[ 42.773441] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.10.42' (ECDSA) to the list of known hosts. 2020/02/11 20:52:57 parsed 1 programs 2020/02/11 20:52:57 executed programs: 0 [ 47.922499] IPVS: ftp: loaded support on port[0] = 21 [ 47.949284] IPVS: ftp: loaded support on port[0] = 21 [ 47.967958] IPVS: ftp: loaded support on port[0] = 21 [ 47.975028] IPVS: ftp: loaded support on port[0] = 21 [ 47.989923] ntfs: (device loop3): is_boot_sector_ntfs(): Invalid end of sector marker. [ 47.998323] IPVS: ftp: loaded support on port[0] = 21 [ 48.001691] IPVS: ftp: loaded support on port[0] = 21 [ 48.015337] ntfs: (device loop3): map_mft_record_page(): Mft record 0x1 is corrupt. Run chkdsk. [ 48.024339] ntfs: (device loop3): map_mft_record(): Failed with error code 5. [ 48.031655] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 48.044361] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 48.057703] ntfs: (device loop3): map_mft_record_page(): Mft record 0xa is corrupt. Run chkdsk. [ 48.066666] ntfs: (device loop3): map_mft_record(): Failed with error code 5. [ 48.073967] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 48.086669] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 48.098993] ntfs: volume version 3.1. [ 48.102973] ntfs: (device loop3): map_mft_record_page(): Mft record 0x2 is corrupt. Run chkdsk. [ 48.114418] ================================================================== [ 48.121810] BUG: KASAN: use-after-free in ntfs_read_locked_inode+0x4429/0x52a0 [ 48.129163] Read of size 8 at addr ffff8881bae0a2e8 by task syz-executor3/4449 [ 48.136510] [ 48.138136] CPU: 0 PID: 4449 Comm: syz-executor3 Not tainted 5.6.0-rc1-syzkaller #0 [ 48.145958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.155428] Call Trace: [ 48.158009] dump_stack+0x12f/0x187 [ 48.161751] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.166764] print_address_description.constprop.8+0x3b/0x60 [ 48.172552] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.177652] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.182656] __kasan_report.cold.11+0x1b/0x32 [ 48.187159] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.192172] kasan_report+0x12/0x20 [ 48.195773] __asan_report_load_n_noabort+0xf/0x20 [ 48.200683] ntfs_read_locked_inode+0x4429/0x52a0 [ 48.205608] ntfs_iget+0xe6/0x120 [ 48.209070] ? ntfs_read_locked_inode+0x52a0/0x52a0 [ 48.214077] ? kfree+0x1d6/0x290 [ 48.217463] load_system_files+0x55fa/0x6530 [ 48.221850] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 48.226592] ? ntfs_remount+0x420/0x420 [ 48.230610] ? __kasan_check_write+0x14/0x20 [ 48.235066] ? wait_for_completion+0x460/0x460 [ 48.239634] ? generate_default_upcase+0xb5/0x510 [ 48.244461] ntfs_fill_super+0x12a6/0x2d40 [ 48.248739] ? snprintf+0x91/0xc0 [ 48.252227] ? vsprintf+0x20/0x20 [ 48.255662] mount_bdev+0x27b/0x340 [ 48.259283] ? load_system_files+0x6530/0x6530 [ 48.263952] ? ntfs_rl_punch_nolock+0x1ec0/0x1ec0 [ 48.268792] ntfs_mount+0x10/0x20 [ 48.272380] legacy_get_tree+0x103/0x1f0 [ 48.276491] vfs_get_tree+0x8b/0x2d0 [ 48.280190] ? capable+0x14/0x20 [ 48.283535] do_mount+0x1285/0x1b70 [ 48.287158] ? lock_downgrade+0x900/0x900 [ 48.291287] ? copy_mount_string+0x20/0x20 [ 48.295505] ? __kasan_check_write+0x14/0x20 [ 48.299893] ? _copy_from_user+0xd6/0x110 [ 48.304087] __x64_sys_mount+0x169/0x1c0 [ 48.308853] do_syscall_64+0xd0/0x600 [ 48.312635] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 48.317802] RIP: 0033:0x457e5a [ 48.320974] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 48.339957] RSP: 002b:00007fd00854dbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 48.347810] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457e5a [ 48.355229] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd00854dc00 [ 48.362492] RBP: 000000000000005a R08: 0000000020077a00 