Warning: Permanently added '10.128.1.43' (ECDSA) to the list of known hosts. executing program [ 45.243814][ T3499] loop0: detected capacity change from 0 to 4096 [ 45.254927][ T3499] ntfs: (device loop0): ntfs_is_extended_system_file(): Corrupt file name attribute. You should run chkdsk. [ 45.266765][ T3499] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 45.276100][ T3499] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 45.289456][ T3499] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 45.308184][ T3499] ntfs: volume version 3.1. [ 45.315129][ T3499] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 45.325253][ T3499] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 45.336818][ T3499] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 45.354815][ T3499] ================================================================== [ 45.363092][ T3499] BUG: KASAN: slab-out-of-bounds in ntfs_readdir+0xed5/0x36f0 [ 45.370562][ T3499] Read of size 1 at addr ffff88814abe12f1 by task syz-executor133/3499 [ 45.378894][ T3499] [ 45.381237][ T3499] CPU: 1 PID: 3499 Comm: syz-executor133 Not tainted 5.15.118-syzkaller #0 [ 45.389827][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 45.400077][ T3499] Call Trace: [ 45.403527][ T3499] <TASK> [ 45.406535][ T3499] dump_stack_lvl+0x1e3/0x2cb [ 45.411200][ T3499] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 45.416811][ T3499] ? _printk+0xd1/0x111 [ 45.420955][ T3499] ? __wake_up_klogd+0xcc/0x100 [ 45.425801][ T3499] ? panic+0x84d/0x84d [ 45.429885][ T3499] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 45.435347][ T3499] print_address_description+0x63/0x3b0 [ 45.441126][ T3499] ? ntfs_readdir+0xed5/0x36f0 [ 45.446579][ T3499] kasan_report+0x16b/0x1c0 [ 45.451097][ T3499] ? ntfs_readdir+0xed5/0x36f0 [ 45.455851][ T3499] ntfs_readdir+0xed5/0x36f0 [ 45.460588][ T3499] ? ntfs_unmap_page+0x1e0/0x1e0 [ 45.465519][ T3499] ? down_write+0x170/0x170 [ 45.470009][ T3499] ? common_file_perm+0x17d/0x1d0 [ 45.475232][ T3499] ? fsnotify_perm+0x438/0x5a0 [ 45.480176][ T3499] iterate_dir+0x224/0x570 [ 45.484600][ T3499] __se_sys_getdents64+0x209/0x4f0 [ 45.489721][ T3499] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 45.495687][ T3499] ? __x64_sys_getdents64+0x80/0x80 [ 45.501657][ T3499] ? filldir+0x720/0x720 [ 45.505994][ T3499] ? syscall_enter_from_user_mode+0x2e/0x230 [ 45.511975][ T3499] ? lockdep_hardirqs_on+0x94/0x130 [ 45.517381][ T3499] ? syscall_enter_from_user_mode+0x2e/0x230 [ 45.523365][ T3499] do_syscall_64+0x3d/0xb0 [ 45.531243][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.537321][ T3499] RIP: 0033:0x7f249010e7b9 [ 45.542046][ T3499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 45.561742][ T3499] RSP: 002b:00007ffc4d0fe4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 45.570146][ T3499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f249010e7b9 [ 45.578097][ T3499] RDX: 00000000000000ab RSI: 0000000020000080 RDI: 0000000000000004 [ 45.586132][ T3499] RBP: 00007f24900ce050 R08: 0000000000000000 R09: 0000000000000000 [ 45.594214][ T3499] R10: 000000000001f1b8 R11: 0000000000000246 R12: 00007f24900ce0e0 [ 45.602530][ T3499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 45.610582][ T3499] </TASK> [ 45.613583][ T3499] [ 45.615882][ T3499] Allocated by task 3499: [ 45.620714][ T3499] ____kasan_kmalloc+0xba/0xf0 [ 45.625458][ T3499] __kmalloc+0x168/0x300 [ 45.629678][ T3499] ntfs_readdir+0x823/0x36f0 [ 45.634250][ T3499] iterate_dir+0x224/0x570 [ 45.638676][ T3499] __se_sys_getdents64+0x209/0x4f0 [ 45.643778][ T3499] do_syscall_64+0x3d/0xb0 [ 45.648189][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.654070][ T3499] [ 45.656378][ T3499] The buggy address belongs to the object at ffff88814abe1280 [ 45.656378][ T3499] which belongs to the cache kmalloc-64 of size 64 [ 45.670232][ T3499] The buggy address is located 49 bytes to the right of [ 45.670232][ T3499] 64-byte region [ffff88814abe1280, ffff88814abe12c0) [ 45.686170][ T3499] The buggy address belongs to the page: [ 45.691867][ T3499] page:ffffea00052af840 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14abe1 [ 45.702340][ T3499] flags: 0x57ff00000000200(slab|node=1|zone=2|lastcpupid=0x7ff) [ 45.709954][ T3499] raw: 057ff00000000200 ffffea000065fd00 0000000e0000000e ffff888011c41640 [ 45.718605][ T3499] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 45.727252][ T3499] page dumped because: kasan: bad