DUID 00:04:b0:cd:33:f9:4f:8a:55:45:4d:7b:3b:ee:3a:71:f0:8b
forked to background, child pid 3186
[   24.354343][ T3187] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.365778][ T3187] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.10.8' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   40.426162][ T3600] loop0: detected capacity change from 0 to 2316
[   40.444151][ T3600] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[   40.453772][ T3600] ntfs3: loop0: RAW NTFS volume: Filesystem size 0.00 Gb > volume size 0.00 Gb. Mount in read-only
[   40.466116][ T3600] ==================================================================
[   40.474267][ T3600] BUG: KASAN: slab-out-of-bounds in run_unpack+0x84f/0xd00
[   40.481510][ T3600] Read of size 1 at addr ffff88807897b150 by task syz-executor350/3600
[   40.489730][ T3600] 
[   40.492041][ T3600] CPU: 1 PID: 3600 Comm: syz-executor350 Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[   40.502433][ T3600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   40.512469][ T3600] Call Trace:
[   40.515735][ T3600]  <TASK>
[   40.518661][ T3600]  dump_stack_lvl+0x1b1/0x28e
[   40.523345][ T3600]  ? fortify_panic+0x13/0x13
[   40.527919][ T3600]  ? __wake_up_klogd+0xcd/0x100
[   40.532753][ T3600]  ? panic+0x715/0x715
[   40.536808][ T3600]  ? _printk+0xc0/0x100
[   40.540960][ T3600]  print_address_description+0x65/0x4b0
[   40.546494][ T3600]  print_report+0x108/0x1f0
[   40.550983][ T3600]  ? _raw_spin_lock+0x40/0x40
[   40.555665][ T3600]  ? run_add_entry+0xbb5/0xe80
[   40.560419][ T3600]  ? run_unpack+0x84f/0xd00
[   40.564907][ T3600]  kasan_report+0xc3/0xf0
[   40.569221][ T3600]  ? run_unpack+0x84f/0xd00
[   40.573711][ T3600]  run_unpack+0x84f/0xd00
[   40.578034][ T3600]  run_unpack_ex+0xcc/0x870
[   40.582524][ T3600]  ? kvmalloc_node+0x6e/0x160
[   40.587196][ T3600]  ? ni_enum_attr_ex+0x2f6/0x6d0
[   40.592119][ T3600]  ? run_unpack+0xd00/0xd00
[   40.596607][ T3600]  ? ni_find_attr+0x8c0/0x8c0
[   40.601271][ T3600]  ? mi_read+0x260/0x510
[   40.605503][ T3600]  ntfs_iget5+0x1cf2/0x36a0
[   40.610009][ T3600]  ? check_index_root+0x680/0x680
[   40.615024][ T3600]  ntfs_loadlog_and_replay+0x1ac/0x5c0
[   40.620470][ T3600]  ? ntfs_extend_init+0x5a0/0x5a0
[   40.625481][ T3600]  ? evict+0x5d5/0x620
[   40.629540][ T3600]  ntfs_fill_super+0x2333/0x42a0
[   40.634471][ T3600]  ? put_ntfs+0x2a0/0x2a0
[   40.638788][ T3600]  ? vscnprintf+0x80/0x80
[   40.643111][ T3600]  ? set_blocksize+0x1d5/0x360
[   40.647864][ T3600]  get_tree_bdev+0x400/0x620
[   40.652438][ T3600]  ? put_ntfs+0x2a0/0x2a0
[   40.656760][ T3600]  vfs_get_tree+0x88/0x270
[   40.661202][ T3600]  do_new_mount+0x289/0xad0
[   40.665695][ T3600]  ? do_move_mount_old+0x150/0x150
[   40.670790][ T3600]  ? user_path_at_empty+0x149/0x1a0
[   40.675975][ T3600]  __se_sys_mount+0x2d3/0x3c0
[   40.680642][ T3600]  ? __x64_sys_mount+0xc0/0xc0
[   40.685403][ T3600]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   40.691372][ T3600]  ? lockdep_hardirqs_on+0x8d/0x130
[   40.696644][ T3600]  ? __x64_sys_mount+0x1c/0xc0
[   40.701408][ T3600]  do_syscall_64+0x3d/0xb0
[   40.705818][ T3600]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   40.711707][ T3600] RIP: 0033:0x7ff6e3d2a7fa
[   40.716113][ T3600] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   40.735705][ T3600] RSP: 002b:00007fff80a0fe28 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   40.744105][ T3600] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff6e3d2a7fa
[   40.752074][ T3600] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff80a0fe40
[   40.760034][ T3600] RBP: 00007fff80a0fe40 R08: 00007fff80a0fe80 R09: 00005555555982c0
