program:
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0008b0cf8098a954f0c13d46c5f2da99dd78517bdc8c78047b090ec8e43f7def3d6e7ff57769de041cb1ee36eb9ef0278f3613aa6fc0a70281e7bdbe594f689dbe20a5c5b893c3751e0d41a772d4e6963860d07e3f3f06b10f3eeb3aa2324f6e3d348cf3fa4536d200214110447005e899317ac49bdb087c7ee9c6a7f01bf8f94692bfa45daf2422901aa20a1e0b8736e57abc12ff197cc72bc4b25cfc4ae212b63861ba8545d2000000000000000000ccd1c12bb71e6040ea5c"], 0x1, 0x14d1, &(0x7f00000015c0)="$eJzs3AlwlcW2KOBe3f1DiBG3EZl79fphiwGaiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBg5iIiIyCSTQL/C47ncczy3uO+8cy+vKuur6kqv/Hut3Z1VyT9UZf/UdViNxjWrNiAi8a9Qf5vAX78kCyFihBADhRC3CSECIUTZ+LLx147nUpD8L70J+x/SMPVmr4DdTNz/7I37n71x/7M37n/2xv3P3rj/2Rv3P3vj/jOWraUVuJ1H9h38/D874/N/9sb9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dr/B8+gedzEwRhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM/S+44K/TQoi/zW/2uhhjjDHGGGOMMfbv43Pe7BUwxhhjjDHGGGPsfx4IKZTQIhA5RE4RI3KJWHGLiBO3itziNhERt4t4cYfII+4UeUU+kV8UEAVFIVFYGIHCChKhKCKKiqi4SxQTd4sEUVyUECWFE6VEorhHlBb3ijLiPlFW3C/KiQdEeVFBVBSVxIOisnhIVBEPi6riEVFNVBc1RE3xqKglHhO1xeOijnhC1BVPinriKVFfPC0aiIaikXhGNBbPiiaiqWgmmosWoqVo9S/lvyV6iLdFT9FLJIveoo94R/QV/UR/MUAMFO+KQeI9MVi8L4aIoWKY+EAMFx+KEeIjMVKMEqPFx2KMGCvGifFigpgoUsQnYpL4VEwWn4kpYqqYJqaLVDFDpInPxUwxS8wWX4g54ksxV8wT88UCkS4WikViscgQX4kl4muRKZaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdopdYrfYI/aKfWK/OCC+EVni2//L/PP/kN8NBAiQIEGDhhyQA2IgBmIhFuIgDnJDbohABOIhHvJAHsgLeSE/5IeCUBAKQ2FAQCAgKAJFIApRKAbFIAESoASUAAcOEiERSsO9UAbKQFkoC+WgHJSHClABKkElqAyVoQpUgapQFapBNagBNeBReBQeg9pQG+pAHagLdaEe1IP6UB8aQANoBI2gMTSGJtAEmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIAk6QkfoBJ2gM3SGLtAFukJX6AZvwpvwFrwFb8Pb0Auqyd7QB/pAX+gL/WEADIB3YRC8B+/B+zAEhsIw+AA+gA9hBJyDkTAKRsNoqCzHwjgYDyQnQgqkwCSYBJNhMkyBqTAVpkMqzIA0SIOZMAtmwRcwB76EL2EezIMFkA7psAgWQwZkwBI4D5mwFJbBclgBK2EFrIY1sBrWwXpYBxthI2yGzbAVtsJ22A47YSfsht2wF/bCftgPQyALsuAgHIRDcAgOw2E4AkfgKByFY3AMjsNxOAEn4CScgtNwCs7CWTgH5+ECXIBLcAkuw2W4Clev/fLLa7TUMofMIWNkjIyVsTJOxsncMreMyIiMl/Eyj8wj88q8Mr/MLwvKgrKwLCxRoiQZyiKyiIzKqCwmi8kEmSBLyBLSSScTZaIsLUvLMrKMLCvvl+XkA7K8rCDbukqykqws27kq8mFZVVaV1WR1WUPWlDVlLVlL1pa1ZR1ZR9aVdWU9+ZSsL3tDf2gor3WmsRwKTeQwaCabyxaypfwQnpOt5QhoI9vKdvIFOQpGQgfZ2iXJl2VHOQ46yVfleHhNdpEToat8Q3aTb8ru8i3ZQ7ZxPWUvOQV6yz5yOvSV/WR/OUDOhOryWsdqyPflEDlUDpMfyAXwoRwhP5Ij5Sg5Wn4sx8ixcpwcLyfIiTJFfiInyU/lZPmZnCKnymlyukyVM2Sa/FzOlLPkbPmFnCO/lHPlPDlfLpDpcqFcJBfLDPmVXCK/lplyqVwml8sVcqVcJVfLNXKtXCfXyw1yo9wkN8stcqvcJrfLHXKn3CV3yz1yr9wn98sD8huZJb+VB+Vf5CH5nTwsv5dH5A/yqPxRHpM/yePyZ3lC/iJPylPytDwjz8pf5Tl5Xl6QF+Ul+Zu8LK/Iq9JLoUBJpZRWgcqhcqoYlUvFqltUnLpV5Va3qYi6XcWrO1QedafKq/Kp/KqAKqgKqcLKKFRWkQpVEVVURdVdqpi6WyWo4qqEKqmcKqUS1T2