DUID 00:04:4b:a6:d8:97:08:21:27:2e:fd:cf:3e:39:f6:c0:7f:1f
forked to background, child pid 3215
[   28.745387][ T3216] 8021q: adding VLAN 0 to HW filter on device bond0
[   28.755601][ T3216] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.114' (ED25519) to the list of known hosts.
Setting up swapspace version 1, size = 127995904 bytes
executing program
syzkaller login: [   52.176928][ T3541] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   52.244479][ T3543] loop0: detected capacity change from 0 to 4096
[   52.252875][ T3543] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[   52.284059][ T3543] ntfs: volume version 3.1.
[   52.300283][ T3543] ==================================================================
[   52.308378][ T3543] BUG: KASAN: out-of-bounds in ntfs_read_folio+0x9b0/0x29d0
[   52.315710][ T3543] Read of size 10 at addr ffff8880681d7170 by task syz-executor426/3543
[   52.324043][ T3543] 
[   52.326377][ T3543] CPU: 1 PID: 3543 Comm: syz-executor426 Not tainted 6.1.69-syzkaller #0
[   52.335382][ T3543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   52.345683][ T3543] Call Trace:
[   52.348946][ T3543]  <TASK>
[   52.351863][ T3543]  dump_stack_lvl+0x1e3/0x2cb
[   52.356535][ T3543]  ? nf_tcp_handle_invalid+0x642/0x642
[   52.361975][ T3543]  ? panic+0x75d/0x75d
[   52.366022][ T3543]  ? _printk+0xd1/0x111
[   52.370156][ T3543]  ? _raw_spin_lock_irqsave+0xac/0x120
[   52.375602][ T3543]  print_report+0x15f/0x4f0
[   52.380094][ T3543]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   52.386058][ T3543]  ? __virt_addr_valid+0x22b/0x2e0
[   52.391154][ T3543]  ? __phys_addr+0xb6/0x170
[   52.395638][ T3543]  ? ntfs_read_folio+0x9b0/0x29d0
[   52.400644][ T3543]  kasan_report+0x136/0x160
[   52.405132][ T3543]  ? ntfs_read_folio+0x9b0/0x29d0
[   52.410137][ T3543]  kasan_check_range+0x27f/0x290
[   52.415055][ T3543]  ? ntfs_read_folio+0x9b0/0x29d0
[   52.420068][ T3543]  memcpy+0x25/0x60
[   52.423873][ T3543]  ntfs_read_folio+0x9b0/0x29d0
[   52.428707][ T3543]  ? xa_load+0x3fd/0x480
[   52.432947][ T3543]  ? xas_find_conflict+0x890/0x890
[   52.438038][ T3543]  ? ntfs_writepage+0x1ac0/0x1ac0
[   52.443046][ T3543]  ? __lock_acquire+0x1f80/0x1f80
[   52.448053][ T3543]  ? readahead_folio+0x32d/0x620
[   52.453001][ T3543]  ? ntfs_writepage+0x1ac0/0x1ac0
[   52.458021][ T3543]  read_pages+0x5f2/0x830
[   52.462334][ T3543]  ? folio_add_lru+0x34d/0xd70
[   52.467084][ T3543]  ? folio_add_lru+0x34d/0xd70
[   52.471831][ T3543]  ? page_cache_ra_unbounded+0x7b0/0x7b0
[   52.477463][ T3543]  ? __filemap_add_folio+0x1ba0/0x1ba0
[   52.482936][ T3543]  ? page_cache_ra_order+0xb17/0xcc0
[   52.488216][ T3543]  page_cache_ra_unbounded+0x68b/0x7b0
[   52.493670][ T3543]  filemap_read+0x7fa/0x31d0
[   52.498259][ T3543]  ? find_get_pages_range_tag+0x810/0x810
[   52.503977][ T3543]  ? __kernel_text_address+0x9/0x40
