./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3085233775

<...>
forked to background, child pid 3208
[   30.211742][ T3209] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.221027][ T3209] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: [   30.758080][ T3302] sshd (3302) used greatest stack depth: 16400 bytes left
OK

syzkaller
Warning: Permanently added '10.128.0.78' (ECDSA) to the list of known hosts.
execve("./syz-executor3085233775", ["./syz-executor3085233775"], 0x7fff7463f520 /* 10 vars */) = 0
brk(NULL)                               = 0x555556d2e000
brk(0x555556d2ec40)                     = 0x555556d2ec40
arch_prctl(ARCH_SET_FS, 0x555556d2e300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3085233775", 4096) = 28
brk(0x555556d4fc40)                     = 0x555556d4fc40
brk(0x555556d50000)                     = 0x555556d50000
mprotect(0x7fe9f5b8f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe9ed600000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7fe9ed600000, 2097152)         = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
mkdir("./bus", 0777)                    = 0
mount("/dev/loop0", "./bus", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC, "sparse,") = 0
openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
chdir("./bus")                          = 0
ioctl(4, LOOP_CLR_FD)                   = 0
close(4)                                = 0
syzkaller login: [   52.936756][ T3630] loop0: detected capacity change from 0 to 4096
[   52.948032][ T3630] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[   52.974796][ T3630] ==================================================================
[   52.982912][ T3630] BUG: KASAN: slab-out-of-bounds in indx_insert_into_buffer+0xaa3/0x13b0
[   52.991455][ T3630] Read of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630
[   53.000053][ T3630] 
[   53.002386][ T3630] CPU: 1 PID: 3630 Comm: syz-executor308 Not tainted 6.1.0-rc7-syzkaller-00200-gc2bf05db6c78 #0
[   53.012801][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   53.022876][ T3630] Call Trace:
[   53.026169][ T3630]  <TASK>
[   53.029105][ T3630]  dump_stack_lvl+0x1b1/0x28e
[   53.033805][ T3630]  ? nf_tcp_handle_invalid+0x62e/0x62e
[   53.039258][ T3630]  ? __wake_up_klogd+0xcd/0x100
[   53.044100][ T3630]  ? panic+0x710/0x710
[   53.048153][ T3630]  ? _printk+0xc0/0x100
[   53.052292][ T3630]  print_address_description+0x74/0x340
[   53.057820][ T3630]  print_report+0x107/0x1f0
[   53.062332][ T3630]  ? _raw_spin_lock+0x40/0x40
[   53.067017][ T3630]  ? __virt_addr_valid+0x21b/0x2d0
[   53.072120][ T3630]  ? __phys_addr+0xb5/0x160
[   53.076607][ T3630]  ? indx_insert_into_buffer+0xaa3/0x13b0
[   53.082313][ T3630]  kasan_report+0xcd/0x100
[   53.086743][ T3630]  ? indx_insert_into_buffer+0xaa3/0x13b0
[   53.092449][ T3630]  kasan_check_range+0x2a7/0x2e0
[   53.097379][ T3630]  ? indx_insert_into_buffer+0xaa3/0x13b0
[   53.103083][ T3630]  memmove+0x25/0x60
[   53.106962][ T3630]  indx_insert_into_buffer+0xaa3/0x13b0
[   53.112498][ T3630]  ? indx_insert_into_root+0x1e60/0x1e60
[   53.118112][ T3630]  ? indx_read+0x880/0x880
[   53.122510][ T3630]  ? ni_load_mi+0x110/0x110