qtLpXlVH3qbLqflVOPaDKqwqqoqqkHlSV1UOqinpYVVWPqGqquqqhaqpHVS31mKqtHld11BOqrnpS1VNPqfrqadVANVSN1DOqsXpWNVFNVTPVXLVQLVUr9ZxqrZ5XbVRb1U69oNqrF1UH9ZJKUi+rjuoV1Um9qjqr11QX9brqqt5Q3dSbqru6oq4qr3qqXipZ9VZ91Duqr+qn+qsBaqB6Vw1S76nB6n01RA1Vw9QHarj6UI1QH6mRapQarT5WY9RYNU6NVxPURJWiPlGT1KdqsvpMTVFT1TQ1XaWqGar/H5Vm/zfyP/0n+YN/f/fNaovaqrap7WqH2ql2qd1qj9qj9ql96oA6oLJUljqoDqpD6pA6rA6rI+qIOqqOqmPqmDqujqsT6oQ6qU6pi+qMOqt+VefUeXVeXVSX1CV1+Y+fgdCgpVZa60Dn0Dl1jM6lY/UtOk7fqnPr23RE367j9R06j75T59X5dH5dQBfUhXRhbTRqq0mHuoguqqP6Ll1M360TdHFdQpfUTpfSifqe/+f8G62vlW6lW+vWuo1uo9vpdrq9bq876A46SSfpjrqj7qQ76c66s+6iu+iuuqvuprvp7rq77qF76J66p07WybqPfkf31f10fz1AD9Tv6kF6kB6sB+sheogepofp4Xq4HqFH6JF6pB6tR+sxeowep8fpCXqCTtEpepKepCfryXqKnqKn6Wk6VafqNJ2mZ+qZeraerefoOXqunqvn6/k6XafrRXqRztAZeoleojP1Ur1UL9fL9Uq9Uq/Wq/VavVav1+v1Rr1RZ+oteoveprfpHXqH3qV36T16j96n9+kD+oDO0ln6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+gT+qQ+qU/r0/qsPqvP6XP6gr6gL+lL+rK+rK/qq9cu+wIZyEAHOsgR5AhigpggNogN4oK4IHeQO4gEkSA+iA/yBHcGeYN8Qf6gQFAwKBQUDkyAgQ0oCIMiQdEgGtwVFAvuDhKC4kGJoGTgglJBYnBPUDq4NygT3BeUDe4PygUPBOWDCkHFoFLwYFA5eCioEjwcVA0eCaoF1YMaQc3g0aBW8FhQO3g8qBM8EdQNngzqBU8F9YOngwZBw6BR8EzQOHg2aBI0DZoFzYMWQcug1b+1vvfn8j3veppeJtn0Nn3MO6av6Wf6mwFmoHnXDDLvmcHmfTPEDDXDzAdmuPnQjDAfmZFmlBltPjZjzFgzzow3E8xEk2I+MZPMp2ay+cxMMVPNNDPdpJoZJs18bmaaWWa2+cLMMV+auWaemW8WmHSz0Cwyi02G+cosMV+bTLPULDPLzQqz0qwyq80as9asM+vNBrPRbDKbzRaz1Wwz280Os9PsMrvNHrPX7DP7zQHzjcky35qD5i/mkPnOHDbfmyPmB3PU/GiOmZ/McfOzOWF+MSfNKXPanDFnza/mnDlvLpiL5pL5zVw2V8xV469d3F87vaNGjTkwB8ZgDMZiLMZhHObG3BjBCMZjPObBPJgX82J+zI8FsSAWxsJ4DSFhESyCUYxiMSyGCZiAJbAEOnSYiIlYGktjGSyDZbEslsNyWB7LY0WsiA/ig/gQPoQP48P4CD6C1bE61sSaWAtrYW2sjXWwDtbFulgP62F9rI8NsAE2wkbYGBtjE2yCzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsNu2B27Yw/sgT2xJyZjMvbBPtgX+2J/7I8DcSAOwkE4GAfjEByCw3AYDsfhOAJH4EgchaPxYxyDY3EcjscJOBFTMAUn4SScjJNxCk7BaTgNUzEV0zANZ+JMnI2zcQ7Owbk4F+fjfEzHdFyEizADM3AJLsFMzMRluAxX4ApchatwDa7BdbgON+AG3ISbcAtuwW24DXfgDtyFu3AP7sF9uA8P4AHMwiw8iAfxEB7Cw3gYj+ARPIpH8Rgew+N4HE/gCTyJJ/E0nsazeBbP4Tm8gBfwEv6Gl/EKXkWPMTaXjbW32Dh7q81tb7P/GOe3BWxBW8gWtsbmtfn+LkZrbYItbkvYktbZUjbR3vOnuLytYCvaSvZBW9k+ZKv8Ka5lH7O17eO2jn3C1rSP/l1c1z5p69lnbX3b1DawzW0j29I2ts/aJrapbWab2xa2pW1vX7Qd7Es2yb5sO9pX/hQvsovtGrvWrrPr7T67316wF+0x+5O9ZH+zPW0vO9C+awfZ9+xg+74dYof+KR5tP7Zj7Fg7zo63E+zEP8XT7HSbamfYNPu5nWln/SlOtwvtHJth59p5dr5d8Ht8bU0Z9iu7xH5tM+1Su8wutyvsSrvKrv6PtS63G+0mu9nusXvtNrvd7rA77S67+/f42j4O2G9slv3WHrU/2kP2O3vYHrdH7A+/x9f2d9z+bE/YX+xJe8qetmfsWfurPWfP/77/a3s/Y6/Yq9ZbQUCSFGkKKAflpBjKRbF0C8XRrZSbbqMI3U7xdAfloTspL+Wj/FSAClIhKkyGkCwRhVSEilKU7qJidDclUHEqQSXJUSlKpHuoNN1LZeg+Kkv3Uzl6gMpTBapIlehBqkwPURV6mKrSI1SNqlMNqkmPUi16jGrT41SHnqC69CTVo6eoPj1NDaghNaJnqDE9S02oKTWj5tSCWlIreo5a0/PUhtpSO3qB2tOL1IFeoiR6mTrSK9SJXqXO9Bp1odepK71B3ehN6k5vUQ96m3pSL0qm3tSH3qG+1I/60wAaSO/SIHqPBtP7NISG0jD6gIbThzSCPqKRNIpG08c0hsbSOBpPE2gipdAnNIk+pcn0GU2hqTSNplMqzaA0+pxm0iyaTV/QHPqS5tI8mk8LKJ0W0iJaTBn0FS2hrymTltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjtoJ+2i3bSH9tI+2k8H6BvKom/pIP2FDtF3dJi+pyP0Ax2lH+kY/UTH6Wc6Qb/QSTpFp+kMnaVf6Rydpwt0kS7Rb3SZrtBV8iRCCGWoQh0GYY4wZxgT5gpjw1vCuPDWMHd4WxgJbw/jwzvCPOGdYd4wX5g/LBAWDAuFhUMTYmhDCsOwSFg0jIZ3hcXCu8OEsHhYIiwZurBUmBjeE5YO7w3LhPeFZcP7w3LhA2H5sEJYMawUPhhWDh8Kq4QPh1XDR8JqYfWwRlgzfDSsFT4W1g4fD+uET4RlwifDeuFTYf3w6bBB2DBsFD4TNg6fDZuETcNmYfOwRdgybBU+F7YOnw/bhG3DduELYfvwxbBD+FKYFL4cdgxfueHx5LB32Cd8J3wn9P5xNT+6IJoeXRhdFF0czYh+FV0S/TqaGV0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+Zk7hwEmnnHaBy+FyuhiXy8W6W1ycu9Xldre5iLvdxbs7XB53p8vr8rn8roAr6Aq5ws44dNaRC10RV9RF3V2umLvbJbjiroQr6Zwr5RJdS9fKtXKt3fOujWvr2rkX3AvuRfeie8m95F52Hd0rrpN71XV2r7ku7nX3unvDdXNvuu7uLdfDve16ul4u2SW7Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugktxKW6Sm+Qmu8luipviprlpLtWlujSX5ma6mW62m+3muDlurpvr5rv5Lt2lu0VukctwGW6JW+IyXaZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vldrk9bo/b5/a5A+6Ay3JZ7qA76A65Q+6w+94dcT+4o+5Hd8z95I67n90J94s76U650+6MO+t+defceXfBXXSX3G/usrvirjrvUiKfRCZFPo1MjnwWmRKZGpkWmR5JjcyIpEU+j8yMzIrMjnwRmRP5MjI3Mi8yP7Igkh5ZGFkUWRzJiHwVWRL5OpIZWRpZFlkeWRFZGfG+0LbQF/FFfdTf5Yv5u32CL+5L+JLe+VI+0d/jS/t7fRl/ny/r7/fl/AO+vK/gK/qmvplv7lv4lr6Vf8639s/7Nr6tb+df8O39i76Df8kn+Zd9R/+K7+Rf9Z39a76Lf9139W/4bv5N392/5Xv4t31P38sn+96+j3/H9/X9fH8/wA/07/pB/j0/2L/vh/ihfpj/wA/3H/oR/iM/0o/yo/3Hfowf68f58X6Cn+hT/Cd+kv/UT/af+Sl+qp/mp/tUP8On+c/9TD/Lz/Zf+Dn+Sz/Xz/Pz/QKf7hf6RX6xz/Bf+SX+a5/pl/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t9/j9/p9fr8/4L/xWf5bf9D/xR/y3/nD/nt/xP/gj/of/TH/kz/uf/Yn/C/+pD/lT/sz/qz/1Z/z5/0Ff9Ff8r/5y/6Kv8r/s8YYY4wx9t+ibnC89z/5nvxjXNNHCHHr9gJH/rHmhrx/nfeT+zpGhBAv9+ra8G+jYcPk5OQ/XpupRFB0nhAicj0/h7geLxXtxIsiSbQVpf/p+vrJikA3qB+9X4jY/5QTI67H1+vf+1/Ub7rwhvXnCZFQ9HpOLnE9vl6/zH9Rf3f7G9TP9V2KEG3+U06cuB5fr58onheviKS/eyVjjDHGGGOMMfZX/eSlbje6v712f15QX8/JKa7HN7o/Z4wxxhhjjDHG2M332pvdX3ouKaltZ57whCc8+Y/Jzf7LxBhjjDHGGPt3u37Rf7NXwhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZV//Gx8ndrP3yBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjN1s/ycAAP//fMhn/w==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
r2 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x44, &(0x7f0000000080)={[{0x3d, 0x4e00, "c746191b16f129bbcf4c8624e0e5c786bb40a08a38ad05a275e80397b66f009447e0429b03f848e769fc8adac7d498b19e64d79db364d30861232b94ac"}]})
bind(r1, &(0x7f0000000180)=@llc={0x1a, 0x204, 0xee, 0x0, 0x5, 0x4, @broadcast}, 0x80)
[ 68.678789][ T4669] Bluetooth: hci0: command tx timeout
