./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2244330760

<...>
Warning: Permanently added '10.128.0.236' (ED25519) to the list of known hosts.
execve("./syz-executor2244330760", ["./syz-executor2244330760"], 0x7ffd011fa9c0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556016000
brk(0x555556016d00)                     = 0x555556016d00
arch_prctl(ARCH_SET_FS, 0x555556016380) = 0
set_tid_address(0x555556016650)         = 5031
set_robust_list(0x555556016660, 24)     = 0
rseq(0x555556016ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2244330760", 4096) = 28
getrandom("\xec\x3c\x71\x9d\x30\xdd\x26\xbc", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556016d00
brk(0x555556037d00)                     = 0x555556037d00
brk(0x555556038000)                     = 0x555556038000
mprotect(0x7ff75fbde000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("/syzcgroup", 0777)               = 0
mkdir("/syzcgroup/unified", 0777)       = 0
mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0
chmod("/syzcgroup/unified", 0777)       = 0
openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3
write(3, "+cpu", 4)                     = 4
write(3, "+io", 3)                      = 3
write(3, "+pids", 5)                    = 5
close(3)                                = 0
mkdir("/syzcgroup/net", 0777)           = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0
umount2("/syzcgroup/net", 0)            = 0
[   52.721112][ T5031] cgroup: Unknown subsys name 'net'
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = 0
chmod("/syzcgroup/net", 0777)           = 0
mkdir("/syzcgroup/cpu", 0777)           = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "memory") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
[   52.863120][ T5031] cgroup: Unknown subsys name 'rlimit'
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = 0
chmod("/syzcgroup/cpu", 0777)           = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
chmod("/dev/raw-gadget", 0666)          = 0
getrandom("\xfe\xfc\x52\x91\x32\x2d\xe7\x39", 8, GRND_NONBLOCK) = 8
mkdir("./syzkaller.WBXGIl", 0700)       = 0
chmod("./syzkaller.WBXGIl", 0777)       = 0
chdir("./syzkaller.WBXGIl")             = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556016650) = 5032
./strace-static-x86_64: Process 5032 attached
[pid  5032] set_robust_list(0x555556016660, 24) = 0
[pid  5032] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5032] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5032] setsid()                    = 1
[pid  5032] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5032] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5032] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5032] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5032] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5032] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5032] unshare(CLONE_NEWNS)        = 0
[pid  5032] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5032] unshare(CLONE_NEWIPC)       = 0
[pid  5032] unshare(CLONE_NEWCGROUP)    = 0
[pid  5032] unshare(CLONE_NEWUTS)       = 0
[pid  5032] unshare(CLONE_SYSVSEM)      = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "16777216", 8)     = 8
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "536870912", 9)    = 9
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1024", 4)         = 4
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "8192", 4)         = 4
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1024", 4)         = 4
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1024", 4)         = 4
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5032] close(3)                    = 0
[pid  5032] getpid()                    = 1
[pid  5032] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5032] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5032] unshare(CLONE_NEWNET)       = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "0 65535", 7)      = 7
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  5032] dup2(3, 200)                = 200
[pid  5032] close(3)                    = 0
[pid  5032] ioctl(200, TUNSETIFF, 0x7ffc0dbb11e0) = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "0", 1)            = 1
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "0", 1)            = 1
[pid  5032] close(3)                    = 0
[pid  5032] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  5032] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5032] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5032] close(4)                    = 0
[pid  5032] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5032] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5032] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5032] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5032] close(4)                    = 0
[pid  5032] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5032] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5032] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5032] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5032] close(4)                    = 0