[   52.509180][ T3543]  ? unwind_get_return_address+0x49/0x80
[   52.514813][ T3543]  ? arch_stack_walk+0xf3/0x140
[   52.519662][ T3543]  ? generic_file_read_iter+0x90/0x540
[   52.529111][ T3543]  ? __stack_depot_save+0x36/0x470
[   52.535072][ T3543]  ? iov_iter_kvec+0x4a/0x1b0
[   52.539783][ T3543]  __kernel_read+0x41e/0x8a0
[   52.544375][ T3543]  ? kasan_set_track+0x4b/0x70
[   52.549126][ T3543]  ? rw_verify_area+0x1a0/0x1a0
[   52.553966][ T3543]  integrity_kernel_read+0xac/0xf0
[   52.559060][ T3543]  ? integrity_inode_free+0x170/0x170
[   52.564435][ T3543]  ima_calc_file_hash+0xa57/0x1c00
[   52.569533][ T3543]  ? validate_chain+0x13ce/0x5950
[   52.574540][ T3543]  ? reacquire_held_locks+0x660/0x660
[   52.579933][ T3543]  ? ima_alloc_tfm+0x310/0x310
[   52.584701][ T3543]  ? read_lock_is_recursive+0x10/0x10
[   52.590088][ T3543]  ? __mutex_trylock_common+0x17e/0x2e0
[   52.595625][ T3543]  ? __might_sleep+0xb0/0xb0
[   52.600199][ T3543]  ? trace_raw_output_contention_end+0xd0/0xd0
[   52.606339][ T3543]  ima_collect_measurement+0x59a/0xc30
[   52.611781][ T3543]  ? trace_contention_end+0x61/0x170
[   52.617087][ T3543]  ? ima_get_action+0xa0/0xa0
[   52.621770][ T3543]  ? is_bad_inode+0x9/0x40
[   52.626193][ T3543]  process_measurement+0x135c/0x21b0
[   52.631473][ T3543]  ? tomoyo_check_open_permission+0x1f2/0x4c0
[   52.637547][ T3543]  ? ima_file_mmap+0x1c0/0x1c0
[   52.642324][ T3543]  ? tomoyo_check_open_permission+0x3aa/0x4c0
[   52.648505][ T3543]  ? tomoyo_check_open_permission+0x1f2/0x4c0
[   52.654569][ T3543]  ? apparmor_file_open+0x3e3/0x820
[   52.659767][ T3543]  ? aa_get_current_label+0x111/0x1d0
[   52.665136][ T3543]  ? apparmor_current_getsecid_subj+0xac/0x110
[   52.671283][ T3543]  ima_file_check+0xed/0x170
[   52.675859][ T3543]  ? do_dentry_open+0xc1d/0x10f0
[   52.680779][ T3543]  ? ima_bprm_check+0x2b0/0x2b0
[   52.685610][ T3543]  path_openat+0x2687/0x2e60
[   52.690186][ T3543]  ? do_filp_open+0x480/0x480
[   52.694844][ T3543]  do_filp_open+0x230/0x480
[   52.699326][ T3543]  ? vfs_tmpfile+0x4a0/0x4a0
[   52.703895][ T3543]  ? _raw_spin_unlock+0x24/0x40
[   52.708722][ T3543]  ? alloc_fd+0x59c/0x640
[   52.713070][ T3543]  do_sys_openat2+0x13b/0x500
[   52.717752][ T3543]  ? do_sys_open+0x220/0x220
[   52.722335][ T3543]  __x64_sys_openat+0x243/0x290
[   52.727195][ T3543]  ? __ia32_sys_open+0x270/0x270
[   52.732122][ T3543]  ? syscall_enter_from_user_mode+0x2e/0x220
[   52.738363][ T3543]  ? lockdep_hardirqs_on+0x94/0x130
[   52.745105][ T3543]  ? syscall_enter_from_user_mode+0x2e/0x220
[   52.751083][ T3543]  do_syscall_64+0x3d/0xb0
[   52.755573][ T3543]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.761452][ T3543] RIP: 0033:0x7ffbf5b84e49
[   52.765852][ T3543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   52.785467][ T3543] RSP: 002b:00007ffd21a516b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   52.793869][ T3543] RAX: ffffffffffffffda RBX: 00007ffbf5bce09d RCX: 00007ffbf5b84e49
