syzkaller login: [   69.637337][  T110] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.74' (ECDSA) to the list of known hosts.
[   71.137211][ T4220] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.139669][ T4220] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.141670][ T4220] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.144185][ T4220] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.147001][ T4220] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.148935][ T4220] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.218398][ T4218] chnl_net:caif_netlink_parms(): no params data found
[   71.249908][ T4218] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.251734][ T4218] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.253968][ T4218] device bridge_slave_0 entered promiscuous mode
[   71.258946][ T4218] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.260433][ T4218] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.262645][ T4218] device bridge_slave_1 entered promiscuous mode
[   71.275671][ T4218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.279608][ T4218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.293315][ T4218] team0: Port device team_slave_0 added
[   71.296676][ T4218] team0: Port device team_slave_1 added
[   71.307312][ T4218] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.308871][ T4218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.314537][ T4218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.318909][ T4218] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.320460][ T4218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.326131][ T4218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.378034][ T4218] device hsr_slave_0 entered promiscuous mode
[   71.416414][ T4218] device hsr_slave_1 entered promiscuous mode
[   71.519064][ T4218] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.558289][ T4218] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   71.597991][ T4218] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   71.637720][ T4218] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   71.691986][ T4218] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.693616][ T4218] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.695620][ T4218] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.697323][ T4218] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.733976][ T4218] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.740288][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   71.743975][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.747760][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.750261][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   71.757807][ T4218] 8021q: adding VLAN 0 to HW filter on device team0
[   71.763130][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   71.765172][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.766836][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.771516][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   71.773567][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.775229][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.787534][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   71.790650][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   71.795139][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   71.800979][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   71.806032][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   71.810493][ T4218] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   71.822047][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   71.823790][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   71.831786][ T4218] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.842691][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.855130][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.858714][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   71.860988][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   71.864605][ T4218] device veth0_vlan entered promiscuous mode
[   71.872063][ T4218] device veth1_vlan entered promiscuous mode
[   71.884061][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   71.886213][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   71.888504][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   71.892348][ T4218] device veth0_macvtap entered promiscuous mode
[   71.897081][ T4218] device veth1_macvtap entered promiscuous mode
[   71.906808][ T4218] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.908706][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.911622][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   71.916015][ T4218] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.920785][ T4218] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.922865][ T4218] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.924863][ T4218] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.928009][ T4218] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.931128][  T110] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   71.985067][ T4218] loop0: detected capacity change from 0 to 4096
[   72.005387][ T4218] ntfs: volume version 3.1.
[   72.009622][ T4218] ==================================================================
[   72.011362][ T4218] BUG: KASAN: use-after-free in ntfs_lookup_inode_by_name+0xb28/0x2824
[   72.013275][ T4218] Read of size 8 at addr ffff0000e23cb55a by task syz-executor199/4218
[   72.014995][ T4218] 
[   72.015562][ T4218] CPU: 1 PID: 4218 Comm: syz-executor199 Not tainted 6.1.28-syzkaller #0
[   72.017472][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[   72.019671][ T4218] Call trace:
[   72.020435][ T4218]  dump_backtrace+0x1c8/0x1f4
[   72.021478][ T4218]  show_stack+0x2c/0x3c
[   72.022360][ T4218]  dump_stack_lvl+0x108/0x170
[   72.023364][ T4218]  print_report+0x174/0x4c0
[   72.024348][ T4218]  kasan_report+0xd4/0x130
[   72.025341][ T4218]  __asan_report_load8_noabort+0x2c/0x38
[   72.026552][ T4218]  ntfs_lookup_inode_by_name+0xb28/0x2824
[   72.027784][ T4218]  check_windows_hibernation_status+0xe4/0x630
[   72.029139][ T4218]  load_system_files+0x3494/0x4734
[   72.030329][ T4218]  ntfs_fill_super+0x14e0/0x2314
[   72.031541][ T4218]  mount_bdev+0x26c/0x368
[   72.032525][ T4218]  ntfs_mount+0x44/0x58
[   72.033491][ T4218]  legacy_get_tree+0xd4/0x16c
[   72.034513][ T4218]  vfs_get_tree+0x90/0x274
[   72.035547][ T4218]  do_new_mount+0x25c/0x8c8
[   72.036533][ T4218]  path_mount+0x590/0xe58
[   72.037470][ T4218]  __arm64_sys_mount+0x45c/0x594
[   72.038529][ T4218]  invoke_syscall+0x98/0x2c0
[   72.039560][ T4218]  el0_svc_common+0x138/0x258
[   72.040590][ T4218]  do_el0_svc+0x64/0x218
[   72.041586][ T4218]  el0_svc+0x58/0x168
[   72.042520][ T4218]  el0t_64_sync_handler+0x84/0xf0
[   72.043660][ T4218]  el0t_64_sync+0x18c/0x190
[   72.044617][ T4218] 
[   72.045166][ T4218] The buggy address belongs to the physical page:
[   72.046539][ T4218] page:000000007d476225 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1223cb
[   72.048821][ T4218] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff)
[   72.050428][ T4218] raw: 05ffc00000000000 fffffc000388f308 fffffc000388f288 0000000000000000
[   72.052429][ T4218] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   72.054457][ T4218] page dumped because: kasan: bad access detected
[   72.055872][ T4218] 
[   72.056364][ T4218] Memory state around the buggy address:
[   72.057680][ T4218]  ffff0000e23cb400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.059439][ T4218]  ffff0000e23cb480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.061412][ T4218] >ffff0000e23cb500: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.063213][ T4218]                                                     ^
[   72.064864][ T4218]  ffff0000e23cb580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.066707][ T4218]  ffff0000e23cb600: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   72.068574][ T4218] ==================================================================
[   72.070688][ T4218] Disabling lock debugging due to kernel taint
[   72.072142][ T4218] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Directory index record with vcn 0xffffffffffffffff is corrupt.  Corrupt inode 0x5.  Run chkdsk.
