./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor934835009

<...>
Warning: Permanently added '10.128.0.73' (ECDSA) to the list of known hosts.
execve("./syz-executor934835009", ["./syz-executor934835009"], 0x7ffc355f4bf0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556a01000
brk(0x555556a01c40)                     = 0x555556a01c40
arch_prctl(ARCH_SET_FS, 0x555556a01300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor934835009", 4096) = 27
brk(0x555556a22c40)                     = 0x555556a22c40
brk(0x555556a23000)                     = 0x555556a23000
mprotect(0x7fb16d875000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb16539d000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\xff\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\xbb\x02\x87\x1c\xc7\xbb\xb3\x5e\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7fb16539d000, 2097152)         = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
mkdir("./file1", 0777)                  = 0
mount("/dev/loop0", "./file1", "ntfs3", MS_NOATIME, "") = 0
openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
chdir("./file1")                        = 0
ioctl(4, LOOP_CLR_FD)                   = 0
close(4)                                = 0
syzkaller login: [   52.199062][ T3631] loop0: detected capacity change from 0 to 4096
[   52.210572][ T3631] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[   52.248088][ T3631] ==================================================================
[   52.256194][ T3631] BUG: KASAN: slab-out-of-bounds in hdr_delete_de+0xe0/0x150
[   52.263590][ T3631] Read of size 16842960 at addr ffff888079cc0600 by task syz-executor934/3631
[   52.272416][ T3631] 
[   52.274724][ T3631] CPU: 0 PID: 3631 Comm: syz-executor934 Not tainted 6.1.0-rc8-syzkaller #0
[   52.283376][ T3631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   52.293500][ T3631] Call Trace:
[   52.296764][ T3631]  <TASK>
[   52.299680][ T3631]  dump_stack_lvl+0x1b1/0x28e
[   52.304364][ T3631]  ? nf_tcp_handle_invalid+0x62e/0x62e
[   52.309921][ T3631]  ? __wake_up_klogd+0xcd/0x100
[   52.314771][ T3631]  ? panic+0x710/0x710
[   52.318832][ T3631]  ? _printk+0xc0/0x100
[   52.322978][ T3631]  ? _raw_spin_lock_irqsave+0x8e/0x100
[   52.328434][ T3631]  print_address_description+0x74/0x340
[   52.333973][ T3631]  print_report+0x107/0x1f0
[   52.338477][ T3631]  ? __virt_addr_valid+0x21b/0x2d0
[   52.343583][ T3631]  ? __phys_addr+0xb5/0x160
[   52.348081][ T3631]  ? hdr_delete_de+0xe0/0x150
[   52.352753][ T3631]  kasan_report+0xcd/0x100
[   52.357161][ T3631]  ? hdr_delete_de+0xe0/0x150
[   52.361836][ T3631]  kasan_check_range+0x2a7/0x2e0
[   52.366765][ T3631]  ? hdr_delete_de+0xe0/0x150
[   52.371436][ T3631]  memmove+0x25/0x60
[   52.375323][ T3631]  hdr_delete_de+0xe0/0x150
[   52.379840][ T3631]  indx_delete_entry+0x74f/0x3670
[   52.384866][ T3631]  ? do_raw_spin_unlock+0x134/0x8a0
[   52.390057][ T3631]  ? _raw_spin_unlock_irq+0x1f/0x40
[   52.395253][ T3631]  ? indx_insert_into_buffer+0x13b0/0x13b0
[   52.401054][ T3631]  ? ntfs_set_state+0x50e/0x680
