Warning: Permanently added '10.128.0.177' (ED25519) to the list of known hosts.
executing program
[ 57.391900][ T5011] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5011 'syz-executor313'
[ 57.408494][ T5011] loop0: detected capacity change from 0 to 190
[ 57.418789][ T5011] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid boot sector checksum.
[ 57.429456][ T5011] ntfs: (device loop0): map_mft_record_page(): Mft record 0x1 is corrupt. Run chkdsk.
[ 57.439464][ T5011] ntfs: (device loop0): map_mft_record(): Failed with error code 5.
[ 57.447544][ T5011] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x1 as bad. Run chkdsk.
[ 57.460629][ T5011] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk.
[ 57.473806][ T5011] ntfs: (device loop0): ntfs_external_attr_find(): Base inode 0xa contains corrupt attribute list attribute. Unmount and run chkdsk.
[ 57.487542][ T5011] ntfs: (device loop0): ntfs_read_locked_inode(): Failed to lookup $DATA attribute.
[ 57.497011][ T5011] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk.
[ 57.510433][ T5011] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[ 57.521924][ T5011] ==================================================================
[ 57.530005][ T5011] BUG: KASAN: use-after-free in ntfs_read_folio+0x9bc/0x29f0
[ 57.537435][ T5011] Read of size 1 at addr ffff888077d0517f by task syz-executor313/5011
[ 57.545757][ T5011]
[ 57.548076][ T5011] CPU: 1 PID: 5011 Comm: syz-executor313 Not tainted 6.5.0-rc7-syzkaller-00190-g85eb043618bb #0
[ 57.558482][ T5011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 57.568624][ T5011] Call Trace:
[ 57.571904][ T5011]
[ 57.574832][ T5011] dump_stack_lvl+0x1e7/0x2d0
[ 57.579519][ T5011] ? irq_work_queue+0xd1/0x150
[ 57.584302][ T5011] ? nf_tcp_handle_invalid+0x650/0x650
[ 57.589769][ T5011] ? panic+0x770/0x770
[ 57.593847][ T5011] ? _printk+0xd5/0x120
[ 57.598017][ T5011] print_report+0x163/0x540
[ 57.602528][ T5011] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[ 57.608513][ T5011] ? __virt_addr_valid+0x22f/0x2e0
[ 57.613632][ T5011] ? __phys_addr+0xba/0x170
[ 57.618148][ T5011] ? ntfs_read_folio+0x9bc/0x29f0
[ 57.623178][ T5011] kasan_report+0x175/0x1b0
[ 57.627691][ T5011] ? ntfs_read_folio+0x9bc/0x29f0
[ 57.632735][ T5011] kasan_check_range+0x27e/0x290
[ 57.637681][ T5011] ? ntfs_read_folio+0x9bc/0x29f0
[ 57.642720][ T5011] __asan_memcpy+0x29/0x70
[ 57.647147][ T5011] ntfs_read_folio+0x9bc/0x29f0
[ 57.652013][ T5011] ? __lock_acquire+0x7f70/0x7f70
[ 57.657062][ T5011] ? ntfs_writepage+0x1ae0/0x1ae0
[ 57.662094][ T5011] ? folio_batch_add_and_move+0x16a/0x2c0
[ 57.667825][ T5011] ? folio_add_lru+0x6f0/0x6f0
[ 57.672602][ T5011] ? folio_add_lru+0x353/0x6f0
[ 57.677379][ T5011] filemap_read_folio+0x19d/0x7a0
[ 57.682421][ T5011] ? filemap_add_folio+0x580/0x580
[ 57.687539][ T5011] ? ntfs_writepage+0x1ae0/0x1ae0
[ 57.692571][ T5011] ? maybe_unlock_mmap_for_io+0x140/0x140
[ 57.698304][ T5011] ? __filemap_get_folio+0x777/0xa00
[ 57.703610][ T5011] do_read_cache_folio+0x134/0x820
[ 57.708756][ T5011] ? ntfs_writepage+0x1ae0/0x1ae0
[ 57.713786][ T5011] do_read_cache_page+0x32/0x220
[ 57.718767][ T5011] load_system_files+0x1c0b/0x4840
[ 57.723906][ T5011] ? ntfs_setup_allocators+0x2d0/0x2d0
[ 57.729375][ T5011] ? mutex_unlock+0x10/0x10
[ 57.733894][ T5011] ? free_vm_area+0x50/0x50
[ 57.738411][ T5011] ? generate_default_upcase+0x8ed/0x940
[ 57.744057][ T5011] ntfs_fill_super+0x19b3/0x2bd0
[ 57.749015][ T5011] mount_bdev+0x276/0x3b0
[ 57.753353][ T5011] ? ntfs_mount+0x40/0x40
[ 57.757698][ T5011] legacy_get_tree+0xef/0x190
[ 57.762387][ T5011] ? ntfs_rl_punch_nolock+0x15b0/0x15b0
[ 57.767966][ T5011] vfs_get_tree+0x8c/0x270
[ 57.772390][ T5011] do_new_mount+0x28f/0xae0
[ 57.776900][ T5011] ? do_move_mount_old+0x170/0x170
