_bh_lrus_cpu+0x140/0x140
[   41.863168][ T5009]  ? folio_flags.constprop.0+0x53/0x150
[   41.868767][ T5009]  ? bfs_write_begin+0xd0/0xd0
[   41.873531][ T5009]  block_write_begin+0xb9/0x4d0
[   41.878472][ T5009]  bfs_write_begin+0x31/0xd0
[   41.883087][ T5009]  generic_perform_write+0x256/0x570
[   41.888428][ T5009]  ? generic_file_readonly_mmap+0x180/0x180
[   41.894334][ T5009]  ? new_inode+0x280/0x280
[   41.898787][ T5009]  ? generic_write_checks+0x2c0/0x400
[   41.904173][ T5009]  __generic_file_write_iter+0x2ae/0x500
[   41.909841][ T5009]  ? up_write+0x1b4/0x520
[   41.914179][ T5009]  generic_file_write_iter+0xe3/0x350
[   41.919587][ T5009]  __kernel_write_iter+0x262/0x7a0
[   41.924716][ T5009]  ? vfs_read+0x8a0/0x8a0
[   41.929086][ T5009]  ? kasan_save_stack+0x32/0x40
[   41.933955][ T5009]  ? arch_do_signal_or_restart+0x79/0x5c0
[   41.939707][ T5009]  ? exit_to_user_mode_prepare+0x11f/0x240
[   41.945524][ T5009]  ? irqentry_exit_to_user_mode+0x9/0x40
[   41.951188][ T5009]  ? exc_page_fault+0xc0/0x170
[   41.955992][ T5009]  ? asm_exc_page_fault+0x26/0x30
[   41.961051][ T5009]  __kernel_write+0xcb/0x110
[   41.965645][ T5009]  ? __kernel_write_iter+0x7a0/0x7a0
[   41.970963][ T5009]  ? find_held_lock+0x2d/0x110
[   41.975744][ T5009]  dump_emit+0x21d/0x340
[   41.980021][ T5009]  ? __dump_skip+0x5c0/0x5c0
[   41.984611][ T5009]  ? elf_core_dump+0x1e39/0x36e0
[   41.989603][ T5009]  elf_core_dump+0x2289/0x36e0
[   41.994398][ T5009]  ? load_elf_phdrs+0x210/0x210
[   41.999310][ T5009]  ? kvmalloc_node+0xa2/0x1a0
[   42.004009][ T5009]  ? kasan_save_stack+0x32/0x40
[   42.008912][ T5009]  ? kasan_set_track+0x25/0x30
[   42.013685][ T5009]  ? __kasan_kmalloc+0xa2/0xb0
[   42.018483][ T5009]  ? __lock_acquire+0x1987/0x5f30
[   42.023520][ T5009]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   42.029554][ T5009]  do_coredump+0x2f2b/0x4020
[   42.034150][ T5009]  ? dump_emit+0x340/0x340
[   42.038591][ T5009]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   42.044580][ T5009]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   42.050603][ T5009]  ? lock_sync+0x190/0x190
[   42.055023][ T5009]  ? find_held_lock+0x2d/0x110
[   42.059904][ T5009]  ? do_gmbus_xfer+0xd70/0x1970
[   42.064759][ T5009]  ? _raw_spin_unlock_irq+0x23/0x50
[   42.069992][ T5009]  get_signal+0x1c02/0x25b0
[   42.074506][ T5009]  ? exit_signals+0x910/0x910
[   42.079208][ T5009]  ? force_sig_fault+0xb6/0xf0
[   42.083979][ T5009]  ? force_sig+0xe0/0xe0
[   42.088252][ T5009]  arch_do_signal_or_restart+0x79/0x5c0
[   42.093802][ T5009]  ? get_sigframe_size+0x10/0x10
[   42.098768][ T5009]  ? rcu_is_watching+0x12/0xb0
[   42.103548][ T5009]  exit_to_user_mode_prepare+0x11f/0x240
[   42.109213][ T5009]  irqentry_exit_to_user_mode+0x9/0x40
[   42.114679][ T5009]  exc_page_fault+0xc0/0x170
[   42.119317][ T5009]  asm_exc_page_fault+0x26/0x30
[   42.124188][ T5009] RIP: 0033:0x0
[   42.127683][ T5009] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   42.135139][ T5009] RSP: 002b:0000000020000008 EFLAGS: 00010217
