[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.74' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [  107.649998][ T7079] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  107.691089][ T7083] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  107.709417][ T7084] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  107.731008][ T7086] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  107.752461][ T7082] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  107.755775][ T7087] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  159.891374][ T7083] ==================================================================
[  159.899700][ T7083] BUG: KASAN: use-after-free in get_block+0x110f/0x1380
[  159.906644][ T7083] Read of size 2 at addr ffff8880846163c2 by task syz-executor489/7083
[  159.914875][ T7083] 
[  159.917216][ T7083] CPU: 1 PID: 7083 Comm: syz-executor489 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0
[  159.927099][ T7083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  159.937163][ T7083] Call Trace:
[  159.940460][ T7083]  dump_stack+0x188/0x20d
[  159.944805][ T7083]  print_address_description.constprop.0.cold+0xd3/0x315
[  159.951834][ T7083]  ? get_block+0x110f/0x1380
[  159.956428][ T7083]  __kasan_report.cold+0x35/0x4d
[  159.961370][ T7083]  ? get_block+0x110f/0x1380
[  159.965969][ T7083]  ? get_block+0x110f/0x1380
[  159.970558][ T7083]  kasan_report+0x33/0x50
[  159.974897][ T7083]  get_block+0x110f/0x1380
[  159.979345][ T7083]  ? block_to_path.isra.0+0x300/0x300
[  159.984735][ T7083]  ? create_empty_buffers+0x590/0x8c0
[  159.990118][ T7083]  ? __add_to_page_cache_locked+0x7b4/0xe00
[  159.996011][ T7083]  ? do_raw_spin_unlock+0x171/0x260
[  160.001215][ T7083]  minix_get_block+0xe5/0x110
[  160.005899][ T7083]  block_read_full_page+0x2bf/0x1010
[  160.011192][ T7083]  ? minix_rename+0x8c0/0x8c0
[  160.015876][ T7083]  ? block_truncate_page+0xc50/0xc50
[  160.021166][ T7083]  ? add_to_page_cache_lru+0x300/0x700
[  160.026633][ T7083]  ? add_to_page_cache_locked+0x40/0x40
[  160.032214][ T7083]  ? __page_cache_alloc+0x110/0x480
[  160.037422][ T7083]  do_read_cache_page+0x1053/0x1810
[  160.042639][ T7083]  ? generic_file_read_iter+0x2920/0x2920
[  160.048360][ T7083]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  160.053834][ T7083]  ? preempt_schedule_irq+0xee/0x150
[  160.059139][ T7083]  dir_get_page.isra.0+0x1d/0x60
[  160.064078][ T7083]  minix_find_entry+0x200/0x7b0
[  160.068953][ T7083]  minix_inode_by_name+0x6d/0x452
[  160.073986][ T7083]  ? minix_dotdot+0x170/0x170
[  160.078665][ T7083]  ? generic_permission+0x116/0x520
[  160.083867][ T7083]  minix_lookup+0x103/0x190
[  160.088374][ T7083]  lookup_open+0x8d7/0x1320
[  160.092884][ T7083]  ? page_put_link+0x210/0x210
[  160.097665][ T7083]  ? preempt_count_add+0x74/0x140
[  160.102691][ T7083]  ? __mnt_want_write+0x1da/0x2c0
[  160.107723][ T7083]  path_openat+0x93c/0x27f0
[  160.112241][ T7083]  ? path_lookupat.isra.0+0x530/0x530
[  160.117611][ T7083]  ? mark_held_locks+0xe0/0xe0
[  160.122377][ T7083]  ? lock_acquire+0x1f2/0x8f0
[  160.127066][ T7083]  do_filp_open+0x192/0x260
[  160.132214][ T7083]  ? may_open_dev+0xf0/0xf0
[  160.136737][ T7083]  ? do_raw_spin_lock+0x129/0x2e0
[  160.141773][ T7083]  ? _raw_spin_unlock+0x24/0x40
[  160.146645][ T7083]  ? __alloc_fd+0x46d/0x600
[  160.151160][ T7083]  do_sys_openat2+0x585/0x7d0
[  160.155838][ T7083]  ? file_open_root+0x400/0x400
[  160.160697][ T7083]  ? lock_downgrade+0x840/0x840
[  160.165551][ T7083]  do_sys_open+0xc3/0x140
[  160.169893][ T7083]  ? filp_open+0x70/0x70
[  160.174138][ T7083]  ? fput_many+0x2f/0x1a0
[  160.178464][ T7083]  ? filp_close+0x12f/0x170
[  160.182974][ T7083]  ? trace_hardirqs_off_caller+0x55/0x230
[  160.188703][ T7083]  do_syscall_64+0xf6/0x7d0
[  160.193212][ T7083]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[  160.199097][ T7083] RIP: 0033:0x445ef9
[  160.202991][ T7083] Code: ed cb fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb cb fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  160.222686][ T7083] RSP: 002b:00007ffdea5c53d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  160.231106][ T7083] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000445ef9
[  160.239079][ T7083] RDX: 0000000000000000 RSI: 0000000000020040 RDI: 0000000020000040
[  160.247075][ T7083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000402fd0
[  160.255054][ T7083] R10: 00007ffdea5c52b0 R11: 0000000000000246 R12: 0000000000000000
[  160.263024][ T7083] R13: 0000000000402fd0 R14: 0000000000000000 R15: 0000000000000000
[  160.271004][ T7083] 
[  160.273324][ T7083] The buggy address belongs to the page:
[  160.278961][ T7083] page:ffffea0002118580 refcount:2 mapcount:0 mapping:000000009baa2f6d index:0x2f8ec
[  160.288420][ T7083] minix_aops name:"/"
[  160.292398][ T7083] flags: 0xfffe0000002016(referenced|uptodate|lru|private)
[  160.299593][ T7083] raw: 00fffe0000002016 ffffea00021191c8 ffffea00021185c8 ffff888086345c28
[  160.308179][ T7083] raw: 000000000002f8ec ffff888086b94698 00000002ffffffff ffff8880a9546000
[  160.316753][ T7083] page dumped because: kasan: bad access detected
[  160.323156][ T7083] page->mem_cgroup:ffff8880a9546000
[  160.328341][ T7083] 
[  160.330659][ T7083] Memory state around the buggy address:
[  160.336460][ T7083]  ffff888084616280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  160.344519][ T7083]  ffff888084616300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  160.352581][ T7083] >ffff888084616380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  160.360640][ T7083]                                            ^
[  160.366792][ T7083]  ffff888084616400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  160.374852][ T7083]  ffff888084616480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  160.382903][ T7083] ==================================================================
[  160.390956][ T7083] Disabling lock debugging due to kernel taint
[  160.397226][ T7083] Kernel panic - not syncing: panic_on_warn set ...
[  160.403814][ T7083] CPU: 1 PID: 7083 Comm: syz-executor489 Tainted: G    B             5.7.0-rc1-next-20200415-syzkaller #0
[  160.415079][ T7083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  160.425127][ T7083] Call Trace:
[  160.428435][ T7083]  dump_stack+0x188/0x20d
[  160.432765][ T7083]  panic+0x2e3/0x75c
[  160.436655][ T7083]  ? add_taint.cold+0x16/0x16
[  160.441328][ T7083]  ? retint_kernel+0x2b/0x2b
[  160.445911][ T7083]  ? get_block+0x110f/0x1380
[  160.450500][ T7083]  ? trace_hardirqs_on+0x55/0x220
[  160.455522][ T7083]  ? get_block+0x110f/0x1380
[  160.460131][ T7083]  end_report+0x4d/0x53
[  160.464291][ T7083]  __kasan_report.cold+0xd/0x4d
[  160.469154][ T7083]  ? get_block+0x110f/0x1380
