Unable to handle kernel paging request at virtual address e9ff9fffe000366f
KASAN: maybe wild-memory-access in range [0x5000ffff0001b378-0x5000ffff0001b37f]
Mem abort info:
  ESR = 0x0000000096000004
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x04: level 0 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[e9ff9fffe000366f] address between user and kernel address ranges
Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.14.0-rc5-syzkaller-g77c95b8c7a16 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : memcg_rstat_updated+0xe4/0x288 mm/memcontrol.c:585
lr : memcg_rstat_updated+0x7c/0x288 mm/memcontrol.c:583
sp : ffff800097d87750
x29: ffff800097d87750 x28: 0a001fffe000366f x27: ffff80008fbbd000
x26: fffffffffffffe80 x25: 1ffff00011f77ac5 x24: 0000000000000001
x23: dfff800000000000 x22: fffffdffbf784010 x21: 00000000ffffffff
x20: 5000ffff0001b37a x19: 0000000000000001 x18: ffff0001b37a2828
x17: ffff800123c84000 x16: ffff8000832b8f3c x15: 0000000000000001
x14: 1fffe000366f216e x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000000101 x10: 0000000000000003 x9 : 0000000000000005
x8 : 0000000000000000 x7 : ffff800080637940 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff8000804831a4
x2 : 0000000000000001 x1 : ffff80008bdf7720 x0 : 0000000000000000
Call trace:
 memcg_rstat_updated+0xe4/0x288 mm/memcontrol.c:585 (P)
 __mod_memcg_lruvec_state+0x374/0x7e0 mm/memcontrol.c:766
 __mod_objcg_mlstate+0x168/0x24c mm/memcontrol.c:2414
 drain_obj_stock+0x178/0x350 mm/memcontrol.c:2820
 refill_obj_stock+0xe8/0x2d8 mm/memcontrol.c:2869
 obj_cgroup_uncharge mm/memcontrol.c:2936 [inline]
 __memcg_slab_free_hook+0x114/0x228 mm/memcontrol.c:3023
 memcg_slab_free_hook mm/slub.c:2178 [inline]
 slab_free mm/slub.c:4606 [inline]
 kmem_cache_free+0x280/0x554 mm/slub.c:4711
 sock_free_inode+0x28/0x38 net/socket.c:330
 i_callback+0x50/0x78 fs/inode.c:325
 rcu_do_batch kernel/rcu/tree.c:2546 [inline]
 rcu_core+0x898/0x1b5c kernel/rcu/tree.c:2802
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2819
 handle_softirqs+0x320/0xd34 kernel/softirq.c:561
 run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
 smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
 kthread+0x65c/0x7b0 kernel/kthread.c:464
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
Code: b4000c14 d343fe9c 12000a89 11000d29 (38f76b88) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	b4000c14 	cbz	x20, 0x180
   4:	d343fe9c 	lsr	x28, x20, #3
   8:	12000a89 	and	w9, w20, #0x7
   c:	11000d29 	add	w9, w9, #0x3
* 10:	38f76b88 	ldrsb	w8, [x28, x23] <-- trapping instruction