[   18.291929][ T3637] 8021q: adding VLAN 0 to HW filter on device bond0
[   18.295676][ T3637] eql: remember to turn off Van-Jacobson compression on your slave devices
[   18.341186][  T334] gvnic 0000:00:00.0 enp0s0: Device link is up.
[   18.344381][ T3550] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.41' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   44.138363][ T3961] loop0: detected capacity change from 0 to 4096
[   44.144758][ T3961] ntfs: (device loop0): ntfs_is_extended_system_file(): Corrupt file name attribute. You should run chkdsk.
[   44.147180][ T3961] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing.
[   44.149020][ T3961] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[   44.152165][ T3961] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[   44.161651][ T3961] ntfs: volume version 3.1.
[   44.164322][ T3961] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[   44.166458][ T3961] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[   44.168958][ T3961] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[   44.174773][ T3961] ==================================================================
[   44.176548][ T3961] BUG: KASAN: slab-out-of-bounds in ntfs_readdir+0xb60/0x2748
[   44.178142][ T3961] Read of size 1 at addr ffff0000c11ec071 by task syz-executor195/3961
[   44.179854][ T3961] 
[   44.180321][ T3961] CPU: 0 PID: 3961 Comm: syz-executor195 Not tainted 5.15.115-syzkaller #0
[   44.182230][ T3961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   44.184483][ T3961] Call trace:
[   44.185237][ T3961]  dump_backtrace+0x0/0x530
[   44.186188][ T3961]  show_stack+0x2c/0x3c
[   44.187059][ T3961]  dump_stack_lvl+0x108/0x170
[   44.188098][ T3961]  print_address_description+0x7c/0x3f0
[   44.189229][ T3961]  kasan_report+0x174/0x1e4
[   44.190177][ T3961]  __asan_report_load1_noabort+0x44/0x50
[   44.191344][ T3961]  ntfs_readdir+0xb60/0x2748
[   44.192373][ T3961]  iterate_dir+0x1f4/0x4e4
[   44.193380][ T3961]  __arm64_sys_getdents64+0x1c4/0x4c4
[   44.194549][ T3961]  invoke_syscall+0x98/0x2b8
[   44.195603][ T3961]  el0_svc_common+0x138/0x258
[   44.196634][ T3961]  do_el0_svc+0x58/0x14c
[   44.197615][ T3961]  el0_svc+0x7c/0x1f0
[   44.198497][ T3961]  el0t_64_sync_handler+0x84/0xe4
[   44.199581][ T3961]  el0t_64_sync+0x1a0/0x1a4
[   44.200512][ T3961] 
[   44.201036][ T3961] Allocated by task 3961:
[   44.201994][ T3961]  ____kasan_kmalloc+0xbc/0xfc
[   44.203077][ T3961]  __kasan_kmalloc+0x10/0x1c
[   44.204113][ T3961]  __kmalloc+0x29c/0x4c8
[   44.205085][ T3961]  ntfs_readdir+0x66c/0x2748
[   44.206133][ T3961]  iterate_dir+0x1f4/0x4e4
[   44.207051][ T3961]  __arm64_sys_getdents64+0x1c4/0x4c4
[   44.208242][ T3961]  invoke_syscall+0x98/0x2b8
[   44.209251][ T3961]  el0_svc_common+0x138/0x258
[   44.210322][ T3961]  do_el0_svc+0x58/0x14c
[   44.211273][ T3961]  el0_svc+0x7c/0x1f0
[   44.212163][ T3961]  el0t_64_sync_handler+0x84/0xe4
[   44.213305][ T3961]  el0t_64_sync+0x1a0/0x1a4
[   44.214264][ T3961] 
[   44.214776][ T3961] The buggy address belongs to the object at ffff0000c11ec000
[   44.214776][ T3961]  which belongs to the cache kmalloc-128 of size 128
[   44.217908][ T3961] The buggy address is located 113 bytes inside of
[   44.217908][ T3961]  128-byte region [ffff0000c11ec000, ffff0000c11ec080)
[   44.220762][ T3961] The buggy address belongs to the page:
[   44.221970][ T3961] page:000000002b07e914 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011ec
[   44.224251][ T3961] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff)
[   44.225971][ T3961] raw: 05ffc00000000200 dead000000000100 dead000000000122 ffff0000c0002300
[   44.227861][ T3961] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   44.229777][ T3961] page dumped because: kasan: bad access detected
[   44.231175][ T3961] 
[   44.231685][ T3961] Memory state around the buggy address:
[   44.232978][ T3961]  ffff0000c11ebf00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[   44.234760][ T3961]  ffff0000c11ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   44.236504][ T3961] >ffff0000c11ec000: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   44.238254][ T3961]                                                              ^
[   44.239937][ T3961]  ffff0000c11ec080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   44.241693][ T3961]  ffff0000c11ec100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   44.243501][ T3961] ==================================================================
[   44.245313][ T3961] Disabling lock debugging due to kernel taint