[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.148' (ECDSA) to the list of known hosts.
syzkaller login: [ 34.451123] IPVS: ftp: loaded support on port[0] = 21
executing program
[ 34.523951] VFS: Found a Xenix FS (block size = 1024) on device loop0
[ 34.531537] sysv_free_block: flc_count > flc_size
[ 34.537963] sysv_free_block: flc_count > flc_size
[ 34.542814] sysv_free_block: flc_count > flc_size
[ 34.549629] sysv_free_block: flc_count > flc_size
[ 34.555353] sysv_free_block: flc_count > flc_size
[ 34.560211] sysv_free_block: flc_count > flc_size
[ 34.566203] sysv_free_block: flc_count > flc_size
[ 34.571089] sysv_free_block: flc_count > flc_size
[ 34.576529] sysv_free_block: flc_count > flc_size
[ 34.581404] sysv_free_block: flc_count > flc_size
[ 34.587269] ==================================================================
[ 34.594693] BUG: KASAN: use-after-free in sysv_new_block+0x79f/0x990
[ 34.601166] Read of size 4 at addr ffff8880904b40c8 by task syz-executor243/8118
[ 34.608674]
[ 34.610288] CPU: 0 PID: 8118 Comm: syz-executor243 Not tainted 4.19.211-syzkaller #0
[ 34.618144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 34.627478] Call Trace:
[ 34.630049] dump_stack+0x1fc/0x2ef
[ 34.633672] print_address_description.cold+0x54/0x219
[ 34.638944] kasan_report_error.cold+0x8a/0x1b9
[ 34.643608] ? sysv_new_block+0x79f/0x990
[ 34.647746] __asan_report_load4_noabort+0x88/0x90
[ 34.652663] ? sysv_new_block+0x79f/0x990
[ 34.656792] sysv_new_block+0x79f/0x990
[ 34.660754] get_block+0x3fa/0x1510
[ 34.664366] ? get_mem_cgroup_from_page+0x7a/0x3b0
[ 34.669281] ? block_to_path.isra.0+0x440/0x440
[ 34.673928] ? create_page_buffers+0x212/0x350
[ 34.678498] ? alloc_page_buffers+0x2da/0x5c0
[ 34.682974] ? create_empty_buffers+0x4e7/0x760
[ 34.687708] ? do_raw_spin_unlock+0x171/0x230
[ 34.692182] ? _raw_spin_unlock+0x29/0x40
[ 34.696309] ? create_page_buffers+0x190/0x350
[ 34.700871] __block_write_begin_int+0x46c/0x17b0
[ 34.705694] ? block_to_path.isra.0+0x440/0x440
[ 34.710351] ? __breadahead_gfp+0x130/0x130
[ 34.714654] ? mark_held_locks+0xa6/0xf0
[ 34.718692] ? wait_for_stable_page+0x122/0x360
[ 34.723347] ? block_to_path.isra.0+0x440/0x440
[ 34.727995] block_write_begin+0x58/0x2e0
[ 34.732121] sysv_write_begin+0x35/0xe0
[ 34.736084] generic_perform_write+0x1f8/0x4d0
[ 34.740650] ? filemap_page_mkwrite+0x2f0/0x2f0
[ 34.745296] ? current_time+0x1c0/0x1c0
[ 34.749254] ? lock_acquire+0x170/0x3c0
[ 34.753212] __generic_file_write_iter+0x24b/0x610
[ 34.758124] generic_file_write_iter+0x3f8/0x730
[ 34.762863] __vfs_write+0x51b/0x770
[ 34.766556] ? kernel_read+0x110/0x110
[ 34.770456] ? check_preemption_disabled+0x41/0x280
[ 34.775453] ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 34.780448] vfs_write+0x1f3/0x540
[ 34.783967] ksys_write+0x12b/0x2a0
[ 34.787578] ? __ia32_sys_read+0xb0/0xb0
[ 34.791619] ? trace_hardirqs_off_caller+0x6e/0x210
[ 34.796613] ? do_syscall_64+0x21/0x620
[ 34.800568] do_syscall_64+0xf9/0x620
[ 34.804353] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 34.809520] RIP: 0033:0x7f0f2c45b899
[ 34.813213] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 34.832092] RSP: 002b:00007ffe9a5ec918 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 34.839777] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f0f2c45b899
[ 34.847024] RDX: 00000000fffffe45 RSI: 00000000200000c0 RDI: 0000000000000004
[ 34.854269] RBP: 00007ffe9a5ec980 R08: 00000000000f4240 R09: 00000000000f4240
[ 34.861515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 34.868761] R13: 00000000000f4240 R14: 00007ffe9a5ec944 R15: 00007ffe9a5ec950
[ 34.876015]
[ 34.877617] The buggy address belongs to the page:
[ 34.882524] page:ffffea0002412d00 count:0 mapcount:0 mapping:0000000000000000 index:0x1
[ 34.890642] flags: 0xfff00000000000()
[ 34.894423] raw: 00fff00000000000 ffffea0002410608 ffffea000237a208 0000000000000000
[ 34.902295] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 34.910151] page dumped because: kasan: bad access detected
[ 34.915833]
[ 34.917437] Memory state around the buggy address:
[ 34.922345] ffff8880904b3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 34.929683] ffff8880904b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 34.937051] >ffff8880904b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 34.944387] ^
[ 34.950077] ffff8880904b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 34.957416] ffff8880904b4180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 34.964752] ==================================================================
[ 34.972087] Disabling lock debugging due to kernel taint
[ 34.977762] Kernel panic - not syncing: panic_on_warn set ...
