audit: type=1804 audit(1667225732.042:72): pid=16787 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1393698535/syzkaller.NXb3r0/2393/file0/file3" dev="loop1" ino=5 res=1
vhci_hcd: release socket
vhci_hcd: vhci_device speed not set
==================================================================
BUG: KASAN: use-after-free in dbAdjTree+0x265/0x2c0 fs/jfs/jfs_dmap.c:2936
vhci_hcd: disconnect device
Read of size 1 at addr ffff88809d78d021 by task jfsCommit/1985

CPU: 0 PID: 1985 Comm: jfsCommit Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 print_address_description.cold+0x54/0x219 mm/kasan/report.c:256
 kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354
 kasan_report mm/kasan/report.c:412 [inline]
 __asan_report_load1_noabort+0x88/0x90 mm/kasan/report.c:430
 dbAdjTree+0x265/0x2c0 fs/jfs/jfs_dmap.c:2936
 dbJoin+0x1d0/0x220 fs/jfs/jfs_dmap.c:2877
 dbFreeBits+0xf0/0x710 fs/jfs/jfs_dmap.c:2378
 dbFreeDmap+0x61/0x1a0 fs/jfs/jfs_dmap.c:2127
 dbFree+0x252/0x500 fs/jfs/jfs_dmap.c:385
 txFreeMap+0x7a4/0xb20 fs/jfs/jfs_txnmgr.c:2579
 txUpdateMap+0x369/0x1000 fs/jfs/jfs_txnmgr.c:2375
 txLazyCommit fs/jfs/jfs_txnmgr.c:2709 [inline]
 jfs_lazycommit+0x525/0x9d0 fs/jfs/jfs_txnmgr.c:2777
vhci_hcd: stop threads
vhci_hcd: release socket
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415

vhci_hcd: disconnect device
The buggy address belongs to the page:
page:ffffea000275e340 count:0 mapcount:-128 mapping:0000000000000000 index:0x0
flags: 0xfff00000000000()
raw: 00fff00000000000 ffffea00027b8388 ffffea000275ec08 0000000000000000
vhci_hcd: stop threads
raw: 0000000000000000 0000000000000000 00000000ffffff7f 0000000000000000
vhci_hcd: release socket
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff88809d78cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff88809d78cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff88809d78d000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                               ^
 ffff88809d78d080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff88809d78d100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================
usb 13-1: new full-speed USB device number 2 using vhci_hcd
vhci_hcd: disconnect device