./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1195139259

<...>
Warning: Permanently added '10.128.10.33' (ED25519) to the list of known hosts.
execve("./syz-executor1195139259", ["./syz-executor1195139259"], 0x7ffe411af760 /* 10 vars */) = 0
brk(NULL)                               = 0x555556e64000
brk(0x555556e64d00)                     = 0x555556e64d00
arch_prctl(ARCH_SET_FS, 0x555556e64380) = 0
set_tid_address(0x555556e64650)         = 5022
set_robust_list(0x555556e64660, 24)     = 0
rseq(0x555556e64ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1195139259", 4096) = 28
getrandom("\x6f\x4b\x58\xb2\x99\x21\x46\xe3", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556e64d00
brk(0x555556e85d00)                     = 0x555556e85d00
brk(0x555556e86000)                     = 0x555556e86000
mprotect(0x7f9d2238f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9d19ec0000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7f9d19ec0000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
mkdir("./file0", 0777)                  = 0
[   54.992953][ T5022] syz-executor119[5022]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   55.031768][ T5022] loop0: detected capacity change from 0 to 4096
[   55.043805][ T5022] ntfs: (device loop0): ntfs_is_extended_system_file(): Corrupt file name attribute. You should run chkdsk.
[   55.055298][ T5022] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing.
[   55.064159][ T5022] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[   55.077134][ T5022] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
mount("/dev/loop0", "./file0", "ntfs", MS_NOSUID, "") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
chdir("./file0")                        = 0
ioctl(4, LOOP_CLR_FD)                   = 0
close(4)                                = 0
openat(AT_FDCWD, ".", O_RDONLY)         = 4
[   55.096801][ T5022] ntfs: volume version 3.1.
[   55.103196][ T5022] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[   55.113187][ T5022] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[   55.124495][ T5022] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[   55.153589][ T5022] ==================================================================
[   55.161679][ T5022] BUG: KASAN: slab-out-of-bounds in ntfs_readdir+0xeaa/0x2b80
[   55.169173][ T5022] Read of size 1 at addr ffff8880163beb71 by task syz-executor119/5022
[   55.177414][ T5022] 
[   55.179739][ T5022] CPU: 0 PID: 5022 Comm: syz-executor119 Not tainted 6.6.0-syzkaller-00207-g14ab6d425e80 #0
[   55.189807][ T5022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   55.199858][ T5022] Call Trace:
[   55.203122][ T5022]  <TASK>
[   55.206032][ T5022]  dump_stack_lvl+0x1e7/0x2d0
[   55.210692][ T5022]  ? nf_tcp_handle_invalid+0x650/0x650
[   55.216130][ T5022]  ? panic+0x770/0x770
[   55.220180][ T5022]  ? _printk+0xd5/0x120
[   55.224316][ T5022]  print_report+0x163/0x540
[   55.228845][ T5022]  ? mutex_unlock+0x10/0x10
[   55.233331][ T5022]  ? __virt_addr_valid+0x22f/0x2e0
[   55.238419][ T5022]  ? __phys_addr+0xba/0x170
[   55.242899][ T5022]  ? ntfs_readdir+0xeaa/0x2b80
[   55.247648][ T5022]  kasan_report+0x175/0x1b0
[   55.252137][ T5022]  ? ntfs_readdir+0xeaa/0x2b80
[   55.256878][ T5022]  ntfs_readdir+0xeaa/0x2b80
[   55.261443][ T5022]  ? __mutex_trylock_common+0x182/0x2e0
[   55.266971][ T5022]  ? read_lock_is_recursive+0x20/0x20
[   55.272323][ T5022]  ? ntfs_dir_fsync+0x470/0x470
[   55.277151][ T5022]  ? clear_nonspinnable+0x60/0x60
[   55.282150][ T5022]  ? mutex_lock_nested+0x20/0x20
[   55.287069][ T5022]  ? ntfs_dir_fsync+0x470/0x470
[   55.291899][ T5022]  wrap_directory_iterator+0x91/0xd0
[   55.297173][ T5022]  iterate_dir+0x1cd/0x540
[   55.301572][ T5022]  __se_sys_getdents64+0x20d/0x4f0
[   55.306667][ T5022]  ? _raw_spin_unlock_irq+0x2e/0x50
[   55.311843][ T5022]  ? __x64_sys_getdents64+0x80/0x80
[   55.317095][ T5022]  ? filldir+0x6a0/0x6a0