access detected [ 45.733928][ T3499] page_owner tracks the page as allocated [ 45.739777][ T3499] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 9801106725, free_ts 0 [ 45.754619][ T3499] get_page_from_freelist+0x322a/0x33c0 [ 45.760154][ T3499] __alloc_pages+0x272/0x700 [ 45.764718][ T3499] alloc_page_interleave+0x22/0x1c0 [ 45.769908][ T3499] new_slab+0xbb/0x4b0 [ 45.773953][ T3499] ___slab_alloc+0x6f6/0xe10 [ 45.778810][ T3499] kmem_cache_alloc_trace+0x1a0/0x290 [ 45.784193][ T3499] __kthread_create_on_node+0xf1/0x3f0 [ 45.789644][ T3499] kthread_create_on_node+0xda/0x120 [ 45.794909][ T3499] cryptomgr_notify+0x125/0xc70 [ 45.799737][ T3499] blocking_notifier_call_chain+0x104/0x1b0 [ 45.805605][ T3499] crypto_probing_notify+0x21/0x70 [ 45.810698][ T3499] crypto_wait_for_test+0x3e/0xd0 [ 45.815873][ T3499] crypto_register_alg+0x25b/0x330 [ 45.821136][ T3499] aesni_init+0x15d/0x237 [ 45.825441][ T3499] do_one_initcall+0x22b/0x7a0 [ 45.830196][ T3499] do_initcall_level+0x157/0x207 [ 45.835193][ T3499] page_owner free stack trace missing [ 45.840543][ T3499] [ 45.842841][ T3499] Memory state around the buggy address: [ 45.848693][ T3499] ffff88814abe1180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 45.856737][ T3499] ffff88814abe1200: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 45.864869][ T3499] >ffff88814abe1280: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 45.872906][ T3499] ^ [ 45.881029][ T3499] ffff88814abe1300: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 45.889155][ T3499] ffff88814abe1380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 45.897190][ T3499] ================================================================== [ 45.905225][ T3499] Disabling lock debugging due to kernel taint [ 45.911516][ T3499] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 45.918707][ T3499] CPU: 0 PID: 3499 Comm: syz-executor133 Tainted: G B 5.15.118-syzkaller #0 [ 45.928668][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 45.938713][ T3499] Call Trace: [ 45.942070][ T3499] <TASK> [ 45.944983][ T3499] dump_stack_lvl+0x1e3/0x2cb [ 45.949648][ T3499] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 45.955258][ T3499] ? panic+0x84d/0x84d [ 45.959299][ T3499] ? rcu_is_watching+0x11/0xa0 [ 45.964121][ T3499] ? preempt_schedule_common+0xa6/0xd0 [ 45.969562][ T3499] panic+0x318/0x84d [ 45.973431][ T3499] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 45.979568][ T3499] ? check_panic_on_warn+0x1d/0xa0 [ 45.984654][ T3499] ? fb_is_primary_device+0xcc/0xcc [ 45.989827][ T3499] ? _raw_spin_unlock_irqrestore+0x128/0x130 [ 45.995779][ T3499] ? _raw_spin_unlock+0x40/0x40 [ 46.000750][ T3499] check_panic_on_warn+0x7e/0xa0 [ 46.005774][ T3499] ? ntfs_readdir+0xed5/0x36f0 [ 46.010539][ T3499] end_report+0x6d/0xf0 [ 46.014694][ T3499] kasan_report+0x18e/0x1c0 [ 46.019172][ T3499] ? ntfs_readdir+0xed5/0x36f0 [ 46.023921][ T3499] ntfs_readdir+0xed5/0x36f0 [ 46.028499][ T3499] ? ntfs_unmap_page+0x1e0/0x1e0 [ 46.033417][ T3499] ? down_write+0x170/0x170 [ 46.037957][ T3499] ? common_file_perm+0x17d/0x1d0 [ 46.043045][ T3499] ? fsnotify_perm+0x438/0x5a0 [ 46.047800][ T3499] iterate_dir+0x224/0x570 [ 46.052192][ T3499] __se_sys_getdents64+0x209/0x4f0 [ 46.057600][ T3499] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 46.063577][ T3499] ? __x64_sys_getdents64+0x80/0x80 [ 46.068762][ T3499] ? filldir+0x720/0x720 [ 46.072983][ T3499] ? syscall_enter_from_user_mode+0x2e/0x230 [ 46.078954][ T3499] ? lockdep_hardirqs_on+0x94/0x130 [ 46.084149][ T3499] ? syscall_enter_from_user_mode+0x2e/0x230 [ 46.090129][ T3499] do_syscall_64+0x3d/0xb0 [ 46.094573][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.100450][ T3499] RIP: 0033:0x7f249010e7b9 [ 46.104838][ T3499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 46.124515][ T3499] RSP: 002b:00007ffc4d0fe4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 46.133175][ T3499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f249010e7b9 [ 46.141122][ T3499] RDX: 00000000000000ab RSI: 0000000020000080 RDI: 0000000000000004 [ 46.149067][ T3499] RBP: 00007f24900ce050 R08: 0000000000000000 R09: 0000000000000000 [ 46.157058][ T3499] R10: 000000000001f1b8 R11: 0000000000000246 R12: 00007f24900ce0e0 [ 46.165011][ T3499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 46.172957][ T3499] </TASK> [ 46.176278][ T3499] Kernel Offset: disabled [ 46.180607][ T3499] Rebooting in 86400 seconds..