[  160.473750][ T7083]  ? get_block+0x110f/0x1380
[  160.478355][ T7083]  kasan_report+0x33/0x50
[  160.482687][ T7083]  get_block+0x110f/0x1380
[  160.487112][ T7083]  ? block_to_path.isra.0+0x300/0x300
[  160.492498][ T7083]  ? create_empty_buffers+0x590/0x8c0
[  160.497871][ T7083]  ? __add_to_page_cache_locked+0x7b4/0xe00
[  160.503760][ T7083]  ? do_raw_spin_unlock+0x171/0x260
[  160.508954][ T7083]  minix_get_block+0xe5/0x110
[  160.513631][ T7083]  block_read_full_page+0x2bf/0x1010
[  160.518912][ T7083]  ? minix_rename+0x8c0/0x8c0
[  160.523589][ T7083]  ? block_truncate_page+0xc50/0xc50
[  160.528873][ T7083]  ? add_to_page_cache_lru+0x300/0x700
[  160.534333][ T7083]  ? add_to_page_cache_locked+0x40/0x40
[  160.539872][ T7083]  ? __page_cache_alloc+0x110/0x480
[  160.545071][ T7083]  do_read_cache_page+0x1053/0x1810
[  160.550270][ T7083]  ? generic_file_read_iter+0x2920/0x2920
[  160.555985][ T7083]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  160.561445][ T7083]  ? preempt_schedule_irq+0xee/0x150
[  160.566736][ T7083]  dir_get_page.isra.0+0x1d/0x60
[  160.571671][ T7083]  minix_find_entry+0x200/0x7b0
[  160.576524][ T7083]  minix_inode_by_name+0x6d/0x452
[  160.581541][ T7083]  ? minix_dotdot+0x170/0x170
[  160.586213][ T7083]  ? generic_permission+0x116/0x520
[  160.591406][ T7083]  minix_lookup+0x103/0x190
[  160.595901][ T7083]  lookup_open+0x8d7/0x1320
[  160.600404][ T7083]  ? page_put_link+0x210/0x210
[  160.605188][ T7083]  ? preempt_count_add+0x74/0x140
[  160.610222][ T7083]  ? __mnt_want_write+0x1da/0x2c0
[  160.615261][ T7083]  path_openat+0x93c/0x27f0
[  160.619771][ T7083]  ? path_lookupat.isra.0+0x530/0x530
[  160.625170][ T7083]  ? mark_held_locks+0xe0/0xe0
[  160.629941][ T7083]  ? lock_acquire+0x1f2/0x8f0
[  160.634626][ T7083]  do_filp_open+0x192/0x260
[  160.639129][ T7083]  ? may_open_dev+0xf0/0xf0
[  160.643630][ T7083]  ? do_raw_spin_lock+0x129/0x2e0
[  160.648653][ T7083]  ? _raw_spin_unlock+0x24/0x40
[  160.653599][ T7083]  ? __alloc_fd+0x46d/0x600
[  160.658106][ T7083]  do_sys_openat2+0x585/0x7d0
[  160.662782][ T7083]  ? file_open_root+0x400/0x400
[  160.667721][ T7083]  ? lock_downgrade+0x840/0x840
[  160.672582][ T7083]  do_sys_open+0xc3/0x140
[  160.676905][ T7083]  ? filp_open+0x70/0x70
[  160.681140][ T7083]  ? fput_many+0x2f/0x1a0
[  160.685463][ T7083]  ? filp_close+0x12f/0x170
[  160.689960][ T7083]  ? trace_hardirqs_off_caller+0x55/0x230
[  160.695675][ T7083]  do_syscall_64+0xf6/0x7d0
[  160.700200][ T7083]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[  160.706084][ T7083] RIP: 0033:0x445ef9
[  160.709971][ T7083] Code: ed cb fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb cb fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  160.729573][ T7083] RSP: 002b:00007ffdea5c53d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  160.738007][ T7083] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000445ef9
[  160.745975][ T7083] RDX: 0000000000000000 RSI: 0000000000020040 RDI: 0000000020000040
[  160.753941][ T7083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000402fd0
[  160.761904][ T7083] R10: 00007ffdea5c52b0 R11: 0000000000000246 R12: 0000000000000000
[  160.769871][ T7083] R13: 0000000000402fd0 R14: 0000000000000000 R15: 0000000000000000
[  160.779047][ T7083] Kernel Offset: disabled
[  160.783362][ T7083] Rebooting in 86400 seconds..