./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2071422427

<...>
forked to background, child pid 3182
no interfa[   18.932623][ T3183] 8021q: adding VLAN 0 to HW filter on device bond0
ces have a carrier
[   18.944337][ T3183] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.54' (ECDSA) to the list of known hosts.
execve("./syz-executor2071422427", ["./syz-executor2071422427"], 0x7ffeee54b160 /* 10 vars */) = 0
brk(NULL)                               = 0x55555743f000
brk(0x55555743fd00)                     = 0x55555743fd00
arch_prctl(ARCH_SET_FS, 0x55555743f3c0) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2071422427", 4096) = 28
brk(0x555557460d00)                     = 0x555557460d00
brk(0x555557461000)                     = 0x555557461000
mprotect(0x7f7c7d08a000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f7c7cfd22f0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f7c7cfd9150}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f7c7cfd22f0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f7c7cfd9150}, NULL, 8) = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555743f690) = 3611
./strace-static-x86_64: Process 3611 attached
[pid  3611] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  3611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3611] setsid()                    = 1
[pid  3611] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  3611] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  3611] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  3611] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  3611] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  3611] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  3611] unshare(CLONE_NEWNS)        = 0
[pid  3611] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  3611] unshare(CLONE_NEWIPC)       = 0
[pid  3611] unshare(CLONE_NEWCGROUP)    = 0
[pid  3611] unshare(CLONE_NEWUTS)       = 0
[pid  3611] unshare(CLONE_SYSVSEM)      = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "16777216", 8)     = 8
[pid  3611] close(3)                    = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "536870912", 9)    = 9
[pid  3611] close(3)                    = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "1024", 4)         = 4
[pid  3611] close(3)                    = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "8192", 4)         = 4
[pid  3611] close(3)                    = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "1024", 4)         = 4
[pid  3611] close(3)                    = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "1024", 4)         = 4
[pid  3611] close(3)                    = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "1024 1048576 500 1024", 21) = 21
[pid  3611] close(3)                    = 0
[pid  3611] getpid()                    = 1
[pid  3611] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3611] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3611] unshare(CLONE_NEWNET)       = 0
[pid  3611] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  3611] write(3, "0 65535", 7)      = 7
[pid  3611] close(3)                    = 0
[pid  3611] mkdir("/dev/binderfs", 0777) = 0
[pid  3611] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  3611] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3611] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  3611] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid  3611] close(3)                    = 0
[pid  3611] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555743f690) = 2
./strace-static-x86_64: Process 3612 attached
[pid  3612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3612] setpgid(0, 0)               = 0
[pid  3612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "1000", 4)         = 4
[pid  3612] close(3)                    = 0
[pid  3612] memfd_create("syzkaller", 0) = 3
[pid  3612] ftruncate(3, 1048576)       = 0
[pid  3612] pwrite64(3, "\x04\x00\x02\x00\x8b\x00\x01", 7, 1) = 7
[pid  3612] pwrite64(3, "\x07\x00\x02\x00\x35\x00\x01\x00\x92\x7f\x30\x00\xe3\x07\x00\x00\x04\x00\x00\x00\x05\x00\x00\x00\x00\x26\x00\x00\x4d\x00\x00\x00\x00\x16\x00\x00\x75\x00\x00\x00\x00\xe0\x00\x00\x90\x00\x00\x00\x00\x1e\x00\x00\x01\x01\x00\x00\x00\x14\x00\x00\xf5\x07\x00\x00", 64, 8) = 64
[pid  3612] pwrite64(3, "\x00\x2a\x4c\x69\x6e\x75\x78\x20\x55\x44\x46\x46\x53\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x05\x00\x00\x00\x00\x00\x00", 32, 255) = 32
[pid  3612] pwrite64(3, "\x00\x42\x45\x41\x30\x31\x01\x00\x00\x00\x00\xf3\xff\xe3\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x42\xa1\x0f\x82\x2b\x37\xfe\x8b\x14\x09\xcf\xa8\xc6\xb4\xc8\x8d\x79\x26\x70\x64\x6c\x08\xfc\x49\x52\xe7\x57\xc7\xdf\x3a\x9a\x5e\xe8\xe1\x1f\x02\xa5\x37\xe8\xc8\x43\x19\xf4\xcf\xc5\xe9\x13\x4e\xa5\x58\x97\x0a\x71\x90\xdd\x09\xca\x3b\xae\xb4\xbe\x83\xb5\x85\x7a\xc7\x6c\x46"..., 122, 32768) = 122
[pid  3612] pwrite64(3, "\x00\x4e\x53\x52\x30\x32\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe6\x85\x27\xd1\x51\x38\xf2\x60\xa3\xfd\x8f\x97\xb6\x7e\xcd\x04\xdd\x1a\x83\xb4\x27\xf9\x5f\xe9\x2b\xf9\xa2\xb3\xec\x4c\xb8\xe8\xf3\xb7\xf4\xac\x11\x74\xbc\x26\x58\x16\x9b\xaf\x62\x5a\x24\x6a\x0f\x22\xda\xfc\xe1\xb6\x17\x9e\x25\x25\x2a\x52\x39\xbf\x7b\xf5\xa5\xe2\xbd\x29"..., 122, 34816) = 122
[pid  3612] pwrite64(3, "\x01\x00\x02\x00\x1d\x00\x01\x00\x1a\xae\xf0\x01\x60\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x08\x4c\x69\x6e\x75\x78\x55\x44\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x01\x00\x01\x00\x02\x00\x03\x00\x01\x00\x00\x00\x01\x00\x00\x00\x08\x31\x32\x33\x34\x35\x36\x37\x38\x31\x32\x33\x34\x35\x36\x37\x38\x4c\x69\x6e\x75\x78\x55\x44\x46\x00\x00\x00"..., 128, 49152) = 128
