Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.15.245' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 35.318115] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid end of sector marker. [ 35.331287] ------------[ cut here ]------------ [ 35.336599] kernel BUG at fs/ntfs/aops.c:207! [ 35.342456] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 35.348377] Modules linked in: [ 35.358855] CPU: 0 PID: 7997 Comm: syz-executor945 Not tainted 4.14.232-syzkaller #0 [ 35.368319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.379170] task: ffff888095594180 task.stack: ffff8880922c0000 [ 35.385720] RIP: 0010:ntfs_readpage+0x14c7/0x1a70 [ 35.390986] RSP: 0018:ffff8880922c7780 EFLAGS: 00010297 [ 35.396701] RAX: ffff888095594180 RBX: dffffc0000000000 RCX: 0000000000000000 [ 35.405056] RDX: 0000000000000000 RSI: ffffea00023a65c0 RDI: ffff88808ce95790 [ 35.412763] RBP: ffff88808ce95788 R08: 0000000000000000 R09: ffff88808ce95c18 [ 35.420542] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 35.428611] R13: ffff88808ce95740 R14: ffff88808ce95a08 R15: ffffea00023a65c0 [ 35.436253] FS: 0000000001849300(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 35.444728] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.451547] CR2: 00007f16045d1000 CR3: 00000000af821000 CR4: 00000000001406f0 [ 35.461726] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 35.469128] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 35.477163] Call Trace: [ 35.480339] ? __add_to_page_cache_locked+0x2ea/0x840 [ 35.485809] ? check_preemption_disabled+0x35/0x240 [ 35.490813] ? __lru_cache_add+0x178/0x250 [ 35.495871] ? ntfs_end_buffer_async_read+0x1040/0x1040 [ 35.501895] ? add_to_page_cache_lru+0x136/0x2b0 [ 35.507185] ? add_to_page_cache_locked+0x40/0x40 [ 35.512141] ? alloc_pages_current+0x15d/0x260 [ 35.516732] do_read_cache_page+0x38e/0xc10 [ 35.521308] ? ntfs_end_buffer_async_read+0x1040/0x1040 [ 35.527108] ? ntfs_attr_lookup+0xed3/0x1f30 [ 35.531594] map_mft_record+0x1ca/0xbe0 [ 35.535709] ? _raw_spin_unlock+0x29/0x40 [ 35.540219] ntfs_read_locked_inode+0x1bf/0x5160 [ 35.544990] ? kmem_cache_alloc+0x2f8/0x3c0 [ 35.550135] ntfs_read_inode_mount+0xafb/0x2040 [ 35.555452] ntfs_fill_super+0x9a6/0x7170 [ 35.559968] ? vsnprintf+0x260/0x1340 [ 35.563936] ? pointer+0x9e0/0x9e0 [ 35.567961] ? lock_downgrade+0x740/0x740 [ 35.572455] ? ntfs_big_inode_init_once+0x20/0x20 [ 35.577547] ? snprintf+0xa5/0xd0 [ 35.581777] ? vsprintf+0x30/0x30 [ 35.585894] ? ns_test_super+0x50/0x50 [ 35.591158] ? set_blocksize+0x125/0x380 [ 35.597079] mount_bdev+0x2b3/0x360 [ 35.601500] ? ntfs_big_inode_init_once+0x20/0x20 [ 35.607039] mount_fs+0x92/0x2a0 [ 35.610686] vfs_kern_mount.part.0+0x5b/0x470 [ 35.616255] do_mount+0xe53/0x2a00 [ 35.620133] ? do_raw_spin_unlock+0x164/0x220 [ 35.624668] ? copy_mount_string+0x40/0x40 [ 35.630687] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 35.636063] ? copy_mnt_ns+0xa30/0xa30 [ 35.640487] ? copy_mount_options+0x1fa/0x2f0 [ 35.645141] ? copy_mnt_ns+0xa30/0xa30 [ 35.649425] SyS_mount+0xa8/0x120 [ 35.653366] ? copy_mnt_ns+0xa30/0xa30 [ 35.657669] do_syscall_64+0x1d5/0x640 [ 35.662428] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 35.671107] RIP: 0033:0x44513a [ 35.674961] RSP: 002b:00007ffe9984d098 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 35.683935] RAX: ffffffffffffffda RBX: 00007ffe9984d0f0 RCX: 000000000044513a [ 35.693124] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe9984d0b0 [ 35.702950] RBP: 00007ffe9984d0b0 R08: 00007ffe9984d0f0 R09: 0000000000000000 [ 35.711136] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000290 [ 35.721247] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000006 [ 35.729206] Code: 89 04 00 00 49 83 be 88 fd ff ff 00 0f 85 3e f5 ff ff e8 dd 8a 45 ff 49 8b 86 80 fd ff ff a8 08 0f 85 2a f5 ff ff e8 c9 8a 45 ff <0f> 0b e8 c2 8a 45 ff 48 8b 84 24 88 00 00 00 48 8d b8 c0 fd ff [ 35.749948] RIP: ntfs_readpage+0x14c7/0x1a70 RSP: ffff8880922c7780 [ 35.757078] ---[ end trace 5fc2179b286efced ]--- [ 35.762219] Kernel panic - not syncing: Fatal exception [ 35.769466] Kernel Offset: disabled [ 35.773748] Rebooting in 86400 seconds..