[   47.852685] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.15.228' (ECDSA) to the list of known hosts.
2019/12/10 14:49:52 parsed 1 programs
2019/12/10 14:49:52 executed programs: 0
[   53.135213] IPVS: ftp: loaded support on port[0] = 21
[   53.144379] IPVS: ftp: loaded support on port[0] = 21
[   53.154193] IPVS: ftp: loaded support on port[0] = 21
[   53.164863] IPVS: ftp: loaded support on port[0] = 21
[   53.181374] IPVS: ftp: loaded support on port[0] = 21
[   53.195579] IPVS: ftp: loaded support on port[0] = 21
[   53.252090] ntfs: (device loop4): is_boot_sector_ntfs(): Invalid end of sector marker.
[   53.272912] ==================================================================
[   53.280304] BUG: KASAN: use-after-free in ntfs_attr_find+0x9df/0xb00
[   53.286787] Read of size 4 at addr ffff8881bee7ad35 by task syz-executor4/4445
[   53.294745] 
[   53.296365] CPU: 0 PID: 4445 Comm: syz-executor4 Not tainted 5.5.0-rc1-syzkaller #0
[   53.304151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   53.313498] Call Trace:
[   53.316080]  dump_stack+0x12f/0x187
[   53.319814]  ? ntfs_attr_find+0x9df/0xb00
[   53.323950]  print_address_description.constprop.8+0x3b/0x60
[   53.329732]  ? ntfs_attr_find+0x9df/0xb00
[   53.333857]  ? ntfs_attr_find+0x9df/0xb00
[   53.337979]  __kasan_report.cold.11+0x1b/0x39
[   53.342460]  ? __isolate_free_page+0x3e0/0x490
[   53.347026]  ? ntfs_attr_find+0x9df/0xb00
[   53.351150]  kasan_report+0x12/0x20
[   53.354765]  __asan_report_load_n_noabort+0xf/0x20
[   53.359686]  ntfs_attr_find+0x9df/0xb00
[   53.363661]  ? __alloc_pages_nodemask+0x563/0x850
[   53.368485]  ? __switch_to_asm+0x34/0x70
[   53.372524]  ? __switch_to_asm+0x40/0x70
[   53.376580]  ? __kasan_check_write+0x14/0x20
[   53.380964]  ntfs_attr_lookup+0x10c9/0x23c0
[   53.385269]  ? kasan_unpoison_shadow+0x35/0x50
[   53.389834]  ? __kasan_kmalloc.constprop.7+0xc1/0xd0
[   53.394912]  ? kmem_cache_alloc+0x30b/0x740
[   53.399234]  ? ntfs_attr_reinit_search_ctx+0x3a0/0x3a0
[   53.404480]  ntfs_read_inode_mount+0x6bf/0x20c0
[   53.409135]  ntfs_fill_super+0x121e/0x2d50
[   53.413357]  ? snprintf+0x91/0xc0
[   53.416789]  ? vsprintf+0x20/0x20
[   53.420229]  mount_bdev+0x27b/0x340
[   53.423829]  ? load_system_files+0x6530/0x6530
[   53.428393]  ? ntfs_rl_punch_nolock+0x1ec0/0x1ec0
[   53.433222]  ntfs_mount+0x10/0x20
[   53.436913]  legacy_get_tree+0x103/0x1f0
[   53.440946]  vfs_get_tree+0x8b/0x2d0
[   53.444632]  ? capable+0x14/0x20
[   53.448060]  do_mount+0x1285/0x1b70
[   53.451660]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   53.456482]  ? copy_mount_string+0x20/0x20
[   53.460691]  ? kmem_cache_alloc_trace+0x372/0x760
[   53.465506]  ? __kasan_check_write+0x14/0x20
[   53.469892]  ? __kasan_check_read+0x11/0x20
[   53.474183]  ? copy_mount_options+0x77/0x2c0
[   53.478563]  ksys_mount+0xba/0xe0
[   53.482085]  __x64_sys_mount+0xb9/0x150
[   53.486032]  do_syscall_64+0xd0/0x600
[   53.489807]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   53.494969] RIP: 0033:0x457dea
[   53.498143] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00
[   53.517017] RSP: 002b:00007fec295efbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   53.524784] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457dea
[   53.532032] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fec295efc00
[   53.539275] RBP: 0000000000000002 R08: 000000002007e200 R09: 0000000020000000
[   53.546523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[   53.553765] R13: 000000000000066c R14: 00000000006fbac0 R15: 0000000000000000
[   53.561020] 
[   53.562632] Allocated by task 3855:
[   53.566236]  save_stack+0x21/0x90
[   53.569670]  __kasan_kmalloc.constprop.7+0xc1/0xd0
[   53.574632]  kasan_slab_alloc+0x12/0x20
[   53.578653]  kmem_cache_alloc+0x121/0x740
[   53.582792]  getname_flags+0xb8/0x510
[   53.586579]  user_path_at_empty+0x1e/0x40
[   53.590702]  vfs_statx+0xbe/0x150
[   53.594141]  __do_sys_newstat+0x85/0xe0
[   53.598086]  __x64_sys_newstat+0x4f/0x70
[   53.602139]  do_syscall_64+0xd0/0x600
[   53.605932]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   53.611093] 
[   53.612694] Freed by task 3855:
[   53.615946]  save_stack+0x21/0x90
[   53.619372]  __kasan_slab_free+0x11a/0x170
[   53.623592]  kasan_slab_free+0xe/0x10
[   53.627362]  kmem_cache_free+0x86/0x2e0
[   53.631323]  putname+0xa8/0xe0
[   53.634488]  filename_lookup.part.61+0x1e8/0x330
[   53.639233]  user_path_at_empty+0x39/0x40
[   53.643353]  vfs_statx+0xbe/0x150
[   53.646786]  __do_sys_newstat+0x85/0xe0
