Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. executing program [ 44.147934][ T3962] loop0: detected capacity change from 0 to 4096 [ 44.168610][ T3962] ntfs: (device loop0): ntfs_is_extended_system_file(): Corrupt file name attribute. You should run chkdsk. [ 44.171945][ T3962] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 44.173905][ T3962] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 44.176797][ T3962] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 44.186510][ T3962] ntfs: volume version 3.1. [ 44.189237][ T3962] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 44.191508][ T3962] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 44.193921][ T3962] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 44.200452][ T3962] ================================================================== [ 44.202196][ T3962] BUG: KASAN: slab-out-of-bounds in ntfs_readdir+0xb60/0x2748 [ 44.203845][ T3962] Read of size 1 at addr ffff0000d53db571 by task syz-executor589/3962 [ 44.205729][ T3962] [ 44.206275][ T3962] CPU: 0 PID: 3962 Comm: syz-executor589 Not tainted 5.15.115-syzkaller #0 [ 44.208128][ T3962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 44.210377][ T3962] Call trace: [ 44.211186][ T3962] dump_backtrace+0x0/0x530 [ 44.212271][ T3962] show_stack+0x2c/0x3c [ 44.213226][ T3962] dump_stack_lvl+0x108/0x170 [ 44.214255][ T3962] print_address_description+0x7c/0x3f0 [ 44.215580][ T3962] kasan_report+0x174/0x1e4 [ 44.216566][ T3962] __asan_report_load1_noabort+0x44/0x50 [ 44.217756][ T3962] ntfs_readdir+0xb60/0x2748 [ 44.218776][ T3962] iterate_dir+0x1f4/0x4e4 [ 44.219762][ T3962] __arm64_sys_getdents64+0x1c4/0x4c4 [ 44.220950][ T3962] invoke_syscall+0x98/0x2b8 [ 44.222077][ T3962] el0_svc_common+0x138/0x258 [ 44.223162][ T3962] do_el0_svc+0x58/0x14c [ 44.224125][ T3962] el0_svc+0x7c/0x1f0 [ 44.225059][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 44.226149][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 44.227134][ T3962] [ 44.227617][ T3962] Allocated by task 3962: [ 44.228579][ T3962] ____kasan_kmalloc+0xbc/0xfc [ 44.229650][ T3962] __kasan_kmalloc+0x10/0x1c [ 44.230737][ T3962] __kmalloc+0x29c/0x4c8 [ 44.231732][ T3962] ntfs_readdir+0x66c/0x2748 [ 44.232693][ T3962] iterate_dir+0x1f4/0x4e4 [ 44.233707][ T3962] __arm64_sys_getdents64+0x1c4/0x4c4 [ 44.234905][ T3962] invoke_syscall+0x98/0x2b8 [ 44.235892][ T3962] el0_svc_common+0x138/0x258 [ 44.236909][ T3962] do_el0_svc+0x58/0x14c [ 44.237910][ T3962] el0_svc+0x7c/0x1f0 [ 44.238904][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 44.240061][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 44.241035][ T3962] [ 44.241533][ T3962] The buggy address belongs to the object at ffff0000d53db500 [ 44.241533][ T3962] which belongs to the cache kmalloc-128 of size 128 [ 44.244747][ T3962] The buggy address is located 113 bytes inside of [ 44.244747][ T3962] 128-byte region [ffff0000d53db500, ffff0000d53db580) [ 44.247865][ T3962] The buggy address belongs to the page: [ 44.249130][ T3962] page:000000004c8916b4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1153db [ 44.251529][ T3962] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 44.253317][ T3962] raw: 05ffc00000000200 dead000000000100 dead000000000122 ffff0000c0002300 [ 44.255381][ T3962] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 44.257521][ T3962] page dumped because: kasan: bad access detected [ 44.259040][ T3962] [ 44.259606][ T3962] Memory state around the buggy address: [ 44.260819][ T3962] ffff0000d53db400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 44.262599][ T3962] ffff0000d53db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.264292][ T3962] >ffff0000d53db500: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 44.266125][ T3962] ^ [ 44.267934][ T3962] ffff0000d53db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.269825][ T3962] ffff0000d53db600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 44.271923][ T3962] ================================================================== [ 44.273768][ T3962] Disabling lock debugging due to kernel taint