[ 68.730164][ T5323] loop0: detected capacity change from 0 to 256
[ 68.789089][ T25] audit: type=1800 audit(1743447521.354:2): pid=5323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=2 res=0 errno=0
[ 68.819355][ T25] audit: type=1800 audit(1743447521.364:3): pid=5323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=2 res=0 errno=0
[ 68.828092][ T5323] ==================================================================
[ 68.831149][ T5323] BUG: KASAN: stack-out-of-bounds in stack_trace_consume_entry+0x108/0x280
[ 68.834406][ T5323] Write of size 8 at addr ffffc9000d597478 by task syz.0.0/5323
[ 68.837220][ T5323]
[ 68.838180][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-11125-g609706855d90 #0 PREEMPT(full)
[ 68.838196][ T5323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.838203][ T5323] Call Trace:
[ 68.838210][ T5323]
[ 68.838216][ T5323] dump_stack_lvl+0x241/0x360
[ 68.838236][ T5323] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.838251][ T5323] ? __pfx__printk+0x10/0x10
[ 68.838267][ T5323] ? _printk+0xd5/0x120
[ 68.838282][ T5323] print_report+0x16e/0x5b0
[ 68.838332][ T5323] ? __virt_addr_valid+0xbd/0x530
[ 68.838349][ T5323] ? stack_trace_consume_entry+0x108/0x280
[ 68.838365][ T5323] kasan_report+0x143/0x180
[ 68.838374][ T5323] ? stack_trace_consume_entry+0x108/0x280
[ 68.838388][ T5323] ? really_probe+0x2b9/0xad0
[ 68.838401][ T5323] stack_trace_consume_entry+0x108/0x280
[ 68.838415][ T5323] ? really_probe+0x2b9/0xad0
[ 68.838426][ T5323] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 68.838440][ T5323] arch_stack_walk+0x110/0x150
[ 68.838455][ T5323] ? __pfx_gadget_bind_driver+0x10/0x10
[ 68.838497][ T5323] ? really_probe+0x2b9/0xad0
[ 68.838512][ T5323] stack_trace_save+0x11a/0x1d0
[ 68.838528][ T5323] ? __pfx_stack_trace_save+0x10/0x10
[ 68.838543][ T5323] ? __lock_acquire+0xad5/0xd80
[ 68.838554][ T5323] ? do_raw_spin_lock+0x151/0x370
[ 68.838568][ T5323] kasan_save_track+0x3f/0x80
[ 68.838582][ T5323] ? kasan_save_track+0x3f/0x80
[ 68.838597][ T5323] ? kasan_save_free_info+0x40/0x50
[ 68.838610][ T5323] ? __kasan_slab_free+0x59/0x70
[ 68.838618][ T5323] ? kmem_cache_free+0x197/0x410
[ 68.838629][ T5323] ? skb_release_data+0x67a/0x8b0
[ 68.838643][ T5323] ? consume_skb+0x9f/0xf0
[ 68.838655][ T5323] ? kobject_uevent_net_broadcast+0x458/0x580
[ 68.838669][ T5323] ? kobject_uevent_env+0x57d/0x8e0
[ 68.838680][ T5323] ? gadget_bind_driver+0x5ce/0x9f0
[ 68.838703][ T5323] kasan_save_free_info+0x40/0x50
[ 68.838716][ T5323] __kasan_slab_free+0x59/0x70
[ 68.838725][ T5323] ? skb_release_data+0x67a/0x8b0
[ 68.838738][ T5323] kmem_cache_free+0x197/0x410