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x19\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00"..., 224, 49344) = 224
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x02\x00\x66\x00\x01\x00\x6b\xa8\xe8\x01\x61\x00\x00\x00\x02\x00\x00\x00\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 128, 49632) = 128
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x02\x00\x00\x00\x2a\x4f\x53\x54\x41\x20\x55\x44\x46\x20\x43\x6f\x6d\x70\x6c\x69\x61\x6e\x74\x00\x00\x00\x00\x50\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x01\x00\x00\x00\x00\x2a\x4c\x69\x6e\x75\x78\x20\x55\x44\x46\x46\x53\x00\x00\x00\x00\x00\x00\x00"..., 128, 49856) = 128
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x80\x00\x00\x00\x02\x40\x00\x00\x00\x2a\x55\x44\x46\x20\x53\x70\x61\x72\x61\x62\x6c\x65\x20\x50\x61\x72\x74\x69\x74\x69\x6f\x6e\x50\x01\x04\x05\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x02\x00\x38\x01\x00\x00\x70\x00\x00\x00\xf0\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00\x02\x00"..., 192, 50080) = 192
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x10\x05\x00\x00\xd0\x02\x00\x00\x00\x2a\x4c\x69\x6e\x75\x78\x20\x55\x44\x46\x46\x53\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x05\x00\x00", 64, 50336) = 64
[pid  3612] pwrite64(3, "\x07\x00\x02\x00\xae\x00\x01\x00\x92\x7f\x30\x00\x63\x00\x00\x00\x04\x00\x00\x00\x05\x00\x00\x00\x00\x26\x00\x00\x4d\x00\x00\x00\x00\x16\x00\x00\x75\x00\x00\x00\x00\xe0\x00\x00\x90\x00\x00\x00\x00\x1e\x00\x00\x01\x01\x00\x00\x00\x14\x00\x00\xf5\x07\x00\x00", 64, 50688) = 64
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 51428) = 32
[pid  3612] pwrite64(3, "\x00\x2a\x4c\x69\x6e\x75\x78\x20\x89\xbc\x1a\x03\xef\x7e\xb9\x55\x44\x39\x46\x53\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x05\x00\x00\x00\x00\x00\x00", 39, 51549) = 39
[pid  3612] pwrite64(3, "\x08\x00\x02\x00\x61\xe4\x00\x00\x00\x00\xf0\x01\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 51712) = 32
[pid  3612] pwrite64(3, "\x00\x00\x02\x00\x91\x00\x01\x00\x21\xd4\x28\x01\x70\x00\x00\x00\x00\x2a\x55\x44\x46\x20\x53\x70\x61\x72\x69\x6e\x67\x20\x54\x61\x62\x6c\x65\x00\x00\x00\x00\x00\x50\x01\x04\x05\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x10\x01\x00\x00\xff\xff\xff\xff\x30\x01\x00\x00\xff\xff\xff\xff\x50\x01\x00\x00\xff\xff\xff\xff\x70\x01\x00\x00\xff\xff\xff\xff\x90\x01\x00\x00\xff\xff\xff\xff"..., 320, 57344) = 320
[pid  3612] pwrite64(3, "\x09\x00\x02\x00\xd7\x00\x01\x00\x0a\xcb\x76\x00\x80\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5f\x4d\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x2e\x00\x00\x00\xb0\x02\x00\x00\xd0\x02\x00\x00\x00\x2a\x4c\x69\x6e\x75\x78\x20\x55\x44\x46\x46"..., 160, 65536) = 160
[pid  3612] pwrite64(3, "\x08\x00\x02\x00\x7d\x00\x01\x00\x00\x00\xf0\x01\x81\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 66049) = 32
[pid  3612] pwrite64(3, "\x02\x00\x02\x00\x22\x00\x01\x00\x76\xb5\xf0\x01\x00\x01\x00\x00\x00\x20\x00\x00\x60\x00\x00\x00\x00\x20\x00\x00\xe0\x07\x00\x00", 32, 131072) = 32
[pid  3612] pwrite64(3, "\x08\x02\x02\x00\xf5\x00\x01\x00\x96\x4b\x08\x00\x00\x00\x00\x00\xd0\x02\x00\x00\x5a\x00\x00\x00\xfe\xfe\xff\x00\x00\x00\xea\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\x1b\xd9\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x05\x00"..., 118, 663552) = 118
[pid  3612] pwrite64(3, "\x00\x01\x02\x00\x37\x00\x01\x00\xbb\x77\xf0\x01\x10\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x4c\x12\x56\x03\x00\x03\x00\x01\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 128, 671744) = 128
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x4c\x69\x6e\x75\x78\x55\x44\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 224, 671968) = 224
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\x7c\x00\x01\x00\xe5\xc6\xa8\x00\x20\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x3c\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x44\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x4c\x12\x56\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07"..., 192, 679936) = 192
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\xe4\x00\x01\x00\x00\x99\x20\x01\x21\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x7c\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07"..., 320, 680448) = 320
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\x3a\x00\x01\x00\x60\xff\xb0\x00\x22\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x7c\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x1a\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07"..., 192, 680960) = 192
[pid  3612] pwrite64(3, "syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers"..., 1056, 681472) = 1056
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\xc3\x00\x01\x00\xb8\x31\xaa\x00\x27\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x7c\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07"..., 192, 683520) = 192
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\x00\x00\x01\x00\x9d\x72\xc0\x00\x28\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x7c\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x28\x23\x00\x00\x00\x00\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07"..., 224, 684032) = 224
