Warning: Permanently added '10.128.15.192' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program syzkaller login: [ 48.190198] audit: type=1400 audit(1600521776.547:8): avc: denied { execmem } for pid=6370 comm="syz-executor804" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 48.219762] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 48.229622] REISERFS (device loop3): using ordered data mode executing program [ 48.229849] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 48.236755] reiserfs: using flush barriers [ 48.249947] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 48.250282] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.270225] REISERFS (device loop2): using ordered data mode [ 48.278136] REISERFS (device loop5): using ordered data mode [ 48.280022] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 48.286776] reiserfs: using flush barriers [ 48.298560] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 48.308428] REISERFS (device loop3): checking transaction log (loop3) [ 48.315401] REISERFS (device loop1): using ordered data mode [ 48.318818] REISERFS (device loop4): using ordered data mode [ 48.325928] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.327460] reiserfs: using flush barriers [ 48.348581] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.351962] reiserfs: using flush barriers [ 48.357093] reiserfs: using flush barriers [ 48.357821] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.381000] REISERFS (device loop0): using ordered data mode [ 48.387057] reiserfs: using flush barriers [ 48.388669] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.392655] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.422620] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.439569] REISERFS (device loop4): checking transaction log (loop4) [ 48.444951] REISERFS (device loop1): checking transaction log (loop1) [ 48.448709] REISERFS (device loop5): checking transaction log (loop5) [ 48.463877] REISERFS (device loop2): checking transaction log (loop2) [ 48.476964] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 48.519130] REISERFS (device loop0): checking transaction log (loop0) [ 48.525460] REISERFS (device loop3): Using r5 hash to sort names [ 48.648989] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 48.672961] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 48.688139] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 48.703739] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 48.721561] REISERFS (device loop5): Using r5 hash to sort names [ 48.729208] REISERFS (device loop0): Using r5 hash to sort names executing program executing program [ 48.742507] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 48.761962] REISERFS (device loop1): Using r5 hash to sort names [ 48.762499] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 48.768244] REISERFS (device loop4): Using r5 hash to sort names [ 48.771019] REISERFS (device loop2): Using r5 hash to sort names [ 48.779843] REISERFS (device loop3): using ordered data mode executing program executing program executing program executing program executing program executing program [ 48.798208] reiserfs: using flush barriers [ 48.804909] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 48.836979] REISERFS (device loop3): checking transaction log (loop3) [ 48.904357] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program [ 48.949077] REISERFS (device loop3): Using r5 hash to sort names [ 48.956475] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 48.962661] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 48.973504] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 48.977043] REISERFS (device loop4): using ordered data mode [ 48.983623] REISERFS (device loop5): using ordered data mode executing program [ 48.988783] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 48.996068] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 49.015123] REISERFS (device loop2): using ordered data mode [ 49.018994] reiserfs: using