Warning: Permanently added '10.128.0.218' (ECDSA) to the list of known hosts. executing program executing program executing program syzkaller login: [ 40.915229] audit: type=1400 audit(1602553720.713:8): avc: denied { execmem } for pid=6502 comm="syz-executor411" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.946177] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 40.946177] executing program executing program [ 41.015675] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.015675] executing program executing program [ 41.088943] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.088943] executing program [ 41.140433] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.140433] executing program [ 41.204192] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.204192] executing program executing program [ 41.254337] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.254337] executing program executing program [ 41.322072] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.322072] executing program [ 41.385932] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.385932] executing program [ 41.442955] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.442955] executing program executing program [ 41.500435] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.500435] executing program executing program [ 41.575144] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.575144] executing program executing program executing program executing program executing program executing program [ 41.644139] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.644139] executing program executing program executing program executing program executing program executing program executing program executing program [ 41.720299] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.720299] executing program executing program [ 41.816108] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.816108] executing program executing program [ 41.873992] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.873992] executing program executing program [ 41.932609] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.932609] executing program executing program [ 41.998543] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 41.998543] executing program [ 42.066793] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.066793] executing program [ 42.112826] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.112826] executing program [ 42.162664] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.162664] executing program [ 42.203010] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.203010] executing program [ 42.261098] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.261098] executing program executing program executing program [ 42.322456] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.322456] executing program [ 42.375385] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.375385] executing program executing program executing program [ 42.432710] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.432710] executing program [ 42.492451] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.492451] executing program executing program [ 42.545037] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.545037] executing program executing program [ 42.624975] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.624975] executing program [ 42.685163] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.685163] executing program [ 42.746764] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.746764] executing program executing program executing program [ 42.824773] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.824773] executing program [ 42.875977] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.875977] [ 42.935619] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 42.935619] executing program executing program [ 43.004030] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.004030] executing program executing program [ 43.074014] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.074014] executing program [ 43.138871] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.138871] executing program executing program [ 43.199492] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.199492] executing program executing program [ 43.264807] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.264807] executing program [ 43.330577] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.330577] executing program executing program [ 43.384538] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.384538] executing program [ 43.445622] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.445622] executing program [ 43.492100] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.492100] executing program executing program executing program [ 43.566167] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.566167] executing program executing program executing program executing program [ 43.632257] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.632257] executing program executing program [ 43.685964] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.685964] executing program [ 43.741851] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.741851] executing program executing program executing program executing program [ 43.812062] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.812062] executing program [ 43.883423] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.883423] executing program [ 43.944125] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.944125] executing program [ 43.991997] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 43.991997] executing program [ 44.044636] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.044636] executing program executing program executing program [ 44.101286] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.101286] executing program [ 44.174022] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.174022] executing