./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3271414213

<...>
Warning: Permanently added '10.128.1.137' (ED25519) to the list of known hosts.
execve("./syz-executor3271414213", ["./syz-executor3271414213"], 0x7ffd0cff0020 /* 10 vars */) = 0
brk(NULL)                               = 0x5555566c8000
brk(0x5555566c8d00)                     = 0x5555566c8d00
arch_prctl(ARCH_SET_FS, 0x5555566c8380) = 0
set_tid_address(0x5555566c8650)         = 5031
set_robust_list(0x5555566c8660, 24)     = 0
rseq(0x5555566c8ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3271414213", 4096) = 28
getrandom("\x23\xa0\xc6\x49\x28\x3b\x74\xc1", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555566c8d00
brk(0x5555566e9d00)                     = 0x5555566e9d00
brk(0x5555566ea000)                     = 0x5555566ea000
mprotect(0x7f04d48d3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.bdxiE0", 0700)       = 0
chmod("./syzkaller.bdxiE0", 0777)       = 0
chdir("./syzkaller.bdxiE0")             = 0
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f04cc403000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\x00\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7f04cc403000, 2097152)         = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
[   73.335662][ T5031] syz-executor327[5031]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
mkdir("./file0", 0777)                  = 0
[   73.384067][ T5031] loop0: detected capacity change from 0 to 4096
[   73.396290][ T5031] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[   73.405649][ T5031] ntfs3: loop0: RAW NTFS volume: Filesystem size 16384.00 Gb > volume size 0.00 Gb. Mount in read-only.
[   73.416862][ T5031] ntfs3: loop0: NTFS 16384.00 Gb is too big to use 32 bits per cluster.
[   73.426089][ T5031] ==================================================================
[   73.434353][ T5031] BUG: KASAN: use-after-free in bcmp+0xc0/0x1e0
[   73.441081][ T5031] Read of size 8 at addr ffff88807f7cb002 by task syz-executor327/5031
[   73.449582][ T5031] 
[   73.451910][ T5031] CPU: 1 PID: 5031 Comm: syz-executor327 Not tainted 6.6.0-rc3-syzkaller-00055-g9ed22ae6be81 #0
[   73.462327][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   73.472475][ T5031] Call Trace:
[   73.475779][ T5031]  <TASK>
[   73.478720][ T5031]  dump_stack_lvl+0x1e7/0x2d0
[   73.483437][ T5031]  ? nf_tcp_handle_invalid+0x650/0x650
[   73.488916][ T5031]  ? panic+0x770/0x770
[   73.493014][ T5031]  ? _printk+0xd5/0x120
[   73.497199][ T5031]  print_report+0x163/0x540
[   73.501718][ T5031]  ? __virt_addr_valid+0x22f/0x2e0
[   73.506923][ T5031]  ? __phys_addr+0xba/0x170
[   73.511433][ T5031]  ? bcmp+0xc0/0x1e0
[   73.515427][ T5031]  kasan_report+0x175/0x1b0
[   73.519942][ T5031]  ? bcmp+0xc0/0x1e0
[   73.523876][ T5031]  bcmp+0xc0/0x1e0
[   73.527617][ T5031]  ntfs_fill_super+0x9c2/0x4c50
[   73.532501][ T5031]  ? ntfs3_put_sbi+0x1c0/0x1c0
[   73.537278][ T5031]  ? __down_write_common+0x161/0x200
[   73.542592][ T5031]  get_tree_bdev+0x416/0x5b0
[   73.547195][ T5031]  ? ntfs3_put_sbi+0x1c0/0x1c0
[   73.551988][ T5031]  ? setup_bdev_super+0x600/0x600
[   73.557063][ T5031]  ? cap_capable+0x1b4/0x240
[   73.561666][ T5031]  ? bpf_lsm_capable+0x9/0x10
[   73.566398][ T5031]  vfs_get_tree+0x8c/0x280
[   73.570834][ T5031]  do_new_mount+0x28f/0xae0