[   53.126992][ T3630]  ? __kmem_cache_alloc_node+0x211/0x310
[   53.132614][ T3630]  indx_insert_entry+0x446/0x6b0
[   53.137540][ T3630]  ? indx_find_raw+0x1440/0x1440
[   53.142462][ T3630]  ? current_time+0x1f8/0x300
[   53.147121][ T3630]  ? ntfs_create_inode+0xf1f/0x35c0
[   53.152300][ T3630]  ntfs_create_inode+0x1d3f/0x35c0
[   53.157400][ T3630]  ? lock_page+0x2b0/0x2b0
[   53.161801][ T3630]  ? _raw_spin_unlock+0x24/0x40
[   53.166656][ T3630]  ? __d_add+0x4f7/0x800
[   53.170898][ T3630]  ? ntfs_lookup+0x16b/0x1b0
[   53.175472][ T3630]  ntfs_create+0x3e/0x60
[   53.179702][ T3630]  ? ntfs_lookup+0x1b0/0x1b0
[   53.184275][ T3630]  path_openat+0x12d0/0x2df0
[   53.188852][ T3630]  ? do_filp_open+0x4f0/0x4f0
[   53.193609][ T3630]  do_filp_open+0x264/0x4f0
[   53.198109][ T3630]  ? vfs_tmpfile+0x490/0x490
[   53.202684][ T3630]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.207864][ T3630]  ? _raw_spin_unlock+0x24/0x40
[   53.212698][ T3630]  ? alloc_fd+0x5a7/0x640
[   53.217009][ T3630]  do_sys_openat2+0x124/0x4e0
[   53.221673][ T3630]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.226865][ T3630]  ? do_sys_open+0x220/0x220
[   53.231444][ T3630]  ? _raw_spin_unlock_irq+0x2a/0x40
[   53.236630][ T3630]  ? ptrace_notify+0x245/0x340
[   53.241371][ T3630]  __x64_sys_creat+0x11f/0x160
[   53.246138][ T3630]  ? __x64_compat_sys_openat+0x290/0x290
[   53.251758][ T3630]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   53.257806][ T3630]  ? syscall_enter_from_user_mode+0x86/0x1d0
[   53.263767][ T3630]  do_syscall_64+0x3d/0xb0
[   53.268168][ T3630]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.274058][ T3630] RIP: 0033:0x7fe9f5b03789
[   53.278456][ T3630] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   53.298042][ T3630] RSP: 002b:00007ffcd28ea598 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   53.306436][ T3630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe9f5b03789
[   53.314386][ T3630] RDX: 0000000000000073 RSI: 0000000000000000 RDI: 0000000020000040
[   53.322342][ T3630] RBP: 00007fe9f5ac3020 R08: 000000000001f186 R09: 0000000000000000
[   53.330312][ T3630] R10: 00007ffcd28ea460 R11: 0000000000000246 R12: 00007fe9f5ac30b0
[   53.338271][ T3630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   53.346238][ T3630]  </TASK>
[   53.349240][ T3630] 
[   53.351542][ T3630] Allocated by task 3630:
[   53.355843][ T3630]  kasan_set_track+0x3d/0x60
[   53.360414][ T3630]  __kasan_kmalloc+0x97/0xb0
[   53.364980][ T3630]  __kmalloc+0xaf/0x1a0
[   53.369122][ T3630]  indx_read+0x29a/0x880
[   53.373346][ T3630]  indx_find+0x491/0xb20
[   53.377571][ T3630]  indx_insert_entry+0x49a/0x6b0
[   53.382487][ T3630]  ntfs_create_inode+0x1d3f/0x35c0
[   53.387580][ T3630]  ntfs_create+0x3e/0x60
[   53.391802][ T3630]  path_openat+0x12d0/0x2df0
[   53.396372][ T3630]  do_filp_open+0x264/0x4f0
[   53.400853][ T3630]  do_sys_openat2+0x124/0x4e0
[   53.405511][ T3630]  __x64_sys_creat+0x11f/0x160
[   53.410254][ T3630]  do_syscall_64+0x3d/0xb0
[   53.414666][ T3630]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.420542][ T3630] 
[   53.422855][ T3630] The buggy address belongs to the object at ffff8880255e0000