[ 34.977762]
[ 34.985131] CPU: 0 PID: 8118 Comm: syz-executor243 Tainted: G B 4.19.211-syzkaller #0
[ 34.994392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 35.003738] Call Trace:
[ 35.006308] dump_stack+0x1fc/0x2ef
[ 35.009917] panic+0x26a/0x50e
[ 35.013090] ? __warn_printk+0xf3/0xf3
[ 35.016956] ? preempt_schedule_common+0x45/0xc0
[ 35.021690] ? ___preempt_schedule+0x16/0x18
[ 35.026076] ? trace_hardirqs_on+0x55/0x210
[ 35.030377] kasan_end_report+0x43/0x49
[ 35.034333] kasan_report_error.cold+0xa7/0x1b9
[ 35.038981] ? sysv_new_block+0x79f/0x990
[ 35.043110] __asan_report_load4_noabort+0x88/0x90
[ 35.048022] ? sysv_new_block+0x79f/0x990
[ 35.052151] sysv_new_block+0x79f/0x990
[ 35.056102] get_block+0x3fa/0x1510
[ 35.059706] ? get_mem_cgroup_from_page+0x7a/0x3b0
[ 35.064613] ? block_to_path.isra.0+0x440/0x440
[ 35.069261] ? create_page_buffers+0x212/0x350
[ 35.073823] ? alloc_page_buffers+0x2da/0x5c0
[ 35.078297] ? create_empty_buffers+0x4e7/0x760
[ 35.082951] ? do_raw_spin_unlock+0x171/0x230
[ 35.087425] ? _raw_spin_unlock+0x29/0x40
[ 35.091548] ? create_page_buffers+0x190/0x350
[ 35.096107] __block_write_begin_int+0x46c/0x17b0
[ 35.100931] ? block_to_path.isra.0+0x440/0x440
[ 35.105580] ? __breadahead_gfp+0x130/0x130
[ 35.109881] ? mark_held_locks+0xa6/0xf0
[ 35.113920] ? wait_for_stable_page+0x122/0x360
[ 35.118566] ? block_to_path.isra.0+0x440/0x440
[ 35.123212] block_write_begin+0x58/0x2e0
[ 35.127343] sysv_write_begin+0x35/0xe0
[ 35.131307] generic_perform_write+0x1f8/0x4d0
[ 35.135869] ? filemap_page_mkwrite+0x2f0/0x2f0
[ 35.140515] ? current_time+0x1c0/0x1c0
[ 35.144466] ? lock_acquire+0x170/0x3c0
[ 35.148431] __generic_file_write_iter+0x24b/0x610
[ 35.153338] generic_file_write_iter+0x3f8/0x730
[ 35.158071] __vfs_write+0x51b/0x770
[ 35.161764] ? kernel_read+0x110/0x110
[ 35.165636] ? check_preemption_disabled+0x41/0x280
[ 35.170633] ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 35.175629] vfs_write+0x1f3/0x540
[ 35.179146] ksys_write+0x12b/0x2a0
[ 35.182751] ? __ia32_sys_read+0xb0/0xb0
[ 35.186789] ? trace_hardirqs_off_caller+0x6e/0x210
[ 35.191781] ? do_syscall_64+0x21/0x620
[ 35.195731] do_syscall_64+0xf9/0x620
[ 35.199513] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 35.204678] RIP: 0033:0x7f0f2c45b899
[ 35.208370] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 35.227248] RSP: 002b:00007ffe9a5ec918 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 35.234931] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f0f2c45b899
[ 35.242180] RDX: 00000000fffffe45 RSI: 00000000200000c0 RDI: 0000000000000004
[ 35.249426] RBP: 00007ffe9a5ec980 R08: 00000000000f4240 R09: 00000000000f4240
[ 35.256677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 35.264445] R13: 00000000000f4240 R14: 00007ffe9a5ec944 R15: 00007ffe9a5ec950
[ 35.271873] Kernel Offset: disabled
[ 35.275489] Rebooting in 86400 seconds..