program executing program [ 44.233648] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.233648] executing program [ 44.293040] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.293040] executing program executing program executing program [ 44.339725] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.339725] executing program [ 44.395636] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.395636] executing program executing program [ 44.452305] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.452305] executing program executing program executing program [ 44.540253] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.540253] executing program [ 44.602981] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.602981] [ 44.641813] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.641813] executing program executing program executing program [ 44.702491] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.702491] executing program executing program executing program [ 44.769695] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.769695] executing program [ 44.814990] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.814990] [ 44.874057] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.874057] executing program executing program executing program executing program [ 44.942378] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.942378] executing program [ 44.995346] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 44.995346] executing program executing program [ 45.050989] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.050989] executing program [ 45.111429] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.111429] executing program executing program [ 45.171745] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.171745] executing program [ 45.233128] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.233128] executing program [ 45.287616] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.287616] executing program [ 45.346916] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.346916] executing program [ 45.393747] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.393747] executing program [ 45.452962] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.452962] executing program [ 45.502853] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.502853] executing program executing program executing program [ 45.551206] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.551206] executing program executing program [ 45.621377] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.621377] executing program [ 45.674312] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.674312] executing program executing program [ 45.733996] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.733996] executing program [ 45.794597] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.794597] [ 45.854070] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.854070] executing program executing program executing program [ 45.923739] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 45.923739] executing program executing program [ 46.007524] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.007524] executing program [ 46.052338] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.052338] executing program [ 46.095793] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.095793] executing program [ 46.151948] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.151948] executing program executing program [ 46.222370] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.222370] executing program executing program executing program executing program executing program [ 46.292092] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.292092] executing program [ 46.371210] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.371210] executing program executing program [ 46.448658] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.448658] executing program [ 46.511731] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.511731] [ 46.571644] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.571644] executing program executing program [ 46.647404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.647404] executing program executing program executing program [ 46.710535] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.710535] executing program executing program [ 46.789353] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.789353] executing program [ 46.853340] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.853340] executing program [ 46.910162] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.910162] executing program executing program [ 46.972226] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 46.972226] executing program executing program [ 47.049006] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.049006] executing program [ 47.100460] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.100460] executing program executing program executing program executing program [ 47.174102] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.174102] executing program [ 47.229751] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.229751] executing program [ 47.292149] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.292149] executing program [ 47.353246] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.353246] [ 47.392294] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.392294] executing program executing program [ 47.441623] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.441623] executing program [ 47.509681] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.509681] executing program executing program [ 47.550741] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.550741] executing program [ 47.624119] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.624119] executing program executing program executing program [ 47.669974] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.669974] executing