[pid  5032] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  5032] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5032] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5032] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5032] close(4)                    = 0
[pid  5032] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  5032] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5032] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5032] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5032] close(4)                    = 0
[pid  5032] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  5032] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5032] close(3)                    = 0
[pid  5032] mkdir("/dev/binderfs", 0777) = 0
[pid  5032] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5032] getpid()                    = 1
[pid  5032] mkdir("/syzcgroup/unified/syz0", 0777) = 0
[pid  5032] openat(AT_FDCWD, "/syzcgroup/unified/syz0/pids.max", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "32", 2)           = 2
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/syzcgroup/unified/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1", 1)            = 1
[pid  5032] close(3)                    = 0
[pid  5032] mkdir("/syzcgroup/cpu/syz0", 0777) = 0
[pid  5032] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1", 1)            = 1
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/memory.soft_limit_in_bytes", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "313524224", 9)    = 9
[pid  5032] close(3)                    = 0
[pid  5032] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/memory.limit_in_bytes", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "314572800", 9)    = 9
[pid  5032] close(3)                    = 0
[pid  5032] mkdir("/syzcgroup/net/syz0", 0777) = 0
[pid  5032] openat(AT_FDCWD, "/syzcgroup/net/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1", 1)            = 1
[pid  5032] close(3)                    = 0
[pid  5032] mkdir("./0", 0777)          = 0
[pid  5032] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5032] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5032] close(3)                    = 0
[pid  5032] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556016650) = 2
./strace-static-x86_64: Process 5035 attached
[pid  5035] set_robust_list(0x555556016660, 24) = 0
[pid  5035] chdir("./0")                = 0
[pid  5035] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5035] setpgid(0, 0)               = 0
[pid  5035] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5035] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5035] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5035] write(3, "1000", 4)         = 4
[pid  5035] close(3)                    = 0
[pid  5035] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5035] read(200, 0x7ffc0dbb0b30, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5035] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5035] memfd_create("syzkaller", 0) = 3
[pid  5035] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff757721000
[   53.073296][ T5035] syz-executor224[5035]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[pid  5035] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5035] munmap(0x7ff757721000, 16777216) = 0
[pid  5035] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5035] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5035] close(3)                    = 0
[pid  5035] mkdir("./file0", 0777)      = 0
[pid  5035] mount("/dev/loop0", "./file0", "jfs", MS_NOSUID, "quota") = 0
[pid  5035] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5035] chdir("./file0")            = 0
[pid  5035] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5035] close(4)                    = 0
[pid  5035] openat(AT_FDCWD, "./file0", O_RDONLY) = 4
[pid  5035] symlinkat("./file0", 4, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 EIO (Input/output error)
[   53.194652][ T5035] loop0: detected capacity change from 0 to 32768
[   53.210770][ T5035] find_entry called with index = 0
[   53.216277][ T5035] read_mapping_page failed!
[   53.220948][ T5035] ERROR: (device loop0): txCommit: 
[   53.220948][ T5035] 
[   53.229040][ T5035] ERROR: (device loop0): remounting filesystem as read-only
[pid  5035] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_RINGBUF, key_size=0, value_size=0, max_entries=536870912, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = -1 ENOMEM (Cannot allocate memory)
[pid  5035] close(3)                    = 0
[pid  5035] close(4)                    = 0
[pid  5035] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5035] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5035] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5035] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5035] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5035] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5035] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5035] exit_group(0)               = ?