[   55.321315][ T5022]  ? syscall_enter_from_user_mode+0x32/0x230
[   55.327271][ T5022]  ? syscall_enter_from_user_mode+0x8c/0x230
[   55.333233][ T5022]  do_syscall_64+0x41/0xc0
[   55.337631][ T5022]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.343507][ T5022] RIP: 0033:0x7f9d222fd5f9
[   55.347898][ T5022] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   55.367480][ T5022] RSP: 002b:00007ffc5c096e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   55.375870][ T5022] RAX: ffffffffffffffda RBX: 00007ffc5c096ff8 RCX: 00007f9d222fd5f9
[   55.383821][ T5022] RDX: 00000000000000ab RSI: 0000000020000080 RDI: 0000000000000004
[   55.391769][ T5022] RBP: 00007f9d2238f610 R08: 0000000000000000 R09: 00007ffc5c096ff8
[   55.399719][ T5022] R10: 000000000001f1b8 R11: 0000000000000246 R12: 0000000000000001
[   55.407666][ T5022] R13: 00007ffc5c096fe8 R14: 0000000000000001 R15: 0000000000000001
[   55.415618][ T5022]  </TASK>
[   55.418615][ T5022] 
[   55.420915][ T5022] Allocated by task 5022:
[   55.425219][ T5022]  kasan_set_track+0x4f/0x70
[   55.429790][ T5022]  __kasan_kmalloc+0x98/0xb0
[   55.434368][ T5022]  __kmalloc+0xb9/0x230
[   55.438506][ T5022]  ntfs_readdir+0x832/0x2b80
[   55.443074][ T5022]  wrap_directory_iterator+0x91/0xd0
[   55.448337][ T5022]  iterate_dir+0x1cd/0x540
[   55.452732][ T5022]  __se_sys_getdents64+0x20d/0x4f0
[   55.457821][ T5022]  do_syscall_64+0x41/0xc0
[   55.462218][ T5022]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.468089][ T5022] 
[   55.470391][ T5022] The buggy address belongs to the object at ffff8880163beb00
[   55.470391][ T5022]  which belongs to the cache kmalloc-64 of size 64
[   55.484246][ T5022] The buggy address is located 57 bytes to the right of
[   55.484246][ T5022]  allocated 56-byte region [ffff8880163beb00, ffff8880163beb38)
[   55.498718][ T5022] 
[   55.501017][ T5022] The buggy address belongs to the physical page:
[   55.507402][ T5022] page:ffffea000058ef80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x163be
[   55.517524][ T5022] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[   55.525042][ T5022] page_type: 0xffffffff()
[   55.529352][ T5022] raw: 00fff00000000800 ffff888012841640 dead000000000100 dead000000000122
[   55.537911][ T5022] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[   55.546466][ T5022] page dumped because: kasan: bad access detected
[   55.552852][ T5022] page_owner tracks the page as allocated
[   55.558561][ T5022] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY), pid 4485, tgid 4485 (udevd), ts 18507686463, free_ts 18495585950
[   55.576072][ T5022]  post_alloc_hook+0x1e6/0x210
[   55.580817][ T5022]  get_page_from_freelist+0x31db/0x3360
[   55.586345][ T5022]  __alloc_pages+0x255/0x670
[   55.590912][ T5022]  alloc_slab_page+0x6a/0x160
[   55.595566][ T5022]  new_slab+0x84/0x2f0
[   55.599610][ T5022]  ___slab_alloc+0xc85/0x1310
[   55.604260][ T5022]  __kmem_cache_alloc_node+0x1af/0x270
[   55.609691][ T5022]  __kmalloc+0xa8/0x230
[   55.613824][ T5022]  tomoyo_encode+0x26f/0x530
[   55.618395][ T5022]  tomoyo_realpath_from_path+0x598/0x5e0
[   55.624006][ T5022]  tomoyo_check_open_permission+0x255/0x500
[   55.629876][ T5022]  security_file_open+0x63/0xa0
[   55.634706][ T5022]  do_dentry_open+0x327/0x1590
[   55.639445][ T5022]  path_openat+0x2845/0x3280
[   55.644011][ T5022]  do_filp_open+0x234/0x490
[   55.648490][ T5022]  do_sys_openat2+0x13e/0x1d0
[   55.653153][ T5022] page last free stack trace:
[   55.657799][ T5022]  free_unref_page_prepare+0x8c3/0x9f0
[   55.663237][ T5022]  free_unref_page+0x37/0x3f0
[   55.667905][ T5022]  __unfreeze_partials+0x1dc/0x220
[   55.672993][ T5022]  put_cpu_partial+0x17b/0x250
[   55.677734][ T5022]  __slab_free+0x2b6/0x390
[   55.682124][ T5022]  qlist_free_all+0x75/0xe0
[   55.686603][ T5022]  kasan_quarantine_reduce+0x14b/0x160
[   55.692038][ T5022]  __kasan_slab_alloc+0x23/0x70
[   55.696868][ T5022]  slab_post_alloc_hook+0x67/0x3d0