program executing program [ 47.719614] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.719614] executing program executing program [ 47.780164] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.780164] executing program executing program [ 47.856666] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.856666] executing program executing program executing program [ 47.909504] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.909504] executing program [ 47.970933] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 47.970933] executing program [ 48.032049] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.032049] executing program executing program [ 48.091403] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.091403] [ 48.137363] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.137363] executing program executing program executing program [ 48.217921] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.217921] executing program [ 48.277740] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.277740] executing program executing program [ 48.335926] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.335926] executing program executing program [ 48.394163] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.394163] executing program executing program [ 48.463420] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.463420] executing program executing program executing program [ 48.519924] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.519924] executing program [ 48.579324] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.579324] executing program [ 48.641010] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.641010] executing program [ 48.702748] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.702748] executing program [ 48.752653] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.752653] executing program executing program [ 48.811628] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.811628] executing program executing program executing program executing program [ 48.871865] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.871865] executing program [ 48.930707] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.930707] executing program [ 48.981129] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 48.981129] executing program [ 49.031476] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.031476] executing program executing program [ 49.091153] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.091153] executing program [ 49.152511] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.152511] executing program [ 49.212552] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.212552] executing program executing program executing program [ 49.278606] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.278606] executing program [ 49.343025] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.343025] executing program [ 49.401386] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.401386] executing program [ 49.461908] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.461908] executing program [ 49.513584] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.513584] executing program [ 49.553934] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.553934] [ 49.590400] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.590400] executing program executing program executing program [ 49.640316] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 49.640316] [ 49.708176] ================================================================== [ 49.715684] BUG: KASAN: use-after-free in diFree+0x18d9/0x24b0 [ 49.721661] Read of size 4 at addr ffff8880879d0604 by task syz-executor411/7318 [ 49.729193] [ 49.730837] CPU: 0 PID: 7318 Comm: syz-executor411 Not tainted 4.19.150-syzkaller #0 [ 49.738720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.748079] Call Trace: [ 49.750683] dump_stack+0x22c/0x33e [ 49.754323] print_address_description.cold+0x56/0x25c [ 49.759615] kasan_report_error.cold+0x66/0xb9 [ 49.764236] ? diFree+0x18d9/0x24b0 [ 49.767878] __asan_report_load4_noabort+0x88/0x90 [ 49.772913] ? diFree+0x18d9/0x24b0 [ 49.776576] diFree+0x18d9/0x24b0 [ 49.781259] ? mark_held_locks+0xf0/0xf0 [ 49.785330] ? __kasan_slab_free+0x186/0x1f0 [ 49.789746] ? mark_held_locks+0xf0/0xf0 [ 49.793844] ? mark_held_locks+0xf0/0xf0 [ 49.797912] ? jfs_fill_super+0x83c/0xb50 [ 49.802075] ? mount_bdev+0x2fc/0x3b0 [ 49.805882] ? mount_fs+0xa3/0x318 [ 49.809429] ? vfs_kern_mount.part.0+0x68/0x470 [ 49.814117] ? do_mount+0x51c/0x2f10 [ 49.817841] ? ksys_mount+0xcf/0x130 [ 49.821560] ? __x64_sys_mount+0xba/0x150 [ 49.825716] ? diWrite+0x1450/0x1450 [ 49.829486] ? find_held_lock+0x2d/0x110 [ 49.833591] ? find_held_lock+0x2d/0x110 [ 49.837661] ? dquot_initialize_needed+0x290/0x290 [ 49.842605] ? lock_downgrade+0x750/0x750 [ 49.846782] jfs_evict_inode+0x126/0x170 [ 49.850853] ? jfs_write_inode+0x1d0/0x1d0 [ 49.855274] evict+0x2ed/0x780 [ 49.858502] iput+0x511/0x890 [ 49.861643] diFreeSpecial+0x63/0x80 [ 49.865368] jfs_umount+0xd6/0x310 [ 49.868924] jfs_fill_super+0x83c/0xb50 [ 49.872909] ? parse_options+0xf50/0xf50 [ 49.877020] ? set_blocksize+0x163/0x3f0 [ 49.881627] mount_bdev+0x2fc/0x3b0 [ 49.885266] ? parse_options+0xf50/0xf50 [ 49.889341] mount_fs+0xa3/0x318 [ 49.892723] vfs_kern_mount.part.0+0x68/0x470 [ 49.897230] do_mount+0x51c/0x2f10 [ 49.900782] ? check_preemption_disabled+0x41/0x2b0 [ 49.905808] ? copy_mount_string+0x40/0x40 [ 49.910065] ? kmem_cache_alloc_trace+0x379/0x4b0 [ 49.914928] ? _copy_from_user+0xd2/0x130 [ 49.919090] ? copy_mount_options+0x261/0x370 [ 49.923600] ksys_mount+0xcf/0x130 [ 49.927150] __x64_sys_mount+0xba/0x150 [ 49.932088] ? lockdep_hardirqs_on+0x3c1/0x5e0 [ 49.936684] do_syscall_64+0xf9/0x670 [ 49.940500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.945701] RIP: 0033:0x44807a [ 49.948922] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d a3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a a3 