[ 68.838749][ T5323] ? skb_release_data+0x67a/0x8b0
[ 68.838763][ T5323] skb_release_data+0x67a/0x8b0
[ 68.838780][ T5323] consume_skb+0x9f/0xf0
[ 68.838794][ T5323] kobject_uevent_net_broadcast+0x458/0x580
[ 68.838807][ T5323] kobject_uevent_env+0x57d/0x8e0
[ 68.838819][ T5323] ? rcu_is_watching+0x15/0xb0
[ 68.838834][ T5323] gadget_bind_driver+0x5ce/0x9f0
[ 68.838846][ T5323] ? __pfx_gadget_bind_driver+0x10/0x10
[ 68.838856][ T5323] really_probe+0x2b9/0xad0
[ 68.838870][ T5323] __driver_probe_device+0x1a2/0x390
[ 68.838884][ T5323] driver_probe_device+0x50/0x430
[ 68.838895][ T5323] __driver_attach+0x45f/0x710
[ 68.838906][ T5323] bus_for_each_dev+0x23e/0x2b0
[ 68.838920][ T5323] ? __pfx___driver_attach+0x10/0x10
[ 68.838931][ T5323] ? __pfx_bus_for_each_dev+0x10/0x10
[ 68.838944][ T5323] ? do_raw_spin_unlock+0x58/0x8b0
[ 68.838959][ T5323] bus_add_driver+0x346/0x670
[ 68.838981][ T5323] driver_register+0x23a/0x320
[ 68.838995][ T5323] usb_gadget_register_driver_owner+0xf7/0x260
[ 68.839008][ T5323] raw_ioctl+0x1495/0x4100
[ 68.839025][ T5323] ? tomoyo_path_number_perm+0x215/0x790
[ 68.839040][ T5323] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 68.839053][ T5323] ? __pfx_raw_ioctl+0x10/0x10
[ 68.839068][ T5323] ? __count_memcg_events+0x1e1/0x3d0
[ 68.839083][ T5323] ? __lock_acquire+0xad5/0xd80
[ 68.839096][ T5323] ? __fget_files+0x2a/0x420
[ 68.839106][ T5323] ? __fget_files+0x2a/0x420
[ 68.839118][ T5323] ? __fget_files+0x2a/0x420
[ 68.839130][ T5323] ? __pfx_raw_ioctl+0x10/0x10
[ 68.839143][ T5323] __se_sys_ioctl+0xf1/0x160
[ 68.839158][ T5323] do_syscall_64+0xf3/0x230
[ 68.839169][ T5323] ? clear_bhb_loop+0x45/0xa0
[ 68.839181][ T5323] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.839191][ T5323] RIP: 0033:0x7f9d0318cd6b
[ 68.839201][ T5323] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 68.839211][ T5323] RSP: 002b:00007f9d03ffbf10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 68.839225][ T5323] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f9d0318cd6b
[ 68.839233][ T5323] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[ 68.839240][ T5323] RBP: 00007f9d03ffcfe0 R08: 0000000000000000 R09: 00302e6364755f79
[ 68.839248][ T5323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 68.839256][ T5323] R13: 00007f9d03ffbfb0 R14: 0000200000000000 R15: 00007f9d034d0320
[ 68.839268][ T5323]
[ 68.839272][ T5323]
[ 69.009277][ T5323] The buggy address belongs to stack of task syz.0.0/5323
[ 69.011901][ T5323] and is located at offset 280 in frame:
[ 69.014124][ T5323] stack_trace_save+0x0/0x1d0
[ 69.015893][ T5323]
[ 69.016875][ T5323] This frame has 1 object:
[ 69.018585][ T5323] [32, 56) 'c'