[   52.801823][ T3543] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 00000000ffffff9c
[   52.809834][ T3543] RBP: 00007ffd21a516e0 R08: 000000000001ee7c R09: 0000000000000000
[   52.817806][ T3543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   52.825766][ T3543] R13: 00007ffd21a51968 R14: 0000000000000001 R15: 0000000000000001
[   52.833766][ T3543]  </TASK>
[   52.837047][ T3543] 
[   52.839365][ T3543] The buggy address belongs to the physical page:
[   52.845815][ T3543] page:ffffea0001a075c0 refcount:1 mapcount:1 mapping:0000000000000000 index:0x557dc5706 pfn:0x681d7
[   52.859645][ T3543] memcg:ffff88813fe10000
[   52.863868][ T3543] anon flags: 0xfff800000a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[   52.874611][ T3543] raw: 00fff800000a0014 ffffea0001a07588 ffffea0001a07608 ffff888027c30001
[   52.883174][ T3543] raw: 0000000557dc5706 0000000000000000 0000000100000000 ffff88813fe10000
[   52.891730][ T3543] page dumped because: kasan: bad access detected
[   52.898118][ T3543] page_owner tracks the page as allocated
[   52.903826][ T3543] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 3002, tgid 3002 (udevd), ts 52301405114, free_ts 52243247339
[   52.920926][ T3543]  post_alloc_hook+0x18d/0x1b0
[   52.925717][ T3543]  get_page_from_freelist+0x31a1/0x3320
[   52.931243][ T3543]  __alloc_pages+0x28d/0x770
[   52.935898][ T3543]  __folio_alloc+0xf/0x30
[   52.940284][ T3543]  vma_alloc_folio+0x486/0x990
[   52.945939][ T3543]  wp_page_copy+0x291/0x18c0
[   52.950985][ T3543]  handle_mm_fault+0x2525/0x5340
[   52.955906][ T3543]  exc_page_fault+0x26f/0x660
[   52.960577][ T3543]  asm_exc_page_fault+0x22/0x30
[   52.965591][ T3543] page last free stack trace:
[   52.970241][ T3543]  free_unref_page_prepare+0xf63/0x1120
[   52.975781][ T3543]  free_unref_page_list+0x663/0x900
[   52.980955][ T3543]  release_pages+0x2836/0x2b40
[   52.985698][ T3543]  tlb_flush_mmu+0xfc/0x210
[   52.990180][ T3543]  tlb_finish_mmu+0xce/0x1f0
[   52.994747][ T3543]  unmap_region+0x29f/0x2f0
[   52.999237][ T3543]  do_mas_align_munmap+0xec8/0x15f0
[   53.004430][ T3543]  do_mas_munmap+0x246/0x2b0
[   53.009011][ T3543]  __vm_munmap+0x268/0x370
[   53.013406][ T3543]  __x64_sys_munmap+0x5c/0x70
[   53.018062][ T3543]  do_syscall_64+0x3d/0xb0
[   53.022457][ T3543]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.028333][ T3543] 
[   53.030658][ T3543] Memory state around the buggy address:
[   53.036448][ T3543]  ffff8880681d7080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.046280][ T3543]  ffff8880681d7100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.054341][ T3543] >ffff8880681d7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.062744][ T3543]                    ^