[   53.422855][ T3630]  which belongs to the cache kmalloc-4k of size 4096
[   53.436913][ T3630] The buggy address is located 1728 bytes inside of
[   53.436913][ T3630]  4096-byte region [ffff8880255e0000, ffff8880255e1000)
[   53.450338][ T3630] 
[   53.452644][ T3630] The buggy address belongs to the physical page:
[   53.459033][ T3630] page:ffffea0000957800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x255e0
[   53.469163][ T3630] head:ffffea0000957800 order:3 compound_mapcount:0 compound_pincount:0
[   53.477463][ T3630] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   53.485461][ T3630] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff888012842140
[   53.494037][ T3630] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[   53.502595][ T3630] page dumped because: kasan: bad access detected
[   53.508997][ T3630] page_owner tracks the page as allocated
[   53.514688][ T3630] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 14, tgid 14 (kworker/0:1), ts 9102026779, free_ts 0
[   53.534641][ T3630]  get_page_from_freelist+0x742/0x7c0
[   53.540001][ T3630]  __alloc_pages+0x259/0x560
[   53.544573][ T3630]  alloc_slab_page+0xbd/0x190
[   53.549234][ T3630]  allocate_slab+0x5e/0x4b0
[   53.553716][ T3630]  ___slab_alloc+0x782/0xe20
[   53.558290][ T3630]  __kmem_cache_alloc_node+0x252/0x310
[   53.563728][ T3630]  kmalloc_trace+0x26/0x60
[   53.568127][ T3630]  kobject_uevent_env+0x33a/0x8e0
[   53.573150][ T3630]  device_add+0xa56/0xf90
[   53.577479][ T3630]  input_register_device+0xa68/0x1270
[   53.582845][ T3630]  psmouse_connect+0xb70/0x14c0
[   53.587689][ T3630]  serio_driver_probe+0x76/0x90
[   53.592523][ T3630]  call_driver_probe+0x96/0x250
[   53.597356][ T3630]  really_probe+0x24c/0x9f0
[   53.601845][ T3630]  __driver_probe_device+0x1f4/0x3f0
[   53.607109][ T3630]  driver_probe_device+0x50/0x240
[   53.612112][ T3630] page_owner free stack trace missing
[   53.617457][ T3630] 
[   53.619761][ T3630] Memory state around the buggy address:
[   53.625373][ T3630]  ffff8880255e0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.633413][ T3630]  ffff8880255e0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.641451][ T3630] >ffff8880255e1000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.649488][ T3630]                    ^
[   53.653532][ T3630]  ffff8880255e1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.661573][ T3630]  ffff8880255e1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.669608][ T3630] ==================================================================
[   53.678293][ T3630] Kernel panic - not syncing: panic_on_warn set ...
[   53.684888][ T3630] CPU: 1 PID: 3630 Comm: syz-executor308 Not tainted 6.1.0-rc7-syzkaller-00200-gc2bf05db6c78 #0
[   53.695296][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   53.705775][ T3630] Call Trace:
[   53.709048][ T3630]  <TASK>
[   53.711967][ T3630]  dump_stack_lvl+0x1b1/0x28e
[   53.716643][ T3630]  ? nf_tcp_handle_invalid+0x62e/0x62e
[   53.722091][ T3630]  ? panic+0x710/0x710
[   53.726150][ T3630]  ? preempt_schedule_common+0xb7/0xe0
[   53.731601][ T3630]  ? vscnprintf+0x59/0x80
[   53.735925][ T3630]  panic+0x2d6/0x710