R09: 0000000020000000 [ 48.369752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 48.377040] R13: 000000000000066c R14: 00000000006fcac0 R15: 0000000000000000 [ 48.384412] [ 48.386054] The buggy address belongs to the page: [ 48.390965] page:ffffea0006eb8280 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 [ 48.399397] flags: 0x2fffc0000000000() [ 48.403266] raw: 02fffc0000000000 ffffea0006eb82c8 ffffea0006eb8248 0000000000000000 [ 48.412948] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 48.420809] page dumped because: kasan: bad access detected [ 48.426498] [ 48.428126] Memory state around the buggy address: [ 48.433035] ffff8881bae0a180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.440373] ffff8881bae0a200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.447810] >ffff8881bae0a280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.455152] ^ [ 48.461878] ffff8881bae0a300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.469225] ffff8881bae0a380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.476569] ================================================================== [ 48.483907] Disabling lock debugging due to kernel taint [ 48.489423] Kernel panic - not syncing: panic_on_warn set ... [ 48.495303] CPU: 0 PID: 4449 Comm: syz-executor3 Tainted: G B 5.6.0-rc1-syzkaller #0 [ 48.504472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.513805] Call Trace: [ 48.516376] dump_stack+0x12f/0x187 [ 48.520026] ? ntfs_read_locked_inode+0x4410/0x52a0 [ 48.525034] panic+0x22a/0x4f5 [ 48.528213] ? add_taint.cold.7+0x11/0x11 [ 48.532351] ? do_raw_spin_unlock+0x54/0x260 [ 48.536742] ? do_raw_spin_unlock+0x54/0x260 [ 48.541137] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.546140] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.551142] end_report+0x47/0x4f [ 48.554582] __kasan_report.cold.11+0xe/0x32 [ 48.559090] ? ntfs_read_locked_inode+0x4429/0x52a0 [ 48.564091] kasan_report+0x12/0x20 [ 48.567744] __asan_report_load_n_noabort+0xf/0x20 [ 48.572680] ntfs_read_locked_inode+0x4429/0x52a0 [ 48.577509] ntfs_iget+0xe6/0x120 [ 48.580945] ? ntfs_read_locked_inode+0x52a0/0x52a0 [ 48.585941] ? kfree+0x1d6/0x290 [ 48.589284] load_system_files+0x55fa/0x6530 [ 48.593731] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 48.598471] ? ntfs_remount+0x420/0x420 [ 48.602425] ? __kasan_check_write+0x14/0x20 [ 48.607035] ? wait_for_completion+0x460/0x460 [ 48.611597] ? generate_default_upcase+0xb5/0x510 [ 48.616432] ntfs_fill_super+0x12a6/0x2d40 [ 48.620655] ? snprintf+0x91/0xc0 [ 48.624159] ? vsprintf+0x20/0x20 [ 48.627597] mount_bdev+0x27b/0x340 [ 48.631201] ? load_system_files+0x6530/0x6530 [ 48.635779] ? ntfs_rl_punch_nolock+0x1ec0/0x1ec0 [ 48.640606] ntfs_mount+0x10/0x20 [ 48.644039] legacy_get_tree+0x103/0x1f0 [ 48.648087] vfs_get_tree+0x8b/0x2d0 [ 48.651788] ? capable+0x14/0x20 [ 48.655141] do_mount+0x1285/0x1b70 [ 48.658754] ? lock_downgrade+0x900/0x900 [ 48.662887] ? copy_mount_string+0x20/0x20 [ 48.667120] ? __kasan_check_write+0x14/0x20 [ 48.671616] ? _copy_from_user+0xd6/0x110 [ 48.675755] __x64_sys_mount+0x169/0x1c0 [ 48.679798] do_syscall_64+0xd0/0x600 [ 48.683758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 48.688928] RIP: 0033:0x457e5a [ 48.692101] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 48.710997] RSP: 002b:00007fd00854dbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 48.718866] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457e5a [ 48.726229] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd00854dc00 [ 48.733812] RBP: 000000000000005a R08: 0000000020077a00 R09: 0000000020000000 [ 48.741117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 48.748369] R13: 000000000000066c R14: 00000000006fcac0 R15: 0000000000000000 [ 48.756567] Kernel Offset: disabled [ 48.760178] Rebooting in 86400 seconds..