[   53.066793][ T3543]  ffff8880681d7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.074849][ T3543]  ffff8880681d7280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.082886][ T3543] ==================================================================
[   53.091038][ T3543] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   53.098225][ T3543] CPU: 1 PID: 3543 Comm: syz-executor426 Not tainted 6.1.69-syzkaller #0
[   53.106625][ T3543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   53.116668][ T3543] Call Trace:
[   53.119941][ T3543]  <TASK>
[   53.122871][ T3543]  dump_stack_lvl+0x1e3/0x2cb
[   53.127545][ T3543]  ? nf_tcp_handle_invalid+0x642/0x642
[   53.133168][ T3543]  ? panic+0x75d/0x75d
[   53.137400][ T3543]  ? vscnprintf+0x59/0x80
[   53.141999][ T3543]  panic+0x318/0x75d
[   53.146147][ T3543]  ? check_panic_on_warn+0x1d/0xa0
[   53.151252][ T3543]  ? memcpy_page_flushcache+0xfc/0xfc
[   53.156644][ T3543]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[   53.162528][ T3543]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   53.168410][ T3543]  ? _raw_spin_unlock+0x40/0x40
[   53.173251][ T3543]  check_panic_on_warn+0x7e/0xa0
[   53.178177][ T3543]  ? ntfs_read_folio+0x9b0/0x29d0
[   53.183281][ T3543]  end_report+0x66/0x110
[   53.187515][ T3543]  kasan_report+0x143/0x160
[   53.192010][ T3543]  ? ntfs_read_folio+0x9b0/0x29d0
[   53.197027][ T3543]  kasan_check_range+0x27f/0x290
[   53.201964][ T3543]  ? ntfs_read_folio+0x9b0/0x29d0
[   53.206996][ T3543]  memcpy+0x25/0x60
[   53.210817][ T3543]  ntfs_read_folio+0x9b0/0x29d0
[   53.215681][ T3543]  ? xa_load+0x3fd/0x480
[   53.219944][ T3543]  ? xas_find_conflict+0x890/0x890
[   53.225062][ T3543]  ? ntfs_writepage+0x1ac0/0x1ac0
[   53.230087][ T3543]  ? __lock_acquire+0x1f80/0x1f80
[   53.235205][ T3543]  ? readahead_folio+0x32d/0x620
[   53.240346][ T3543]  ? ntfs_writepage+0x1ac0/0x1ac0
[   53.245364][ T3543]  read_pages+0x5f2/0x830
[   53.249687][ T3543]  ? folio_add_lru+0x34d/0xd70
[   53.254448][ T3543]  ? folio_add_lru+0x34d/0xd70
[   53.259203][ T3543]  ? page_cache_ra_unbounded+0x7b0/0x7b0
[   53.264862][ T3543]  ? __filemap_add_folio+0x1ba0/0x1ba0
[   53.270317][ T3543]  ? page_cache_ra_order+0xb17/0xcc0
[   53.275679][ T3543]  page_cache_ra_unbounded+0x68b/0x7b0
[   53.281136][ T3543]  filemap_read+0x7fa/0x31d0
[   53.285736][ T3543]  ? find_get_pages_range_tag+0x810/0x810
[   53.291449][ T3543]  ? __kernel_text_address+0x9/0x40
[   53.296637][ T3543]  ? unwind_get_return_address+0x49/0x80
[   53.302263][ T3543]  ? arch_stack_walk+0xf3/0x140
[   53.307110][ T3543]  ? generic_file_read_iter+0x90/0x540
[   53.312561][ T3543]  ? __stack_depot_save+0x36/0x470
[   53.317660][ T3543]  ? iov_iter_kvec+0x4a/0x1b0
[   53.323061][ T3543]  __kernel_read+0x41e/0x8a0
[   53.328439][ T3543]  ? kasan_set_track+0x4b/0x70
[   53.333460][ T3543]  ? rw_verify_area+0x1a0/0x1a0
[   53.338314][ T3543]  integrity_kernel_read+0xac/0xf0
[   53.343681][ T3543]  ? integrity_inode_free+0x170/0x170
