./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor271922036 <...> DUID 00:04:e5:d7:6b:3e:19:ba:e5:eb:4b:9e:6a:98:ce:0b:a0:29 forked to background, child pid 4663 [ 30.281128][ T4664] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.291551][ T4664] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.174' (ECDSA) to the list of known hosts. execve("./syz-executor271922036", ["./syz-executor271922036"], 0x7ffc362352c0 /* 10 vars */) = 0 brk(NULL) = 0x555556021000 brk(0x555556021d40) = 0x555556021d40 arch_prctl(ARCH_SET_FS, 0x555556021400) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x5555560216d0) = 4994 set_robust_list(0x5555560216e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f8bcd780910, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f8bcd77fe60}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f8bcd7809b0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8bcd77fe60}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor271922036", 4096) = 27 brk(0x555556042d40) = 0x555556042d40 brk(0x555556043000) = 0x555556043000 mprotect(0x7f8bcd843000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f8bcd77a030, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f8bcd77fe60}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f8bcd77a030, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f8bcd77fe60}, NULL, 8) = 0 getpid() = 4994 mkdir("./syzkaller.7rthFN", 0700) = 0 chmod("./syzkaller.7rthFN", 0777) = 0 chdir("./syzkaller.7rthFN") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560216d0) = 4995 ./strace-static-x86_64: Process 4995 attached [pid 4995] set_robust_list(0x5555560216e0, 24) = 0 [pid 4995] chdir("./0") = 0 [pid 4995] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4995] setpgid(0, 0) = 0 [pid 4995] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4995] write(3, "1000", 4) = 4 [pid 4995] close(3) = 0 [pid 4995] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4995] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4995] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8bcd74f000 [pid 4995] mprotect(0x7f8bcd750000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 4995] clone(child_stack=0x7f8bcd76f2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[4997], tls=0x7f8bcd76f700, child_tidptr=0x7f8bcd76f9d0) = 4997 [pid 4995] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4995] futex(0x7f8bcd8497ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 4997 attached [pid 4997] set_robust_list(0x7f8bcd76f9e0, 24) = 0 [pid 4997] memfd_create("syzkaller", 0) = 3 [pid 4997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8bc534f000 [pid 4997] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 4997] munmap(0x7f8bc534f000, 4194304) = 0 [pid 4997] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 syzkaller login: [ 57.170507][ T4997] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4997 'syz-executor271' [pid 4997] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 4997] close(3) = 0 [pid 4997] mkdir("./file0", 0777) = 0 [ 57.223833][ T4997] loop0: detected capacity change from 0 to 8192 [ 57.236664][ T4997] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.249882][ T4997] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 57.259275][ T4997] REISERFS (device loop0): using ordered data mode [ 57.265869][ T4997] reiserfs: using flush barriers [ 57.272209][ T4997] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.288996][ T4997] REISERFS (device loop0): checking transaction log (loop0) [pid 4997] mount("/dev/loop0", "./file0", "reiserfs", MS_DIRSYNC, "") = 0 [pid 4997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 4997] chdir("./file0") = 0 [pid 4997] ioctl(4, LOOP_CLR_FD) = 0 [pid 4997] close(4) = 0 [pid 4997] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4995] <... futex resumed>) = 0 [pid 4995] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4995] futex(0x7f8bcd8497ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 4997] <... futex resumed>) = 1 [pid 4997] creat("./bus", 000) = 4 [pid 4997] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4995] <... futex resumed>) = 0 [pid 4995] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4997] <... futex resumed>) = 1 [pid 4995] futex(0x7f8bcd8497ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 4997] ftruncate(4, 50331648) = 0 [pid 4997] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4995] <... futex resumed>) = 0 [pid 