Warning: Permanently added '10.128.0.224' (ECDSA) to the list of known hosts.
syzkaller login: [   40.079945][  T279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.082082][  T279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.084893][ T5437] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   40.102083][  T279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.104222][  T279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.108098][ T5437] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
[   40.113181][ T5946] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5946 'syz-executor319'
[   40.119306][ T5946] loop0: detected capacity change from 0 to 190
[   40.123453][ T5946] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid boot sector checksum.
[   40.127389][ T5946] ntfs: (device loop0): map_mft_record_page(): Mft record 0x1 is corrupt.  Run chkdsk.
[   40.129864][ T5946] ntfs: (device loop0): map_mft_record(): Failed with error code 5.
[   40.132026][ T5946] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[   40.135497][ T5946] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[   40.139390][ T5946] ntfs: (device loop0): ntfs_external_attr_find(): Base inode 0xa contains corrupt attribute list attribute. Unmount and run chkdsk.
[   40.143014][ T5946] ntfs: (device loop0): ntfs_read_locked_inode(): Failed to lookup $DATA attribute.
[   40.145497][ T5946] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[   40.150672][ T5946] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[   40.153983][ T5946] ==================================================================
[   40.156124][ T5946] BUG: KASAN: use-after-free in ntfs_read_folio+0x6d4/0x200c
[   40.158048][ T5946] Read of size 1 at addr ffff0000e11f617f by task syz-executor319/5946
[   40.160289][ T5946] 
[   40.160917][ T5946] CPU: 0 PID: 5946 Comm: syz-executor319 Not tainted 6.3.0-rc1-syzkaller-gfe15c26ee26e #0
[   40.163569][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   40.166293][ T5946] Call trace:
[   40.167167][ T5946]  dump_backtrace+0x1c8/0x1f4
[   40.168394][ T5946]  show_stack+0x2c/0x3c
[   40.169498][ T5946]  dump_stack_lvl+0xd0/0x124
[   40.170681][ T5946]  print_report+0x174/0x514
[   40.171881][ T5946]  kasan_report+0xd4/0x130
[   40.173065][ T5946]  kasan_check_range+0x264/0x2a4
[   40.174359][ T5946]  __asan_memcpy+0x48/0x90
[   40.175544][ T5946]  ntfs_read_folio+0x6d4/0x200c
[   40.176877][ T5946]  filemap_read_folio+0x14c/0x39c
[   40.178195][ T5946]  do_read_cache_folio+0x24c/0x544
[   40.179576][ T5946]  read_cache_page+0x6c/0x180
[   40.180872][ T5946]  load_system_files+0x1e34/0x4734
[   40.182260][ T5946]  ntfs_fill_super+0x14e0/0x2314
[   40.183589][ T5946]  mount_bdev+0x26c/0x368
[   40.184743][ T5946]  ntfs_mount+0x44/0x58
[   40.185844][ T5946]  legacy_get_tree+0xd4/0x16c
[   40.187065][ T5946]  vfs_get_tree+0x90/0x274
[   40.188266][ T5946]  do_new_mount+0x25c/0x8c8
[   40.189469][ T5946]  path_mount+0x590/0xe20
[   40.190629][ T5946]  __arm64_sys_mount+0x45c/0x594
[   40.192027][ T5946]  invoke_syscall+0x98/0x2c0
[   40.193218][ T5946]  el0_svc_common+0x138/0x258
[   40.194454][ T5946]  do_el0_svc+0x64/0x198
[   40.195621][ T5946]  el0_svc+0x58/0x168
[   40.196716][ T5946]  el0t_64_sync_handler+0x84/0xf0
[   40.198033][ T5946]  el0t_64_sync+0x190/0x194
[   40.199244][ T5946] 
[   40.199839][ T5946] The buggy address belongs to the physical page:
[   40.201619][ T5946] page:00000000b1c79ae3 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1211f6
[   40.204355][ T5946] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff)
[   40.206232][ T5946] raw: 05ffc00000000000 fffffc0003847848 fffffc0003847d48 0000000000000000
[   40.208596][ T5946] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   40.210907][ T5946] page dumped because: kasan: bad access detected
[   40.212703][ T5946] 
[   40.213357][ T5946] Memory state around the buggy address:
[   40.214963][ T5946]  ffff0000e11f6000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   40.217140][ T5946]  ffff0000e11f6080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   40.219393][ T5946] >ffff0000e11f6100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   40.221474][ T5946]                                                                 ^
[   40.223616][ T5946]  ffff0000e11f6180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   40.225845][ T5946]  ffff0000e11f6200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   40.227997][ T5946] ==================================================================
[   40.230296][ T5946] Disabling lock debugging due to kernel taint
[   40.232414][ T5946] ntfs: volume version 3.1.
[   40.233862][ T5946] syz-executor319: attempt to access beyond end of device
[   40.233862][ T5946] loop0: rw=0, sector=2072, nr_sectors = 8 limit=190
[   40.237541][ T5946] ntfs: (device loop0): ntfs_end_buffer_async_read(): Buffer I/O error, logical block 0x103.
[   40.240588][ T5946] syz-executor319: attempt to access beyond end of device
[   40.240588][ T5946] loop0: rw=0, sector=552, nr_sectors = 8 limit=190
[   40.244746][ T5946] syz-executor319: attempt to access beyond end of device
[   40.244746][ T5946] loop0: rw=0, sector=224, nr_sectors = 8 limit=190