[   40.767989][ T3600] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000004
[   40.775949][ T3600] R13: 00007fff80a0fe80 R14: 000000000000000d R15: 0000000020000338
[   40.783917][ T3600]  </TASK>
[   40.786926][ T3600] 
[   40.789240][ T3600] Allocated by task 0:
[   40.793293][ T3600] (stack is not available)
[   40.797689][ T3600] 
[   40.799999][ T3600] The buggy address belongs to the object at ffff88807897b000
[   40.799999][ T3600]  which belongs to the cache kmalloc-2k of size 2048
[   40.814037][ T3600] The buggy address is located 336 bytes inside of
[   40.814037][ T3600]  2048-byte region [ffff88807897b000, ffff88807897b800)
[   40.827425][ T3600] 
[   40.829733][ T3600] The buggy address belongs to the physical page:
[   40.836132][ T3600] page:ffffea0001e25e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78978
[   40.846278][ T3600] head:ffffea0001e25e00 order:3 compound_mapcount:0 compound_pincount:0
[   40.854595][ T3600] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   40.862581][ T3600] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888012042000
[   40.871148][ T3600] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[   40.879717][ T3600] page dumped because: kasan: bad access detected
[   40.886124][ T3600] page_owner tracks the page as allocated
[   40.891932][ T3600] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3600, tgid 3600 (syz-executor350), ts 40465647482, free_ts 36720022316
[   40.912765][ T3600]  get_page_from_freelist+0x742/0x7c0
[   40.918129][ T3600]  __alloc_pages+0x259/0x560
[   40.922703][ T3600]  alloc_slab_page+0x70/0xf0
[   40.927279][ T3600]  allocate_slab+0x5e/0x520
[   40.931773][ T3600]  ___slab_alloc+0x3ee/0xc40
[   40.936448][ T3600]  __kmalloc+0x2bd/0x370
[   40.940692][ T3600]  mi_init+0x72/0xe0
[   40.944592][ T3600]  ntfs_iget5+0x309/0x36a0
[   40.949009][ T3600]  ntfs_fill_super+0x2127/0x42a0
[   40.953945][ T3600]  get_tree_bdev+0x400/0x620
[   40.958538][ T3600]  vfs_get_tree+0x88/0x270
[   40.962938][ T3600]  do_new_mount+0x289/0xad0
[   40.967431][ T3600]  __se_sys_mount+0x2d3/0x3c0
[   40.972098][ T3600]  do_syscall_64+0x3d/0xb0
[   40.976503][ T3600]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   40.982381][ T3600] page last free stack trace:
[   40.987035][ T3600]  free_pcp_prepare+0x812/0x900
[   40.991872][ T3600]  free_unref_page+0x7d/0x5f0
[   40.996536][ T3600]  __unfreeze_partials+0x1ab/0x200
[   41.001639][ T3600]  put_cpu_partial+0x106/0x170
[   41.006390][ T3600]  qlist_free_all+0x2b/0x70
[   41.010881][ T3600]  kasan_quarantine_reduce+0x169/0x180
[   41.016327][ T3600]  __kasan_slab_alloc+0x2f/0xd0
[   41.021248][ T3600]  kmem_cache_alloc+0x1a6/0x310
[   41.026083][ T3600]  __anon_vma_prepare+0x64/0x3f0
[   41.031006][ T3600]  do_anonymous_page+0xe4e/0x1150
[   41.036013][ T3600]  handle_mm_fault+0x184b/0x3590
[   41.040933][ T3600]  do_user_addr_fault+0x69b/0xcb0
[   41.045954][ T3600]  exc_page_fault+0x7a/0x110
[   41.050528][ T3600]  asm_exc_page_fault+0x22/0x30
[   41.055362][ T3600] 
[   41.057670][ T3600] Memory state around the buggy address:
[   41.063371][ T3600]  ffff88807897b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.071506][ T3600]  ffff88807897b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.079566][ T3600] >ffff88807897b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.087618][ T3600]                                                  ^
[   41.094280][ T3600]  ffff88807897b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.102331][ T3600]  ffff88807897b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   41.110374][ T3600] ==================================================================
[   41.118935][ T3600] Kernel panic - not syncing: panic_on_warn set ...