[pid  3612] pwrite64(3, "\x01\x01\x02\x00\xc0\x00\x01\x00\x1b\x58\x18\x00\x30\x00\x00\x00\x01\x00\x0a\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x01\x02\x00\xc4\x00\x01\x00\x7a\xe9\x2c\x00\x30\x00\x00\x00\x01\x00\x01\x16\x00\x02\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x08\x4e\x6f\x6e\x2d\x41\x6c\x6c\x6f\x63\x61\x74\x61\x62\x6c\x65\x20\x53\x70\x61\x63\x65"..., 352, 688128) = 352
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\xc9\x00\x01\x00\x4b\x34\x04\x01\x3c\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x7c\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x5e\x59\x53\x00\x10\xe6\x07"..., 288, 694272) = 288
[pid  3612] pwrite64(3, "\x05\x01\x02\x00\x52\x00\x01\x00\xbe\xab\xa0\x00\x40\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\xa5\x7c\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x4c\x12\x56\x00\x10\xe6\x07\x09\x0c\x0c\x00\x35\x4c\x12\x56\x00\x10\xe6\x07"..., 192, 696320) = 192
[pid  3612] pwrite64(3, "\x01\x00\x02\x00\xa4\x00\x01\x00\x1a\xae\xf0\x01\xe0\x07\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x08\x4c\x69\x6e\x75\x78\x55\x44\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x01\x00\x01\x00\x02\x00\x03\x00\x01\x00\x00\x00\x01\x00\x00\x00\x08\x31\x32\x33\x34\x35\x36\x37\x38\x31\x32\x33\x34\x35\x36\x37\x38\x4c\x69\x6e\x75\x78\x55\x44\x46\x00\x00\x00"..., 128, 1032192) = 128
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x19\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x4f\x53\x54\x41\x20\x43\x6f\x6d\x70\x72\x65\x73\x73\x65\x64\x20\x55\x6e\x69\x63\x6f\x64\x65\x00\x00\x00\x00"..., 224, 1032384) = 224
[pid  3612] pwrite64(3, "\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x02\x00\x02\x00\x2a\x4f\x53\x54\x41\x20\x55\x44\x46\x20\x43\x6f\x6d\x70\x6c\x69\x61\x6e\x74\x00\x00\x00\x00\x50\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x10\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x50\x25\xf7\x40\x00\x00\x00\x01\x00\x00\x00\x00\x2a\x4c\x69\x6e\x75\x78\x20\x55\x44\x46\x46\x53\x00\x00"..., 221, 1032896) = 221
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x80\x00\x00\x00\x02\x40\x00\x00\x00\x2a\x55\x44\x46\x20\x53\x70\x61\x72\x61\x62\x6c\x65\x20\x50\x61\x72\x74\x69\x74\x69\x6f\x6e\x50\x01\x04\x05\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x02\x00\x38\x01\x00\x00\x70\x00\x00\x00\xf0\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00\x02\x00"..., 192, 1033120) = 192
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x10\x05\x00\x00\xd0\x02\x00\x00\x00\x2a\x4c\x69\x6e\x75\x78\x20\x55\x44\x46\x46\x53\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x05\x00\x00", 64, 1033379) = 64
[pid  3612] pwrite64(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 1034464) = 32
[pid  3612] pwrite64(3, "\x08\x00\x02\x00\xe8\x00\x01\x00\x00\x00\xf0\x01\xe5\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 1034752) = 32
[pid  3612] pwrite64(3, "\x00\x00\x02\x00\x18\x00\x01\x00\x21\xd4\x28\x01\xf0\x07\x00\x00\x00\x2a\x55\x44\x46\x20\x53\x70\x61\x72\x69\x6e\x67\x20\x54\x61\x62\x6c\x65\x00\x00\x00\x00\x00\x50\x01\x04\x05\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x10\x01\x00\x00\xff\xff\xff\xff\x30\x01\x00\x00\xff\xff\xff\xff\x50\x01\x00\x00\xff\xff\xff\xff\x70\x01\x00\x00\xff\xff\xff\xff\x90\x01\x00\x00\xff\xff\xff\xff"..., 320, 1040384) = 320
[pid  3612] pwrite64(3, "\x02\x00\x02\x00\x27\x00\x01\x00\x76\xb5\xf0\x01\xff\x07\x00\x00\x00\x20\x00\x00\x60\x00\x00\x00\x00\x20\x00\x00\xe0\x07\x00\x00", 32, 1048064) = 32
[pid  3612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  3612] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  3612] mkdir("./file0", 0777)      = 0
[pid  3612] mount("/dev/loop0", "./file0", "udf", MS_SILENT, "umask=00000000000000000000315,anchor=00000000000000002047,shortad,unhide,gid=forget,lastblock=000000"...) = 0
[pid  3612] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
[pid  3612] chdir("./file0")            = 0
[pid  3612] ioctl(4, LOOP_CLR_FD)       = 0
[pid  3612] close(4)                    = 0
[pid  3612] close(3)                    = 0
[pid  3612] write(-1, "\x7f\x45\x4c\x46\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xac\xb0\xbd\x30\xfd\x24\x19\x91\xf9\xc6\xa0\x83"..., 1074) = -1 EBADF (Bad file descriptor)
[pid  3612] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3
[pid  3612] write(3, "\x28\x00\x00\x00\xfe\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x74\x00\x00\x00\x00\x00\x00\x00\x9e\x56\xf6\x06\x00\x00\x00\x00\x01\x00\x00\x00\xff\xff\xff\xff", 40) = 40
[pid  3612] write(3, "\x66\xb3\x4c\xa0\xdd\x29\x8c\x5b\xdd\x72\x9d\xef\x6f\x34\x79\xcd\x29\xbb\xfa\x0a\xc0\xba\xc8\x78\xfa\x83\xf7\x1b\x78\x8e\xe4\x24\x98\x88\x47\x5a\x01\xa0\xb0\x78\x07\x97\x85\x27\x12\xc7\xc1\x9d\xa2\x64\x52\x1b\xf2\xf4\x64\x03\x06\x42\x4d\x85\xc2\x50\x21\x5b\x41\x3b\x5d\x73\x47\x78\x7b\xed\x9a\xe7\xf2\xe3\x82\x13\x50\x8c\xca\x5f\x70\xfc\xb6\x02\xc0\x70\xfe\xf3\x34\x20\x4a\x4e\x18\x99\x71\x67\x32\xa4"..., 1840702809) = 290776
[pid  3612] mmap(0x20000000, 4194304, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_NONBLOCK, 3, 0) = 0x20000000
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000040} ---
[pid  3612] openat(AT_FDCWD, "\xfa\x83\xf7\x1b\x78\x8e\xe4\x24\x98\x88\x47\x5a\x01\xa0\xb0\x78\x07\x97\x85\x27\x12\xc7\xc1\x9d\xa2\x64\x52\x1b\xf2\xf4\x64\x03\x06\x42\x4d\x85\xc2\x50\x21\x5b\x41\x3b\x5d\x73\x47\x78\x7b\xed\x9a\xe7\xf2\xe3\x82\x13\x50\x8c\xca\x5f\x70\xfc\xb6\x02\xc0\x70\xfe\xf3\x34\x20\x4a\x4e\x18\x99\x71\x67\x32\xa4\x5e\x90\x2d\x14\x88\xf4\xba\xd7\x3a\xb3\xc8\xa9\x8b\x81\x80\x54\xf6\x7e\x17\x92\x3f\x8b\xed\x7c\x0a\x39\xe0\x83\xfc\x1d\x72\xfd\x1b\x43\x60\xca\x37\x81\xc8\x61\xda\x2b\x09\xff\xd6\x36\x90\xbb\x3a\xb1\xf0", O_RDONLY|O_CREAT, 000) = 4