[ 69.018594][ T5323]
[ 69.021047][ T5323] The buggy address belongs to the virtual mapping at
[ 69.021047][ T5323] [ffffc9000d590000, ffffc9000d599000) created by:
[ 69.021047][ T5323] copy_process+0x5dc/0x3d10
[ 69.027586][ T5323]
[ 69.028553][ T5323] The buggy address belongs to the physical page:
[ 69.031036][ T5323] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880409ac1b0 pfn:0x409ac
[ 69.035762][ T5323] memcg:ffff88803695f302
[ 69.037746][ T5323] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.040545][ T5323] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 69.043870][ T5323] raw: ffff8880409ac1b0 0000000000000000 00000001ffffffff ffff88803695f302
[ 69.046972][ T5323] page dumped because: kasan: bad access detected
[ 69.049373][ T5323] page_owner tracks the page as allocated
[ 69.051479][ T5323] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5322, tgid 5322 (syz.0.0), ts 67170207764, free_ts 66853323822
[ 69.058417][ T5323] post_alloc_hook+0x1f4/0x240
[ 69.060157][ T5323] get_page_from_freelist+0x3ac1/0x3c60
[ 69.062269][ T5323] __alloc_frozen_pages_noprof+0x266/0x580
[ 69.064571][ T5323] alloc_pages_mpol+0x339/0x690
[ 69.066473][ T5323] alloc_pages_noprof+0x121/0x190
[ 69.068408][ T5323] __vmalloc_node_range_noprof+0x9cb/0x1390
[ 69.070603][ T5323] dup_task_struct+0x444/0x8c0
[ 69.072379][ T5323] copy_process+0x5dc/0x3d10
[ 69.075110][ T5323] kernel_clone+0x242/0x930
[ 69.076912][ T5323] __se_sys_clone3+0x348/0x380
[ 69.078756][ T5323] do_syscall_64+0xf3/0x230
[ 69.080550][ T5323] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.082774][ T5323] page last free pid 5305 tgid 5305 stack trace:
[ 69.085227][ T5323] __free_frozen_pages+0xd85/0x1030
[ 69.087231][ T5323] __put_partials+0x160/0x1c0
[ 69.088979][ T5323] put_cpu_partial+0x17e/0x250
[ 69.090782][ T5323] __slab_free+0x294/0x390
[ 69.092530][ T5323] qlist_free_all+0x9a/0x140
[ 69.094344][ T5323] kasan_quarantine_reduce+0x14f/0x170
[ 69.096468][ T5323] __kasan_slab_alloc+0x23/0x80
[ 69.098254][ T5323] kmem_cache_alloc_node_noprof+0x1f2/0x3b0
[ 69.100479][ T5323] __alloc_skb+0x1c2/0x480
[ 69.102155][ T5323] netlink_ack+0x147/0xa70
[ 69.103862][ T5323] netlink_rcv_skb+0x296/0x480
[ 69.105792][ T5323] netlink_unicast+0x7f8/0x9a0
[ 69.107597][ T5323] netlink_sendmsg+0x8c3/0xcd0
[ 69.109765][ T5323] __sock_sendmsg+0x221/0x270
[ 69.111475][ T5323] __sys_sendto+0x365/0x4c0
[ 69.113329][ T5323] __x64_sys_sendto+0xde/0x100
[ 69.115242][ T5323]
[ 69.116117][ T5323] Memory state around the buggy address:
[ 69.118236][ T5323] ffffc9000d597300: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[ 69.121072][ T5323] ffffc9000d597380: 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00