[   52.405904][ T3631]  ? ni_remove_name+0x1ff/0x980
[   52.410745][ T3631]  ni_remove_name+0x27a/0x980
[   52.415423][ T3631]  ? ntfs_unlink_inode+0x2d1/0x720
[   52.420534][ T3631]  ? ni_write_frame+0xbf0/0xbf0
[   52.425466][ T3631]  ? fill_name_de+0x126/0x330
[   52.430139][ T3631]  ntfs_unlink_inode+0x3d4/0x720
[   52.435071][ T3631]  ? ntfs_link_inode+0x170/0x170
[   52.440002][ T3631]  ? do_raw_spin_unlock+0x134/0x8a0
[   52.445196][ T3631]  ntfs_rename+0x41a/0xcb0
[   52.449619][ T3631]  ? ntfs_mknod+0x60/0x60
[   52.453942][ T3631]  ? do_raw_spin_unlock+0x134/0x8a0
[   52.459132][ T3631]  ? memcpy+0x3c/0x60
[   52.463108][ T3631]  vfs_rename+0xd53/0x1130
[   52.467540][ T3631]  ? __ia32_sys_link+0x90/0x90
[   52.472294][ T3631]  ? _raw_spin_unlock+0x24/0x40
[   52.477228][ T3631]  ? security_path_rename+0x1ab/0x230
[   52.482595][ T3631]  do_renameat2+0xb53/0x1370
[   52.487189][ T3631]  ? fsnotify_move+0x4e0/0x4e0
[   52.491946][ T3631]  ? check_heap_object+0x244/0x810
[   52.497053][ T3631]  ? __phys_addr_symbol+0x2b/0x70
[   52.502074][ T3631]  ? strncpy_from_user+0x1d6/0x330
[   52.507180][ T3631]  ? getname_flags+0x1ea/0x4e0
[   52.511941][ T3631]  __x64_sys_rename+0x82/0x90
[   52.516614][ T3631]  do_syscall_64+0x3d/0xb0
[   52.521020][ T3631]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.526905][ T3631] RIP: 0033:0x7fb16d7e97c9
[   52.531310][ T3631] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   52.550997][ T3631] RSP: 002b:00007ffdc864b578 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   52.559419][ T3631] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007fb16d7e97c9
[   52.567379][ T3631] RDX: 0000000000000030 RSI: 0000000020000080 RDI: 0000000020000040
[   52.575362][ T3631] RBP: 00007fb16d7a9060 R08: 000000000001f376 R09: 0000000000000000
[   52.583337][ T3631] R10: 00007ffdc864b440 R11: 0000000000000246 R12: 00007fb16d7a90f0
[   52.591567][ T3631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   52.599559][ T3631]  </TASK>
[   52.602595][ T3631] 
[   52.604911][ T3631] Allocated by task 3631:
[   52.609224][ T3631]  kasan_set_track+0x3d/0x60
[   52.613814][ T3631]  __kasan_kmalloc+0x97/0xb0
[   52.618391][ T3631]  __kmalloc+0xaf/0x1a0
[   52.622541][ T3631]  indx_read+0x29a/0x880
[   52.626778][ T3631]  indx_find+0x491/0xb20
[   52.631010][ T3631]  indx_delete_entry+0x460/0x3670
[   52.636022][ T3631]  ni_remove_name+0x27a/0x980
[   52.640685][ T3631]  ntfs_unlink_inode+0x3d4/0x720
[   52.645614][ T3631]  ntfs_rename+0x41a/0xcb0
[   52.650021][ T3631]  vfs_rename+0xd53/0x1130
[   52.654424][ T3631]  do_renameat2+0xb53/0x1370
[   52.659001][ T3631]  __x64_sys_rename+0x82/0x90
[   52.663671][ T3631]  do_syscall_64+0x3d/0xb0
[   52.668075][ T3631]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.673956][ T3631] 
[   52.676269][ T3631] The buggy address belongs to the object at ffff888079cc0000
[   52.676269][ T3631]  which belongs to the cache kmalloc-4k of size 4096
[   52.690306][ T3631] The buggy address is located 1536 bytes inside of
[   52.690306][ T3631]  4096-byte region [ffff888079cc0000, ffff888079cc1000)
