program:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x1c)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
readv(r6, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r7 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
io_setup(0x800, &(0x7f0000000040)=<r8=>0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f00000000c0), 0x6db6e559)
mmap(&(0x7f0000320000/0x4000)=nil, 0x4000, 0x1, 0x4000010, r2, 0x0)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r10, 0x84, 0x7f, &(0x7f00000001c0)="020000000980ffff", 0x8)
r11 = open(&(0x7f0000000400)='./bus\x00', 0x14113e, 0x0)
io_submit(r8, 0x2, &(0x7f00000004c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r11, 0x0}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x2, 0x0, r7, &(0x7f0000000180)}])
r12 = dup(r2)
write$FUSE_BMAP(r12, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18)
write$FUSE_DIRENTPLUS(r12, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r12, &(0x7f0000000180)=ANY=[@ANYRES64=r12], 0x10)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r12}, 0x2c, {[{@posixacl}]}})
syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000280), 0x1, 0x1cf, &(0x7f00000002c0)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUXFlVXZiTk5qUTETQ8Wt5KSK0ycYWK7bX1NpjmNgYJDncEjSdNBhOuLjkTWjsYRzkpSmGBsHAwPDmQ/y69g0jjA8WsG8sc4zr7GuMHVqXlpeUlVWVda8iRM3zmzsbGxcObEuKs1vFWNLisumpk5GJoctagKbmQ3VJ9loT3jXvuphkgNrj4df8yljpdepzJeMFxZJnVpRNXPCF6XZjIbfGe7wlK2Q0NBwkrgiYdFgwnCkzrbBFeTElAaGNIUwxiQ1NrG2LWfmhDDzs7ktUGhJPsEUepRj6UwJiwNCVSd/Wmq+dUh0m7HtqQPbGZ7Dx3nWFPQJGh2XYHBaKPhfBmRMQkNDmcZapqW2C74UafyV8Fpt7JTB4G7PtAwWoCwNIHIllCcL1pOQvMJDR1PTKCU5oWGTREKSW4GhMsPWPZyrBRoYkKJNhYGBYTsjLG4h4BqMMQpGwSgYBaNgFIyCUTAKRsEoGAWjYEQAQAAAAP//LYCV2Q==")
ioctl$I2C_RDWR(r0, 0x707, &(0x7f00000002c0)={&(0x7f00000008c0)})

[   68.733602][ T4683] Bluetooth: hci0: command tx timeout
[   68.924061][ T5336] ------------[ cut here ]------------
[   68.926907][ T5336] WARNING: CPU: 0 PID: 5336 at mm/page_alloc.c:5159 __alloc_frozen_pages_noprof+0x2c8/0x370
[   68.931317][ T5336] Modules linked in:
[   68.933330][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   68.937187][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.941555][ T5336] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   68.944501][ T5336] Code: 74 10 4c 89 e7 89 54 24 0c e8 14 b8 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 11 02 2e 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   68.952644][ T5336] RSP: 0000:ffffc9000fddf880 EFLAGS: 00010246
[   68.955224][ T5336] RAX: ffffc9000fddf800 RBX: 000000000000001f RCX: 0000000000000000
[   68.958541][ T5336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000fddf8e8
[   68.961877][ T5336] RBP: ffffc9000fddf970 R08: ffffc9000fddf8e7 R09: 0000000000000000
[   68.965335][ T5336] R10: ffffc9000fddf8c0 R11: fffff52001fbbf1d R12: 0000000000000000
[   68.969140][ T5336] R13: 1ffff92001fbbf14 R14: 0000000000040d40 R15: dffffc0000000000
[   68.972596][ T5336] FS:  00007f5bae5d46c0(0000) GS:ffff88808d97e000(0000) knlGS:0000000000000000
[   68.976670][ T5336] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.979616][ T5336] CR2: 00007fbb72848320 CR3: 0000000011264000 CR4: 0000000000352ef0
[   68.983010][ T5336] Call Trace:
[   68.984680][ T5336]  <TASK>
[   68.985902][ T5336]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   68.988930][ T5336]  ? p9_client_clunk+0x1b6/0x250
