./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1367295429 <...> Warning: Permanently added '10.128.1.31' (ED25519) to the list of known hosts. execve("./syz-executor1367295429", ["./syz-executor1367295429"], 0x7ffceb9be980 /* 10 vars */) = 0 brk(NULL) = 0x555587274000 brk(0x555587274d00) = 0x555587274d00 arch_prctl(ARCH_SET_FS, 0x555587274380) = 0 set_tid_address(0x555587274650) = 5100 set_robust_list(0x555587274660, 24) = 0 rseq(0x555587274ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1367295429", 4096) = 28 getrandom("\x2b\x5e\x2a\x5f\x7d\xf9\xcc\x99", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555587274d00 brk(0x555587295d00) = 0x555587295d00 brk(0x555587296000) = 0x555587296000 mprotect(0x7f861221d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 write(1, "executing program\n", 18executing program ) = 18 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8609c00000 write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 munmap(0x7f8609c00000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file0", 0777) = 0 mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) chdir("./file0") = 0 openat(AT_FDCWD, "./file0", O_RDWR|O_CREAT|O_APPEND|O_LARGEFILE|O_NOFOLLOW|FASYNC, 000) = 4 openat(AT_FDCWD, "io.stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 ftruncate(5, 49530) = 0 fallocate(4, 0, 0, 262146) = 0 openat(AT_FDCWD, ".", O_RDONLY) = 6 [ 85.660342][ T5100] loop0: detected capacity change from 0 to 4096 [ 85.692470][ T5100] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 85.725709][ T5100] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI [ 85.725728][ T5100] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 85.725738][ T5100] CPU: 0 UID: 0 PID: 5100 Comm: syz-executor136 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0 [ 85.725750][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 85.725756][ T5100] RIP: 0010:run_is_mapped_full+0x35/0x480 [ 85.725800][ T5100] Code: 41 54 53 48 83 ec 30 41 89 d4 41 89 f6 49 89 fd 49 bf 00 00 00 00 00 fc ff df e8 d6 85 a5 fe 49 8d 5d 08 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 fc 0b 0d ff 48 8b 1b 31 ff 48 89 [ 85.725809][ T5100] RSP: 0018:ffffc90003f37758 EFLAGS: 00010202 [ 85.725823][ T5100] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888022738000 [ 85.725830][ T5100] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 85.725836][ T5100] RBP: ffffc90003f37b18 R08: ffffffff82e4c29a R09: ffffffff82ee1f39 [ 85.725843][ T5100] R10: 0000000000000002 R11: ffff888022738000 R12: 0000000000000000 [ 85.725849][ T5100] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 85.725855][ T5100] FS: 0000555587274380(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 85.725864][ T5100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.725870][ T5100] CR2: 00007ffe5d9a1000 CR3: 000000001e682000 CR4: 00000000003506f0 [ 85.725879][ T5100] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.725885][ T5100] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.725891][ T5100] Call Trace: [ 85.725895][ T5100] [ 85.725899][ T5100] ? __die_body+0x88/0xe0 [ 85.725927][ T5100] ? die_addr+0x108/0x140 [ 85.725942][ T5100] ? exc_general_protection+0x3dd/0x5d0 [ 85.725962][ T5100] ? asm_exc_general_protection+0x26/0x30 [ 85.725977][ T5100] ? mi_enum_attr+0x349/0x9e0 [ 85.725989][ T5100] ? attr_set_size+0xfca/0x4300 [ 85.726006][ T5100] ? run_is_mapped_full+0x35/0x480 [ 85.726019][ T5100] ? run_is_mapped_full+0x2a/0x480 [ 85.726032][ T5100] ? indx_insert_entry+0x2e8/0x790 [ 85.726043][ T5100] ? ntfs_create_inode+0x2563/0x3880 [ 85.726052][ T5100] ? ntfs_symlink+0xde/0x110 [ 85.726064][ T5100] ? vfs_symlink+0x137/0x2e0 [ 85.726119][ T5100] attr_set_size+0xfdf/0x4300 [ 85.726141][ T5100] ? __pfx_attr_set_size+0x10/0x10 [ 85.726156][ T5100] ? ni_find_attr+0x390/0x8d0 [ 85.726169][ T5100] ? ntfs_create_reparse_buffer+0x46f/0x700 [ 85.726179][ T5100] ? ntfs_create_inode+0x1c1c/0x3880 [ 85.726190][ T5100] ntfs_create_inode+0x2604/0x3880 [ 85.726201][ T5100] ? ntfs_create_inode+0x1c61/0x3880 [ 85.726216][ T5100] ? __pfx_ntfs_create_inode+0x10/0x10 [ 85.726226][ T5100] ? from_kgid+0x1a7/0x730 [ 85.726239][ T5100] ? make_vfsuid+0x46/0x90 [ 85.726256][ T5100] ? generic_permission+0x1e0/0x550 [ 85.726269][ T5100] ntfs_symlink+0xde/0x110 [ 85.726283][ T5100] vfs_symlink+0x137/0x2e0 [ 85.726292][ T5100] do_symlinkat+0x222/0x3a0 [ 85.726301][ T5100] ? __phys_addr_symbol+0x2f/0x70 [ 85.726319][ T5100] ? __pfx_do_symlinkat+0x10/0x10 [ 85.726330][ T5100] ? getname_flags+0x1e3/0x540 [ 85.726345][ T5100] __x64_sys_symlinkat+0x95/0xb0 [ 85.726355][ T5100] do_syscall_64+0xf3/0x230 [ 85.726368][ T5100] ? clear_bhb_loop+0x35/0x90 [ 85.726380][ T5100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.726389][ T5100] RIP: 0033:0x7f861218a879 [ 85.726405][ T5100] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 85.726418][ T5100] RSP: 002b:00007ffe5d9a0638 EFLAGS: 00000246 ORIG_RAX: 000000000000010a [ 85.726428][ T5100] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f861218a879 [ 85.726435][ T5100] RDX: 0000000020000440 RSI: 0000000000000006 RDI: 0000000020000340 [ 85.726442][ T5100] RBP: 00007f861221d610 R08: 00007ffe5d9a0808 R09: 00007ffe5d9a0808 [ 85.726448][ T5100] R10: 00007ffe5d9a0808 R11: 0000000000000246 R12: 0000000000000001 [ 85.726455][ T5100] R13: 00007ffe5d9a07f8 R14: 0000000000000001 R15: 0000000000000001 [ 85.726467][ T5100] [ 85.726471][ T5100] Modules linked in: [ 85.726487][ T5100] ---[ end trace 0000000000000000 ]--- [ 86.138920][ T5100] RIP: 0010:run_is_mapped_full+0x35/0x480 [ 86.144848][ T5100] Code: 41 54 53 48 83 ec 30 41 89 d4 41 89 f6 49 89 fd 49 bf 00 00 00 00 00 fc ff df e8 d6 85 a5 fe 49 8d 5d 08 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 fc 0b 0d ff 48 8b 1b 31 ff 48 89 [ 86.165057][ T5100] RSP: 0018:ffffc90003f37758 EFLAGS: 00010202 [ 86.171236][ T5100] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888022738000 [ 86.179379][ T5100] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.187469][ T5100] RBP: ffffc90003f37b18 R08: ffffffff82e4c29a R09: ffffffff82ee1f39 [ 86.195439][ T5100] R10: 0000000000000002 R11: ffff888022738000 R12: 0000000000000000 [ 86.203466][ T5100] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 86.211461][ T5100] FS: 0000555587274380(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 86.220430][ T5100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.227046][ T5100] CR2: 00007ffe5d9a1000 CR3: 000000001e682000 CR4: 00000000003506f0 [ 86.235197][ T5100] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 86.243487][ T5100] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 86.251606][ T5100] Kernel panic - not syncing: Fatal exception [ 86.258078][ T5100] Kernel Offset: disabled [ 86.262414][ T5100] Rebooting in 86400 seconds..