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000000} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000100} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000200} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010400} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000208} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000210} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000218} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20011900} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000220} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000228} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000230} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200119e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000238} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000240} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000248} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000180} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000250} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000258} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000260} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000ac0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000268} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000270} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000278} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010060} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000280} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000288} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000290} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200100e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000298} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002a0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002a8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200101c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002b0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002b8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000b40} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002c8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002d0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002d8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200102c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002e8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002f0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010380} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200002f8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000300} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000308} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200103c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000310} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000318} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000320} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010490} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000328} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000330} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000338} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000080} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000340} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000348} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000350} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200104c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000358} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000360} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000368} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200104e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000370} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000378} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000380} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010620} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000388} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000390} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000398} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200106c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003a0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003a8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003b0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200106e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003b8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003c8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010700} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003d0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003d8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010780} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003e8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003f0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200003f8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010800} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000400} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000408} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000410} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200108e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000418} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000420} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000428} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200109a0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000430} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000438} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000440} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010ae0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000448} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000450} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000458} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20010ba0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000460} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000468} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000470} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200110c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000478} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000480} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000488} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20011180} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000490} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000498} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004a0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000640} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004a8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004b0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004b8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200113c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004c8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004d0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200114e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004d8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004e0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004e8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200115a0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004f0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200004f8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000500} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20011620} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000508} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000510} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000518} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200007c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000520} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000528} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000530} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000980} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000538} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000540} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000548} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200118c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000550} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000558} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000560} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200119d0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000568} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000570} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000578} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20011a00} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000580} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000588} ---
syzkaller login: [   36.015260][ T3612] loop0: detected capacity change from 0 to 2048
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000590} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20011a20} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000598} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200005a0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200005a8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20011b60} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200005b0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200005b8} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008c0} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008c5} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008c6} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008dd} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008de} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008e4} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008e5} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008f9} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200008fa} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000901} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000902} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000908} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000911} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000913} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000091c} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000091d} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000091e} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000932} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000933} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000093a} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000093b} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000094f} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000958} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000959} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000095a} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000095f} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000960} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000963} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000964} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000978} ---