[   68.991029][ T5336]  alloc_pages_mpol+0x232/0x4a0
[   68.993011][ T5336]  ___kmalloc_large_node+0x5f/0x1b0
[   68.995365][ T5336]  __kmalloc_large_node_noprof+0x18/0x90
[   68.997844][ T5336]  __kmalloc_noprof+0x4bd/0x7f0
[   68.999778][ T5336]  ? v9fs_fid_get_acl+0x4f/0x100
[   69.001987][ T5336]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[   69.004690][ T5336]  v9fs_fid_get_acl+0x4f/0x100
[   69.006777][ T5336]  v9fs_get_acl+0x9a/0x360
[   69.008738][ T5336]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[   69.011073][ T5336]  v9fs_mount+0x6eb/0xa50
[   69.012990][ T5336]  ? __pfx_v9fs_mount+0x10/0x10
[   69.015142][ T5336]  legacy_get_tree+0xfd/0x1a0
[   69.017169][ T5336]  ? __pfx_v9fs_mount+0x10/0x10
[   69.019616][ T5336]  vfs_get_tree+0x8f/0x2b0
[   69.021523][ T5336]  do_new_mount+0x302/0xa10
[   69.023581][ T5336]  ? apparmor_capable+0x137/0x1b0
[   69.025869][ T5336]  ? __pfx_do_new_mount+0x10/0x10
[   69.027966][ T5336]  ? ns_capable+0x8a/0xf0
[   69.029732][ T5336]  ? path_mount+0x61c/0xfe0
[   69.031568][ T5336]  ? kmem_cache_free+0x19b/0x690
[   69.033739][ T5336]  __se_sys_mount+0x313/0x410
[   69.035849][ T5336]  ? __pfx___se_sys_mount+0x10/0x10
[   69.038033][ T5336]  ? rcu_is_watching+0x15/0xb0
[   69.040069][ T5336]  ? do_syscall_64+0xbe/0x3b0
[   69.042094][ T5336]  ? __x64_sys_mount+0x20/0xc0
[   69.044109][ T5336]  do_syscall_64+0xfa/0x3b0
[   69.046094][ T5336]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.048271][ T5336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.050828][ T5336]  ? clear_bhb_loop+0x60/0xb0
[   69.052788][ T5336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.055166][ T5336] RIP: 0033:0x7f5bb218eec9
[   69.057202][ T5336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.064550][ T5336] RSP: 002b:00007f5bae5d4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.068065][ T5336] RAX: ffffffffffffffda RBX: 00007f5bb23e6090 RCX: 00007f5bb218eec9
[   69.071422][ T5336] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[   69.074898][ T5336] RBP: 00007f5bb2211f91 R08: 0000200000000500 R09: 0000000000000000
[   69.078556][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.081787][ T5336] R13: 00007f5bb23e6128 R14: 00007f5bb23e6090 R15: 00007ffe6901c5a8
[   69.085216][ T5336]  </TASK>
[   69.086606][ T5336] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   69.089725][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   69.093572][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.098174][ T5336] Call Trace:
[   69.099841][ T5336]  <TASK>
[   69.101196][ T5336]  dump_stack_lvl+0x99/0x250
[   69.103215][ T5336]  ? __asan_memcpy+0x40/0x70
[   69.105320][ T5336]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.107459][ T5336]  ? __pfx__printk+0x10/0x10
[   69.109327][ T5336]  vpanic+0x237/0x6d0
[   69.110874][ T5336]  ? __pfx_vpanic+0x10/0x10
[   69.112626][ T5336]  panic+0xb9/0xc0
[   69.114005][ T5336]  ? __pfx_panic+0x10/0x10
[   69.115710][ T5336]  __warn+0x31b/0x4b0
[   69.117303][ T5336]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.119784][ T5336]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.122443][ T5336]  report_bug+0x2be/0x4f0
[   69.124179][ T5336]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.126694][ T5336]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.129212][ T5336]  ? __alloc_frozen_pages_noprof+0x2ca/0x370
