Warning: Permanently added '10.128.1.101' (ECDSA) to the list of known hosts. executing program [ 41.971217][ T4216] loop0: detected capacity change from 0 to 4096 [ 41.977480][ T4216] ntfs: (device loop0): ntfs_is_extended_system_file(): Corrupt file name attribute. You should run chkdsk. [ 41.979872][ T4216] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 41.981739][ T4216] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 41.984473][ T4216] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 41.992311][ T4216] ntfs: volume version 3.1. [ 41.994657][ T4216] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 41.996643][ T4216] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 41.998978][ T4216] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 42.004544][ T4216] ================================================================== [ 42.006200][ T4216] BUG: KASAN: slab-out-of-bounds in ntfs_readdir+0xb00/0x2be8 [ 42.007723][ T4216] Read of size 1 at addr ffff0000cde39371 by task syz-executor400/4216 [ 42.009386][ T4216] [ 42.009872][ T4216] CPU: 0 PID: 4216 Comm: syz-executor400 Not tainted 6.1.32-syzkaller #0 [ 42.011567][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 42.013699][ T4216] Call trace: [ 42.014434][ T4216] dump_backtrace+0x1c8/0x1f4 [ 42.015427][ T4216] show_stack+0x2c/0x3c [ 42.016271][ T4216] dump_stack_lvl+0x108/0x170 [ 42.017350][ T4216] print_report+0x174/0x4c0 [ 42.018312][ T4216] kasan_report+0xd4/0x130 [ 42.019215][ T4216] __asan_report_load1_noabort+0x2c/0x38 [ 42.020405][ T4216] ntfs_readdir+0xb00/0x2be8 [ 42.021382][ T4216] iterate_dir+0x1f4/0x4e4 [ 42.022326][ T4216] __arm64_sys_getdents64+0x1c4/0x4a0 [ 42.023505][ T4216] invoke_syscall+0x98/0x2c0 [ 42.024433][ T4216] el0_svc_common+0x138/0x258 [ 42.025452][ T4216] do_el0_svc+0x64/0x218 [ 42.026391][ T4216] el0_svc+0x58/0x168 [ 42.027250][ T4216] el0t_64_sync_handler+0x84/0xf0 [ 42.028364][ T4216] el0t_64_sync+0x18c/0x190 [ 42.029314][ T4216] [ 42.029790][ T4216] Allocated by task 4216: [ 42.030757][ T4216] kasan_set_track+0x4c/0x80 [ 42.031696][ T4216] kasan_save_alloc_info+0x24/0x30 [ 42.032769][ T4216] __kasan_kmalloc+0xac/0xc4 [ 42.033750][ T4216] __kmalloc+0xd8/0x1c4 [ 42.034690][ T4216] ntfs_readdir+0x65c/0x2be8 [ 42.035724][ T4216] iterate_dir+0x1f4/0x4e4 [ 42.036740][ T4216] __arm64_sys_getdents64+0x1c4/0x4a0 [ 42.037978][ T4216] invoke_syscall+0x98/0x2c0 [ 42.038951][ T4216] el0_svc_common+0x138/0x258 [ 42.040047][ T4216] do_el0_svc+0x64/0x218 [ 42.041006][ T4216] el0_svc+0x58/0x168 [ 42.041853][ T4216] el0t_64_sync_handler+0x84/0xf0 [ 42.042889][ T4216] el0t_64_sync+0x18c/0x190 [ 42.043892][ T4216] [ 42.044356][ T4216] The buggy address belongs to the object at ffff0000cde39300 [ 42.044356][ T4216] which belongs to the cache kmalloc-128 of size 128 [ 42.047378][ T4216] The buggy address is located 113 bytes inside of [ 42.047378][ T4216] 128-byte region [ffff0000cde39300, ffff0000cde39380) [ 42.050159][ T4216] [ 42.050618][ T4216] The buggy address belongs to the physical page: [ 42.052008][ T4216] page:000000009ee3fd82 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10de39 [ 42.054226][ T4216] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 42.055821][ T4216] raw: 05ffc00000000200 fffffc00030ef240 dead000000000004 ffff0000c0002300 [ 42.057676][ T4216] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 42.059468][ T4216] page dumped because: kasan: bad access detected [ 42.060833][ T4216] [ 42.061296][ T4216] Memory state around the buggy address: [ 42.062485][ T4216] ffff0000cde39200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.064146][ T4216] ffff0000cde39280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.065772][ T4216] >ffff0000cde39300: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 42.067493][ T4216] ^ [ 42.069226][ T4216] ffff0000cde39380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.070952][ T4216] ffff0000cde39400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.072743][ T4216] ================================================================== [ 42.074634][ T4216] Disabling lock debugging due to kernel taint