[   41.125536][ T3600] CPU: 0 PID: 3600 Comm: syz-executor350 Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[   41.135960][ T3600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   41.146006][ T3600] Call Trace:
[   41.149269][ T3600]  <TASK>
[   41.152191][ T3600]  dump_stack_lvl+0x1b1/0x28e
[   41.156852][ T3600]  ? fortify_panic+0x13/0x13
[   41.161422][ T3600]  ? panic+0x715/0x715
[   41.165470][ T3600]  ? preempt_schedule_common+0xb7/0xe0
[   41.170916][ T3600]  ? vscnprintf+0x59/0x80
[   41.175226][ T3600]  panic+0x2d6/0x715
[   41.179277][ T3600]  ? fb_is_primary_device+0xcc/0xcc
[   41.184473][ T3600]  ? _raw_spin_unlock_irqrestore+0x110/0x120
[   41.190433][ T3600]  ? print_report+0x1b4/0x1f0
[   41.195090][ T3600]  ? run_unpack+0x84f/0xd00
[   41.199659][ T3600]  end_report+0x91/0xa0
[   41.203795][ T3600]  kasan_report+0xd0/0xf0
[   41.208169][ T3600]  ? run_unpack+0x84f/0xd00
[   41.212665][ T3600]  run_unpack+0x84f/0xd00
[   41.216991][ T3600]  run_unpack_ex+0xcc/0x870
[   41.221472][ T3600]  ? kvmalloc_node+0x6e/0x160
[   41.226129][ T3600]  ? ni_enum_attr_ex+0x2f6/0x6d0
[   41.231045][ T3600]  ? run_unpack+0xd00/0xd00
[   41.235530][ T3600]  ? ni_find_attr+0x8c0/0x8c0
[   41.240187][ T3600]  ? mi_read+0x260/0x510
[   41.244413][ T3600]  ntfs_iget5+0x1cf2/0x36a0
[   41.248910][ T3600]  ? check_index_root+0x680/0x680
[   41.253914][ T3600]  ntfs_loadlog_and_replay+0x1ac/0x5c0
[   41.259360][ T3600]  ? ntfs_extend_init+0x5a0/0x5a0
[   41.264373][ T3600]  ? evict+0x5d5/0x620
[   41.268421][ T3600]  ntfs_fill_super+0x2333/0x42a0
[   41.273345][ T3600]  ? put_ntfs+0x2a0/0x2a0
[   41.277654][ T3600]  ? vscnprintf+0x80/0x80
[   41.281965][ T3600]  ? set_blocksize+0x1d5/0x360
[   41.286710][ T3600]  get_tree_bdev+0x400/0x620
[   41.291281][ T3600]  ? put_ntfs+0x2a0/0x2a0
[   41.295591][ T3600]  vfs_get_tree+0x88/0x270
[   41.299989][ T3600]  do_new_mount+0x289/0xad0
[   41.304474][ T3600]  ? do_move_mount_old+0x150/0x150
[   41.309564][ T3600]  ? user_path_at_empty+0x149/0x1a0
[   41.314742][ T3600]  __se_sys_mount+0x2d3/0x3c0
[   41.319400][ T3600]  ? __x64_sys_mount+0xc0/0xc0
[   41.324159][ T3600]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   41.330118][ T3600]  ? lockdep_hardirqs_on+0x8d/0x130
[   41.335293][ T3600]  ? __x64_sys_mount+0x1c/0xc0
[   41.340037][ T3600]  do_syscall_64+0x3d/0xb0
[   41.344432][ T3600]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   41.350467][ T3600] RIP: 0033:0x7ff6e3d2a7fa
[   41.354860][ T3600] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   41.374446][ T3600] RSP: 002b:00007fff80a0fe28 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   41.382922][ T3600] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff6e3d2a7fa
[   41.391046][ T3600] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff80a0fe40
[   41.398994][ T3600] RBP: 00007fff80a0fe40 R08: 00007fff80a0fe80 R09: 00005555555982c0
[   41.406944][ T3600] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000004
[   41.415066][ T3600] R13: 00007fff80a0fe80 R14: 000000000000000d R15: 0000000020000338
[   41.423020][ T3600]  </TASK>
[   41.426181][ T3600] Kernel Offset: disabled
[   41.430501][ T3600] Rebooting in 86400 seconds..