IPVS: ftp: loaded support on port[0] = 21
audit: type=1800 audit(1677324559.326:2): pid=8068 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor140" name="bus" dev="loop0" ino=7 res=0
BUG: unable to handle kernel paging request at ffffed101984af44
PGD 23fff3067 P4D 23fff3067 PUD 13fff8067 PMD 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 1985 Comm: jfsCommit Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
RIP: 0010:dbAdjTree+0x202/0x2c0 fs/jfs/jfs_dmap.c:2936
Code: 00 41 0f b6 55 01 44 38 f8 4c 63 eb 41 0f 4c c7 4a 8d 7c 2d 11 38 d0 48 89 f9 0f 4d d0 83 e1 07 41 89 d7 48 89 fa 48 c1 ea 03 <42> 0f b6 14 22 38 ca 7f 04 84 d2 75 51 42 0f b6 54 2d 11 44 89 fe
RSP: 0018:ffff8880b0a87b00 EFLAGS: 00010a06
RAX: 0000000000000003 RBX: 0000000018dd1a00 RCX: 0000000000000001
RDX: 1ffff1101984af44 RSI: 0000000000000003 RDI: ffff8880cc257a21
RBP: ffff8880b3486010 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000018dd1a00 R14: 0000000000000000 R15: 0000000000000003
FS: 0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffed101984af44 CR3: 0000000092a1c000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
dbJoin+0x1d0/0x220 fs/jfs/jfs_dmap.c:2877
dbFreeBits+0xf0/0x710 fs/jfs/jfs_dmap.c:2378
dbFreeDmap+0x61/0x1a0 fs/jfs/jfs_dmap.c:2127
dbFree+0x252/0x500 fs/jfs/jfs_dmap.c:385
txFreeMap+0x7a4/0xb20 fs/jfs/jfs_txnmgr.c:2579
txUpdateMap+0x369/0x1000 fs/jfs/jfs_txnmgr.c:2375
txLazyCommit fs/jfs/jfs_txnmgr.c:2709 [inline]
jfs_lazycommit+0x525/0x9d0 fs/jfs/jfs_txnmgr.c:2777
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
CR2: ffffed101984af44
---[ end trace d8869791503610ca ]---
RIP: 0010:dbAdjTree+0x202/0x2c0 fs/jfs/jfs_dmap.c:2936
Code: 00 41 0f b6 55 01 44 38 f8 4c 63 eb 41 0f 4c c7 4a 8d 7c 2d 11 38 d0 48 89 f9 0f 4d d0 83 e1 07 41 89 d7 48 89 fa 48 c1 ea 03 <42> 0f b6 14 22 38 ca 7f 04 84 d2 75 51 42 0f b6 54 2d 11 44 89 fe
RSP: 0018:ffff8880b0a87b00 EFLAGS: 00010a06
RAX: 0000000000000003 RBX: 0000000018dd1a00 RCX: 0000000000000001
RDX: 1ffff1101984af44 RSI: 0000000000000003 RDI: ffff8880cc257a21
RBP: ffff8880b3486010 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000018dd1a00 R14: 0000000000000000 R15: 0000000000000003
FS: 0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffed101984af44 CR3: 0000000092a1c000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: 00 41 0f add %al,0xf(%rcx)
3: b6 55 mov $0x55,%dh
5: 01 44 38 f8 add %eax,-0x8(%rax,%rdi,1)
9: 4c 63 eb movslq %ebx,%r13
c: 41 0f 4c c7 cmovl %r15d,%eax
10: 4a 8d 7c 2d 11 lea 0x11(%rbp,%r13,1),%rdi
15: 38 d0 cmp %dl,%al
17: 48 89 f9 mov %rdi,%rcx
1a: 0f 4d d0 cmovge %eax,%edx
1d: 83 e1 07 and $0x7,%ecx
20: 41 89 d7 mov %edx,%r15d
23: 48 89 fa mov %rdi,%rdx
26: 48 c1 ea 03 shr $0x3,%rdx
* 2a: 42 0f b6 14 22 movzbl (%rdx,%r12,1),%edx <-- trapping instruction
2f: 38 ca cmp %cl,%dl
31: 7f 04 jg 0x37
33: 84 d2 test %dl,%dl
35: 75 51 jne 0x88
37: 42 0f b6 54 2d 11 movzbl 0x11(%rbp,%r13,1),%edx
3d: 44 89 fe mov %r15d,%esi