4995] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4995] futex(0x7f8bcd8497bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4995] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 4997] <... futex resumed>) = 1 [pid 4995] <... mmap resumed>) = 0x7f8bc572e000 [pid 4995] mprotect(0x7f8bc572f000, 131072, PROT_READ|PROT_WRITE) = 0 [ 57.337168][ T4997] REISERFS (device loop0): Using r5 hash to sort names [ 57.344506][ T4997] REISERFS (device loop0): using 3.5.x disk format [ 57.352126][ T4997] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 4995] clone(child_stack=0x7f8bc574e2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[4999], tls=0x7f8bc574e700, child_tidptr=0x7f8bc574e9d0) = 4999 [pid 4995] futex(0x7f8bcd8497b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4995] futex(0x7f8bcd8497bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 4997] mkdir("./file1", 000./strace-static-x86_64: Process 4999 attached [pid 4999] set_robust_list(0x7f8bc574e9e0, 24) = 0 [pid 4999] ftruncate(4, 0 [ 57.402328][ T4997] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 3085, free_space(entry_count) 2 [ 57.418245][ T4997] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 544. Fsck? [ 57.428886][ T4997] REISERFS (device loop0): Remounting filesystem read-only [ 57.436267][ T4997] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data [pid 4995] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 4997] <... mkdir resumed>) = -1 EIO (Input/output error) [pid 4997] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4999] <... ftruncate resumed>) = 0 [pid 4997] <... futex resumed>) = 0 [pid 4999] futex(0x7f8bcd8497bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4999] futex(0x7f8bcd8497b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 4997] futex(0x7f8bcd8497a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 4995] exit_group(0 [pid 4997] <... futex resumed>) = ? [pid 4995] <... exit_group resumed>) = ? [pid 4997] +++ exited with 0 +++ [pid 4999] <... futex resumed>) = ? [pid 4999] +++ exited with 0 +++ [pid 4995] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4995, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556022720 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./0/binderfs") = 0 [ 57.450948][ T4999] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 2 on readonly FS umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555602a760 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555602a760 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x555556022720 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560216d0) = 5000 ./strace-static-x86_64: Process 5000 attached [pid 5000] set_robust_list(0x5555560216e0, 24) = 0 [pid 5000] chdir("./1") = 0 [pid 5000] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5000] setpgid(0, 0) = 0 [pid 5000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5000] write(3, "1000", 4) = 4 [pid 5000] close(3) = 0 [pid 5000] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5000] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8bcd74f000 [pid 5000] mprotect(0x7f8bcd750000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5000] clone(child_stack=0x7f8bcd76f2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5001], tls=0x7f8bcd76f700, child_tidptr=0x7f8bcd76f9d0) = 5001 [pid 5000] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] futex(0x7f8bcd8497ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5001 attached [pid 5001] set_robust_list(0x7f8bcd76f9e0, 24) = 0 [pid 5001] memfd_create("syzkaller", 0) = 3 [pid 5001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8bc534f000 [pid 5001] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 [pid 5001] munmap(0x7f8bc534f000, 4194304) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5001] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5001] close(3) = 0 [pid 5001] mkdir("./file0", 0777) = 0 [ 57.581577][ T5001] loop0: detected capacity change from 0 to 8192 [ 57.592096][ T5001] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 57.605699][ T5001] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 57.615911][ T5001] REISERFS (device loop0): using ordered data mode [ 57.623575][ T5001] reiserfs: using flush barriers [ 57.630353][ T5001] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 57.647471][ T5001] REISERFS (device loop0): checking transaction log (loop0) [pid 5001] mount("/dev/loop0", "./file0", "reiserfs", MS_DIRSYNC, "") = 0 [pid 5001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5001] chdir("./file0") = 