Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. [ 67.832710][ T28] audit: type=1400 audit(1590321237.851:8): avc: denied { execmem } for pid=7031 comm="syz-executor990" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 67.905183][ T7038] IPVS: ftp: loaded support on port[0] = 21 [ 67.907413][ T7040] IPVS: ftp: loaded support on port[0] = 21 [ 67.919693][ T7041] IPVS: ftp: loaded support on port[0] = 21 [ 67.937158][ T7043] IPVS: ftp: loaded support on port[0] = 21 [ 67.937163][ T7039] IPVS: ftp: loaded support on port[0] = 21 [ 67.941021][ T7042] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program [ 68.188123][ T28] audit: type=1800 audit(1590321238.201:9): pid=7160 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor990" name="file0" dev="sda1" ino=15730 res=0 [ 68.205047][ T7160] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 68.214301][ T7163] MINIX-fs: mounting unchecked file system, running fsck is recommended executing program executing program [ 68.244617][ T7160] Process accounting resumed [ 68.257198][ T7170] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 68.278993][ T7160] Process accounting resumed [ 68.299171][ T7163] Process accounting resumed [ 68.306070][ T7163] ================================================================== [ 68.314342][ T7163] BUG: KASAN: use-after-free in get_block+0x110f/0x1380 [ 68.321279][ T7163] Read of size 2 at addr ffff888085660644 by task syz-executor990/7163 [ 68.329511][ T7163] [ 68.331847][ T7163] CPU: 1 PID: 7163 Comm: syz-executor990 Not tainted 5.7.0-rc6-syzkaller #0 [ 68.340691][ T7163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.350745][ T7163] Call Trace: [ 68.354045][ T7163] dump_stack+0x188/0x20d [ 68.358401][ T7163] print_address_description.constprop.0.cold+0xd3/0x413 [ 68.365435][ T7163] ? vprintk_func+0x81/0x17e [ 68.370033][ T7163] ? get_block+0x110f/0x1380 [ 68.374633][ T7163] __kasan_report.cold+0x20/0x38 [ 68.379577][ T7163] ? ___might_sleep+0x150/0x2b0 [ 68.381620][ T28] audit: type=1800 audit(1590321238.211:10): pid=7163 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor990" name="file0" dev="sda1" ino=15731 res=0 [ 68.384425][ T7163] ? get_block+0x110f/0x1380 [ 68.384453][ T7163] ? get_block+0x110f/0x1380 [ 68.384472][ T7163] kasan_report+0x33/0x50 [ 68.418228][ T7163] get_block+0x110f/0x1380 [ 68.422667][ T7163] ? block_to_path.isra.0+0x300/0x300 [ 68.428063][ T7163] ? create_empty_buffers+0x590/0x8c0 [ 68.433438][ T7163] ? __alloc_pages_nodemask+0x5f4/0x810 [ 68.438985][ T7163] ? do_raw_spin_unlock+0x171/0x260 [ 68.444192][ T7163] minix_get_block+0xe5/0x110 [ 68.448587][ T7184] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 68.448873][ T7163] __block_write_begin_int+0x490/0x1b00 [ 68.462707][ T7163] ? minix_rename+0x8c0/0x8c0 [ 68.466165][ T28] audit: type=1800 audit(1590321238.261:11): pid=7159 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor990" name="file0" dev="sda1" ino=15732 res=0 [ 68.467396][ T7163] ? remove_inode_buffers+0x1c0/0x1c0 [ 68.467416][ T7163] ? pagecache_get_page+0x204/0xa10 [ 68.467431][ T7163] ? wait_for_stable_page+0x11c/0x1e0 [ 68.467451][ T7163] ? minix_rename+0x8c0/0x8c0 [ 68.508304][ T7163] block_write_begin+0x58/0x2e0 [ 68.513183][ T7163] minix_write_begin+0x35/0xe0 [ 68.517962][ T7163] generic_perform_write+0x20a/0x4e0 [ 68.523266][ T7163] ? __mnt_drop_write+0x50/0x80 [ 68.528129][ T7163] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4a0/0x4a0 [ 68.536196][ T7163] ? update_time+0xc0/0xc0 [ 68.540623][ T7163] ? down_write+0xdb/0x150 [ 