[ 69.124047][ T5323] >ffffc9000d597400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3
[ 69.127107][ T5323] ^
[ 69.130127][ T5323] ffffc9000d597480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 69.133172][ T5323] ffffc9000d597500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 69.136173][ T5323] ==================================================================
[ 69.160580][ T5323] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 69.163412][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-11125-g609706855d90 #0 PREEMPT(full)
[ 69.168681][ T5323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.173897][ T5323] Call Trace:
[ 69.175654][ T5323]
[ 69.177135][ T5323] dump_stack_lvl+0x241/0x360
[ 69.179445][ T5323] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.181577][ T5323] ? __pfx__printk+0x10/0x10
[ 69.183435][ T5323] ? vscnprintf+0x5d/0x90
[ 69.184935][ T5323] panic+0x349/0x880
[ 69.186449][ T5323] ? check_panic_on_warn+0x21/0xb0
[ 69.188477][ T5323] ? __pfx_panic+0x10/0x10
[ 69.190177][ T5323] ? _raw_spin_unlock_irqrestore+0x134/0x140
[ 69.192410][ T5323] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 69.194851][ T5323] ? print_report+0x519/0x5b0
[ 69.196686][ T5323] check_panic_on_warn+0x86/0xb0
[ 69.198627][ T5323] ? stack_trace_consume_entry+0x108/0x280
[ 69.200843][ T5323] end_report+0x77/0x160
[ 69.202528][ T5323] kasan_report+0x154/0x180
[ 69.204316][ T5323] ? stack_trace_consume_entry+0x108/0x280
[ 69.206520][ T5323] ? really_probe+0x2b9/0xad0
[ 69.208322][ T5323] stack_trace_consume_entry+0x108/0x280
[ 69.210498][ T5323] ? really_probe+0x2b9/0xad0
[ 69.212393][ T5323] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 69.214851][ T5323] arch_stack_walk+0x110/0x150
[ 69.216566][ T5323] ? __pfx_gadget_bind_driver+0x10/0x10
[ 69.218559][ T5323] ? really_probe+0x2b9/0xad0
[ 69.220282][ T5323] stack_trace_save+0x11a/0x1d0
[ 69.222079][ T5323] ? __pfx_stack_trace_save+0x10/0x10
[ 69.224133][ T5323] ? __lock_acquire+0xad5/0xd80
[ 69.225959][ T5323] ? do_raw_spin_lock+0x151/0x370
[ 69.227819][ T5323] kasan_save_track+0x3f/0x80
[ 69.229645][ T5323] ? kasan_save_track+0x3f/0x80
[ 69.231609][ T5323] ? kasan_save_free_info+0x40/0x50
[ 69.233881][ T5323] ? __kasan_slab_free+0x59/0x70
[ 69.235931][ T5323] ? kmem_cache_free+0x197/0x410
[ 69.237856][ T5323] ? skb_release_data+0x67a/0x8b0
[ 69.239704][ T5323] ? consume_skb+0x9f/0xf0
[ 69.241443][ T5323] ? kobject_uevent_net_broadcast+0x458/0x580
[ 69.243740][ T5323] ? kobject_uevent_env+0x57d/0x8e0
[ 69.245743][ T5323] ? gadget_bind_driver+0x5ce/0x9f0