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 49.967859] RSP: 002b:00007ffca64fa068 EFLAGS: 00000283 ORIG_RAX: 00000000000000a5 [ 49.975577] RAX: ffffffffffffffda RBX: 00007ffca64fa0c0 RCX: 000000000044807a [ 49.982855] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffca64fa080 [ 49.990156] RBP: 00007ffca64fa080 R08: 00007ffca64fa0c0 R09: 0000000000000000 [ 49.997431] R10: 0000000000000000 R11: 0000000000000283 R12: 0000000000000019 [ 50.004711] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 50.011998] [ 50.013633] Allocated by task 7318: [ 50.017272] kmem_cache_alloc_trace+0x12f/0x4b0 [ 50.021946] diMount+0x4b/0x860 [ 50.025231] jfs_mount+0x300/0x3d0 [ 50.028781] jfs_fill_super+0x55c/0xb50 [ 50.032764] mount_bdev+0x2fc/0x3b0 [ 50.036396] mount_fs+0xa3/0x318 [ 50.039767] vfs_kern_mount.part.0+0x68/0x470 [ 50.044290] do_mount+0x51c/0x2f10 [ 50.047863] ksys_mount+0xcf/0x130 [ 50.051433] __x64_sys_mount+0xba/0x150 [ 50.055416] do_syscall_64+0xf9/0x670 [ 50.059227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.064411] [ 50.066039] Freed by task 7318: [ 50.069331] kfree+0xcc/0x250 [ 50.072469] diUnmount+0xed/0x120 [ 50.075932] jfs_umount+0xce/0x310 [ 50.079478] jfs_fill_super+0x83c/0xb50 [ 50.083461] mount_bdev+0x2fc/0x3b0 [ 50.087094] mount_fs+0xa3/0x318 [ 50.090468] vfs_kern_mount.part.0+0x68/0x470 [ 50.094990] do_mount+0x51c/0x2f10 [ 50.098531] ksys_mount+0xcf/0x130 [ 50.102079] __x64_sys_mount+0xba/0x150 [ 50.106069] do_syscall_64+0xf9/0x670 [ 50.109878] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.115067] [ 50.116702] The buggy address belongs to the object at ffff8880879d0600 [ 50.116702] which belongs to the cache kmalloc-32768 of size 32768 [ 50.129754] The buggy address is located 4 bytes inside of [ 50.129754] 32768-byte region [ffff8880879d0600, ffff8880879d8600) [ 50.141660] The buggy address belongs to the page: [ 50.146598] page:ffffea00021e7400 count:1 mapcount:0 mapping:ffff88812c3f5380 index:0x0 compound_mapcount: 0 [ 50.156574] flags: 0xfffe0000008100(slab|head) [ 50.161169] raw: 00fffe0000008100 ffffea000207c808 ffffea00021e7808 ffff88812c3f5380 [ 50.169078] raw: 0000000000000000 ffff8880879d0600 0000000100000001 0000000000000000 [ 50.176959] page dumped because: kasan: bad access detected [ 50.182666] [ 50.184292] Memory state around the buggy address: [ 50.189226] ffff8880879d0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.196589] ffff8880879d0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.203957] >ffff8880879d0600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.211344] ^ [ 50.214727] ffff8880879d0680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.222541] ffff8880879d0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.229911] ================================================================== [ 50.237278] Disabling lock debugging due to kernel taint [ 50.244807] Kernel panic - not syncing: panic_on_warn set ... [ 50.244807] [ 50.252229] CPU: 0 PID: 7318 Comm: syz-executor411 Tainted: G B 4.19.150-syzkaller #0 [ 50.261503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.270865] Call Trace: [ 50.273476] dump_stack+0x22c/0x33e [ 50.277118] panic+0x2ac/0x565 [ 50.280315] ? __warn_printk+0xf3/0xf3 [ 50.284246] ? preempt_schedule_common+0x45/0xc0 [ 50.289020] ? ___preempt_schedule+0x16/0x18 [ 50.293441] ? trace_hardirqs_on+0x55/0x210 [ 50.297767] kasan_end_report+0x43/0x49 [ 50.301756] kasan_report_error.cold+0x83/0xb9 [ 50.306340] ? diFree+0x18d9/0x24b0 [ 50.309974] __asan_report_load4_noabort+0x88/0x90 [ 50.314909] ? diFree+0x18d9/0x24b0 [ 50.318559] diFree+0x18d9/0x24b0 [ 50.322022] ? mark_held_locks+0xf0/0xf0 [ 50.326121] ? __kasan_slab_free+0x186/0x1f0 [ 50.330537] ? mark_held_locks+0xf0/0xf0 [ 50.334605] ? mark_held_locks+0xf0/0xf0 [ 50.338674] ? jfs_fill_super+0x83c/0xb50 [ 50.342849] ? mount_bdev+0x2fc/0x3b0 [ 50.346653] ? mount_fs+0xa3/0x318 [ 50.350195] ? vfs_kern_mount.part.0+0x68/0x470 [ 50.354865] ? do_mount+0x51c/0x2f10 [ 50.358589] ? ksys_mount+0xcf/0x130 [ 50.362308] ? __x64_sys_mount+0xba/0x150 [ 50.366462] ? diWrite+0x1450/0x1450 [ 50.370181] ? find_held_lock+0x2d/0x110 [ 50.374274] ? find_held_lock+0x2d/0x110 [ 50.378342] ? dquot_initialize_needed+0x290/0x290 [ 50.383279] ? lock_downgrade+0x750/0x750 [ 50.387438] jfs_evict_inode+0x126/0x170 [ 50.391534] ? jfs_write_inode+0x1d0/0x1d0 [ 50.395772] evict+0x2ed/0x780 [ 50.398979] iput+0x511/0x890 [ 50.402090] diFreeSpecial+0x63/0x80 [ 50.405811] jfs_umount+0xd6/0x310 [ 50.409360] jfs_fill_super+0x83c/0xb50 [ 50.413339] ? parse_options+0xf50/0xf50 [ 50.417409] ? set_blocksize+0x163/0x3f0 [ 50.421487] mount_bdev+0x2fc/0x3b0 [ 50.425145] ? parse_options+0xf50/0xf50 [ 50.429217] mount_fs+0xa3/0x318 [ 50.432593] vfs_kern_mount.part.0+0x68/0x470 [ 50.437117] do_mount+0x51c/0x2f10 [ 50.440674] ? check_preemption_disabled+0x41/0x2b0 [ 50.445696] ? copy_mount_string+0x40/0x40 [ 50.449944] ? kmem_cache_alloc_trace+0x379/0x4b0 [ 50.454798] ? _copy_from_user+0xd2/0x130 [ 50.458953] ? copy_mount_options+0x261/0x370 [ 50.463450] ksys_mount+0xcf/0x130 [ 50.466994] __x64_sys_mount+0xba/0x150 [ 50.470975] ? lockdep_hardirqs_on+0x3c1/0x5e0 [ 50.475565] do_syscall_64+0xf9/0x670 [ 50.479376] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.484670] RIP: 0033:0x44807a [ 50.487866] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d a3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a a3 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 50.506801] RSP: 002b:00007ffca64fa068 EFLAGS: 00000283 ORIG_RAX: 00000000000000a5 [ 50.514519] RAX: ffffffffffffffda RBX: 00007ffca64fa0c0 RCX: 000000000044807a [ 50.521798] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffca64fa080 [ 50.529076] RBP: 00007ffca64fa080 R08: 00007ffca64fa0c0 R09: 0000000000000000 [ 50.536354] R10: 0000000000000000 R11: 0000000000000283 R12: 0000000000000019 [ 50.543656] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 50.552145] Kernel Offset: disabled [ 50.555768] Rebooting in 86400 seconds..