[   69.132165][ T5336]  handle_bug+0x84/0x160
[   69.134154][ T5336]  exc_invalid_op+0x1a/0x50
[   69.136352][ T5336]  asm_exc_invalid_op+0x1a/0x20
[   69.138682][ T5336] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   69.141405][ T5336] Code: 74 10 4c 89 e7 89 54 24 0c e8 14 b8 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 11 02 2e 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   69.149634][ T5336] RSP: 0000:ffffc9000fddf880 EFLAGS: 00010246
[   69.152148][ T5336] RAX: ffffc9000fddf800 RBX: 000000000000001f RCX: 0000000000000000
[   69.156557][ T5336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000fddf8e8
[   69.160693][ T5336] RBP: ffffc9000fddf970 R08: ffffc9000fddf8e7 R09: 0000000000000000
[   69.164264][ T5336] R10: ffffc9000fddf8c0 R11: fffff52001fbbf1d R12: 0000000000000000
[   69.167778][ T5336] R13: 1ffff92001fbbf14 R14: 0000000000040d40 R15: dffffc0000000000
[   69.171132][ T5336]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   69.173988][ T5336]  ? p9_client_clunk+0x1b6/0x250
[   69.176129][ T5336]  alloc_pages_mpol+0x232/0x4a0
[   69.178209][ T5336]  ___kmalloc_large_node+0x5f/0x1b0
[   69.180470][ T5336]  __kmalloc_large_node_noprof+0x18/0x90
[   69.183105][ T5336]  __kmalloc_noprof+0x4bd/0x7f0
[   69.185252][ T5336]  ? v9fs_fid_get_acl+0x4f/0x100
[   69.187476][ T5336]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[   69.190240][ T5336]  v9fs_fid_get_acl+0x4f/0x100
[   69.192261][ T5336]  v9fs_get_acl+0x9a/0x360
[   69.194222][ T5336]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[   69.196655][ T5336]  v9fs_mount+0x6eb/0xa50
[   69.198444][ T5336]  ? __pfx_v9fs_mount+0x10/0x10
[   69.200559][ T5336]  legacy_get_tree+0xfd/0x1a0
[   69.202649][ T5336]  ? __pfx_v9fs_mount+0x10/0x10
[   69.204601][ T5336]  vfs_get_tree+0x8f/0x2b0
[   69.206525][ T5336]  do_new_mount+0x302/0xa10
[   69.208645][ T5336]  ? apparmor_capable+0x137/0x1b0
[   69.210861][ T5336]  ? __pfx_do_new_mount+0x10/0x10
[   69.212976][ T5336]  ? ns_capable+0x8a/0xf0
[   69.214795][ T5336]  ? path_mount+0x61c/0xfe0
[   69.216627][ T5336]  ? kmem_cache_free+0x19b/0x690
[   69.218687][ T5336]  __se_sys_mount+0x313/0x410
[   69.220709][ T5336]  ? __pfx___se_sys_mount+0x10/0x10
[   69.223017][ T5336]  ? rcu_is_watching+0x15/0xb0
[   69.225135][ T5336]  ? do_syscall_64+0xbe/0x3b0
[   69.227352][ T5336]  ? __x64_sys_mount+0x20/0xc0
[   69.229416][ T5336]  do_syscall_64+0xfa/0x3b0
[   69.231441][ T5336]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.233705][ T5336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.236297][ T5336]  ? clear_bhb_loop+0x60/0xb0
[   69.238338][ T5336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.240833][ T5336] RIP: 0033:0x7f5bb218eec9
[   69.242780][ T5336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.250780][ T5336] RSP: 002b:00007f5bae5d4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.254296][ T5336] RAX: ffffffffffffffda RBX: 00007f5bb23e6090 RCX: 00007f5bb218eec9
[   69.257633][ T5336] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[   69.260912][ T5336] RBP: 00007f5bb2211f91 R08: 0000200000000500 R09: 0000000000000000
[   69.264291][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.267421][ T5336] R13: 00007f5bb23e6128 R14: 00007f5bb23e6090 R15: 00007ffe6901c5a8
[   69.270544][ T5336]  </TASK>
[   69.272132][ T5336] Kernel Offset: disabled
[   69.273888][ T5336] Rebooting in 86400 seconds..