Hello, syzbot found the following issue on: HEAD commit: 3eddb108abe3 arm64: Subscribe Microsoft Azure Cobalt 100 t.. git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci console output: https://syzkaller.appspot.com/x/log.txt?x=1021cd27980000 kernel config: https://syzkaller.appspot.com/x/.config?x=1d1bd4b6ef6aba4a dashboard link: https://syzkaller.appspot.com/bug?extid=39385e8595a092bae44b compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 userspace arch: arm64 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1633bbd0580000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15123380580000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/a5978792dbfc/disk-3eddb108.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/462a5dffd79a/vmlinux-3eddb108.xz kernel image: https://storage.googleapis.com/syzbot-assets/66cd572e6130/Image-3eddb108.gz.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/f2151f3f3ceb/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+39385e8595a092bae44b@xxxxxxxxxxxxxxxxxxxxxxxxx loop0: detected capacity change from 0 to 4096 ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). ntfs3: loop0: Mark volume as dirty due to NTFS errors ------------[ cut here ]------------ kernel BUG at include/linux/highmem.h:275! Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP Modules linked in: CPU: 1 UID: 0 PID: 6413 Comm: syz-executor181 Not tainted 6.12.0-rc1-syzkaller-g3eddb108abe3 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : zero_user_segments include/linux/highmem.h:275 [inline] pc : folio_zero_range include/linux/highmem.h:647 [inline] pc : ntfs_extend_initialized_size+0x92c/0x938 fs/ntfs3/file.c:215 lr : zero_user_segments include/linux/highmem.h:275 [inline] lr : folio_zero_range include/linux/highmem.h:647 [inline] lr : ntfs_extend_initialized_size+0x92c/0x938 fs/ntfs3/file.c:215 sp : ffff8000a28b76e0 x29: ffff8000a28b7800 x28: 0000000000001000 x27: 1fffffbff86e8b50 x26: fffffdffc3745a80 x25: 0000000000000ff6 x24: 000000000000100a x23: dfff800000000000 x22: 0000000000001000 x21: 000000000000100a x20: 000000000000000a x19: fff1000040000000 x18: 1fffe000366cc476 x17: ffff80008f7dd000 x16: ffff80008032d24c x15: 0000000000000001 x14: 1fffe0001b8e9691 x13: 0000000000000000 x12: 0000000000000000 x11: ffff60001b8e9692 x10: 0000000000ff0100 x9 : 0000000000000000 x8 : ffff0000c2779e40 x7 : ffff8000802c3cec x6 : 0000000000000000 x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff800080cc9484 x2 : 0000000000000000 x1 : 000000000000100a x0 : 0000000000001000 Call trace: zero_user_segments include/linux/highmem.h:275 [inline] folio_zero_range include/linux/highmem.h:647 [inline] ntfs_extend_initialized_size+0x92c/0x938 fs/ntfs3/file.c:215 ntfs_extend+0x37c/0x3f0 fs/ntfs3/file.c:403 ntfs_file_write_iter+0x320/0x610 fs/ntfs3/file.c:1187 do_iter_readv_writev+0x490/0x6d4 vfs_writev+0x410/0xbc8 fs/read_write.c:1064 do_pwritev fs/read_write.c:1165 [inline] __do_sys_pwritev2 fs/read_write.c:1224 [inline] __se_sys_pwritev2 fs/read_write.c:1215 [inline] __arm64_sys_pwritev2+0x1dc/0x2f0 fs/read_write.c:1215 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Code: aa1a03e0 97c4f15b d4210000 97b63f4c (d4210000) ---[ end trace 0000000000000000 ]--- --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@xxxxxxxxxxxxxxxx. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing. If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup
