Warning: Permanently added '10.128.10.51' (ED25519) to the list of known hosts.
executing program
syzkaller login: [ 68.876233][ T4246] loop0: detected capacity change from 0 to 4096
[ 68.887174][ T4246] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid end of sector marker.
[ 68.897295][ T4246] ==================================================================
[ 68.905383][ T4246] BUG: KASAN: use-after-free in ntfs_attr_find+0x7d6/0xd50
[ 68.912621][ T4246] Read of size 2 at addr ffff88806e10f042 by task syz-executor418/4246
[ 68.920851][ T4246]
[ 68.923197][ T4246] CPU: 1 PID: 4246 Comm: syz-executor418 Not tainted 6.1.119-syzkaller #0
[ 68.931777][ T4246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 68.941908][ T4246] Call Trace:
[ 68.945185][ T4246]
[ 68.948104][ T4246] dump_stack_lvl+0x1e3/0x2cb
[ 68.952784][ T4246] ? nf_tcp_handle_invalid+0x642/0x642
[ 68.958242][ T4246] ? panic+0x764/0x764
[ 68.962310][ T4246] ? _printk+0xd1/0x111
[ 68.966457][ T4246] ? __virt_addr_valid+0x17f/0x530
[ 68.971575][ T4246] ? __virt_addr_valid+0x17f/0x530
[ 68.976676][ T4246] print_report+0x15f/0x4f0
[ 68.981165][ T4246] ? __virt_addr_valid+0x17f/0x530
[ 68.986269][ T4246] ? __virt_addr_valid+0x17f/0x530
[ 68.991372][ T4246] ? __virt_addr_valid+0x45b/0x530
[ 68.996472][ T4246] ? __phys_addr+0xb6/0x170
[ 69.000966][ T4246] ? ntfs_attr_find+0x7d6/0xd50
[ 69.005809][ T4246] kasan_report+0x136/0x160
[ 69.010299][ T4246] ? slab_post_alloc_hook+0x52/0x3a0
[ 69.015605][ T4246] ? ntfs_attr_find+0x7d6/0xd50
[ 69.020451][ T4246] ntfs_attr_find+0x7d6/0xd50
[ 69.025138][ T4246] ntfs_attr_lookup+0x4e0/0x2390
[ 69.030070][ T4246] ? __kasan_slab_alloc+0x65/0x70
[ 69.035096][ T4246] ? slab_post_alloc_hook+0x71/0x3a0
[ 69.040374][ T4246] ? ntfs_attr_reinit_search_ctx+0x2e0/0x2e0
[ 69.046365][ T4246] ? kmem_cache_alloc+0x13a/0x2d0
[ 69.051380][ T4246] ? ntfs_attr_get_search_ctx+0x4d/0x180
[ 69.057004][ T4246] ? memset+0x1f/0x40
[ 69.060973][ T4246] ? ntfs_attr_reinit_search_ctx+0x4b/0x2e0
[ 69.066856][ T4246] ntfs_read_locked_inode+0xa34/0x49c0
[ 69.072332][ T4246] ntfs_read_inode_mount+0xda2/0x2660
[ 69.077715][ T4246] ntfs_fill_super+0x1880/0x2bd0
[ 69.082661][ T4246] mount_bdev+0x2c9/0x3f0
[ 69.086999][ T4246] ? ntfs_mount+0x40/0x40
[ 69.091357][ T4246] legacy_get_tree+0xeb/0x180
[ 69.096032][ T4246] ? ntfs_rl_punch_nolock+0x15b0/0x15b0
[ 69.101592][ T4246] vfs_get_tree+0x88/0x270
[ 69.106004][ T4246] do_new_mount+0x2ba/0xb40
[ 69.110519][ T4246] ? ns_capable+0x85/0xe0
[ 69.114849][ T4246] ? do_move_mount_old+0x160/0x160
[ 69.119958][ T4246] __se_sys_mount+0x2d5/0x3c0
[ 69.124649][ T4246] ? __x64_sys_mount+0xc0/0xc0
[ 69.129404][ T4246] ? syscall_enter_from_user_mode+0x2e/0x230
[ 69.135368][ T4246] ? lockdep_hardirqs_on+0x94/0x130
[ 69.140553][ T4246] ? __x64_sys_mount+0x1c/0xc0
[ 69.145325][ T4246] do_syscall_64+0x3b/0xb0
[ 69.149732][ T4246] ? clear_bhb_loop+0x45/0xa0
[ 69.154403][ T4246] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 69.160292][ T4246] RIP: 0033:0x7fe291e48dea
[ 69.164709][ T4246] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 69.184361][ T4246] RSP: 002b:00007ffc5a70cb08 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 69.192776][ T4246] RAX: ffffffffffffffda RBX: 00007ffc5a70cb20 RCX: 00007fe291e48dea