0 [pid 5001] ioctl(4, LOOP_CLR_FD) = 0 [pid 5001] close(4) = 0 [pid 5001] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] <... futex resumed>) = 0 [pid 5000] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] futex(0x7f8bcd8497ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5001] <... futex resumed>) = 1 [pid 5001] creat("./bus", 000) = 4 [pid 5001] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] <... futex resumed>) = 0 [pid 5000] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] futex(0x7f8bcd8497ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5001] <... futex resumed>) = 1 [pid 5001] ftruncate(4, 50331648) = 0 [pid 5001] futex(0x7f8bcd8497ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] <... futex resumed>) = 0 [pid 5000] futex(0x7f8bcd8497a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5001] <... futex resumed>) = 1 [pid 5000] <... futex resumed>) = 0 [pid 5000] futex(0x7f8bcd8497bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8bc572e000 [pid 5000] mprotect(0x7f8bc572f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5000] clone(child_stack=0x7f8bc574e2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5003 attached [pid 5003] set_robust_list(0x7f8bc574e9e0, 24 [pid 5000] <... clone resumed>, parent_tid=[5003], tls=0x7f8bc574e700, child_tidptr=0x7f8bc574e9d0) = 5003 [pid 5003] <... set_robust_list resumed>) = 0 [pid 5000] futex(0x7f8bcd8497b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] ftruncate(4, 0 [pid 5000] futex(0x7f8bcd8497bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 57.688178][ T5001] REISERFS (device loop0): Using r5 hash to sort names [ 57.695485][ T5001] REISERFS (device loop0): using 3.5.x disk format [ 57.702929][ T5001] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [pid 5001] mkdir("./file1", 000 [pid 5000] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 57.742175][ T5001] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 57.758153][ T5001] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 544. Fsck? [ 57.769469][ T5001] REISERFS (device loop0): Remounting filesystem read-only [ 57.776767][ T5001] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data [ 57.791073][ T5003] ------------[ cut here ]------------ [ 57.797466][ T5003] WARNING: CPU: 1 PID: 5003 at fs/reiserfs/journal.c:3393 journal_end+0x1fb/0x2c0 [ 57.806757][ T5003] Modules linked in: [ 57.810749][ T5003] CPU: 1 PID: 5003 Comm: syz-executor271 Not tainted 6.4.0-rc1-syzkaller-00021-gad2fd53a7870 #0 [ 57.821559][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 57.832322][ T5003] RIP: 0010:journal_end+0x1fb/0x2c0 [ 57.837564][ T5003] Code: 4b f7 b1 ff 48 b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 0f 85 a1 00 00 00 c7 45 00 00 00 00 00 eb 30 e8 95 26 5a ff <0f> 0b b8 fb ff ff ff eb 24 e8 87 26 5a ff 4c 89 f7 31 f6 48 83 c4 [ 57.857344][ T5003] RSP: 0018:ffffc90003b8fa38 EFLAGS: 00010293 [ 57.863474][ T5003] RAX: ffffffff823140ab RBX: 0000000000000000 RCX: ffff88801f49d940 [ 57.871523][ T5003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 57.879568][ T5003] RBP: ffffc90003b8faf4 R08: ffffffff82313fbe R09: 0000000000000000 [ 57.887641][ T5003] R10: ffffc90003b8fae8 R11: dffffc0000000001 R12: ffff88801f49eb90 [ 57.895777][ T5003] R13: 1ffff92000771f5e R14: ffffc90003b8fae0 R15: 1ffff11003e93d72 [ 57.903834][ T5003] FS: 00007f8bc574e700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 57.912854][ T5003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.919486][ T5003] CR2: 000055f997acf528 CR3: 000000002b77b000 CR4: 00000000003506e0 [ 57.927476][ T5003] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.935523][ T5003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [pid 5000] exit_group(0) = ? [ 57.943845][ T5003] Call Trace: [ 57.947145][ T5003] [ 57.950126][ T5003] reiserfs_truncate_file+0x4e5/0x820 [ 57.955700][ T5003] ? reiserfs_new_symlink+0x770/0x770 [ 57.961171][ T5003] ? unmap_mapping_range+0xf8/0x290 [ 57.966442][ T5003] ? truncate_setsize+0xcf/0xf0 [ 57.971366][ T5003] reiserfs_setattr+0xbc9/0x1140 [ 57.976449][ T5003] ? reiserfs_commit_write+0x5b0/0x5b0 [ 57.982003][ T5003] ? current_time+0x1e0/0x300 [ 57.986725][ T5003] ? atime_needs_update+0x6d0/0x6d0 [ 57.991980][ T5003] ? evm_inode_setattr+0x100/0x740 [ 57.997148][ T5003] ? bpf_lsm_inode_setattr+0x9/0x10 [ 58.002432][ T5003] ? security_inode_setattr+0xd7/0x130 [ 58.007930][ T5003] ? reiserfs_commit_write+0x5b0/0x5b0 [ 58.013480][ T5003] notify_change+0xc8b/0xf40 [ 58.018105][ T5003] do_truncate+0x220/0x300 [ 58.022613][ T5003] ? put_page_bootmem+0x2e0/0x2e0 [ 58.027669][ T5003] do_sys_ftruncate+0x2e4/0x380 [ 58.032607][ T5003] do_syscall_64+0x41/0xc0 [ 58.037063][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.043048][ T5003] RIP: 0033:0x7f8bcd7c3789 [ 58.047494][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.067224][ T5003] RSP: 002b:00007f8bc574e208 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 58.075730][ T5003] RAX: ffffffffffffffda RBX: 00007f8bcd8497b8 RCX: 00007f8bcd7c3789 [ 58.083772][ T5003] RDX: 00007f8bc574e700 RSI: 0000000000000000 RDI: 0000000000000004 [ 58.091807][ T5003] RBP: 00007f8bcd8497b0 R08: 00007f8bc574e700 R09: 0000000000000000 [ 58.099846][ T5003] R10: 00007f8bc574e700 R11: 0000000000000246 R12: 00007f8bcd8497bc [ 58.107834][ T5003] R13: 00007ffc9ab04a6f R14: 00007f8bc574e300 R15: 0000000000022000 [ 58.115958][ T5003] [ 58.118998][ T5003] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 58.126295][ T5003] CPU: 1 PID: 5003 Comm: syz-executor271 Not tainted 6.4.0-rc1-syzkaller-00021-gad2fd53a7870 #0 [ 58.136842][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 58.146911][ T5003] Call Trace: [ 58.150193][ T5003] [ 58.153122][ T5003] dump_stack_lvl+0x1e7/0x2d0 [ 58.157813][ T5003] ? nf_tcp_handle_invalid+0x650/0x650 [ 58.163281][ T5003] ? panic+0x770/0x770 [ 58.167358][ T5003] ? vscnprintf+0x5d/0x80 [ 58.171690][ T5003] panic+0x30f/0x770 [ 58.175584][ T5003] ? __warn+0x171/0x4a0 [ 58.179930][ T5003] ? __memcpy_flushcache+0x2b0/0x2b0 [ 58.185240][ T5003] __warn+0x314/0x4a0 [ 58.189289][ T5003] ? journal_end+0x1fb/0x2c0 [ 58.193914][ T5003] report_bug+0x2b3/0x500 [ 58.198273][ T5003] ? journal_end+0x1fb/0x2c0 [ 58.202934][ T5003] handle_bug+0x3d/0x70 [ 58.207103][ T5003] exc_invalid_op+0x1a/0x50 [ 58.211798][ T5003] asm_exc_invalid_op+0x1a/0x20 [ 58.216651][ T5003] RIP: 0010:journal_end+0x1fb/0x2c0 [ 58.221866][ T5003] Code: 4b f7 b1 ff 48 b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 0f 85 a1 00 00 00 c7 45 00 00 00 00 00 eb 30 e8 95 26 5a ff <0f> 0b b8 fb ff ff ff eb 24 e8 87 26 5a ff 4c 89 f7 31 f6 48 83 c4 [ 58.241491][ T5003] RSP: 0018:ffffc90003b8fa38 EFLAGS: 00010293 [ 58.247602][ T5003] RAX: ffffffff823140ab RBX: 0000000000000000 RCX: ffff88801f49d940 [ 58.255708][ T5003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 58.263871][ T5003] RBP: ffffc90003b8faf4 R08: ffffffff82313fbe R09: 0000000000000000 [ 58.271860][ T5003] R10: ffffc90003b8fae8 R11: dffffc0000000001 R12: ffff88801f49eb90 [ 58.279830][ T5003] R13: 1ffff92000771f5e R14: ffffc90003b8fae0 R15: 1ffff11003e93d72 [ 58.287913][ T5003] ? journal_end+0x10e/0x2c0 [ 58.292521][ T5003] ? journal_end+0x1fb/0x2c0 [ 58.297115][ T5003] ? journal_end+0x1fb/0x2c0 [ 58.301715][ T5003] reiserfs_truncate_file+0x4e5/0x820 [ 58.307193][ T5003] ? reiserfs_new_symlink+0x770/0x770 [ 58.312582][ T5003] ? unmap_mapping_range+0xf8/0x290 [ 58.317806][ T5003] ? truncate_setsize+0xcf/0xf0 [ 58.322656][ T5003] reiserfs_setattr+0xbc9/0x1140 [ 58.327600][ T5003] ? reiserfs_commit_write+0x5b0/0x5b0 [ 58.333060][ T5003] ? current_time+0x1e0/0x300 [ 58.337757][ T5003] ? atime_needs_update+0x6d0/0x6d0 [ 58.342967][ T5003] ? evm_inode_setattr+0x100/0x740 [ 58.348081][ T5003] ? bpf_lsm_inode_setattr+0x9/0x10 [ 58.353279][ T5003] ? security_inode_setattr+0xd7/0x130 [ 58.358757][ T5003] ? reiserfs_commit_write+0x5b0/0x5b0 [ 58.364275][ T5003] notify_change+0xc8b/0xf40 [ 58.368892][ T5003] do_truncate+0x220/0x300 [ 58.373313][ T5003] ? put_page_bootmem+0x2e0/0x2e0 [ 58.378389][ T5003] do_sys_ftruncate+0x2e4/0x380 [ 58.383267][ T5003] do_syscall_64+0x41/0xc0 [ 58.387725][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.393630][ T5003] RIP: 0033:0x7f8bcd7c3789 [ 58.398070][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.417787][ T5003] RSP: 002b:00007f8bc574e208 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 58.426222][ T5003] RAX: ffffffffffffffda RBX: 00007f8bcd8497b8 RCX: 00007f8bcd7c3789 [ 58.434295][ T5003] RDX: 00007f8bc574e700 RSI: 0000000000000000 RDI: 0000000000000004 [ 58.442267][ T5003] RBP: 00007f8bcd8497b0 R08: 00007f8bc574e700 R09: 0000000000000000 [ 58.450322][ T5003] R10: 00007f8bc574e700 R11: 0000000000000246 R12: 00007f8bcd8497bc [ 58.458316][ T5003] R13: 00007ffc9ab04a6f R14: 00007f8bc574e300 R15: 0000000000022000 [ 58.466470][ T5003] [ 58.469547][ T5003] Kernel Offset: disabled [ 58.474015][ T5003] Rebooting in 86400 seconds..