68.545053][ T7163] __generic_file_write_iter+0x24c/0x610 [ 68.550695][ T7163] generic_file_write_iter+0x3f3/0x630 [ 68.556163][ T7163] ? __generic_file_write_iter+0x610/0x610 [ 68.561984][ T7163] new_sync_write+0x4a2/0x700 [ 68.566667][ T7163] ? new_sync_read+0x7a0/0x7a0 [ 68.571465][ T7163] __vfs_write+0xc9/0x100 [ 68.575806][ T7163] __kernel_write+0x11c/0x3a0 [ 68.580494][ T7163] do_acct_process+0xcdc/0x10e0 [ 68.585357][ T7163] ? acct_on+0x770/0x770 [ 68.589606][ T7163] ? pin_kill+0x12e/0x7c0 [ 68.593964][ T7163] acct_pin_kill+0x29/0xf0 [ 68.598390][ T7163] pin_kill+0x175/0x7c0 [ 68.602551][ T7163] ? pin_insert+0x260/0x260 [ 68.607074][ T7163] ? __mutex_unlock_slowpath+0xe2/0x660 [ 68.612624][ T7163] ? lock_downgrade+0x840/0x840 [ 68.617480][ T7163] ? finish_wait+0x260/0x260 [ 68.622080][ T7163] acct_on+0x55d/0x770 [ 68.626162][ T7163] __x64_sys_acct+0xab/0x1f0 [ 68.630764][ T7163] do_syscall_64+0xf6/0x7d0 [ 68.635278][ T7163] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 68.641338][ T7163] RIP: 0033:0x44bea9 [ 68.645219][ T7163] Code: bd ca fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b ca fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.649919][ T28] audit: type=1800 audit(1590321238.671:12): pid=7181 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor990" name="file0" dev="sda1" ino=15747 res=0 [ 68.664805][ T7163] RSP: 002b:00007f0a85a5ece8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 68.664820][ T7163] RAX: ffffffffffffffda RBX: 00000000006dec28 RCX: 000000000044bea9 [ 68.664828][ T7163] RDX: 000000000044bea9 RSI: ff7df842cfc7c3fb RDI: 0000000020000480 [ 68.664836][ T7163] RBP: 00000000006dec20 R08: 0000000000000000 R09: 0000000000000000 [ 68.664844][ T7163] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dec2c [ 68.664853][ T7163] R13: 00007ffc52e9afdf R14: 00007f0a85a5f9c0 R15: 0000000000000000 [ 68.664879][ T7163] [ 68.664884][ T7163] The buggy address belongs to the page: [ 68.664899][ T7163] page:ffffea0002159800 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1 [ 68.664908][ T7163] flags: 0xfffe0000000000() [ 68.664929][ T7163] raw: 00fffe0000000000 ffff88812fffba58 ffffea0002251008 0000000000000000 [ 68.763872][ T7163] raw: 000000000000002b 0000000000000000 00000001ffffffff ffff8880a9550000 [ 68.772451][ T7163] page dumped because: kasan: bad access detected [ 68.778860][ T7163] page->mem_cgroup:ffff8880a9550000 [ 68.784056][ T7163] [ 68.786381][ T7163] Memory state around the buggy address: [ 68.792017][ T7163] ffff888085660500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.800080][ T7163] ffff888085660580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.808128][ T7163] >ffff888085660600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.816163][ T7163] ^ [ 68.822296][ T7163] ffff888085660680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.830337][ T7163] ffff888085660700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.838374][ T7163] ================================================================== [ 68.846420][ T7163] Disabling lock debugging due to kernel taint [ 68.852972][ T7163] Kernel panic - not syncing: panic_on_warn set ... [ 68.859553][ T7163] CPU: 1 PID: 7163 Comm: syz-executor990 Tainted: G B 5.7.0-rc6-syzkaller #0 [ 68.869597][ T7163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.879649][ T7163] Call Trace: [ 68.882945][ T7163] dump_stack+0x188/0x20d [ 68.887280][ T7163] panic+0x2e3/0x75c [ 68.891177][ T7163] ? add_taint.cold+0x16/0x16 [ 68.895855][ T7163] ? retint_kernel+0x2b/0x2b [ 68.900440][ T7163] ? get_block+0x110f/0x1380 [ 68.905029][ T7163] ? trace_hardirqs_on+0x55/0x220 [ 68.909253][ T28] audit: type=1800 audit(1590321238.932:13): pid=7194 uid=0 auid=0 ses=5 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor990" name="file0" dev="sda1" ino=15751 res=0 [ 68.910046][ T7163] ? get_block+0x110f/0x1380 [ 68.910061][ T7163] end_report+0x4d/0x53 [ 68.910073][ T7163] __kasan_report.cold+0xd/0x38 [ 68.910087][ T7163] ? ___might_sleep+0x150/0x2b0 executing program [ 68.910101][ T7163] ? get_block+0x110f/0x1380 [ 68.936758][ T7194] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 68.939107][ T7163] ? get_block+0x110f/0x1380 [ 68.939121][ T7163] kasan_report+0x33/0x50 [ 68.939133][ T7163] get_block+0x110f/0x1380 [ 68.939149][ T7163] ? block_to_path.isra.0+0x300/0x300 [ 68.939166][ T7163] ? create_empty_buffers+0x590/0x8c0 [ 68.939185][ T7163] ? __alloc_pages_nodemask+0x5f4/0x810 [ 68.950310][ T7181] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 68.953403][ T7163] ? do_raw_spin_unlock+0x171/0x260 [ 68.953420][ T7163] minix_get_block+0xe5/0x110 [ 68.953435][ T7163] __block_write_begin_int+0x490/0x1b00 [ 68.953450][ T7163] ? minix_rename+0x8c0/0x8c0 [ 69.019616][ T7163] ? remove_inode_buffers+0x1c0/0x1c0 [ 69.024991][ T7163] ? pagecache_get_page+0x204/0xa10 [ 69.030191][ T7163] ? wait_for_stable_page+0x11c/0x1e0 [ 69.035561][ T7163] ? minix_rename+0x8c0/0x8c0 [ 69.040321][ T7163] block_write_begin+0x58/0x2e0 [ 69.045171][ T7163] minix_write_begin+0x35/0xe0 [ 69.049935][ T7163] generic_perform_write+0x20a/0x4e0 [ 69.055224][ T7163] ? __mnt_drop_write+0x50/0x80 [ 69.060082][ T7163] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4a0/0x4a0 [ 69.068138][ T7163] ? update_time+0xc0/0xc0 [ 69.072547][ T7163] ? down_write+0xdb/0x150 [ 69.076958][ T7163] __generic_file_write_iter+0x24c/0x610 [ 69.082577][ T7163] generic_file_write_iter+0x3f3/0x630 [ 69.088119][ T7163] ? __generic_file_write_iter+0x610/0x610 [ 69.093904][ T7163] new_sync_write+0x4a2/0x700 [ 69.098568][ T7163] ? new_sync_read+0x7a0/0x7a0 [ 69.103320][ T7163] __vfs_write+0xc9/0x100 [ 69.107681][ T7163] __kernel_write+0x11c/0x3a0 [ 69.112344][ T7163] do_acct_process+0xcdc/0x10e0 [ 69.117189][ T7163] ? acct_on+0x770/0x770 [ 69.121421][ T7163] ? pin_kill+0x12e/0x7c0 [ 69.125739][ T7163] acct_pin_kill+0x29/0xf0 [ 69.130136][ T7163] pin_kill+0x175/0x7c0 [ 69.134270][ T7163] ? pin_insert+0x260/0x260 [ 69.138757][ T7163] ? __mutex_unlock_slowpath+0xe2/0x660 [ 69.144372][ T7163] ? lock_downgrade+0x840/0x840 [ 69.149214][ T7163] ? finish_wait+0x260/0x260 [ 69.153794][ T7163] acct_on+0x55d/0x770 [ 69.157854][ T7163] __x64_sys_acct+0xab/0x1f0 [ 69.162450][ T7163] do_syscall_64+0xf6/0x7d0 [ 69.166960][ T7163] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 69.172845][ T7163] RIP: 0033:0x44bea9 [ 69.176731][ T7163] Code: bd ca fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b ca fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.196325][ T7163] RSP: 002b:00007f0a85a5ece8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 69.204728][ T7163] RAX: ffffffffffffffda RBX: 00000000006dec28 RCX: 000000000044bea9 [ 69.212692][ T7163] RDX: 000000000044bea9 RSI: ff7df842cfc7c3fb RDI: 0000000020000480 [ 69.220845][ T7163] RBP: 00000000006dec20 R08: 0000000000000000 R09: 0000000000000000 [ 69.228813][ T7163] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dec2c [ 69.236773][ T7163] R13: 00007ffc52e9afdf R14: 00007f0a85a5f9c0 R15: 0000000000000000 [ 69.245998][ T7163] Kernel Offset: disabled [ 69.250311][ T7163] Rebooting in 86400 seconds..