[ 69.200742][ T4246] RDX: 00000000200000c0 RSI: 00000000200001c0 RDI: 00007ffc5a70cb20
[ 69.208716][ T4246] RBP: 0000000000000004 R08: 00007ffc5a70cb60 R09: 000000000001f63d
[ 69.216678][ T4246] R10: 0000000000000004 R11: 0000000000000286 R12: 0000000000000004
[ 69.224656][ T4246] R13: 00007ffc5a70cb60 R14: 0000000000000003 R15: 0000000000200000
[ 69.232627][ T4246]
[ 69.235637][ T4246]
[ 69.237945][ T4246] The buggy address belongs to the physical page:
[ 69.244351][ T4246] page:ffffea0001b843c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6e10f
[ 69.254486][ T4246] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 69.261587][ T4246] raw: 00fff00000000000 ffffea0001b84408 ffff8880b8f411e0 0000000000000000
[ 69.270173][ T4246] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 69.278747][ T4246] page dumped because: kasan: bad access detected
[ 69.285145][ T4246] page_owner tracks the page as freed
[ 69.290509][ T4246] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 17673896441, free_ts 19018173538
[ 69.305422][ T4246] post_alloc_hook+0x18d/0x1b0
[ 69.310174][ T4246] split_map_pages+0x246/0x510
[ 69.314926][ T4246] isolate_freepages_range+0x47c/0x4e0
[ 69.320376][ T4246] alloc_contig_range+0x62a/0x990
[ 69.325392][ T4246] alloc_contig_pages+0x3f0/0x4e0
[ 69.330399][ T4246] debug_vm_pgtable_alloc_huge_page+0xb9/0x108
[ 69.336544][ T4246] init_args+0xc92/0x1022
[ 69.340864][ T4246] debug_vm_pgtable+0xaa/0x46b
[ 69.345619][ T4246] do_one_initcall+0x265/0x8f0
[ 69.350372][ T4246] do_initcall_level+0x157/0x207
[ 69.355298][ T4246] do_initcalls+0x49/0x86
[ 69.359646][ T4246] kernel_init_freeable+0x45c/0x60f
[ 69.364854][ T4246] kernel_init+0x19/0x290
[ 69.369169][ T4246] ret_from_fork+0x1f/0x30
[ 69.373578][ T4246] page last free stack trace:
[ 69.378233][ T4246] free_unref_page_prepare+0xf63/0x1120
[ 69.383781][ T4246] free_unref_page+0x33/0x3e0
[ 69.388445][ T4246] free_contig_range+0x9a/0x150
[ 69.393287][ T4246] destroy_args+0xfe/0x997
[ 69.397704][ T4246] debug_vm_pgtable+0x416/0x46b
[ 69.402547][ T4246] do_one_initcall+0x265/0x8f0
[ 69.407308][ T4246] do_initcall_level+0x157/0x207
[ 69.412235][ T4246] do_initcalls+0x49/0x86
[ 69.416584][ T4246] kernel_init_freeable+0x45c/0x60f
[ 69.421781][ T4246] kernel_init+0x19/0x290
[ 69.426195][ T4246] ret_from_fork+0x1f/0x30
[ 69.430664][ T4246]
[ 69.432981][ T4246] Memory state around the buggy address:
[ 69.438597][ T4246] ffff88806e10ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 69.446655][ T4246] ffff88806e10ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 69.454719][ T4246] >ffff88806e10f000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 69.462771][ T4246] ^
[ 69.468911][ T4246] ffff88806e10f080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 69.476955][ T4246] ffff88806e10f100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 69.484998][ T4246] ==================================================================
[ 69.497709][ T4246] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 69.504925][ T4246] CPU: 0 PID: 4246 Comm: syz-executor418 Not tainted 6.1.119-syzkaller #0