[   73.575440][ T5031]  ? do_move_mount_old+0x170/0x170
[   73.580571][ T5031]  ? user_path_at_empty+0x12f/0x180
[   73.585783][ T5031]  __se_sys_mount+0x2d9/0x3c0
[   73.590486][ T5031]  ? __x64_sys_mount+0xc0/0xc0
[   73.595261][ T5031]  ? syscall_enter_from_user_mode+0x32/0x230
[   73.601257][ T5031]  ? __x64_sys_mount+0x20/0xc0
[   73.606140][ T5031]  do_syscall_64+0x41/0xc0
[   73.610571][ T5031]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.616471][ T5031] RIP: 0033:0x7f04d4841c1a
[   73.620895][ T5031] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   73.640518][ T5031] RSP: 002b:00007ffe6d0d7298 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   73.648952][ T5031] RAX: ffffffffffffffda RBX: 00007ffe6d0d72b0 RCX: 00007f04d4841c1a
[   73.656970][ T5031] RDX: 000000002001f180 RSI: 000000002001f1c0 RDI: 00007ffe6d0d72b0
[   73.665157][ T5031] RBP: 0000000000000004 R08: 00007ffe6d0d72f0 R09: 000000000001f17a
[   73.673142][ T5031] R10: 000000000000000e R11: 0000000000000286 R12: 000000000000000e
[   73.681134][ T5031] R13: 00007ffe6d0d72f0 R14: 0000000000000003 R15: 0000000000200000
[   73.689127][ T5031]  </TASK>
[   73.692162][ T5031] 
[   73.694499][ T5031] The buggy address belongs to the physical page:
[   73.700913][ T5031] page:ffffea0001fdf2c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7f7cb
[   73.711089][ T5031] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   73.718236][ T5031] page_type: 0xffffffff()
[   73.722570][ T5031] raw: 00fff00000000000 ffffea0001fdf308 ffff8880b9942220 0000000000000000
[   73.731506][ T5031] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   73.740083][ T5031] page dumped because: kasan: bad access detected
[   73.746504][ T5031] page_owner tracks the page as freed
[   73.751884][ T5031] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5031, tgid 5031 (syz-executor327), ts 73347469618, free_ts 73380766869
[   73.770835][ T5031]  post_alloc_hook+0x1e6/0x210
[   73.775616][ T5031]  get_page_from_freelist+0x31db/0x3360
[   73.781181][ T5031]  __alloc_pages+0x255/0x670
[   73.785781][ T5031]  __folio_alloc+0x13/0x30
[   73.790203][ T5031]  vma_alloc_folio+0x48a/0x9a0
[   73.794984][ T5031]  handle_mm_fault+0x2376/0x62b0
[   73.799941][ T5031]  exc_page_fault+0x455/0x860
[   73.804626][ T5031]  asm_exc_page_fault+0x26/0x30
[   73.809483][ T5031] page last free stack trace:
[   73.814189][ T5031]  free_unref_page_prepare+0x8c3/0x9f0
[   73.819671][ T5031]  free_unref_page_list+0x596/0x830
[   73.824977][ T5031]  release_pages+0x2113/0x23f0
[   73.829747][ T5031]  tlb_flush_mmu+0x34c/0x4e0
[   73.834378][ T5031]  tlb_finish_mmu+0xd4/0x1f0
[   73.838977][ T5031]  unmap_region+0x300/0x350
[   73.843492][ T5031]  do_vmi_align_munmap+0x121e/0x1850
[   73.848781][ T5031]  do_vmi_munmap+0x24d/0x2d0
[   73.853387][ T5031]  __vm_munmap+0x230/0x450
[   73.857811][ T5031]  __x64_sys_munmap+0x69/0x80
[   73.862532][ T5031]  do_syscall_64+0x41/0xc0
[   73.866967][ T5031]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   73.872875][ T5031] 
[   73.875206][ T5031] Memory state around the buggy address:
[   73.880896][ T5031]  ffff88807f7caf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.888971][ T5031]  ffff88807f7caf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.897033][ T5031] >ffff88807f7cb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.905122][ T5031]                    ^
