Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts. executing program [ 34.995457] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid end of sector marker. [ 35.005984] ntfs: (device loop0): ntfs_is_extended_system_file(): Inode hard link count doesn't match number of name attributes. You should run chkdsk. [ 35.020100] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 35.029025] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 35.041453] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 35.054176] ntfs: (device loop0): map_mft_record_page(): Mft record 0xa is corrupt. Run chkdsk. [ 35.063253] ntfs: (device loop0): map_mft_record(): Failed with error code 5. [ 35.070561] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 35.082819] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. executing program [ 35.093682] ntfs: (device loop0): map_mft_record_page(): Mft record 0x4 is corrupt. Run chkdsk. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 35.391905] ================================================================== [ 35.399305] BUG: KASAN: use-after-free in ntfs_read_locked_inode+0x47c6/0x5580 [ 35.406659] Read of size 8 at addr ffff88808ad693d5 by task syz-executor122/8129 [ 35.414177] [ 35.415806] CPU: 1 PID: 8129 Comm: syz-executor122 Not tainted 4.19.163-syzkaller #0 [ 35.423784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.433146] Call Trace: [ 35.435735] dump_stack+0x1fc/0x2fe [ 35.439366] print_address_description.cold+0x54/0x219 [ 35.444645] kasan_report_error.cold+0x8a/0x1c7 [ 35.449316] ? ntfs_read_locked_inode+0x47c6/0x5580 [ 35.454336] __asan_report_load_n_noabort+0x8b/0xa0 [ 35.459355] ? ntfs_read_locked_inode+0x47c6/0x5580 [ 35.464368] ntfs_read_locked_inode+0x47c6/0x5580 [ 35.469212] ? __ntfs_clear_inode+0x260/0x260 [ 35.473734] ? ntfs_index_lookup+0x2bb0/0x2bb0 [ 35.478312] ? iget5_locked+0x3c/0xd0 [ 35.482164] ntfs_iget+0x12d/0x180 [ 35.485683] ? ntfs_read_locked_inode+0x5580/0x5580 [ 35.490679] ? wait_for_completion_io+0x10/0x10 [ 35.495324] load_and_init_mft_mirror+0x34/0x350 [ 35.500054] ntfs_fill_super+0xade/0x7e10 [ 35.504194] ? pointer+0x850/0x850 [ 35.507712] ? lock_downgrade+0x720/0x720 [ 35.511838] ? ntfs_big_inode_init_once+0x20/0x20 [ 35.516746] ? vsprintf+0x30/0x30 [ 35.520175] ? wait_for_completion_io+0x10/0x10 [ 35.524845] ? set_blocksize+0x163/0x3f0 [ 35.528884] mount_bdev+0x2fc/0x3b0 [ 35.532487] ? ntfs_big_inode_init_once+0x20/0x20 [ 35.537306] mount_fs+0xa3/0x30c [ 35.540650] vfs_kern_mount.part.0+0x68/0x470 [ 35.545122] do_mount+0x113c/0x2f10 [ 35.548725] ? lock_acquire+0x170/0x3c0 [ 35.552682] ? check_preemption_disabled+0x41/0x280 [ 35.557679] ? copy_mount_string+0x40/0x40 [ 35.561889] ? copy_mount_options+0x59/0x380 [ 35.566289] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 35.571288] ? kmem_cache_alloc_trace+0x323/0x380 [ 35.576106] ? copy_mount_options+0x26f/0x380 [ 35.580577] ksys_mount+0xcf/0x130 [ 35.584094] __x64_sys_mount+0xba/0x150 [ 35.588044] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 35.592600] do_syscall_64+0xf9/0x620 [ 35.596378] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.601542] RIP: 0033:0x4494fa [ 35.604712] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d a3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a a3 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 35.623588] RSP: 002b:00007ffd9369a9c8 EFLAGS: 00000287 ORIG_RAX: 00000000000000a5 [ 35.631272] RAX: ffffffffffffffda RBX: 00007ffd9369aa20 RCX: 00000000004494fa [ 35.638530] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd9369a9e0 [ 35.645780] RBP: 00007ffd9369a9e0 R08: 00007ffd9369aa20 R09: 0000000000000000 [ 35.653027] R10: 0000000000000000 R11: 0000000000000287 R12: 00000000000000ab [ 35.660274] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 35.667521] [ 35.669121] The buggy address belongs to the page: [ 