[ 69.513428][ T4246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 69.523498][ T4246] Call Trace:
[ 69.526858][ T4246]
[ 69.529784][ T4246] dump_stack_lvl+0x1e3/0x2cb
[ 69.534519][ T4246] ? nf_tcp_handle_invalid+0x642/0x642
[ 69.540091][ T4246] ? panic+0x764/0x764
[ 69.544188][ T4246] ? preempt_schedule_common+0xa6/0xd0
[ 69.549637][ T4246] ? vscnprintf+0x59/0x80
[ 69.553953][ T4246] panic+0x318/0x764
[ 69.557836][ T4246] ? check_panic_on_warn+0x1d/0xa0
[ 69.562939][ T4246] ? memcpy_page_flushcache+0xfc/0xfc
[ 69.568305][ T4246] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 69.574284][ T4246] ? _raw_spin_unlock+0x40/0x40
[ 69.579126][ T4246] ? print_report+0x4a3/0x4f0
[ 69.583833][ T4246] check_panic_on_warn+0x7e/0xa0
[ 69.588761][ T4246] ? ntfs_attr_find+0x7d6/0xd50
[ 69.593601][ T4246] end_report+0x66/0x110
[ 69.597856][ T4246] kasan_report+0x143/0x160
[ 69.602350][ T4246] ? slab_post_alloc_hook+0x52/0x3a0
[ 69.607641][ T4246] ? ntfs_attr_find+0x7d6/0xd50
[ 69.612490][ T4246] ntfs_attr_find+0x7d6/0xd50
[ 69.617177][ T4246] ntfs_attr_lookup+0x4e0/0x2390
[ 69.622120][ T4246] ? __kasan_slab_alloc+0x65/0x70
[ 69.627129][ T4246] ? slab_post_alloc_hook+0x71/0x3a0
[ 69.632428][ T4246] ? ntfs_attr_reinit_search_ctx+0x2e0/0x2e0
[ 69.638405][ T4246] ? kmem_cache_alloc+0x13a/0x2d0
[ 69.643421][ T4246] ? ntfs_attr_get_search_ctx+0x4d/0x180
[ 69.649061][ T4246] ? memset+0x1f/0x40
[ 69.653034][ T4246] ? ntfs_attr_reinit_search_ctx+0x4b/0x2e0
[ 69.658925][ T4246] ntfs_read_locked_inode+0xa34/0x49c0
[ 69.664387][ T4246] ntfs_read_inode_mount+0xda2/0x2660
[ 69.669775][ T4246] ntfs_fill_super+0x1880/0x2bd0
[ 69.674733][ T4246] mount_bdev+0x2c9/0x3f0
[ 69.679060][ T4246] ? ntfs_mount+0x40/0x40
[ 69.683394][ T4246] legacy_get_tree+0xeb/0x180
[ 69.688069][ T4246] ? ntfs_rl_punch_nolock+0x15b0/0x15b0
[ 69.693622][ T4246] vfs_get_tree+0x88/0x270
[ 69.698074][ T4246] do_new_mount+0x2ba/0xb40
[ 69.702604][ T4246] ? ns_capable+0x85/0xe0
[ 69.706937][ T4246] ? do_move_mount_old+0x160/0x160
[ 69.712089][ T4246] __se_sys_mount+0x2d5/0x3c0
[ 69.716769][ T4246] ? __x64_sys_mount+0xc0/0xc0
[ 69.721527][ T4246] ? syscall_enter_from_user_mode+0x2e/0x230
[ 69.727503][ T4246] ? lockdep_hardirqs_on+0x94/0x130
[ 69.732694][ T4246] ? __x64_sys_mount+0x1c/0xc0
[ 69.737458][ T4246] do_syscall_64+0x3b/0xb0
[ 69.741875][ T4246] ? clear_bhb_loop+0x45/0xa0
[ 69.746553][ T4246] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 69.752441][ T4246] RIP: 0033:0x7fe291e48dea
[ 69.756875][ T4246] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 69.776470][ T4246] RSP: 002b:00007ffc5a70cb08 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 69.784881][ T4246] RAX: ffffffffffffffda RBX: 00007ffc5a70cb20 RCX: 00007fe291e48dea
[ 69.792846][ T4246] RDX: 00000000200000c0 RSI: 00000000200001c0 RDI: 00007ffc5a70cb20
[ 69.800808][ T4246] RBP: 0000000000000004 R08: 00007ffc5a70cb60 R09: 000000000001f63d
[ 69.808771][ T4246] R10: 0000000000000004 R11: 0000000000000286 R12: 0000000000000004
[ 69.816736][ T4246] R13: 00007ffc5a70cb60 R14: 0000000000000003 R15: 0000000000200000
[ 69.824701][ T4246]
[ 69.828067][ T4246] Kernel Offset: disabled
[ 69.832395][ T4246] Rebooting in 86400 seconds..