[pid  5035] +++ exited with 0 +++
[pid  5032] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=121 /* 1.21 s */} ---
[pid  5032] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5032] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5032] getdents64(3, 0x5555560176f0 /* 7 entries */, 32768) = 208
[pid  5032] umount2("./0/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] newfstatat(AT_FDCWD, "./0/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5032] unlink("./0/cgroup.cpu")    = 0
[pid  5032] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5032] unlink("./0/binderfs")      = 0
[pid  5032] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[pid  5032] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5032] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5032] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid  5032] getdents64(4, 0x55555601f730 /* 2 entries */, 32768) = 48
[pid  5032] getdents64(4, 0x55555601f730 /* 0 entries */, 32768) = 0
[pid  5032] close(4)                    = 0
[pid  5032] rmdir("./0/file0")          = 0
[pid  5032] umount2("./0/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] newfstatat(AT_FDCWD, "./0/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5032] unlink("./0/cgroup")        = 0
[pid  5032] umount2("./0/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5032] newfstatat(AT_FDCWD, "./0/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5032] unlink("./0/cgroup.net")    = 0
[pid  5032] getdents64(3, 0x5555560176f0 /* 0 entries */, 32768) = 0
[pid  5032] close(3)                    = 0
[pid  5032] rmdir("./0")                = 0
[pid  5032] mkdir("./1", 0777)          = 0
[pid  5032] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5032] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  5032] close(3)                    = 0
[pid  5032] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5036 attached
, child_tidptr=0x555556016650) = 3
[pid  5036] set_robust_list(0x555556016660, 24) = 0
[pid  5036] chdir("./1")                = 0
[pid  5036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5036] setpgid(0, 0)               = 0
[pid  5036] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5036] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5036] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "1000", 4)         = 4
[pid  5036] close(3)                    = 0
[pid  5036] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5036] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5036] read(200, 0x7ffc0dbb0b30, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5036] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5036] memfd_create("syzkaller", 0) = 3
[pid  5036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff757721000
[pid  5036] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5036] munmap(0x7ff757721000, 16777216) = 0
[pid  5036] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5036] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5036] close(3)                    = 0
[pid  5036] mkdir("./file0", 0777)      = 0
[pid  5036] mount("/dev/loop0", "./file0", "jfs", MS_NOSUID, "quota") = 0
[pid  5036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5036] chdir("./file0")            = 0
[pid  5036] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5036] close(4)                    = 0
[pid  5036] openat(AT_FDCWD, "./file0", O_RDONLY) = 4