[   53.650737]  __x64_sys_newstat+0x4f/0x70
[   53.654772]  do_syscall_64+0xd0/0x600
[   53.658555]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   53.663714] 
[   53.665315] The buggy address belongs to the object at ffff8881bee7a0c0
[   53.665315]  which belongs to the cache names_cache of size 4096
[   53.678027] The buggy address is located 3189 bytes inside of
[   53.678027]  4096-byte region [ffff8881bee7a0c0, ffff8881bee7b0c0)
[   53.690163] The buggy address belongs to the page:
[   53.695068] page:ffffea0006fb9e80 refcount:1 mapcount:0 mapping:ffff8881da19aa80 index:0x0 compound_mapcount: 0
[   53.705278] raw: 02fffc0000010200 ffffea0006fb9c08 ffffea0006fb8288 ffff8881da19aa80
[   53.713176] raw: 0000000000000000 ffff8881bee7a0c0 0000000100000001 0000000000000000
[   53.721030] page dumped because: kasan: bad access detected
[   53.726712] 
[   53.728315] Memory state around the buggy address:
[   53.733354]  ffff8881bee7ac00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.740694]  ffff8881bee7ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.748041] >ffff8881bee7ad00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.755375]                                      ^
[   53.760274]  ffff8881bee7ad80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.767604]  ffff8881bee7ae00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   53.774937] ==================================================================
[   53.782269] Disabling lock debugging due to kernel taint
[   53.787862] Kernel panic - not syncing: panic_on_warn set ...
[   53.793744] CPU: 0 PID: 4445 Comm: syz-executor4 Tainted: G    B             5.5.0-rc1-syzkaller #0
[   53.802908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   53.812236] Call Trace:
[   53.814804]  dump_stack+0x12f/0x187
[   53.818429]  ? ntfs_attr_find+0x940/0xb00
[   53.822658]  panic+0x22a/0x4f5
[   53.825832]  ? add_taint.cold.7+0x11/0x11
[   53.829958]  ? do_raw_spin_unlock+0x54/0x260
[   53.834363]  ? do_raw_spin_unlock+0x54/0x260
[   53.838787]  ? ntfs_attr_find+0x9df/0xb00
[   53.842926]  ? ntfs_attr_find+0x9df/0xb00
[   53.847066]  end_report+0x47/0x4f
[   53.850500]  __kasan_report.cold.11+0xe/0x39
[   53.854894]  ? __isolate_free_page+0x3e0/0x490
[   53.859462]  ? ntfs_attr_find+0x9df/0xb00
[   53.863584]  kasan_report+0x12/0x20
[   53.867199]  __asan_report_load_n_noabort+0xf/0x20
[   53.872104]  ntfs_attr_find+0x9df/0xb00
[   53.876051]  ? __alloc_pages_nodemask+0x563/0x850
[   53.880874]  ? __switch_to_asm+0x34/0x70
[   53.884916]  ? __switch_to_asm+0x40/0x70
[   53.888951]  ? __kasan_check_write+0x14/0x20
[   53.893603]  ntfs_attr_lookup+0x10c9/0x23c0
[   53.897902]  ? kasan_unpoison_shadow+0x35/0x50
[   53.902470]  ? __kasan_kmalloc.constprop.7+0xc1/0xd0
[   53.907562]  ? kmem_cache_alloc+0x30b/0x740
[   53.911873]  ? ntfs_attr_reinit_search_ctx+0x3a0/0x3a0
[   53.917136]  ntfs_read_inode_mount+0x6bf/0x20c0
[   53.921787]  ntfs_fill_super+0x121e/0x2d50
[   53.926267]  ? snprintf+0x91/0xc0
[   53.929695]  ? vsprintf+0x20/0x20
[   53.933122]  mount_bdev+0x27b/0x340
[   53.936762]  ? load_system_files+0x6530/0x6530
[   53.941324]  ? ntfs_rl_punch_nolock+0x1ec0/0x1ec0
[   53.946150]  ntfs_mount+0x10/0x20
[   53.950540]  legacy_get_tree+0x103/0x1f0
[   53.954590]  vfs_get_tree+0x8b/0x2d0
[   53.958286]  ? capable+0x14/0x20
[   53.962943]  do_mount+0x1285/0x1b70
[   53.967176]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   53.972971]  ? copy_mount_string+0x20/0x20
[   53.977197]  ? kmem_cache_alloc_trace+0x372/0x760
[   53.982031]  ? __kasan_check_write+0x14/0x20
[   53.986434]  ? __kasan_check_read+0x11/0x20
[   53.990741]  ? copy_mount_options+0x77/0x2c0
[   53.995214]  ksys_mount+0xba/0xe0
[   53.998647]  __x64_sys_mount+0xb9/0x150
[   54.002606]  do_syscall_64+0xd0/0x600
[   54.006394]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   54.011614] RIP: 0033:0x457dea
[   54.014788] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00
[   54.033672] RSP: 002b:00007fec295efbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   54.041362] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457dea
[   54.048615] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fec295efc00
[   54.055894] RBP: 0000000000000002 R08: 000000002007e200 R09: 0000000020000000
[   54.063145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[   54.070398] R13: 000000000000066c R14: 00000000006fbac0 R15: 0000000000000000
[   54.077698] Kernel Offset: disabled
[   54.081305] Rebooting in 86400 seconds..