syzbot

ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
BUG: unable to handle page fault for address: ffffed11057eeb27
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 23ffef067 P4D 23ffef067 PUD 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 4329 Comm: syz-executor303 Not tainted 5.15.182-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
RIP: 0010:constant_test_bit arch/x86/include/asm/bitops.h:207 [inline]
RIP: 0010:test_bit include/asm-generic/bitops/instrumented-non-atomic.h:135 [inline]
RIP: 0010:test_ti_thread_flag include/linux/thread_info.h:118 [inline]
RIP: 0010:need_resched include/linux/sched.h:2111 [inline]
RIP: 0010:preempt_schedule_irq+0xf6/0x150 kernel/sched/core.c:6783
Code: 90 76 d4 f7 bf 01 00 00 00 e8 96 f2 a7 f7 65 48 8b 1d 2e 06 59 76 48 89 df be 08 00 00 00 e8 31 c9 13 f8 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 91 48 89 df e8 8b c7 13 f8 eb 87 48 c7 04 24 0e
RSP: 0018:ffffc9000334f9e0 EFLAGS: 00010806
RAX: 1ffff110057eeb28 RBX: ffff88802bf75940 RCX: ffffffff89a9699f
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88802bf75940
RBP: ffffc9000334fa90 R08: dffffc0000000000 R09: ffffed10057eeb29
R10: ffffed10057eeb29 R11: 1ffff110057eeb28 R12: 0000000000000000
R13: 0000000000000000 R14: dffffc00ffffffff R15: 1ffff92000669f3c
FS:  0000555565219380(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffed11057eeb27 CR3: 000000001e84e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 irqentry_exit+0x63/0x70 kernel/entry/common.c:432
 asm_sysvec_reschedule_ipi+0x16/0x20 arch/x86/include/asm/idtentry.h:681
RIP: 0010:iput+0x0/0x8a0 fs/inode.c:1782
Code: 8c df fe ff ff 4c 89 e7 88 54 24 07 e8 a9 e0 ee ff 0f b6 54 24 07 e9 c9 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <55> 41 57 41 56 41 55 41 54 53 48 83 ec 30 49 89 fe e8 7a 6d a9 ff
RSP: 0018:ffffc9000334fb58 EFLAGS: 00000293
RAX: ffffffff829bbd0b RBX: 0000000000000000 RCX: ffff88802bf75940
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880703f6230
RBP: ffffc9000334fd28 R08: ffff88802bf75940 R09: 0000000000000002
R10: 00000000000000e0 R11: 0000000000000000 R12: ffff8880796dc000
R13: 0000000000000000 R14: 0000000000000100 R15: 0000000000000a00
 ntfs_fill_super+0x355c/0x3c10 fs/ntfs3/super.c:1185
 get_tree_bdev+0x3f1/0x610 fs/super.c:1325
 vfs_get_tree+0x88/0x270 fs/super.c:1530
 do_new_mount+0x24a/0xa40 fs/namespace.c:3013
 do_mount fs/namespace.c:3356 [inline]
 __do_sys_mount fs/namespace.c:3564 [inline]
 __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3541
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f33067e495a
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffeebb0e28 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f33067e495a
RDX: 000020000001f340 RSI: 0000200000000040 RDI: 00007fffeebb0e80
RBP: 0000000000000004 R08: 00007fffeebb0ec0 R09: 000000000001f32b
R10: 0000000000000890 R11: 0000000000000286 R12: 0000000000200000
R13: 00007fffeebb0ec0 R14: 0000200000000040 R15: 0000000000000003
 </TASK>
Modules linked in:
CR2: ffffed11057eeb27
---[ end trace 122a7097be3e58ed ]---
RIP: 0010:constant_test_bit arch/x86/include/asm/bitops.h:207 [inline]
RIP: 0010:test_bit include/asm-generic/bitops/instrumented-non-atomic.h:135 [inline]
RIP: 0010:test_ti_thread_flag include/linux/thread_info.h:118 [inline]
RIP: 0010:need_resched include/linux/sched.h:2111 [inline]
RIP: 0010:preempt_schedule_irq+0xf6/0x150 kernel/sched/core.c:6783
Code: 90 76 d4 f7 bf 01 00 00 00 e8 96 f2 a7 f7 65 48 8b 1d 2e 06 59 76 48 89 df be 08 00 00 00 e8 31 c9 13 f8 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 91 48 89 df e8 8b c7 13 f8 eb 87 48 c7 04 24 0e
RSP: 0018:ffffc9000334f9e0 EFLAGS: 00010806
RAX: 1ffff110057eeb28 RBX: ffff88802bf75940 RCX: ffffffff89a9699f
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88802bf75940
RBP: ffffc9000334fa90 R08: dffffc0000000000 R09: ffffed10057eeb29
R10: ffffed10057eeb29 R11: 1ffff110057eeb28 R12: 0000000000000000
R13: 0000000000000000 R14: dffffc00ffffffff R15: 1ffff92000669f3c
FS:  0000555565219380(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffed11057eeb27 CR3: 000000001e84e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	90                   	nop
   1:	76 d4                	jbe    0xffffffd7
   3:	f7 bf 01 00 00 00    	idivl  0x1(%rdi)
   9:	e8 96 f2 a7 f7       	call   0xf7a7f2a4
   e:	65 48 8b 1d 2e 06 59 	mov    %gs:0x7659062e(%rip),%rbx        # 0x76590644
  15:	76
  16:	48 89 df             	mov    %rbx,%rdi
  19:	be 08 00 00 00       	mov    $0x8,%esi
  1e:	e8 31 c9 13 f8       	call   0xf813c954
  23:	48 89 d8             	mov    %rbx,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	42 80 3c 30 00       	cmpb   $0x0,(%rax,%r14,1) <-- trapping instruction
  2f:	74 91                	je     0xffffffc2
  31:	48 89 df             	mov    %rbx,%rdi
  34:	e8 8b c7 13 f8       	call   0xf813c7c4
  39:	eb 87                	jmp    0xffffffc2
  3b:	48                   	rex.W
  3c:	c7                   	.byte 0xc7
  3d:	04 24                	add    $0x24,%al
  3f:	0e                   	(bad)