[ 57.782027][ T5011] ? user_path_at_empty+0x12f/0x180
[ 57.787238][ T5011] __se_sys_mount+0x2d9/0x3c0
[ 57.791933][ T5011] ? __x64_sys_mount+0xc0/0xc0
[ 57.796707][ T5011] ? syscall_enter_from_user_mode+0x32/0x230
[ 57.802702][ T5011] ? lockdep_hardirqs_on+0x98/0x140
[ 57.807919][ T5011] ? __x64_sys_mount+0x20/0xc0
[ 57.812694][ T5011] do_syscall_64+0x41/0xc0
[ 57.817117][ T5011] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 57.823034][ T5011] RIP: 0033:0x7fc551fd6eaa
[ 57.827456][ T5011] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 3e 07 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 57.847066][ T5011] RSP: 002b:00007ffe7acf9cd8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 57.855487][ T5011] RAX: ffffffffffffffda RBX: 00007ffe7acf9cf0 RCX: 00007fc551fd6eaa
[ 57.863460][ T5011] RDX: 0000000020000040 RSI: 000000002001f200 RDI: 00007ffe7acf9cf0
[ 57.871947][ T5011] RBP: 0000000000000004 R08: 00007ffe7acf9d30 R09: 0000000000000978
[ 57.880550][ T5011] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[ 57.888532][ T5011] R13: 00007ffe7acf9d30 R14: 0000000000000003 R15: 0000000000017da7
[ 57.896521][ T5011]
[ 57.899545][ T5011]
[ 57.901879][ T5011] The buggy address belongs to the physical page:
[ 57.908291][ T5011] page:ffffea0001df4140 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x77d05
[ 57.918451][ T5011] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 57.925559][ T5011] page_type: 0xffffffff()
[ 57.929902][ T5011] raw: 00fff00000000000 ffffea0001fd9188 ffffea0001df4908 0000000000000000
[ 57.938500][ T5011] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 57.947075][ T5011] page dumped because: kasan: bad access detected
[ 57.953492][ T5011] page_owner tracks the page as freed
[ 57.958863][ T5011] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 4982, tgid 4982 (sed), ts 52888803038, free_ts 52895291679
[ 57.976856][ T5011] post_alloc_hook+0x1e6/0x210
[ 57.981630][ T5011] get_page_from_freelist+0x31e8/0x3370
[ 57.987181][ T5011] __alloc_pages+0x255/0x670
[ 57.991773][ T5011] __folio_alloc+0x13/0x30
[ 57.996191][ T5011] vma_alloc_folio+0x48a/0x9a0
[ 58.000961][ T5011] handle_mm_fault+0x20c7/0x5410
[ 58.005986][ T5011] exc_page_fault+0x266/0x7c0
[ 58.010690][ T5011] asm_exc_page_fault+0x26/0x30
[ 58.015556][ T5011] page last free stack trace:
[ 58.020253][ T5011] free_unref_page_prepare+0x903/0xa30
[ 58.025721][ T5011] free_unref_page_list+0x596/0x830
[ 58.030921][ T5011] release_pages+0x2193/0x2470
[ 58.035741][ T5011] tlb_flush_mmu+0x100/0x210
[ 58.040512][ T5011] tlb_finish_mmu+0xd4/0x1f0
[ 58.045108][ T5011] exit_mmap+0x3e2/0xad0
[ 58.049444][ T5011] __mmput+0x115/0x3c0
[ 58.053530][ T5011] exit_mm+0x21f/0x300
[ 58.057619][ T5011] do_exit+0x612/0x2290
[ 58.061872][ T5011] do_group_exit+0x206/0x2c0
[ 58.066474][ T5011] __x64_sys_exit_group+0x3f/0x40
[ 58.071527][ T5011] do_syscall_64+0x41/0xc0
[ 58.075956][ T5011] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.081879][ T5011]
[ 58.084203][ T5011] Memory state around the buggy address:
[ 58.089835][ T5011] ffff888077d05000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.097911][ T5011] ffff888077d05080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.105974][ T5011] >ffff888077d05100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.114034][ T5011] ^
[ 58.122093][ T5011] ffff888077d05180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.130157][ T5011] ffff888077d05200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 58.138222][ T5011] ==================================================================
[ 58.146694][ T5011] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 58.153915][ T5011] CPU: 1 PID: 5011 Comm: syz-executor313 Not tainted 6.5.0-rc7-syzkaller-00190-g85eb043618bb #0