[pid  3612] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000979} ---
[pid  3612] memfd_create("syzkaller", 0) = 6
[pid  3612] ftruncate(6, 1048576)       = 0
[pid  3612] pwrite64(6, 0x389ca3252c16e36d, 10453686664247621896, -4934559965218925860) = -1 EINVAL (Invalid argument)
[pid  3612] pwrite64(6, 0x279d7fde021c49b3, 10134679084675499274, -6381432754288269091) = -1 EINVAL (Invalid argument)
[pid  3612] pwrite64(6, 0x708e38048cb4cad7, 12951325731817134681, 75551235421776626) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x5f78667fa5db7797, 9217497656453545738, 5985059117420579128) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0xc46641f7ca7da692, 4275493233968677967, 1024115199717008937) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0xbaa3372382897a13, 18304622726565750457, -3189307791965415141) = -1 EINVAL (Invalid argument)
[pid  3612] pwrite64(6, 0x1d74c2571dcde216, 2343758561768253609, 972555887563536891) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0xcb4348f436b53dc1, 2259038023253162101, -4422333686626417087) = -1 EINVAL (Invalid argument)
[pid  3612] pwrite64(6, 0xc8e0d9c9bea8b3e0, 8286868753470980950, -24012622260037456) = -1 EINVAL (Invalid argument)
[pid  3612] pwrite64(6, 0xecc41657c29f7cf5, 14703425368385446918, -1443143717082678369) = -1 EINVAL (Invalid argument)
[pid  3612] pwrite64(6, 0xf2efbfc76495282e, 1806736851416505755, 9160400489717616475) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, "", 0, 983040)  = 0
[pid  3612] pwrite64(6, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 1034752) = 32
[pid  3612] pwrite64(6, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 320, 1040384) = 320
[pid  3612] pwrite64(6, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32, 1048064) = 32
[pid  3612] pwrite64(6, NULL, 0, 0)     = 0
[pid  3612] pwrite64(6, NULL, 0, 0)     = 0
[pid  3612] pwrite64(6, NULL, 0, 0)     = 0
[pid  3612] pwrite64(6, NULL, 0, 0)     = 0
[pid  3612] pwrite64(6, NULL, 0, 0)     = 0
[pid  3612] pwrite64(6, NULL, 282299610562817, 206160025627) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x200000a0001, 32, 0) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x100c400020101, 206161373562, 2199392419841) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x40, 5622744134772064272, 7165064744375512687) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x5320656c62617461, 564055461028208, 8061550535442660) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x602000100000030, 141733921280, 73014444032) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x30656c6966080000, 282376919974145, 206160283705) = -1 EFAULT (Bad address)
[pid  3612] pwrite64(6, 0x20006000001, 39, 7352126391682334740) = -1 EFBIG (File too large)
[pid  3612] --- SIGXFSZ {si_signo=SIGXFSZ, si_code=SI_USER, si_pid=2, si_uid=0} ---
[   36.086356][ T3612] ==================================================================
[   36.094567][ T3612] BUG: KASAN: slab-out-of-bounds in udf_find_entry+0x9f3/0x1230
[   36.102200][ T3612] Write of size 165 at addr ffff88802069da5a by task syz-executor207/3612
[   36.110796][ T3612] 
[   36.113106][ T3612] CPU: 1 PID: 3612 Comm: syz-executor207 Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
[   36.123159][ T3612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   36.133382][ T3612] Call Trace:
[   36.136659][ T3612]  <TASK>
[   36.139698][ T3612]  dump_stack_lvl+0xcd/0x134
[   36.144298][ T3612]  print_report.cold+0x2ba/0x719
[   36.149248][ T3612]  ? udf_find_entry+0x9f3/0x1230
[   36.154184][ T3612]  kasan_report+0xb1/0x1e0
[   36.158607][ T3612]  ? udf_find_entry+0x9f3/0x1230
[   36.163541][ T3612]  kasan_check_range+0x13d/0x180
[   36.168484][ T3612]  memcpy+0x39/0x60
[   36.172287][ T3612]  udf_find_entry+0x9f3/0x1230
[   36.177047][ T3612]  ? empty_dir+0x840/0x840
[   36.181454][ T3612]  ? mntput+0xc/0x90
[   36.185354][ T3612]  ? rcu_read_lock_sched_held+0xd/0x70
[   36.190826][ T3612]  ? lock_release+0x780/0x780
[   36.195505][ T3612]  ? rcu_read_lock_sched_held+0xd/0x70
[   36.200974][ T3612]  ? kmem_cache_alloc_lru+0x49/0x720
[   36.206262][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   36.211205][ T3612]  ? lock_acquire+0x480/0x570
[   36.215880][ T3612]  ? rcu_read_lock_sched_held+0xd/0x70
[   36.221349][ T3612]  udf_lookup+0x156/0x270
[   36.225676][ T3612]  ? udf_get_parent+0x210/0x210
[   36.230525][ T3612]  ? d_alloc+0x1b7/0x230
[   36.234767][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   36.239621][ T3612]  ? rwlock_bug.part.0+0x90/0x90
[   36.244565][ T3612]  ? do_raw_spin_unlock+0x171/0x230
[   36.249766][ T3612]  ? _raw_spin_unlock+0x24/0x40
[   36.254615][ T3612]  ? d_alloc+0x1bc/0x230
[   36.258859][ T3612]  __lookup_hash+0x117/0x180
[   36.263452][ T3612]  do_unlinkat+0x284/0x650
[   36.267868][ T3612]  ? __ia32_sys_rmdir+0x110/0x110
[   36.272888][ T3612]  ? kmem_cache_alloc+0x31b/0x3b0
[   36.277913][ T3612]  ? memcpy+0x39/0x60
[   36.281887][ T3612]  do_coredump+0xcf7/0x3c40
[   36.286390][ T3612]  ? dump_emit+0x340/0x340
[   36.290809][ T3612]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   36.296615][ T3612]  ? __switch_to+0x5cc/0x1050
[   36.301288][ T3612]  ? __switch_to_asm+0x3a/0x60
[   36.306054][ T3612]  ? __schedule+0xae7/0x5270