[pid  5036] symlinkat("./file0", 4, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 EIO (Input/output error)
[   54.623775][ T5036] loop0: detected capacity change from 0 to 32768
[   54.639621][ T5036] find_entry called with index = 0
[   54.645159][ T5036] read_mapping_page failed!
[   54.649687][ T5036] ERROR: (device loop0): txCommit: 
[   54.649687][ T5036] 
[   54.658014][ T5036] ERROR: (device loop0): remounting filesystem as read-only
[   55.231424][ T5036] ==================================================================
[   55.239508][ T5036] BUG: KASAN: null-ptr-deref in drop_buffers+0x6f/0x700
[   55.246439][ T5036] Read of size 4 at addr 0000000000000060 by task syz-executor224/5036
[   55.254663][ T5036] 
[   55.256974][ T5036] CPU: 1 PID: 5036 Comm: syz-executor224 Not tainted 6.6.0-rc1-syzkaller #0
[   55.265632][ T5036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   55.275673][ T5036] Call Trace:
[   55.278959][ T5036]  <TASK>
[   55.281877][ T5036]  dump_stack_lvl+0x1e7/0x2d0
[   55.286551][ T5036]  ? nf_tcp_handle_invalid+0x650/0x650
[   55.292023][ T5036]  ? panic+0x770/0x770
[   55.296077][ T5036]  ? _printk+0xd5/0x120
[   55.300244][ T5036]  print_report+0xe6/0x540
[   55.304650][ T5036]  ? __virt_addr_valid+0x58/0x2e0
[   55.309661][ T5036]  ? drop_buffers+0x6f/0x700
[   55.314238][ T5036]  kasan_report+0x175/0x1b0
[   55.318737][ T5036]  ? drop_buffers+0x6f/0x700
[   55.323418][ T5036]  kasan_check_range+0x27e/0x290
[   55.328342][ T5036]  drop_buffers+0x6f/0x700
[   55.332747][ T5036]  try_to_free_buffers+0x295/0x5f0
[   55.337847][ T5036]  ? __might_sleep+0xc0/0xc0
[   55.342434][ T5036]  ? sync_dirty_buffer+0x20/0x20
[   55.347370][ T5036]  ? filemap_release_folio+0x2b6/0x4b0
[   55.352820][ T5036]  shrink_folio_list+0x271a/0x8870
[   55.357933][ T5036]  ? reclaim_clean_pages_from_list+0xed0/0xed0
[   55.364078][ T5036]  ? __mod_zone_page_state+0xda/0x140
[   55.369444][ T5036]  ? isolate_lru_folios+0x1411/0x16d0
[   55.374807][ T5036]  ? rcu_is_watching+0x15/0xb0
[   55.379561][ T5036]  ? lock_release+0xbf/0x9d0
[   55.384146][ T5036]  ? cgroup_rstat_updated+0xd1/0x360
[   55.389418][ T5036]  ? lru_add_drain_cpu+0x491/0x610
[   55.394513][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.399523][ T5036]  ? __count_memcg_events+0x1ce/0x380
[   55.404882][ T5036]  ? print_irqtrace_events+0x220/0x220
[   55.410335][ T5036]  ? rcu_is_watching+0x15/0xb0
[   55.415095][ T5036]  shrink_lruvec+0x16e6/0x2d30
[   55.419861][ T5036]  ? __calc_delta+0x2a0/0x2a0
[   55.424532][ T5036]  ? mem_cgroup_shrink_node+0x900/0x900
[   55.430080][ T5036]  ? lock_acquire+0xe3/0x520
[   55.434675][ T5036]  ? lock_release+0xbf/0x9d0
[   55.439250][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.444285][ T5036]  ? __might_sleep+0xc0/0xc0
[   55.448875][ T5036]  ? css_next_descendant_pre+0xb1/0x260
[   55.454412][ T5036]  ? mem_cgroup_iter+0x34d/0x480
[   55.459361][ T5036]  shrink_node+0x1176/0x28c0
[   55.463944][ T5036]  do_try_to_free_pages+0x717/0x19e0
[   55.469226][ T5036]  ? try_to_free_pages+0xff0/0xff0
[   55.474324][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.479352][ T5036]  try_to_free_mem_cgroup_pages+0x455/0xa50
[   55.485236][ T5036]  ? do_raw_spin_unlock+0x13b/0x8b0
[   55.490433][ T5036]  ? shrink_lruvec+0x2d30/0x2d30
[   55.495365][ T5036]  ? psi_schedule_rtpoll_work+0x1f0/0x1f0
[   55.501069][ T5036]  ? cgroup_file_notify+0x111/0x190
[   55.506270][ T5036]  try_charge_memcg+0x5e1/0x16e0