[   42.141248][ T5009] RAX: 0000000000000000 RBX: 000000000000001c RCX: 00007ffa66653f69
[   42.149272][ T5009] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000
[   42.157354][ T5009] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007fff00000004
[   42.165326][ T5009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000031
[   42.173324][ T5009] R13: 000000000000000c R14: 00007ffff846a380 R15: 00007ffff846a342
[   42.181320][ T5009]  </TASK>
[   42.184326][ T5009] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   42.191583][ T5009] CPU: 1 PID: 5009 Comm: syz-executor404 Not tainted 6.4.0-rc4-syzkaller-00198-g9e87b63ed37e #0
[   42.201974][ T5009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   42.212008][ T5009] Call Trace:
[   42.215268][ T5009]  <TASK>
[   42.218184][ T5009]  dump_stack_lvl+0xd9/0x150
[   42.222761][ T5009]  panic+0x686/0x730
[   42.226639][ T5009]  ? panic_smp_self_stop+0xa0/0xa0
[   42.231733][ T5009]  ? show_trace_log_lvl+0x284/0x390
[   42.236930][ T5009]  ? mark_buffer_dirty+0x376/0x3e0
[   42.242041][ T5009]  check_panic_on_warn+0xb1/0xc0
[   42.246980][ T5009]  __warn+0xf2/0x390
[   42.250865][ T5009]  ? mark_buffer_dirty+0x376/0x3e0
[   42.255975][ T5009]  report_bug+0x2da/0x500
[   42.260344][ T5009]  handle_bug+0x3c/0x70
[   42.264573][ T5009]  exc_invalid_op+0x18/0x50
[   42.269065][ T5009]  asm_exc_invalid_op+0x1a/0x20
[   42.273915][ T5009] RIP: 0010:mark_buffer_dirty+0x376/0x3e0
[   42.279629][ T5009] Code: e9 8f 77 8d ff e8 8a 77 8d ff 48 89 ef e8 b2 13 e8 ff 5b 5d e9 7b 77 8d ff e8 76 77 8d ff 0f 0b e9 10 fe ff ff e8 6a 77 8d ff <0f> 0b e9 b7 fc ff ff e8 5e 77 8d ff 0f 0b e9 d6 fc ff ff 48 89 df
[   42.299317][ T5009] RSP: 0018:ffffc90003aeefc0 EFLAGS: 00010293
[   42.305378][ T5009] RAX: 0000000000000000 RBX: ffff888074a5c488 RCX: 0000000000000000
[   42.313335][ T5009] RDX: ffff8880287e1dc0 RSI: ffffffff81f6ced6 RDI: 0000000000000001
[   42.321296][ T5009] RBP: ffff8880749f1000 R08: 0000000000000001 R09: 0000000000000000
[   42.329254][ T5009] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88807c87c000
[   42.337211][ T5009] R13: ffffed100f90f82c R14: ffff888074a5c488 R15: 0000000000000012
[   42.345176][ T5009]  ? mark_buffer_dirty+0x376/0x3e0
[   42.350292][ T5009]  bfs_get_block+0x39b/0xdd0
[   42.354881][ T5009]  __block_write_begin_int+0x3bd/0x14b0
[   42.360418][ T5009]  ? bfs_write_begin+0xd0/0xd0
[   42.365177][ T5009]  ? folio_wait_stable+0x96/0xe0
[   42.370104][ T5009]  ? invalidate_bh_lrus_cpu+0x140/0x140
[   42.375643][ T5009]  ? folio_flags.constprop.0+0x53/0x150
[   42.381192][ T5009]  ? bfs_write_begin+0xd0/0xd0
[   42.385943][ T5009]  block_write_begin+0xb9/0x4d0
[   42.390788][ T5009]  bfs_write_begin+0x31/0xd0
[   42.395369][ T5009]  generic_perform_write+0x256/0x570
[   42.400653][ T5009]  ? generic_file_readonly_mmap+0x180/0x180
[   42.406543][ T5009]  ? new_inode+0x280/0x280
[   42.410959][ T5009]  ? generic_write_checks+0x2c0/0x400
[   42.416323][ T5009]  __generic_file_write_iter+0x2ae/0x500
[   42.421949][ T5009]  ? up_write+0x1b4/0x520