[   52.703739][ T3631] 
[   52.706079][ T3631] The buggy address belongs to the physical page:
[   52.712473][ T3631] page:ffffea0001e73000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79cc0
[   52.722614][ T3631] head:ffffea0001e73000 order:3 compound_mapcount:0 compound_pincount:0
[   52.730925][ T3631] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   52.738899][ T3631] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888012842140
[   52.747469][ T3631] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000
[   52.756561][ T3631] page dumped because: kasan: bad access detected
[   52.762979][ T3631] page_owner tracks the page as allocated
[   52.768676][ T3631] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2999, tgid 2999 (udevd), ts 25263182361, free_ts 19241901550
[   52.788742][ T3631]  get_page_from_freelist+0x742/0x7c0
[   52.794126][ T3631]  __alloc_pages+0x259/0x560
[   52.798707][ T3631]  alloc_slab_page+0xbd/0x190
[   52.803403][ T3631]  allocate_slab+0x5e/0x4b0
[   52.807899][ T3631]  ___slab_alloc+0x782/0xe20
[   52.812482][ T3631]  __kmem_cache_alloc_node+0x252/0x310
[   52.817934][ T3631]  __kmalloc+0x9e/0x1a0
[   52.822079][ T3631]  tomoyo_realpath_from_path+0xcd/0x5f0
[   52.827619][ T3631]  tomoyo_path_perm+0x227/0x670
[   52.832460][ T3631]  security_inode_getattr+0xc0/0x140
[   52.837737][ T3631]  vfs_statx+0x188/0x4a0
[   52.841975][ T3631]  __se_sys_newfstatat+0xed/0x7d0
[   52.846988][ T3631]  do_syscall_64+0x3d/0xb0
[   52.851393][ T3631]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.857272][ T3631] page last free stack trace:
[   52.861932][ T3631]  free_pcp_prepare+0x80c/0x8f0
[   52.866772][ T3631]  free_unref_page+0x7d/0x5f0
[   52.871441][ T3631]  __unfreeze_partials+0x1ab/0x200
[   52.876544][ T3631]  put_cpu_partial+0x106/0x170
[   52.881299][ T3631]  qlist_free_all+0x2b/0x70
[   52.885796][ T3631]  kasan_quarantine_reduce+0x169/0x180
[   52.891244][ T3631]  __kasan_slab_alloc+0x1f/0x70
[   52.896093][ T3631]  kmem_cache_alloc+0x1cc/0x300
[   52.900931][ T3631]  vm_area_alloc+0x20/0xe0
[   52.905333][ T3631]  mmap_region+0xd38/0x1e20
[   52.909826][ T3631]  do_mmap+0x8d9/0xf30
[   52.913884][ T3631]  vm_mmap_pgoff+0x19e/0x2b0
[   52.918465][ T3631]  ksys_mmap_pgoff+0x48c/0x6d0
[   52.923217][ T3631]  do_syscall_64+0x3d/0xb0
[   52.927620][ T3631]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.933501][ T3631] 
[   52.935810][ T3631] Memory state around the buggy address:
[   52.941422][ T3631]  ffff888079cc0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.949473][ T3631]  ffff888079cc0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.957518][ T3631] >ffff888079cc1000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.965561][ T3631]                    ^
[   52.969612][ T3631]  ffff888079cc1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.977661][ T3631]  ffff888079cc1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.985703][ T3631] ==================================================================
[   53.006572][ T3631] Kernel panic - not syncing: panic_on_warn set ...