[   55.511232][ T5036]  ? percpu_ref_put+0x150/0x150
[   55.516093][ T5036]  ? lock_release+0xbf/0x9d0
[   55.520673][ T5036]  ? read_lock_is_recursive+0x20/0x20
[   55.526038][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.531077][ T5036]  __memcg_kmem_charge_page+0x21e/0x380
[   55.536619][ T5036]  __alloc_pages+0x28b/0x670
[   55.541208][ T5036]  ? zone_statistics+0x170/0x170
[   55.546144][ T5036]  ? bpf_map_area_alloc+0xfc/0x120
[   55.551256][ T5036]  bpf_ringbuf_alloc+0xcb/0x420
[   55.556101][ T5036]  ringbuf_map_alloc+0x1d3/0x2f0
[   55.561037][ T5036]  map_create+0x849/0x1040
[   55.565464][ T5036]  ? security_bpf+0x81/0xa0
[   55.569963][ T5036]  __sys_bpf+0x6a2/0x810
[   55.574207][ T5036]  ? bpf_link_put_direct+0x1b0/0x1b0
[   55.579504][ T5036]  ? print_irqtrace_events+0x220/0x220
[   55.584954][ T5036]  ? rcu_is_watching+0x15/0xb0
[   55.589705][ T5036]  __x64_sys_bpf+0x7c/0x90
[   55.594122][ T5036]  do_syscall_64+0x41/0xc0
[   55.598546][ T5036]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.604426][ T5036] RIP: 0033:0x7ff75fb611c9
[   55.608829][ T5036] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   55.628423][ T5036] RSP: 002b:00007ffc0dbb0f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   55.636831][ T5036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff75fb611c9
[   55.644799][ T5036] RDX: 0000000000000048 RSI: 0000000020000cc0 RDI: 0000000000000000
[   55.652776][ T5036] RBP: 00007ffc0dbb0f4c R08: ffffffffffffffff R09: ffffffffffffffff
[   55.660734][ T5036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc0dbb0fa0
[   55.668695][ T5036] R13: 00007ffc0dbb0f60 R14: 000000000000cf31 R15: 0000000000000001
[   55.676659][ T5036]  </TASK>
[   55.679664][ T5036] ==================================================================
[   55.688005][ T5036] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   55.695206][ T5036] CPU: 0 PID: 5036 Comm: syz-executor224 Not tainted 6.6.0-rc1-syzkaller #0
[   55.703870][ T5036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   55.713913][ T5036] Call Trace:
[   55.717183][ T5036]  <TASK>
[   55.720101][ T5036]  dump_stack_lvl+0x1e7/0x2d0
[   55.724774][ T5036]  ? nf_tcp_handle_invalid+0x650/0x650
[   55.730218][ T5036]  ? panic+0x770/0x770
[   55.734284][ T5036]  ? rcu_is_watching+0x15/0xb0
[   55.739039][ T5036]  ? vscnprintf+0x5d/0x80
[   55.743359][ T5036]  panic+0x30f/0x770
[   55.747244][ T5036]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   55.753398][ T5036]  ? check_panic_on_warn+0x21/0xa0
[   55.758844][ T5036]  ? __memcpy_flushcache+0x2b0/0x2b0
[   55.764122][ T5036]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   55.770093][ T5036]  ? _raw_spin_unlock+0x40/0x40
[   55.774935][ T5036]  ? print_report+0xe6/0x540
[   55.779513][ T5036]  check_panic_on_warn+0x82/0xa0
[   55.784438][ T5036]  ? drop_buffers+0x6f/0x700
[   55.789017][ T5036]  end_report+0x6e/0x130
[   55.793247][ T5036]  kasan_report+0x186/0x1b0
[   55.797743][ T5036]  ? drop_buffers+0x6f/0x700
[   55.802322][ T5036]  kasan_check_range+0x27e/0x290
[   55.807250][ T5036]  drop_buffers+0x6f/0x700
[   55.811662][ T5036]  try_to_free_buffers+0x295/0x5f0
[   55.816762][ T5036]  ? __might_sleep+0xc0/0xc0
[   55.821343][ T5036]  ? sync_dirty_buffer+0x20/0x20
[   55.826268][ T5036]  ? filemap_release_folio+0x2b6/0x4b0
[   55.831719][ T5036]  shrink_folio_list+0x271a/0x8870
[   55.836842][ T5036]  ? reclaim_clean_pages_from_list+0xed0/0xed0