[   72.075484][ T4218] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[   72.078052][ T4218] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Mounting read-only.  Run chkdsk.
[   75.357308][ T4218] ------------[ cut here ]------------
[   75.358556][ T4218] kernel BUG at fs/inode.c:611!
[   75.359684][ T4218] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[   75.361309][ T4218] Modules linked in:
[   75.362129][ T4218] CPU: 0 PID: 4218 Comm: syz-executor199 Tainted: G    B              6.1.28-syzkaller #0
[   75.364414][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[   75.366770][ T4218] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   75.368545][ T4218] pc : clear_inode+0x124/0x148
[   75.369705][ T4218] lr : clear_inode+0x124/0x148
[   75.370737][ T4218] sp : ffff80001db77730
[   75.371668][ T4218] x29: ffff80001db77730 x28: 1fffe0001c4a88dd x27: dfff800000000000
[   75.373563][ T4218] x26: 1fffe0001c4a88db x25: 1fffe0001c4a88a9 x24: dfff800000000000
[   75.375265][ T4218] x23: ffff80000961147c x22: dfff800000000000 x21: 0000000000000001
[   75.377151][ T4218] x20: ffff0000e2544750 x19: ffff0000e2544520 x18: 0000000000000140
[   75.378929][ T4218] x17: ffff80001558d000 x16: ffff80000831de80 x15: 0000000000000000
[   75.380783][ T4218] x14: 0000000000000000 x13: 0000000000000406 x12: ffff700003b6eecc
[   75.382578][ T4218] x11: ff80800008aa2c14 x10: 0000000000000000 x9 : ffff800008aa2c14
[   75.384373][ T4218] x8 : ffff0000c4ab3780 x7 : 0000000000000000 x6 : ffff800008aa2b24
[   75.386192][ T4218] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80000831dfb0
[   75.388030][ T4218] x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000000
[   75.389915][ T4218] Call trace:
[   75.390642][ T4218]  clear_inode+0x124/0x148
[   75.391672][ T4218]  ntfs_evict_big_inode+0x44/0x41c
[   75.392827][ T4218]  evict+0x260/0x68c
[   75.393675][ T4218]  iput+0x7c0/0x8a4
[   75.394555][ T4218]  ntfs_put_super+0x82c/0xe28
[   75.395672][ T4218]  generic_shutdown_super+0x130/0x328
[   75.396962][ T4218]  kill_block_super+0x70/0xdc
[   75.398060][ T4218]  deactivate_locked_super+0xac/0x124
[   75.399300][ T4218]  deactivate_super+0xf0/0x110
[   75.400466][ T4218]  cleanup_mnt+0x394/0x41c
[   75.401540][ T4218]  __cleanup_mnt+0x20/0x30
[   75.402554][ T4218]  task_work_run+0x240/0x2f0
[   75.403713][ T4218]  do_exit+0x554/0x1a88
[   75.404773][ T4218]  do_group_exit+0x194/0x22c
[   75.405795][ T4218]  __wake_up_parent+0x0/0x60
[   75.406824][ T4218]  invoke_syscall+0x98/0x2c0
[   75.407930][ T4218]  el0_svc_common+0x138/0x258
[   75.408985][ T4218]  do_el0_svc+0x64/0x218
[   75.409953][ T4218]  el0_svc+0x58/0x168
[   75.410940][ T4218]  el0t_64_sync_handler+0x84/0xf0
[   75.412099][ T4218]  el0t_64_sync+0x18c/0x190
[   75.413206][ T4218] Code: a8c47bfd d50323bf d65f03c0 97e95fac (d4210000) 
[   75.414715][ T4218] ---[ end trace 0000000000000000 ]---
[   75.764672][ T4218] Kernel panic - not syncing: Oops - BUG: Fatal exception
[   75.766356][ T4218] SMP: stopping secondary CPUs
[   75.767435][ T4218] Kernel Offset: disabled
[   75.768453][ T4218] CPU features: 0x00000,02070084,26017203
[   75.769755][ T4218] Memory Limit: none
[   76.120236][ T4218] Rebooting in 86400 seconds..