flush barriers [ 49.022201] reiserfs: using flush barriers [ 49.025951] REISERFS (device loop0): using ordered data mode [ 49.030231] REISERFS (device loop1): using ordered data mode [ 49.036012] reiserfs: using flush barriers [ 49.041998] reiserfs: using flush barriers [ 49.046733] reiserfs: using flush barriers [ 49.064374] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.064423] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.079785] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.096604] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.110445] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.143167] REISERFS (device loop4): checking transaction log (loop4) [ 49.179413] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 49.186098] REISERFS (device loop2): checking transaction log (loop2) [ 49.195190] REISERFS (device loop5): checking transaction log (loop5) [ 49.203779] REISERFS (device loop0): checking transaction log (loop0) [ 49.219041] REISERFS (device loop3): using ordered data mode [ 49.232625] REISERFS (device loop1): checking transaction log (loop1) [ 49.255893] reiserfs: using flush barriers [ 49.302332] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.400000] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 49.447317] REISERFS (device loop3): checking transaction log (loop3) [ 49.494905] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 49.512607] REISERFS (device loop4): Using r5 hash to sort names [ 49.521651] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program executing program executing program executing program executing program [ 49.539646] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 49.544570] REISERFS (device loop5): Using r5 hash to sort names [ 49.560908] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 49.566720] REISERFS (device loop0): Using r5 hash to sort names executing program executing program executing program executing program executing program executing program [ 49.629042] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 49.649489] REISERFS (device loop3): Using r5 hash to sort names [ 49.667809] REISERFS (device loop2): Using r5 hash to sort names executing program [ 49.681693] REISERFS (device loop1): Using r5 hash to sort names [ 49.717856] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 49.726535] REISERFS (device loop4): using ordered data mode [ 49.732568] reiserfs: using flush barriers executing program executing program [ 49.807239] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.814560] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 49.839612] REISERFS (device loop3): using ordered data mode [ 49.842410] REISERFS (device loop4): checking transaction log (loop4) [ 49.852363] reiserfs: using flush barriers executing program [ 49.877976] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 49.878723] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.904017] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 49.915539] REISERFS (device loop0): using ordered data mode [ 49.917905] REISERFS (device loop5): using ordered data mode [ 49.921681] reiserfs: using flush barriers [ 49.935463] REISERFS (device loop3): checking transaction log (loop3) [ 49.942518] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 49.963033] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 49.982796] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 49.984085] REISERFS (device loop1): using ordered data mode [ 50.021218] REISERFS (device loop2): using ordered data mode [ 50.034259] REISERFS (device loop0): checking transaction log (loop0) [ 50.038335] reiserfs: using flush barriers [ 50.044281] reiserfs: using flush barriers [ 50.061738] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 50.071907] reiserfs: using flush barriers [ 50.110693] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 50.127749] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 50.159275] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 50.175295] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 