[   55.842991][ T5036]  ? __mod_zone_page_state+0xda/0x140
[   55.848358][ T5036]  ? isolate_lru_folios+0x1411/0x16d0
[   55.853724][ T5036]  ? rcu_is_watching+0x15/0xb0
[   55.858480][ T5036]  ? lock_release+0xbf/0x9d0
[   55.863060][ T5036]  ? cgroup_rstat_updated+0xd1/0x360
[   55.868334][ T5036]  ? lru_add_drain_cpu+0x491/0x610
[   55.873435][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.878452][ T5036]  ? __count_memcg_events+0x1ce/0x380
[   55.883824][ T5036]  ? print_irqtrace_events+0x220/0x220
[   55.889274][ T5036]  ? rcu_is_watching+0x15/0xb0
[   55.894027][ T5036]  shrink_lruvec+0x16e6/0x2d30
[   55.898781][ T5036]  ? __calc_delta+0x2a0/0x2a0
[   55.903478][ T5036]  ? mem_cgroup_shrink_node+0x900/0x900
[   55.909011][ T5036]  ? lock_acquire+0xe3/0x520
[   55.913598][ T5036]  ? lock_release+0xbf/0x9d0
[   55.918178][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.923194][ T5036]  ? __might_sleep+0xc0/0xc0
[   55.927776][ T5036]  ? css_next_descendant_pre+0xb1/0x260
[   55.933316][ T5036]  ? mem_cgroup_iter+0x34d/0x480
[   55.938245][ T5036]  shrink_node+0x1176/0x28c0
[   55.942924][ T5036]  do_try_to_free_pages+0x717/0x19e0
[   55.948208][ T5036]  ? try_to_free_pages+0xff0/0xff0
[   55.953329][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   55.958372][ T5036]  try_to_free_mem_cgroup_pages+0x455/0xa50
[   55.964274][ T5036]  ? do_raw_spin_unlock+0x13b/0x8b0
[   55.969463][ T5036]  ? shrink_lruvec+0x2d30/0x2d30
[   55.974396][ T5036]  ? psi_schedule_rtpoll_work+0x1f0/0x1f0
[   55.980108][ T5036]  ? cgroup_file_notify+0x111/0x190
[   55.985314][ T5036]  try_charge_memcg+0x5e1/0x16e0
[   55.990251][ T5036]  ? percpu_ref_put+0x150/0x150
[   55.995094][ T5036]  ? lock_release+0xbf/0x9d0
[   55.999673][ T5036]  ? read_lock_is_recursive+0x20/0x20
[   56.005033][ T5036]  ? __lock_acquire+0x7f70/0x7f70
[   56.010050][ T5036]  __memcg_kmem_charge_page+0x21e/0x380
[   56.015606][ T5036]  __alloc_pages+0x28b/0x670
[   56.020190][ T5036]  ? zone_statistics+0x170/0x170
[   56.025143][ T5036]  ? bpf_map_area_alloc+0xfc/0x120
[   56.030246][ T5036]  bpf_ringbuf_alloc+0xcb/0x420
[   56.035086][ T5036]  ringbuf_map_alloc+0x1d3/0x2f0
[   56.040021][ T5036]  map_create+0x849/0x1040
[   56.044426][ T5036]  ? security_bpf+0x81/0xa0
[   56.048919][ T5036]  __sys_bpf+0x6a2/0x810
[   56.053151][ T5036]  ? bpf_link_put_direct+0x1b0/0x1b0
[   56.058441][ T5036]  ? print_irqtrace_events+0x220/0x220
[   56.063892][ T5036]  ? rcu_is_watching+0x15/0xb0
[   56.068644][ T5036]  __x64_sys_bpf+0x7c/0x90
[   56.073055][ T5036]  do_syscall_64+0x41/0xc0
[   56.077460][ T5036]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.083347][ T5036] RIP: 0033:0x7ff75fb611c9
[   56.087756][ T5036] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   56.107611][ T5036] RSP: 002b:00007ffc0dbb0f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   56.116011][ T5036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff75fb611c9
[   56.123972][ T5036] RDX: 0000000000000048 RSI: 0000000020000cc0 RDI: 0000000000000000
[   56.131928][ T5036] RBP: 00007ffc0dbb0f4c R08: ffffffffffffffff R09: ffffffffffffffff
[   56.139885][ T5036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc0dbb0fa0
[   56.147845][ T5036] R13: 00007ffc0dbb0f60 R14: 000000000000cf31 R15: 0000000000000001
[   56.155807][ T5036]  </TASK>
[   56.159047][ T5036] Kernel Offset: disabled
[   56.163442][ T5036] Rebooting in 86400 seconds..