[   53.013190][ T3631] CPU: 1 PID: 3631 Comm: syz-executor934 Not tainted 6.1.0-rc8-syzkaller #0
[   53.021843][ T3631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   53.031881][ T3631] Call Trace:
[   53.035143][ T3631]  <TASK>
[   53.038058][ T3631]  dump_stack_lvl+0x1b1/0x28e
[   53.042724][ T3631]  ? nf_tcp_handle_invalid+0x62e/0x62e
[   53.048161][ T3631]  ? panic+0x710/0x710
[   53.052210][ T3631]  ? preempt_schedule_common+0xb7/0xe0
[   53.057657][ T3631]  ? vscnprintf+0x59/0x80
[   53.062000][ T3631]  panic+0x2d6/0x710
[   53.065882][ T3631]  ? memcpy_page_flushcache+0xfc/0xfc
[   53.071330][ T3631]  ? _raw_spin_unlock_irqrestore+0x110/0x120
[   53.077314][ T3631]  ? print_report+0x1b4/0x1f0
[   53.081971][ T3631]  ? hdr_delete_de+0xe0/0x150
[   53.086631][ T3631]  end_report+0x91/0xa0
[   53.090810][ T3631]  kasan_report+0xda/0x100
[   53.095206][ T3631]  ? hdr_delete_de+0xe0/0x150
[   53.099874][ T3631]  kasan_check_range+0x2a7/0x2e0
[   53.104792][ T3631]  ? hdr_delete_de+0xe0/0x150
[   53.109449][ T3631]  memmove+0x25/0x60
[   53.113325][ T3631]  hdr_delete_de+0xe0/0x150
[   53.117810][ T3631]  indx_delete_entry+0x74f/0x3670
[   53.122821][ T3631]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.128001][ T3631]  ? _raw_spin_unlock_irq+0x1f/0x40
[   53.133182][ T3631]  ? indx_insert_into_buffer+0x13b0/0x13b0
[   53.138969][ T3631]  ? ntfs_set_state+0x50e/0x680
[   53.143809][ T3631]  ? ni_remove_name+0x1ff/0x980
[   53.148644][ T3631]  ni_remove_name+0x27a/0x980
[   53.153301][ T3631]  ? ntfs_unlink_inode+0x2d1/0x720
[   53.158397][ T3631]  ? ni_write_frame+0xbf0/0xbf0
[   53.163234][ T3631]  ? fill_name_de+0x126/0x330
[   53.167899][ T3631]  ntfs_unlink_inode+0x3d4/0x720
[   53.172821][ T3631]  ? ntfs_link_inode+0x170/0x170
[   53.177740][ T3631]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.182923][ T3631]  ntfs_rename+0x41a/0xcb0
[   53.187328][ T3631]  ? ntfs_mknod+0x60/0x60
[   53.191638][ T3631]  ? do_raw_spin_unlock+0x134/0x8a0
[   53.196817][ T3631]  ? memcpy+0x3c/0x60
[   53.200791][ T3631]  vfs_rename+0xd53/0x1130
[   53.205192][ T3631]  ? __ia32_sys_link+0x90/0x90
[   53.209937][ T3631]  ? _raw_spin_unlock+0x24/0x40
[   53.214773][ T3631]  ? security_path_rename+0x1ab/0x230
[   53.220127][ T3631]  do_renameat2+0xb53/0x1370
[   53.224703][ T3631]  ? fsnotify_move+0x4e0/0x4e0
[   53.229448][ T3631]  ? check_heap_object+0x244/0x810
[   53.234544][ T3631]  ? __phys_addr_symbol+0x2b/0x70
[   53.239553][ T3631]  ? strncpy_from_user+0x1d6/0x330
[   53.244647][ T3631]  ? getname_flags+0x1ea/0x4e0
[   53.249394][ T3631]  __x64_sys_rename+0x82/0x90
[   53.254051][ T3631]  do_syscall_64+0x3d/0xb0
[   53.258461][ T3631]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.264420][ T3631] RIP: 0033:0x7fb16d7e97c9
[   53.268815][ T3631] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   53.288405][ T3631] RSP: 002b:00007ffdc864b578 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   53.296797][ T3631] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007fb16d7e97c9
[   53.304836][ T3631] RDX: 0000000000000030 RSI: 0000000020000080 RDI: 0000000020000040
[   53.312787][ T3631] RBP: 00007fb16d7a9060 R08: 000000000001f376 R09: 0000000000000000
[   53.320743][ T3631] R10: 00007ffdc864b440 R11: 0000000000000246 R12: 00007fb16d7a90f0
[   53.328698][ T3631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   53.336660][ T3631]  </TASK>
[   53.339864][ T3631] Kernel Offset: disabled
[   53.344176][ T3631] Rebooting in 86400 seconds..