35.674024] page:ffffea00022b5a40 count:0 mapcount:0 mapping:0000000000000000 index:0x1 [ 35.682139] flags: 0xfff00000000000() [ 35.685915] raw: 00fff00000000000 ffffea00022b5a88 ffffea00022b5a08 0000000000000000 [ 35.693774] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 35.701628] page dumped because: kasan: bad access detected [ 35.707328] [ 35.708943] Memory state around the buggy address: [ 35.713845] ffff88808ad69280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 35.721177] ffff88808ad69300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 35.728522] >ffff88808ad69380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 35.735853] ^ [ 35.741797] ffff88808ad69400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 35.749141] ffff88808ad69480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 35.756482] ================================================================== [ 35.763848] Disabling lock debugging due to kernel taint [ 35.772458] Kernel panic - not syncing: panic_on_warn set ... [ 35.772458] [ 35.779946] CPU: 1 PID: 8129 Comm: syz-executor122 Tainted: G B 4.19.163-syzkaller #0 [ 35.789205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.798543] Call Trace: [ 35.801130] dump_stack+0x1fc/0x2fe [ 35.804748] panic+0x26a/0x50e [ 35.807933] ? __warn_printk+0xf3/0xf3 [ 35.811802] ? preempt_schedule_common+0x45/0xc0 [ 35.816537] ? ___preempt_schedule+0x16/0x18 [ 35.820923] ? trace_hardirqs_on+0x55/0x210 [ 35.825221] kasan_end_report+0x43/0x49 [ 35.829171] kasan_report_error.cold+0xa7/0x1c7 [ 35.833818] ? ntfs_read_locked_inode+0x47c6/0x5580 [ 35.838809] __asan_report_load_n_noabort+0x8b/0xa0 [ 35.843804] ? ntfs_read_locked_inode+0x47c6/0x5580 [ 35.848798] ntfs_read_locked_inode+0x47c6/0x5580 [ 35.853617] ? __ntfs_clear_inode+0x260/0x260 [ 35.858089] ? ntfs_index_lookup+0x2bb0/0x2bb0 [ 35.862647] ? iget5_locked+0x3c/0xd0 [ 35.866423] ntfs_iget+0x12d/0x180 [ 35.869940] ? ntfs_read_locked_inode+0x5580/0x5580 [ 35.874940] ? wait_for_completion_io+0x10/0x10 [ 35.879590] load_and_init_mft_mirror+0x34/0x350 [ 35.884321] ntfs_fill_super+0xade/0x7e10 [ 35.888464] ? pointer+0x850/0x850 [ 35.891983] ? lock_downgrade+0x720/0x720 [ 35.896108] ? ntfs_big_inode_init_once+0x20/0x20 [ 35.900946] ? vsprintf+0x30/0x30 [ 35.904386] ? wait_for_completion_io+0x10/0x10 [ 35.909045] ? set_blocksize+0x163/0x3f0 [ 35.913085] mount_bdev+0x2fc/0x3b0 [ 35.916690] ? ntfs_big_inode_init_once+0x20/0x20 [ 35.921509] mount_fs+0xa3/0x30c [ 35.924860] vfs_kern_mount.part.0+0x68/0x470 [ 35.929336] do_mount+0x113c/0x2f10 [ 35.932949] ? lock_acquire+0x170/0x3c0 [ 35.936901] ? check_preemption_disabled+0x41/0x280 [ 35.941909] ? copy_mount_string+0x40/0x40 [ 35.946117] ? copy_mount_options+0x59/0x380 [ 35.950501] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 35.955492] ? kmem_cache_alloc_trace+0x323/0x380 [ 35.960322] ? copy_mount_options+0x26f/0x380 [ 35.964794] ksys_mount+0xcf/0x130 [ 35.968313] __x64_sys_mount+0xba/0x150 [ 35.972263] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 35.976824] do_syscall_64+0xf9/0x620 [ 35.980607] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.985772] RIP: 0033:0x4494fa [ 35.988954] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d a3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a a3 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 36.007844] RSP: 002b:00007ffd9369a9c8 EFLAGS: 00000287 ORIG_RAX: 00000000000000a5 [ 36.015528] RAX: ffffffffffffffda RBX: 00007ffd9369aa20 RCX: 00000000004494fa [ 36.022774] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd9369a9e0 [ 36.030017] RBP: 00007ffd9369a9e0 R08: 00007ffd9369aa20 R09: 0000000000000000 [ 36.037261] R10: 0000000000000000 R11: 0000000000000287 R12: 00000000000000ab [ 36.044519] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 36.052371] Kernel Offset: disabled [ 36.055982] Rebooting in 86400 seconds..