[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.46' (ECDSA) to the list of known hosts. syzkaller login: [ 871.256476] IPVS: ftp: loaded support on port[0] = 21 executing program [ 871.367603] ================================================================== [ 871.375073] BUG: KASAN: use-after-free in dbJoin+0x21b/0x220 [ 871.380881] Read of size 1 at addr ffff88819c47fa4c by task jfsCommit/1986 [ 871.387884] [ 871.389571] CPU: 0 PID: 1986 Comm: jfsCommit Not tainted 4.19.211-syzkaller #0 [ 871.396932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 871.406297] Call Trace: [ 871.408883] dump_stack+0x1fc/0x2ef [ 871.412497] print_address_description.cold+0x54/0x219 [ 871.417763] kasan_report_error.cold+0x8a/0x1b9 [ 871.422418] ? dbJoin+0x21b/0x220 [ 871.425939] __asan_report_load1_noabort+0x88/0x90 [ 871.430848] ? dbJoin+0x21b/0x220 [ 871.434718] dbJoin+0x21b/0x220 [ 871.437998] dbFreeBits+0xf0/0x710 [ 871.441538] dbFreeDmap+0x61/0x1a0 [ 871.445068] dbFree+0x252/0x500 [ 871.448334] txFreeMap+0x7a4/0xb20 [ 871.451860] txUpdateMap+0x369/0x1000 [ 871.455659] ? lock_downgrade+0x5b0/0x720 [ 871.459792] jfs_lazycommit+0x525/0x9d0 [ 871.463755] ? txCommit+0x39e0/0x39e0 [ 871.467535] ? lock_acquire+0x170/0x3c0 [ 871.471507] ? __kthread_parkme+0x5d/0x1e0 [ 871.475723] ? wake_up_q+0xe0/0xe0 [ 871.479242] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 871.483804] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 871.488891] ? __kthread_parkme+0x133/0x1e0 [ 871.493193] ? txCommit+0x39e0/0x39e0 [ 871.496975] kthread+0x33f/0x460 [ 871.500332] ? kthread_park+0x180/0x180 [ 871.504297] ret_from_fork+0x24/0x30 [ 871.508137] [ 871.509746] The buggy address belongs to the page: [ 871.514674] page:ffffea0006711fc0 count:0 mapcount:0 mapping:0000000000000000 index:0x0 [ 871.522800] flags: 0x57ff00000000000() [ 871.526674] raw: 057ff00000000000 ffffea0006711fc8 ffffea0006711fc8 0000000000000000 [ 871.534709] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 871.542562] page dumped because: kasan: bad access detected [ 871.548260] [ 871.549878] Memory state around the buggy address: [ 871.554805] ffff88819c47f900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 871.562238] ffff88819c47f980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 871.569748] >ffff88819c47fa00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 871.577080] ^ [ 871.582768] ffff88819c47fa80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 871.591446] ffff88819c47fb00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 871.598778] ================================================================== [ 871.606458] Disabling lock debugging due to kernel taint [ 871.612420] Kernel panic - not syncing: panic_on_warn set ... [ 871.612420] [ 871.619977] CPU: 1 PID: 1986 Comm: jfsCommit Tainted: G B 4.19.211-syzkaller #0 [ 871.628721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 871.638065] Call Trace: [ 871.640646] dump_stack+0x1fc/0x2ef [ 871.644262] panic+0x26a/0x50e [ 871.647439] ? __warn_printk+0xf3/0xf3 [ 871.651310] ? preempt_schedule_common+0x45/0xc0 [ 871.656049] ? ___preempt_schedule+0x16/0x18 [ 871.660443] ? trace_hardirqs_on+0x55/0x210 [ 871.664751] kasan_end_report+0x43/0x49 [ 871.668708] kasan_report_error.cold+0xa7/0x1b9 [ 871.673361] ? dbJoin+0x21b/0x220 [ 871.676803] __asan_report_load1_noabort+0x88/0x90 [ 871.681810] ? dbJoin+0x21b/0x220 [ 871.685253] dbJoin+0x21b/0x220 [ 871.688531] dbFreeBits+0xf0/0x710 [ 871.692066] dbFreeDmap+0x61/0x1a0 [ 871.695588] dbFree+0x252/0x500 [ 871.698852] txFreeMap+0x7a4/0xb20 [ 871.702379] txUpdateMap+0x369/0x1000 [ 871.706165] ? lock_downgrade+0x5b0/0x720 [ 871.710298] jfs_lazycommit+0x525/0x9d0 [ 871.714257] ? txCommit+0x39e0/0x39e0 [ 871.718042] ? lock_acquire+0x170/0x3c0 [ 871.723908] ? __kthread_parkme+0x5d/0x1e0 [ 871.728127] ? wake_up_q+0xe0/0xe0 [ 871.731654] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 871.736219] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 871.741323] ? __kthread_parkme+0x133/0x1e0 [ 871.745639] ? txCommit+0x39e0/0x39e0 [ 871.749430] kthread+0x33f/0x460 [ 871.752782] ? kthread_park+0x180/0x180 [ 871.756739] ret_from_fork+0x24/0x30 [ 871.760586] Kernel Offset: disabled [ 871.764200] Rebooting in 86400 seconds..