[   53.739815][ T3630]  ? memcpy_page_flushcache+0xfc/0xfc
[   53.745178][ T3630]  ? _raw_spin_unlock_irqrestore+0x110/0x120
[   53.751174][ T3630]  ? print_report+0x1b4/0x1f0
[   53.755846][ T3630]  ? indx_insert_into_buffer+0xaa3/0x13b0
[   53.761562][ T3630]  end_report+0x91/0xa0
[   53.765708][ T3630]  kasan_report+0xda/0x100
[   53.770115][ T3630]  ? indx_insert_into_buffer+0xaa3/0x13b0
[   53.775834][ T3630]  kasan_check_range+0x2a7/0x2e0
[   53.780763][ T3630]  ? indx_insert_into_buffer+0xaa3/0x13b0
[   53.786478][ T3630]  memmove+0x25/0x60
[   53.790364][ T3630]  indx_insert_into_buffer+0xaa3/0x13b0
[   53.795915][ T3630]  ? indx_insert_into_root+0x1e60/0x1e60
[   53.801546][ T3630]  ? indx_read+0x880/0x880
[   53.805959][ T3630]  ? ni_load_mi+0x110/0x110
[   53.810451][ T3630]  ? __kmem_cache_alloc_node+0x211/0x310
[   53.816087][ T3630]  indx_insert_entry+0x446/0x6b0
[   53.821029][ T3630]  ? indx_find_raw+0x1440/0x1440
[   53.825959][ T3630]  ? current_time+0x1f8/0x300
[   53.830629][ T3630]  ? ntfs_create_inode+0xf1f/0x35c0
[   53.835821][ T3630]  ntfs_create_inode+0x1d3f/0x35c0
[   53.840934][ T3630]  ? lock_page+0x2b0/0x2b0
[   53.845343][ T3630]  ? _raw_spin_unlock+0x24/0x40
[   53.850186][ T3630]  ? __d_add+0x4f7/0x800
[   53.854419][ T3630]  ? ntfs_lookup+0x16b/0x1b0
[   53.859003][ T3630]  ntfs_create+0x3e/0x60
[   53.863241][ T3630]  ? ntfs_lookup+0x1b0/0x1b0
[   53.867826][ T3630]  path_openat+0x12d0/0x2df0
[   53.872418][ T3630]  ? do_filp_open+0x4f0/0x4f0
[   53.877092][ T3630]  do_filp_open+0x264/0x4f0
[   53.881585][ T3630]  ? vfs_tmpfile+0x490/0x490
[   53.886171][ T3630]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.891365][ T3630]  ? _raw_spin_unlock+0x24/0x40
[   53.896217][ T3630]  ? alloc_fd+0x5a7/0x640
[   53.900544][ T3630]  do_sys_openat2+0x124/0x4e0
[   53.905216][ T3630]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.910407][ T3630]  ? do_sys_open+0x220/0x220
[   53.914989][ T3630]  ? _raw_spin_unlock_irq+0x2a/0x40
[   53.920183][ T3630]  ? ptrace_notify+0x245/0x340
[   53.924942][ T3630]  __x64_sys_creat+0x11f/0x160
[   53.929699][ T3630]  ? __x64_compat_sys_openat+0x290/0x290
[   53.935328][ T3630]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   53.941302][ T3630]  ? syscall_enter_from_user_mode+0x86/0x1d0
[   53.947274][ T3630]  do_syscall_64+0x3d/0xb0
[   53.951685][ T3630]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.957569][ T3630] RIP: 0033:0x7fe9f5b03789
[   53.961974][ T3630] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   53.981571][ T3630] RSP: 002b:00007ffcd28ea598 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   53.990000][ T3630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe9f5b03789
[   53.997962][ T3630] RDX: 0000000000000073 RSI: 0000000000000000 RDI: 0000000020000040
[   54.005929][ T3630] RBP: 00007fe9f5ac3020 R08: 000000000001f186 R09: 0000000000000000
[   54.013906][ T3630] R10: 00007ffcd28ea460 R11: 0000000000000246 R12: 00007fe9f5ac30b0
[   54.021878][ T3630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   54.029933][ T3630]  </TASK>
[   54.033097][ T3630] Kernel Offset: disabled
[   54.037413][ T3630] Rebooting in 86400 seconds..