[ 69.247884][ T5323] kasan_save_free_info+0x40/0x50
[ 69.249869][ T5323] __kasan_slab_free+0x59/0x70
[ 69.251756][ T5323] ? skb_release_data+0x67a/0x8b0
[ 69.253795][ T5323] kmem_cache_free+0x197/0x410
[ 69.255612][ T5323] ? skb_release_data+0x67a/0x8b0
[ 69.257478][ T5323] skb_release_data+0x67a/0x8b0
[ 69.259184][ T5323] consume_skb+0x9f/0xf0
[ 69.260861][ T5323] kobject_uevent_net_broadcast+0x458/0x580
[ 69.262990][ T5323] kobject_uevent_env+0x57d/0x8e0
[ 69.264875][ T5323] ? rcu_is_watching+0x15/0xb0
[ 69.266806][ T5323] gadget_bind_driver+0x5ce/0x9f0
[ 69.268770][ T5323] ? __pfx_gadget_bind_driver+0x10/0x10
[ 69.270694][ T5323] really_probe+0x2b9/0xad0
[ 69.272478][ T5323] __driver_probe_device+0x1a2/0x390
[ 69.274441][ T5323] driver_probe_device+0x50/0x430
[ 69.276544][ T5323] __driver_attach+0x45f/0x710
[ 69.278969][ T5323] bus_for_each_dev+0x23e/0x2b0
[ 69.280793][ T5323] ? __pfx___driver_attach+0x10/0x10
[ 69.282769][ T5323] ? __pfx_bus_for_each_dev+0x10/0x10
[ 69.284801][ T5323] ? do_raw_spin_unlock+0x58/0x8b0
[ 69.286758][ T5323] bus_add_driver+0x346/0x670
[ 69.288547][ T5323] driver_register+0x23a/0x320
[ 69.290345][ T5323] usb_gadget_register_driver_owner+0xf7/0x260
[ 69.292690][ T5323] raw_ioctl+0x1495/0x4100
[ 69.294429][ T5323] ? tomoyo_path_number_perm+0x215/0x790
[ 69.296549][ T5323] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 69.298782][ T5323] ? __pfx_raw_ioctl+0x10/0x10
[ 69.300599][ T5323] ? __count_memcg_events+0x1e1/0x3d0
[ 69.302672][ T5323] ? __lock_acquire+0xad5/0xd80
[ 69.304430][ T5323] ? __fget_files+0x2a/0x420
[ 69.305993][ T5323] ? __fget_files+0x2a/0x420
[ 69.307676][ T5323] ? __fget_files+0x2a/0x420
[ 69.309398][ T5323] ? __pfx_raw_ioctl+0x10/0x10
[ 69.311211][ T5323] __se_sys_ioctl+0xf1/0x160
[ 69.312997][ T5323] do_syscall_64+0xf3/0x230
[ 69.314707][ T5323] ? clear_bhb_loop+0x45/0xa0
[ 69.316597][ T5323] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.318794][ T5323] RIP: 0033:0x7f9d0318cd6b
[ 69.320561][ T5323] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 69.327819][ T5323] RSP: 002b:00007f9d03ffbf10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 69.330857][ T5323] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f9d0318cd6b
[ 69.333962][ T5323] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[ 69.336953][ T5323] RBP: 00007f9d03ffcfe0 R08: 0000000000000000 R09: 00302e6364755f79
[ 69.339959][ T5323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 69.343035][ T5323] R13: 00007f9d03ffbfb0 R14: 0000200000000000 R15: 00007f9d034d0320
[ 69.346143][ T5323]
[ 69.347642][ T5323] Kernel Offset: disabled
[ 69.349328][ T5323] Rebooting in 86400 seconds..