[ 58.164360][ T5011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 58.174683][ T5011] Call Trace:
[ 58.177976][ T5011]
[ 58.180929][ T5011] dump_stack_lvl+0x1e7/0x2d0
[ 58.185614][ T5011] ? nf_tcp_handle_invalid+0x650/0x650
[ 58.191103][ T5011] ? panic+0x770/0x770
[ 58.195193][ T5011] ? lock_release+0xbf/0x9d0
[ 58.199801][ T5011] ? vscnprintf+0x5d/0x80
[ 58.204250][ T5011] panic+0x30f/0x770
[ 58.208170][ T5011] ? check_panic_on_warn+0x21/0xa0
[ 58.213293][ T5011] ? __memcpy_flushcache+0x2b0/0x2b0
[ 58.218593][ T5011] ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 58.224503][ T5011] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 58.230410][ T5011] ? _raw_spin_unlock+0x40/0x40
[ 58.235270][ T5011] ? print_report+0x4fb/0x540
[ 58.239960][ T5011] check_panic_on_warn+0x82/0xa0
[ 58.244909][ T5011] ? ntfs_read_folio+0x9bc/0x29f0
[ 58.249949][ T5011] end_report+0x6e/0x130
[ 58.254234][ T5011] kasan_report+0x186/0x1b0
[ 58.258749][ T5011] ? ntfs_read_folio+0x9bc/0x29f0
[ 58.263787][ T5011] kasan_check_range+0x27e/0x290
[ 58.268731][ T5011] ? ntfs_read_folio+0x9bc/0x29f0
[ 58.273759][ T5011] __asan_memcpy+0x29/0x70
[ 58.278273][ T5011] ntfs_read_folio+0x9bc/0x29f0
[ 58.283142][ T5011] ? __lock_acquire+0x7f70/0x7f70
[ 58.288207][ T5011] ? ntfs_writepage+0x1ae0/0x1ae0
[ 58.293239][ T5011] ? folio_batch_add_and_move+0x16a/0x2c0
[ 58.299074][ T5011] ? folio_add_lru+0x6f0/0x6f0
[ 58.303852][ T5011] ? folio_add_lru+0x353/0x6f0
[ 58.308627][ T5011] filemap_read_folio+0x19d/0x7a0
[ 58.313665][ T5011] ? filemap_add_folio+0x580/0x580
[ 58.318784][ T5011] ? ntfs_writepage+0x1ae0/0x1ae0
[ 58.323815][ T5011] ? maybe_unlock_mmap_for_io+0x140/0x140
[ 58.329641][ T5011] ? __filemap_get_folio+0x777/0xa00
[ 58.334949][ T5011] do_read_cache_folio+0x134/0x820
[ 58.340072][ T5011] ? ntfs_writepage+0x1ae0/0x1ae0
[ 58.345104][ T5011] do_read_cache_page+0x32/0x220
[ 58.350071][ T5011] load_system_files+0x1c0b/0x4840
[ 58.355227][ T5011] ? ntfs_setup_allocators+0x2d0/0x2d0
[ 58.360800][ T5011] ? mutex_unlock+0x10/0x10
[ 58.365307][ T5011] ? free_vm_area+0x50/0x50
[ 58.369824][ T5011] ? generate_default_upcase+0x8ed/0x940
[ 58.375493][ T5011] ntfs_fill_super+0x19b3/0x2bd0
[ 58.380537][ T5011] mount_bdev+0x276/0x3b0
[ 58.384874][ T5011] ? ntfs_mount+0x40/0x40
[ 58.389223][ T5011] legacy_get_tree+0xef/0x190
[ 58.393934][ T5011] ? ntfs_rl_punch_nolock+0x15b0/0x15b0
[ 58.399505][ T5011] vfs_get_tree+0x8c/0x270
[ 58.403934][ T5011] do_new_mount+0x28f/0xae0
[ 58.408445][ T5011] ? do_move_mount_old+0x170/0x170
[ 58.413565][ T5011] ? user_path_at_empty+0x12f/0x180
[ 58.418769][ T5011] __se_sys_mount+0x2d9/0x3c0
[ 58.423466][ T5011] ? __x64_sys_mount+0xc0/0xc0
[ 58.428244][ T5011] ? syscall_enter_from_user_mode+0x32/0x230
[ 58.434244][ T5011] ? lockdep_hardirqs_on+0x98/0x140
[ 58.439456][ T5011] ? __x64_sys_mount+0x20/0xc0
[ 58.444229][ T5011] do_syscall_64+0x41/0xc0
[ 58.448659][ T5011] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.454566][ T5011] RIP: 0033:0x7fc551fd6eaa
[ 58.459070][ T5011] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 3e 07 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 58.478686][ T5011] RSP: 002b:00007ffe7acf9cd8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 58.487107][ T5011] RAX: ffffffffffffffda RBX: 00007ffe7acf9cf0 RCX: 00007fc551fd6eaa
[ 58.495092][ T5011] RDX: 0000000020000040 RSI: 000000002001f200 RDI: 00007ffe7acf9cf0
[ 58.503153][ T5011] RBP: 0000000000000004 R08: 00007ffe7acf9d30 R09: 0000000000000978
[ 58.511125][ T5011] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[ 58.519096][ T5011] R13: 00007ffe7acf9d30 R14: 0000000000000003 R15: 0000000000017da7
[ 58.527105][ T5011]
[ 58.530412][ T5011] Kernel Offset: disabled
[ 58.534739][ T5011] Rebooting in 86400 seconds..