Warning: Permanently added '10.128.1.26' (ED25519) to the list of known hosts. executing program [ 34.710507][ T6097] loop0: detected capacity change from 0 to 4096 [ 34.714954][ T6097] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 34.726131][ T6097] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 34.728708][ T6097] ntfs3: loop0: Failed to load $Extend (-22). [ 34.730058][ T6097] ntfs3: loop0: Failed to initialize $Extend. [ 34.738968][ T6097] ================================================================== [ 34.740875][ T6097] BUG: KASAN: slab-out-of-bounds in ntfs_listxattr+0x354/0x50c [ 34.742483][ T6097] Read of size 48 at addr ffff0000d76354b0 by task syz-executor360/6097 [ 34.744431][ T6097] [ 34.744991][ T6097] CPU: 0 PID: 6097 Comm: syz-executor360 Not tainted 6.7.0-rc6-syzkaller-gaafe7ad77b91 #0 [ 34.747165][ T6097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 34.749496][ T6097] Call trace: [ 34.750307][ T6097] dump_backtrace+0x1b8/0x1e4 [ 34.751322][ T6097] show_stack+0x2c/0x3c [ 34.752281][ T6097] dump_stack_lvl+0xd0/0x124 [ 34.753332][ T6097] print_report+0x174/0x514 [ 34.754339][ T6097] kasan_report+0xd8/0x138 [ 34.755474][ T6097] kasan_check_range+0x254/0x294 [ 34.756554][ T6097] __asan_memcpy+0x3c/0x84 [ 34.757702][ T6097] ntfs_listxattr+0x354/0x50c [ 34.758797][ T6097] listxattr+0x108/0x368 [ 34.759790][ T6097] __arm64_sys_listxattr+0x13c/0x21c [ 34.761124][ T6097] invoke_syscall+0x98/0x2b8 [ 34.762167][ T6097] el0_svc_common+0x130/0x23c [ 34.763232][ T6097] do_el0_svc+0x48/0x58 [ 34.764130][ T6097] el0_svc+0x54/0x158 [ 34.765003][ T6097] el0t_64_sync_handler+0x84/0xfc [ 34.766251][ T6097] el0t_64_sync+0x190/0x194 [ 34.767314][ T6097] [ 34.767838][ T6097] Allocated by task 6097: [ 34.768911][ T6097] kasan_set_track+0x4c/0x7c [ 34.769967][ T6097] kasan_save_alloc_info+0x24/0x30 [ 34.771101][ T6097] __kasan_kmalloc+0xac/0xc4 [ 34.772261][ T6097] __kmalloc+0xcc/0x1b8 [ 34.773297][ T6097] ntfs_read_ea+0x3c0/0x808 [ 34.774321][ T6097] ntfs_listxattr+0x14c/0x50c [ 34.775394][ T6097] listxattr+0x108/0x368 [ 34.776298][ T6097] __arm64_sys_listxattr+0x13c/0x21c [ 34.777478][ T6097] invoke_syscall+0x98/0x2b8 [ 34.778607][ T6097] el0_svc_common+0x130/0x23c [ 34.779772][ T6097] do_el0_svc+0x48/0x58 [ 34.780754][ T6097] el0_svc+0x54/0x158 [ 34.781763][ T6097] el0t_64_sync_handler+0x84/0xfc [ 34.782953][ T6097] el0t_64_sync+0x190/0x194 [ 34.784064][ T6097] [ 34.784599][ T6097] The buggy address belongs to the object at ffff0000d7635480 [ 34.784599][ T6097] which belongs to the cache kmalloc-64 of size 64 [ 34.787684][ T6097] The buggy address is located 48 bytes inside of [ 34.787684][ T6097] allocated 60-byte region [ffff0000d7635480, ffff0000d76354bc) [ 34.791043][ T6097] [ 34.791610][ T6097] The buggy address belongs to the physical page: [ 34.793027][ T6097] page:000000004ec57951 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117635 [ 34.795426][ T6097] flags: 0x5ffc00000000800(slab|node=0|zone=2|lastcpupid=0x7ff) [ 34.797296][ T6097] page_type: 0xffffffff() [ 34.798295][ T6097] raw: 05ffc00000000800 ffff0000c0001640 dead000000000100 dead000000000122 [ 34.800456][ T6097] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 34.802580][ T6097] page dumped because: kasan: bad access detected [ 34.804135][ T6097] [ 34.804696][ T6097] Memory state around the buggy address: [ 34.805986][ T6097] ffff0000d7635380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 34.807815][ T6097] ffff0000d7635400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.809697][ T6097] >ffff0000d7635480: 00 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc [ 34.811588][ T6097] ^ [ 34.812921][ T6097] ffff0000d7635500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.814835][ T6097] ffff0000d7635580: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 34.816754][ T6097] ================================================================== [ 34.818811][ T6097] Disabling lock debugging due to kernel taint