[   42.426272][ T5009]  generic_file_write_iter+0xe3/0x350
[   42.431639][ T5009]  __kernel_write_iter+0x262/0x7a0
[   42.436750][ T5009]  ? vfs_read+0x8a0/0x8a0
[   42.441074][ T5009]  ? kasan_save_stack+0x32/0x40
[   42.445924][ T5009]  ? arch_do_signal_or_restart+0x79/0x5c0
[   42.451633][ T5009]  ? exit_to_user_mode_prepare+0x11f/0x240
[   42.457458][ T5009]  ? irqentry_exit_to_user_mode+0x9/0x40
[   42.463100][ T5009]  ? exc_page_fault+0xc0/0x170
[   42.467853][ T5009]  ? asm_exc_page_fault+0x26/0x30
[   42.472881][ T5009]  __kernel_write+0xcb/0x110
[   42.477465][ T5009]  ? __kernel_write_iter+0x7a0/0x7a0
[   42.482747][ T5009]  ? find_held_lock+0x2d/0x110
[   42.487521][ T5009]  dump_emit+0x21d/0x340
[   42.491760][ T5009]  ? __dump_skip+0x5c0/0x5c0
[   42.496341][ T5009]  ? elf_core_dump+0x1e39/0x36e0
[   42.501281][ T5009]  elf_core_dump+0x2289/0x36e0
[   42.506046][ T5009]  ? load_elf_phdrs+0x210/0x210
[   42.510900][ T5009]  ? kvmalloc_node+0xa2/0x1a0
[   42.515571][ T5009]  ? kasan_save_stack+0x32/0x40
[   42.520422][ T5009]  ? kasan_set_track+0x25/0x30
[   42.525179][ T5009]  ? __kasan_kmalloc+0xa2/0xb0
[   42.529937][ T5009]  ? __lock_acquire+0x1987/0x5f30
[   42.534963][ T5009]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   42.540964][ T5009]  do_coredump+0x2f2b/0x4020
[   42.545549][ T5009]  ? dump_emit+0x340/0x340
[   42.549959][ T5009]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   42.555937][ T5009]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   42.561921][ T5009]  ? lock_sync+0x190/0x190
[   42.566333][ T5009]  ? find_held_lock+0x2d/0x110
[   42.571090][ T5009]  ? do_gmbus_xfer+0xd70/0x1970
[   42.575933][ T5009]  ? _raw_spin_unlock_irq+0x23/0x50
[   42.581132][ T5009]  get_signal+0x1c02/0x25b0
[   42.585633][ T5009]  ? exit_signals+0x910/0x910
[   42.590910][ T5009]  ? force_sig_fault+0xb6/0xf0
[   42.595677][ T5009]  ? force_sig+0xe0/0xe0
[   42.600011][ T5009]  arch_do_signal_or_restart+0x79/0x5c0
[   42.605549][ T5009]  ? get_sigframe_size+0x10/0x10
[   42.610477][ T5009]  ? rcu_is_watching+0x12/0xb0
[   42.615332][ T5009]  exit_to_user_mode_prepare+0x11f/0x240
[   42.620981][ T5009]  irqentry_exit_to_user_mode+0x9/0x40
[   42.626431][ T5009]  exc_page_fault+0xc0/0x170
[   42.631010][ T5009]  asm_exc_page_fault+0x26/0x30
[   42.635854][ T5009] RIP: 0033:0x0
[   42.639306][ T5009] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   42.646742][ T5009] RSP: 002b:0000000020000008 EFLAGS: 00010217
[   42.652796][ T5009] RAX: 0000000000000000 RBX: 000000000000001c RCX: 00007ffa66653f69
[   42.660751][ T5009] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000
[   42.668728][ T5009] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007fff00000004
[   42.676684][ T5009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000031
[   42.684727][ T5009] R13: 000000000000000c R14: 00007ffff846a380 R15: 00007ffff846a342
[   42.692698][ T5009]  </TASK>
[   42.696648][ T5009] Kernel Offset: disabled
[   42.701032][ T5009] Rebooting in 86400 seconds..