50.190955] REISERFS (device loop0): Using r5 hash to sort names [ 50.191101] REISERFS (device loop1): checking transaction log (loop1) [ 50.219230] REISERFS (device loop3): Using r5 hash to sort names [ 50.242526] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 50.245512] REISERFS (device loop2): checking transaction log (loop2) executing program executing program [ 50.257686] REISERFS (device loop5): checking transaction log (loop5) [ 50.288725] REISERFS (device loop4): Using r5 hash to sort names [ 50.300882] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 50.343611] REISERFS (device loop0): using ordered data mode [ 50.359712] reiserfs: using flush barriers [ 50.379782] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 50.404166] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 50.442668] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 50.460612] REISERFS (device loop3): using ordered data mode [ 50.471790] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program [ 50.492556] REISERFS (device loop0): checking transaction log (loop0) [ 50.500050] reiserfs: using flush barriers [ 50.508178] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 50.527137] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 50.535546] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 50.552346] REISERFS (device loop5): Using r5 hash to sort names [ 50.559305] REISERFS (device loop4): using ordered data mode [ 50.560116] REISERFS (device loop1): Using r5 hash to sort names [ 50.580184] reiserfs: using flush barriers [ 50.581399] REISERFS (device loop2): Using r5 hash to sort names [ 50.587321] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 50.600078] REISERFS (device loop3): checking transaction log (loop3) [ 50.606091] REISERFS (device loop4): checking transaction log (loop4) executing program [ 50.679283] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 50.699283] REISERFS (device loop4): Using r5 hash to sort names [ 50.705542] ------------[ cut here ]------------ [ 50.710380] kernel BUG at fs/reiserfs/journal.c:3640! [ 50.716030] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal executing program [ 50.724554] REISERFS (device loop5): using ordered data mode [ 50.733078] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 50.738439] Modules linked in: [ 50.741628] CPU: 1 PID: 6507 Comm: syz-executor804 Not tainted 4.14.198-syzkaller #0 [ 50.749494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.758844] task: ffff88808d3c06c0 task.stack: ffff888097108000 [ 50.764891] RIP: 0010:do_journal_end+0x3081/0x41d0 [ 50.769792] RSP: 0018:ffff88809710f9f8 EFLAGS: 00010297 [ 50.775125] RAX: ffff88808d3c06c0 RBX: ffffc90005f47000 RCX: 0000000000000000 [ 50.782381] RDX: 0000000000000000 RSI: ffff88809710fc30 RDI: ffff88809710fc3c [ 50.789621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000040580 [ 50.796866] R10: ffff88808d3c0f98 R11: ffff88808d3c06c0 R12: ffffc90005f47058 [ 50.804109] R13: ffffc90005f47048 R14: ffff88809710fc38 R15: ffff8880832c4340 [ 50.811351] FS: 0000000001d81880(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 50.819549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.825416] CR2: 00000000004b8d8c CR3: 000000008f8b1000 CR4: 00000000001406e0 [ 50.832663] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.839903] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.847153] Call Trace: [ 50.849735] ? do_journal_end+0x41d0/0x41d0 [ 50.854035] ? reiserfs_info.cold+0x1d/0x67 [ 50.858327] ? __reiserfs_warning+0xb0/0xb0 [ 50.862622] ? __wake_up_bit+0xd0/0xd0 [ 50.866483] journal_end+0x259/0x300 [ 50.870255] reiserfs_fill_super+0x1ab8/0x28b6 [ 50.874810] ? reiserfs_remount+0x1390/0x1390 [ 50.879278] ? lock_downgrade+0x740/0x740 [ 50.883398] ? snprintf+0xa5/0xd0 [ 50.886828] mount_bdev+0x2b3/0x360 [ 50.890427] ? reiserfs_remount+0x1390/0x1390 [ 50.894892] mount_fs+0x92/0x2a0 [ 50.898236] vfs_kern_mount.part.0+0x5b/0x470 [ 50.902706] do_mount+0xe53/0x2a00 [ 50.906238] ? retint_kernel+0x2d/0x2d [ 50.910116] ? copy_mount_string+0x40/0x40 [ 50.914322] ? memset+0x20/0x40 [ 50.917573] ? copy_mount_options+0x1fa/0x2f0 [ 50.922042] ? copy_mnt_ns+0xa30/0xa30 [ 50.925900] SyS_mount+0xa8/0x120 [ 50.929326] ? copy_mnt_ns+0xa30/0xa30 [ 50.933186] do_syscall_64+0x1d5/0x640 [ 50.937050] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 50.942215] RIP: 0033:0x447e5a [ 50.945377] RSP: 002b:00007fff8526c5f8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5 [ 50.953059] RAX: ffffffffffffffda RBX: 00007fff8526c650 RCX: 0000000000447e5a [ 50.960301] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff8526c610 [ 50.967543] RBP: 00007fff8526c610 R08: 00007fff8526c650 R09: 0000000000000000 [ 50.974787] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000004 [ 50.982029] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 50.989278] Code: e8 45 23 ff ff e9 11 fa ff ff e8 5b 88 a1 ff 0f 0b e8 54 88 a1 ff 0f 0b e8 4d 88 a1 ff 0f 0b e8 46 88 a1 ff 0f 0b e8 3f 88 a1 ff <0f> 0b e8 38 88 a1 ff 48 8d bb d0 01 00 00 48 b8 00 00 00 00 00 [ 51.008366] RIP: do_journal_end+0x3081/0x41d0 RSP: ffff88809710f9f8 [ 51.023766] init_special_inode: bogus i_mode (0) for inode loop0:2 executing program [ 51.033490] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 51.037952] reiserfs: using flush barriers [ 51.053349] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 51.056411] REISERFS (device loop0): Using r5 hash to sort names [ 51.070096] ------------[ cut here ]------------ [ 51.074857] kernel BUG at fs/reiserfs/journal.c:3640! [ 51.082359] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 51.087736] Modules linked in: [ 51.090918] CPU: 0 PID: 6497 Comm: syz-executor804 Tainted: G D 4.14.198-syzkaller #0 [ 51.091194] REISERFS (device loop1): using ordered data mode [ 51.099988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.099992] task: ffff888095eda200 task.stack: ffff888086258000 [ 51.100002] RIP: 0010:do_journal_end+0x3081/0x41d0 [ 51.100005] RSP: 0018:ffff88808625f9f8 EFLAGS: 00010297 [ 51.100011] RAX: ffff888095eda200 RBX: ffffc90005ed8000 RCX: 0000000000000000 [ 51.100014] RDX: 0000000000000000 RSI: ffff88808625fc30 RDI: ffff88808625fc3c [ 51.100020] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 51.111078] reiserfs: using flush barriers [ 51.115121] R10: 0000000000000000 R11: ffff888095eda200 R12: ffffc90005ed8058 [ 51.115126] R13: ffffc90005ed8048 R14: ffff88808625fc38 R15: ffff88809edea7c0 [ 51.115133] FS: 0000000001d81880(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 [ 51.115137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.115140] CR2: 00007fff8526c7ac CR3: 00000000a40b2000 CR4: 00000000001406f0 [ 51.115147] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 51.115150] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 51.115152] Call Trace: [ 51.115167] ? do_journal_end+0x41d0/0x41d0 [ 51.124286] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 51.126121] ? reiserfs_info.cold+0x1d/0x67 [ 51.126128] ? __reiserfs_warning+0xb0/0xb0 [ 51.126135] ? __wake_up_bit+0xd0/0xd0 [ 51.126143] journal_end+0x259/0x300 [ 51.126152] reiserfs_fill_super+0x1ab8/0x28b6 [ 51.133132] REISERFS (device loop1): checking transaction log (loop1) [ 51.138741] ? reiserfs_remount+0x1390/0x1390 [ 51.138752] ? lock_downgrade+0x740/0x740 [ 51.138761] ? snprintf+0xa5/0xd0 [ 51.138774] mount_bdev+0x2b3/0x360 [ 51.183728] init_special_inode: bogus i_mode (0) for inode loop1:2 [ 51.186040] ? reiserfs_remount+0x1390/0x1390 [ 51.186050] mount_fs+0x92/0x2a0 [ 51.186058] vfs_kern_mount.part.0+0x5b/0x470 [ 51.186069] do_mount+0xe53/0x2a00 [ 51.193376] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 51.200577] ? retint_kernel+0x2d/0x2d [ 51.200585] ? copy_mount_string+0x40/0x40 [ 51.200594] ? memset+0x20/0x40 [ 51.200600] ? copy_mount_options+0x1fa/0x2f0 [ 51.200607] ? copy_mnt_ns+0xa30/0xa30 [ 51.210565] REISERFS (device loop1): Using r5 hash to sort names [ 51.214711] SyS_mount+0xa8/0x120 [ 51.214718] ? copy_mnt_ns+0xa30/0xa30 [ 51.214726] do_syscall_64+0x1d5/0x640 [ 51.214736] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 51.231400] ------------[ cut here ]------------ [ 51.234287] RIP: 0033:0x447e5a [ 51.238593] kernel BUG at fs/reiserfs/journal.c:3640! [ 51.242468] RSP: 002b:00007fff8526c5f8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5 [ 51.372935] RAX: ffffffffffffffda RBX: 00007fff8526c650 RCX: 0000000000447e5a [ 51.380179] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff8526c610 [ 51.387416] RBP: 00007fff8526c610 R08: 00007fff8526c650 R09: 0000000000000000 [ 51.394652] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000004 [ 51.401892] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 51.409134] Code: e8 45 23 ff ff e9 11 fa ff ff e8 5b 88 a1 ff 0f 0b e8 54 88 a1 ff 0f 0b e8 4d 88 a1 ff 0f 0b e8 46 88 a1 ff 0f 0b e8 3f 88 a1 ff <0f> 0b e8 38 88 a1 ff 48 8d bb d0 01 00 00 48 b8 00 00 00 00 00 [ 51.428187] RIP: do_journal_end+0x3081/0x41d0 RSP: ffff88808625f9f8 [ 51.434604] invalid opcode: 0000 [#3] PREEMPT SMP KASAN [ 51.436906] ---[ end trace 43e806207ec6c270 ]--- [ 51.439951] Modules linked in: [ 51.439961] CPU: 1 PID: 6518 Comm: syz-executor804 Tainted: G D 4.14.198-syzkaller #0 [ 51.439967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.444707] Kernel panic - not syncing: Fatal exception [ 51.447856] task: ffff88808bf84280 task.stack: ffff888095288000 [ 51.477710] RIP: 0010:do_journal_end+0x3081/0x41d0 [ 51.482624] RSP: 0018:ffff88809528f9f8 EFLAGS: 00010297 [ 51.487962] RAX: ffff88808bf84280 RBX: ffffc90005fc9000 RCX: 0000000000000000 [ 51.495206] RDX: 0000000000000000 RSI: ffff88809528fc30 RDI: ffff88809528fc3c [ 51.502450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 51.509694] R10: 0000000000000000 R11: ffff88808bf84280 R12: ffffc90005fc9058 [ 51.517049] R13: ffffc90005fc9048 R14: ffff88809528fc38 R15: ffff888082c28a80 [ 51.524294] FS: 0000000001d81880(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 51.532492] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.538347] CR2: 00007f885bc1e000 CR3: 000000009245d000 CR4: 00000000001406e0 [ 51.545605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 51.552849] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 51.560093] Call Trace: [ 51.562669] ? do_journal_end+0x41d0/0x41d0 [ 51.566969] ? reiserfs_info.cold+0x1d/0x67 [ 51.571305] ? __reiserfs_warning+0xb0/0xb0 [ 51.575605] ? __wake_up_bit+0xd0/0xd0 [ 51.579468] journal_end+0x259/0x300 [ 51.583161] reiserfs_fill_super+0x1ab8/0x28b6 [ 51.587718] ? reiserfs_remount+0x1390/0x1390 [ 51.592190] ? lock_downgrade+0x740/0x740 [ 51.596320] ? snprintf+0xa5/0xd0 [ 51.599752] mount_bdev+0x2b3/0x360 [ 51.603354] ? reiserfs_remount+0x1390/0x1390 [ 51.607825] mount_fs+0x92/0x2a0 [ 51.611187] vfs_kern_mount.part.0+0x5b/0x470 [ 51.615660] do_mount+0xe53/0x2a00 [ 51.619177] ? retint_kernel+0x2d/0x2d [ 51.623127] ? copy_mount_string+0x40/0x40 [ 51.627346] ? memset+0x20/0x40 [ 51.630600] ? copy_mount_options+0x1fa/0x2f0 [ 51.635066] ? copy_mnt_ns+0xa30/0xa30 [ 51.638933] SyS_mount+0xa8/0x120 [ 51.642361] ? copy_mnt_ns+0xa30/0xa30 [ 51.646228] do_syscall_64+0x1d5/0x640 [ 51.650093] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 51.655272] RIP: 0033:0x447e5a [ 51.658438] RSP: 002b:00007fff8526c5f8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5 [ 51.666131] RAX: ffffffffffffffda RBX: 00007fff8526c650 RCX: 0000000000447e5a [ 51.673386] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff8526c610 [ 51.680633] RBP: 00007fff8526c610 R08: 00007fff8526c650 R09: 0000000000000000 [ 51.687883] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000004 [ 51.695140] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 51.702392] Code: e8 45 23 ff ff e9 11 fa ff ff e8 5b 88 a1 ff 0f 0b e8 54 88 a1 ff 0f 0b e8 4d 88 a1 ff 0f 0b e8 46 88 a1 ff 0f 0b e8 3f 88 a1 ff <0f> 0b e8 38 88 a1 ff 48 8d bb d0 01 00 00 48 b8 00 00 00 00 00 [ 51.721520] RIP: do_journal_end+0x3081/0x41d0 RSP: ffff88809528f9f8 [ 51.729282] Kernel Offset: disabled [ 51.732895] Rebooting in 86400 seconds..