[   36.310650][ T3612]  ? trace_hardirqs_on+0x2d/0x120
[   36.315681][ T3612]  ? lock_release+0x780/0x780
[   36.320352][ T3612]  ? ptrace_stop.part.0+0x49a/0x8c0
[   36.325547][ T3612]  ? kstrtou8+0x120/0x120
[   36.329878][ T3612]  ? recalc_sigpending_tsk+0x18f/0x1d0
[   36.335342][ T3612]  get_signal+0x1be1/0x2430
[   36.339852][ T3612]  ? lock_release+0x780/0x780
[   36.344529][ T3612]  ? exit_signals+0x8b0/0x8b0
[   36.349212][ T3612]  ? do_raw_spin_lock+0x120/0x2a0
[   36.354241][ T3612]  ? rwlock_bug.part.0+0x90/0x90
[   36.359182][ T3612]  arch_do_signal_or_restart+0x82/0x2300
[   36.364816][ T3612]  ? recalc_sigpending_tsk+0x18f/0x1d0
[   36.370289][ T3612]  ? ptrace_stop.part.0+0x5f4/0x8c0
[   36.375488][ T3612]  ? get_sigframe_size+0x10/0x10
[   36.380512][ T3612]  ? ptrace_notify+0xfa/0x140
[   36.385193][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   36.390046][ T3612]  ? trace_hardirqs_on+0x2d/0x120
[   36.395082][ T3612]  exit_to_user_mode_prepare+0x15f/0x250
[   36.400729][ T3612]  syscall_exit_to_user_mode+0x19/0x50
[   36.406187][ T3612]  do_syscall_64+0x42/0xb0
[   36.410603][ T3612]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   36.416497][ T3612] RIP: 0033:0x7f7c7cfd90a6
[   36.420901][ T3612] Code: b8 ff ff ff ff eb b9 e8 c8 39 04 00 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 48 89 54 24 10 48 89 74
[   36.440512][ T3612] RSP: 002b:00007ffc1996ea58 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   36.448931][ T3612] RAX: ffffffffffffffe5 RBX: 0000000000000006 RCX: 00007f7c7cfd90a6
[   36.456898][ T3612] RDX: 0000000000000027 RSI: 0000020006000001 RDI: 0000000000000006
[   36.464859][ T3612] RBP: 00007ffc1996ea70 R08: 00007ffc1996e8f0 R09: 000055555743f380
[   36.472832][ T3612] R10: 6608000000000014 R11: 0000000000000246 R12: 0000000000000028
[   36.480799][ T3612] R13: 0000000000000006 R14: 000000000000001c R15: 00000000200004a0
[   36.488772][ T3612]  </TASK>
[   36.491777][ T3612] 
[   36.494086][ T3612] Allocated by task 3612:
[   36.498415][ T3612]  kasan_save_stack+0x1e/0x40
[   36.503112][ T3612]  __kasan_kmalloc+0xa9/0xd0
[   36.507702][ T3612]  udf_find_entry+0xd3f/0x1230
[   36.512455][ T3612]  udf_lookup+0x156/0x270
[   36.516773][ T3612]  __lookup_hash+0x117/0x180
[   36.521384][ T3612]  do_unlinkat+0x284/0x650
[   36.525795][ T3612]  do_coredump+0xcf7/0x3c40
[   36.530294][ T3612]  get_signal+0x1be1/0x2430
[   36.534791][ T3612]  arch_do_signal_or_restart+0x82/0x2300
[   36.540418][ T3612]  exit_to_user_mode_prepare+0x15f/0x250
[   36.546041][ T3612]  syscall_exit_to_user_mode+0x19/0x50
[   36.551496][ T3612]  do_syscall_64+0x42/0xb0
[   36.555908][ T3612]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   36.561797][ T3612] 
[   36.564110][ T3612] The buggy address belongs to the object at ffff88802069da00
[   36.564110][ T3612]  which belongs to the cache kmalloc-256 of size 256
[   36.578156][ T3612] The buggy address is located 90 bytes inside of
[   36.578156][ T3612]  256-byte region [ffff88802069da00, ffff88802069db00)
[   36.591338][ T3612] 
[   36.593648][ T3612] The buggy address belongs to the physical page:
[   36.600046][ T3612] page:ffffea000081a700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2069c
[   36.610188][ T3612] head:ffffea000081a700 order:1 compound_mapcount:0 compound_pincount:0
[   36.618499][ T3612] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   36.626474][ T3612] raw: 00fff00000010200 ffffea0000813100 dead000000000004 ffff888011841b40
[   36.635053][ T3612] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   36.643626][ T3612] page dumped because: kasan: bad access detected
[   36.650027][ T3612] page_owner tracks the page as allocated
[   36.655724][ T3612] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 9, tgid 9 (kworker/u4:0), ts 6748281877, free_ts 0
[   36.675607][ T3612]  get_page_from_freelist+0x109b/0x2ce0
[   36.681163][ T3612]  __alloc_pages+0x1c7/0x510
[   36.685753][ T3612]  alloc_pages+0x1a6/0x270
[   36.690167][ T3612]  allocate_slab+0x27e/0x3d0
[   36.694749][ T3612]  ___slab_alloc+0x84f/0xe80
[   36.699340][ T3612]  __slab_alloc.constprop.0+0x4d/0xa0
[   36.704707][ T3612]  kmem_cache_alloc_trace+0x323/0x3e0
[   36.710165][ T3612]  scsi_probe_and_add_lun+0x3ae/0x3650
[   36.715621][ T3612]  __scsi_scan_target+0x21f/0xdb0
[   36.720637][ T3612]  scsi_scan_channel+0x148/0x1e0
[   36.725568][ T3612]  scsi_scan_host_selected+0x2df/0x3b0
[   36.731020][ T3612]  do_scsi_scan_host+0x1e8/0x260
[   36.735977][ T3612]  do_scan_async+0x3e/0x500
[   36.740476][ T3612]  async_run_entry_fn+0x98/0x530
[   36.745406][ T3612]  process_one_work+0x991/0x1610
[   36.750369][ T3612]  worker_thread+0x665/0x1080
[   36.755045][ T3612] page_owner free stack trace missing
[   36.760398][ T3612] 
[   36.762708][ T3612] Memory state around the buggy address:
[   36.768321][ T3612]  ffff88802069d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.776375][ T3612]  ffff88802069da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.784435][ T3612] >ffff88802069da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06
[   36.792495][ T3612]                                                                 ^
[   36.800461][ T3612]  ffff88802069db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.808513][ T3612]  ffff88802069db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.816561][ T3612] ==================================================================
[   36.824881][ T3612] Kernel panic - not syncing: panic_on_warn set ...