[   55.701951][ T5022]  kmem_cache_alloc+0x123/0x300
[   55.706776][ T5022]  getname_flags+0xbc/0x4f0
[   55.711253][ T5022]  do_sys_openat2+0xd2/0x1d0
[   55.715822][ T5022]  __x64_sys_openat+0x247/0x290
[   55.720650][ T5022]  do_syscall_64+0x41/0xc0
[   55.725048][ T5022]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.730920][ T5022] 
[   55.733222][ T5022] Memory state around the buggy address:
[   55.738824][ T5022]  ffff8880163bea00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   55.746859][ T5022]  ffff8880163bea80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   55.754896][ T5022] >ffff8880163beb00: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   55.762930][ T5022]                                                              ^
[   55.770615][ T5022]  ffff8880163beb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   55.778651][ T5022]  ffff8880163bec00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   55.786772][ T5022] ==================================================================
[   55.795218][ T5022] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   55.802518][ T5022] CPU: 1 PID: 5022 Comm: syz-executor119 Not tainted 6.6.0-syzkaller-00207-g14ab6d425e80 #0
[   55.812586][ T5022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   55.822632][ T5022] Call Trace:
[   55.825905][ T5022]  <TASK>
[   55.828915][ T5022]  dump_stack_lvl+0x1e7/0x2d0
[   55.833590][ T5022]  ? nf_tcp_handle_invalid+0x650/0x650
[   55.839216][ T5022]  ? panic+0x770/0x770
[   55.843276][ T5022]  ? preempt_schedule_common+0x83/0xc0
[   55.848733][ T5022]  ? vscnprintf+0x5d/0x80
[   55.853049][ T5022]  panic+0x30f/0x770
[   55.856965][ T5022]  ? check_panic_on_warn+0x21/0xa0
[   55.862070][ T5022]  ? __memcpy_flushcache+0x2b0/0x2b0
[   55.867347][ T5022]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   55.873317][ T5022]  ? _raw_spin_unlock+0x40/0x40
[   55.878151][ T5022]  ? print_report+0x4fb/0x540
[   55.882911][ T5022]  check_panic_on_warn+0x82/0xa0
[   55.887883][ T5022]  ? ntfs_readdir+0xeaa/0x2b80
[   55.892739][ T5022]  end_report+0x6e/0x130
[   55.896982][ T5022]  kasan_report+0x186/0x1b0
[   55.901482][ T5022]  ? ntfs_readdir+0xeaa/0x2b80
[   55.906239][ T5022]  ntfs_readdir+0xeaa/0x2b80
[   55.910824][ T5022]  ? __mutex_trylock_common+0x182/0x2e0
[   55.916370][ T5022]  ? read_lock_is_recursive+0x20/0x20
[   55.921821][ T5022]  ? ntfs_dir_fsync+0x470/0x470
[   55.926693][ T5022]  ? clear_nonspinnable+0x60/0x60
[   55.931705][ T5022]  ? mutex_lock_nested+0x20/0x20
[   55.936636][ T5022]  ? ntfs_dir_fsync+0x470/0x470
[   55.941481][ T5022]  wrap_directory_iterator+0x91/0xd0
[   55.946765][ T5022]  iterate_dir+0x1cd/0x540
[   55.951200][ T5022]  __se_sys_getdents64+0x20d/0x4f0
[   55.956327][ T5022]  ? _raw_spin_unlock_irq+0x2e/0x50
[   55.961618][ T5022]  ? __x64_sys_getdents64+0x80/0x80
[   55.966814][ T5022]  ? filldir+0x6a0/0x6a0
[   55.971047][ T5022]  ? syscall_enter_from_user_mode+0x32/0x230
[   55.977022][ T5022]  ? syscall_enter_from_user_mode+0x8c/0x230
[   55.982991][ T5022]  do_syscall_64+0x41/0xc0
[   55.987401][ T5022]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.993288][ T5022] RIP: 0033:0x7f9d222fd5f9
[   55.997692][ T5022] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   56.017280][ T5022] RSP: 002b:00007ffc5c096e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   56.025680][ T5022] RAX: ffffffffffffffda RBX: 00007ffc5c096ff8 RCX: 00007f9d222fd5f9
[   56.033634][ T5022] RDX: 00000000000000ab RSI: 0000000020000080 RDI: 0000000000000004
[   56.041677][ T5022] RBP: 00007f9d2238f610 R08: 0000000000000000 R09: 00007ffc5c096ff8
[   56.049634][ T5022] R10: 000000000001f1b8 R11: 0000000000000246 R12: 0000000000000001
[   56.057590][ T5022] R13: 00007ffc5c096fe8 R14: 0000000000000001 R15: 0000000000000001
[   56.065551][ T5022]  </TASK>
[   56.068756][ T5022] Kernel Offset: disabled
[   56.073062][ T5022] Rebooting in 86400 seconds..