[   53.349057][ T3543]  ima_calc_file_hash+0xa57/0x1c00
[   53.354161][ T3543]  ? validate_chain+0x13ce/0x5950
[   53.359265][ T3543]  ? reacquire_held_locks+0x660/0x660
[   53.364635][ T3543]  ? ima_alloc_tfm+0x310/0x310
[   53.369406][ T3543]  ? read_lock_is_recursive+0x10/0x10
[   53.374775][ T3543]  ? __mutex_trylock_common+0x17e/0x2e0
[   53.380309][ T3543]  ? __might_sleep+0xb0/0xb0
[   53.384893][ T3543]  ? trace_raw_output_contention_end+0xd0/0xd0
[   53.391045][ T3543]  ima_collect_measurement+0x59a/0xc30
[   53.396493][ T3543]  ? trace_contention_end+0x61/0x170
[   53.401767][ T3543]  ? ima_get_action+0xa0/0xa0
[   53.406434][ T3543]  ? is_bad_inode+0x9/0x40
[   53.410852][ T3543]  process_measurement+0x135c/0x21b0
[   53.416126][ T3543]  ? tomoyo_check_open_permission+0x1f2/0x4c0
[   53.422192][ T3543]  ? ima_file_mmap+0x1c0/0x1c0
[   53.426945][ T3543]  ? tomoyo_check_open_permission+0x3aa/0x4c0
[   53.433008][ T3543]  ? tomoyo_check_open_permission+0x1f2/0x4c0
[   53.439076][ T3543]  ? apparmor_file_open+0x3e3/0x820
[   53.444266][ T3543]  ? aa_get_current_label+0x111/0x1d0
[   53.449628][ T3543]  ? apparmor_current_getsecid_subj+0xac/0x110
[   53.455773][ T3543]  ima_file_check+0xed/0x170
[   53.460359][ T3543]  ? do_dentry_open+0xc1d/0x10f0
[   53.465287][ T3543]  ? ima_bprm_check+0x2b0/0x2b0
[   53.470129][ T3543]  path_openat+0x2687/0x2e60
[   53.474717][ T3543]  ? do_filp_open+0x480/0x480
[   53.479389][ T3543]  do_filp_open+0x230/0x480
[   53.483883][ T3543]  ? vfs_tmpfile+0x4a0/0x4a0
[   53.488465][ T3543]  ? _raw_spin_unlock+0x24/0x40
[   53.493306][ T3543]  ? alloc_fd+0x59c/0x640
[   53.497693][ T3543]  do_sys_openat2+0x13b/0x500
[   53.502365][ T3543]  ? do_sys_open+0x220/0x220
[   53.506956][ T3543]  __x64_sys_openat+0x243/0x290
[   53.511799][ T3543]  ? __ia32_sys_open+0x270/0x270
[   53.516730][ T3543]  ? syscall_enter_from_user_mode+0x2e/0x220
[   53.522698][ T3543]  ? lockdep_hardirqs_on+0x94/0x130
[   53.527882][ T3543]  ? syscall_enter_from_user_mode+0x2e/0x220
[   53.535070][ T3543]  do_syscall_64+0x3d/0xb0
[   53.541391][ T3543]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.547299][ T3543] RIP: 0033:0x7ffbf5b84e49
[   53.551704][ T3543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   53.571296][ T3543] RSP: 002b:00007ffd21a516b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   53.579695][ T3543] RAX: ffffffffffffffda RBX: 00007ffbf5bce09d RCX: 00007ffbf5b84e49
[   53.587652][ T3543] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 00000000ffffff9c
[   53.595607][ T3543] RBP: 00007ffd21a516e0 R08: 000000000001ee7c R09: 0000000000000000
[   53.603566][ T3543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   53.611523][ T3543] R13: 00007ffd21a51968 R14: 0000000000000001 R15: 0000000000000001
[   53.619495][ T3543]  </TASK>
[   53.622679][ T3543] Kernel Offset: disabled
[   53.626990][ T3543] Rebooting in 86400 seconds..