[   36.831493][ T3612] CPU: 1 PID: 3612 Comm: syz-executor207 Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
[   36.841566][ T3612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   36.851622][ T3612] Call Trace:
[   36.854897][ T3612]  <TASK>
[   36.857817][ T3612]  dump_stack_lvl+0xcd/0x134
[   36.862404][ T3612]  panic+0x2c8/0x622
[   36.866314][ T3612]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   36.872324][ T3612]  ? preempt_schedule_common+0x59/0xc0
[   36.877789][ T3612]  ? preempt_schedule_thunk+0x16/0x18
[   36.883182][ T3612]  ? udf_find_entry+0x9f3/0x1230
[   36.888116][ T3612]  end_report.part.0+0x3f/0x7c
[   36.892888][ T3612]  kasan_report.cold+0xa/0xf
[   36.897473][ T3612]  ? udf_find_entry+0x9f3/0x1230
[   36.902402][ T3612]  kasan_check_range+0x13d/0x180
[   36.907340][ T3612]  memcpy+0x39/0x60
[   36.911136][ T3612]  udf_find_entry+0x9f3/0x1230
[   36.915896][ T3612]  ? empty_dir+0x840/0x840
[   36.920301][ T3612]  ? mntput+0xc/0x90
[   36.924208][ T3612]  ? rcu_read_lock_sched_held+0xd/0x70
[   36.929672][ T3612]  ? lock_release+0x780/0x780
[   36.934341][ T3612]  ? rcu_read_lock_sched_held+0xd/0x70
[   36.939802][ T3612]  ? kmem_cache_alloc_lru+0x49/0x720
[   36.945081][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   36.949926][ T3612]  ? lock_acquire+0x480/0x570
[   36.954591][ T3612]  ? rcu_read_lock_sched_held+0xd/0x70
[   36.960051][ T3612]  udf_lookup+0x156/0x270
[   36.964372][ T3612]  ? udf_get_parent+0x210/0x210
[   36.969238][ T3612]  ? d_alloc+0x1b7/0x230
[   36.973491][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   36.978334][ T3612]  ? rwlock_bug.part.0+0x90/0x90
[   36.983270][ T3612]  ? do_raw_spin_unlock+0x171/0x230
[   36.988479][ T3612]  ? _raw_spin_unlock+0x24/0x40
[   36.993325][ T3612]  ? d_alloc+0x1bc/0x230
[   36.997563][ T3612]  __lookup_hash+0x117/0x180
[   37.002150][ T3612]  do_unlinkat+0x284/0x650
[   37.006555][ T3612]  ? __ia32_sys_rmdir+0x110/0x110
[   37.011570][ T3612]  ? kmem_cache_alloc+0x31b/0x3b0
[   37.016606][ T3612]  ? memcpy+0x39/0x60
[   37.020579][ T3612]  do_coredump+0xcf7/0x3c40
[   37.025079][ T3612]  ? dump_emit+0x340/0x340
[   37.029493][ T3612]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   37.035319][ T3612]  ? __switch_to+0x5cc/0x1050
[   37.039986][ T3612]  ? __switch_to_asm+0x3a/0x60
[   37.044745][ T3612]  ? __schedule+0xae7/0x5270
[   37.049331][ T3612]  ? trace_hardirqs_on+0x2d/0x120
[   37.054362][ T3612]  ? lock_release+0x780/0x780
[   37.059025][ T3612]  ? ptrace_stop.part.0+0x49a/0x8c0
[   37.064219][ T3612]  ? kstrtou8+0x120/0x120
[   37.068549][ T3612]  ? recalc_sigpending_tsk+0x18f/0x1d0
[   37.074009][ T3612]  get_signal+0x1be1/0x2430
[   37.078511][ T3612]  ? lock_release+0x780/0x780
[   37.083179][ T3612]  ? exit_signals+0x8b0/0x8b0
[   37.087865][ T3612]  ? do_raw_spin_lock+0x120/0x2a0
[   37.092886][ T3612]  ? rwlock_bug.part.0+0x90/0x90
[   37.097817][ T3612]  arch_do_signal_or_restart+0x82/0x2300
[   37.103533][ T3612]  ? recalc_sigpending_tsk+0x18f/0x1d0
[   37.108992][ T3612]  ? ptrace_stop.part.0+0x5f4/0x8c0
[   37.114181][ T3612]  ? get_sigframe_size+0x10/0x10
[   37.119110][ T3612]  ? ptrace_notify+0xfa/0x140
[   37.123775][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   37.128623][ T3612]  ? trace_hardirqs_on+0x2d/0x120
[   37.133651][ T3612]  exit_to_user_mode_prepare+0x15f/0x250
[   37.139276][ T3612]  syscall_exit_to_user_mode+0x19/0x50
[   37.144726][ T3612]  do_syscall_64+0x42/0xb0
[   37.149140][ T3612]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   37.155118][ T3612] RIP: 0033:0x7f7c7cfd90a6
[   37.159543][ T3612] Code: b8 ff ff ff ff eb b9 e8 c8 39 04 00 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 48 89 54 24 10 48 89 74
[   37.179158][ T3612] RSP: 002b:00007ffc1996ea58 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   37.187587][ T3612] RAX: ffffffffffffffe5 RBX: 0000000000000006 RCX: 00007f7c7cfd90a6
[   37.195551][ T3612] RDX: 0000000000000027 RSI: 0000020006000001 RDI: 0000000000000006
[   37.203517][ T3612] RBP: 00007ffc1996ea70 R08: 00007ffc1996e8f0 R09: 000055555743f380
[   37.211571][ T3612] R10: 6608000000000014 R11: 0000000000000246 R12: 0000000000000028
[   37.219537][ T3612] R13: 0000000000000006 R14: 000000000000001c R15: 00000000200004a0
[   37.227524][ T3612]  </TASK>
[   37.230886][ T3612] Kernel Offset: disabled
[   37.235197][ T3612] Rebooting in 86400 seconds..