[   73.909188][ T5031]  ffff88807f7cb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.917378][ T5031]  ffff88807f7cb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   73.925660][ T5031] ==================================================================
[   73.934820][ T5031] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   73.942057][ T5031] CPU: 1 PID: 5031 Comm: syz-executor327 Not tainted 6.6.0-rc3-syzkaller-00055-g9ed22ae6be81 #0
[   73.952585][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   73.962649][ T5031] Call Trace:
[   73.965952][ T5031]  <TASK>
[   73.968890][ T5031]  dump_stack_lvl+0x1e7/0x2d0
[   73.973612][ T5031]  ? nf_tcp_handle_invalid+0x650/0x650
[   73.979168][ T5031]  ? panic+0x770/0x770
[   73.983248][ T5031]  ? preempt_schedule_common+0x83/0xc0
[   73.988721][ T5031]  ? vscnprintf+0x5d/0x80
[   73.993275][ T5031]  panic+0x30f/0x770
[   73.997317][ T5031]  ? check_panic_on_warn+0x21/0xa0
[   74.002450][ T5031]  ? __memcpy_flushcache+0x2b0/0x2b0
[   74.007837][ T5031]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   74.013833][ T5031]  ? _raw_spin_unlock+0x40/0x40
[   74.018719][ T5031]  ? print_report+0x4fb/0x540
[   74.023501][ T5031]  check_panic_on_warn+0x82/0xa0
[   74.028708][ T5031]  ? bcmp+0xc0/0x1e0
[   74.032639][ T5031]  end_report+0x6e/0x130
[   74.036893][ T5031]  kasan_report+0x186/0x1b0
[   74.041585][ T5031]  ? bcmp+0xc0/0x1e0
[   74.045494][ T5031]  bcmp+0xc0/0x1e0
[   74.049400][ T5031]  ntfs_fill_super+0x9c2/0x4c50
[   74.054285][ T5031]  ? ntfs3_put_sbi+0x1c0/0x1c0
[   74.059079][ T5031]  ? __down_write_common+0x161/0x200
[   74.064379][ T5031]  get_tree_bdev+0x416/0x5b0
[   74.069002][ T5031]  ? ntfs3_put_sbi+0x1c0/0x1c0
[   74.074127][ T5031]  ? setup_bdev_super+0x600/0x600
[   74.079175][ T5031]  ? cap_capable+0x1b4/0x240
[   74.083776][ T5031]  ? bpf_lsm_capable+0x9/0x10
[   74.088482][ T5031]  vfs_get_tree+0x8c/0x280
[   74.094215][ T5031]  do_new_mount+0x28f/0xae0
[   74.098732][ T5031]  ? do_move_mount_old+0x170/0x170
[   74.103854][ T5031]  ? user_path_at_empty+0x12f/0x180
[   74.109061][ T5031]  __se_sys_mount+0x2d9/0x3c0
[   74.113753][ T5031]  ? __x64_sys_mount+0xc0/0xc0
[   74.118570][ T5031]  ? syscall_enter_from_user_mode+0x32/0x230
[   74.124650][ T5031]  ? __x64_sys_mount+0x20/0xc0
[   74.129524][ T5031]  do_syscall_64+0x41/0xc0
[   74.134027][ T5031]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   74.140198][ T5031] RIP: 0033:0x7f04d4841c1a
[   74.144636][ T5031] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   74.164528][ T5031] RSP: 002b:00007ffe6d0d7298 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   74.172953][ T5031] RAX: ffffffffffffffda RBX: 00007ffe6d0d72b0 RCX: 00007f04d4841c1a
[   74.181122][ T5031] RDX: 000000002001f180 RSI: 000000002001f1c0 RDI: 00007ffe6d0d72b0
[   74.189329][ T5031] RBP: 0000000000000004 R08: 00007ffe6d0d72f0 R09: 000000000001f17a
[   74.197349][ T5031] R10: 000000000000000e R11: 0000000000000286 R12: 000000000000000e
[   74.205355][ T5031] R13: 00007ffe6d0d72f0 R14: 0000000000000003 R15: 0000000000200000
[   74.213433][ T5031]  </TASK>
[   74.216679][ T5031] Kernel Offset: disabled
[   74.221023][ T5031] Rebooting in 86400 seconds..