[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.148' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 53.589891] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.605974] REISERFS (device loop0): using ordered data mode [ 53.612181] reiserfs: using flush barriers [ 53.618432] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 53.634378] REISERFS (device loop0): checking transaction log (loop0) [ 53.688643] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 53.705282] REISERFS (device loop0): Using rupasov hash to sort names [ 53.777445] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.786333] REISERFS (device loop0): using ordered data mode [ 53.793084] reiserfs: using flush barriers [ 53.799113] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 53.817864] REISERFS (device loop0): checking transaction log (loop0) [ 53.897284] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 53.913561] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 53.979493] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 53.988438] REISERFS (device loop0): using ordered data mode [ 53.995121] reiserfs: using flush barriers [ 54.000477] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 54.017015] REISERFS (device loop0): checking transaction log (loop0) [ 54.070714] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 54.086825] REISERFS (device loop0): Using rupasov hash to sort names [ 54.152380] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.161893] REISERFS (device loop0): using ordered data mode [ 54.168343] reiserfs: using flush barriers [ 54.174175] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 54.190361] REISERFS (device loop0): checking transaction log (loop0) [ 54.244885] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 54.260686] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 54.324925] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.333996] REISERFS (device loop0): using ordered data mode [ 54.339798] reiserfs: using flush barriers [ 54.346307] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 54.362939] REISERFS (device loop0): checking transaction log (loop0) [ 54.415871] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 54.432892] REISERFS (device loop0): Using rupasov hash to sort names [ 54.516160] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.525105] REISERFS (device loop0): using ordered data mode [ 54.531068] reiserfs: using flush barriers [ 54.537478] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 54.557247] REISERFS (device loop0): checking transaction log (loop0) [ 54.612311] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 54.628588] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 54.702077] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.711258] REISERFS (device loop0): using ordered data mode [ 54.717630] reiserfs: using flush barriers [ 54.726060] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 54.742315] REISERFS (device loop0): checking transaction log (loop0) [ 54.797065] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 54.813404] REISERFS (device loop0): Using rupasov hash to sort names [ 54.874047] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 54.883180] REISERFS (device loop0): using ordered data mode [ 54.889265] reiserfs: using flush barriers [ 54.894941] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 54.911672] REISERFS (device loop0): checking transaction log (loop0) [ 54.967096] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 54.983414] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 55.133512] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.142106] REISERFS (device loop0): using ordered data mode [ 55.148145] reiserfs: using flush barriers [ 55.153664] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 55.170212] REISERFS (device loop0): checking transaction log (loop0) [ 55.223618] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 55.238848] REISERFS (device loop0): Using rupasov hash to sort names [ 55.306463] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.320731] REISERFS (device loop0): using ordered data mode [ 55.327214] reiserfs: using flush barriers [ 55.332155] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 55.348829] REISERFS (device loop0): checking transaction log (loop0) [ 55.402257] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 55.418272] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 55.491467] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.500515] REISERFS (device loop0): using ordered data mode [ 55.508637] reiserfs: using flush barriers [ 55.515344] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 55.532589] REISERFS (device loop0): checking transaction log (loop0) [ 55.585949] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 55.602144] REISERFS (device loop0): Using rupasov hash to sort names [ 55.662462] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.672484] REISERFS (device loop0): using ordered data mode [ 55.678402] reiserfs: using flush barriers [ 55.685798] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 55.702410] REISERFS (device loop0): checking transaction log (loop0) [ 55.755383] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 55.771635] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 55.827469] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.836388] REISERFS (device loop0): using ordered data mode [ 55.843237] reiserfs: using flush barriers [ 55.848317] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 55.864859] REISERFS (device loop0): checking transaction log (loop0) [ 55.925438] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 55.942239] REISERFS (device loop0): Using rupasov hash to sort names [ 56.013094] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.024498] REISERFS (device loop0): using ordered data mode [ 56.030388] reiserfs: using flush barriers [ 56.037068] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 56.053315] REISERFS (device loop0): checking transaction log (loop0) [ 56.108565] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 56.124742] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 56.186210] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.195749] REISERFS (device loop0): using ordered data mode [ 56.201855] reiserfs: using flush barriers [ 56.207626] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 56.225268] REISERFS (device loop0): checking transaction log (loop0) [ 56.278827] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 56.295502] REISERFS (device loop0): Using rupasov hash to sort names [ 56.369351] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.380793] REISERFS (device loop0): using ordered data mode [ 56.387717] reiserfs: using flush barriers [ 56.393650] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 56.409915] REISERFS (device loop0): checking transaction log (loop0) [ 56.464017] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 56.481189] REISERFS (device loop0): Using rupasov hash to sort names executing program [ 56.560278] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.574505] REISERFS (device loop0): using ordered data mode [ 56.580497] reiserfs: using flush barriers [ 56.586767] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 56.603881] REISERFS (device loop0): checking transaction log (loop0) [ 56.657455] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 56.674673] REISERFS (device loop0): Using rupasov hash to sort names [ 56.792123] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 56.802161] REISERFS (device loop0): using ordered data mode [ 56.808288] reiserfs: using flush barriers [ 56.815644] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 0, max trans age 30 [ 56.833310] REISERFS (device loop0): checking transaction log (loop0) [ 56.887822] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 56.903859] REISERFS (device loop0): Using rupasov hash to sort names [ 56.910652] ------------[ cut here ]------------ [ 56.915476] kernel BUG at fs/reiserfs/journal.c:3657! [ 56.921773] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 56.927235] CPU: 1 PID: 8246 Comm: syz-executor930 Not tainted 4.19.199-syzkaller #0 [ 56.935222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.944673] RIP: 0010:do_journal_end+0x3601/0x4840 [ 56.949940] Code: 55 0e ff ff e9 9a f9 ff ff e8 5b 72 8b ff 0f 0b e8 54 72 8b ff 0f 0b e8 4d 72 8b ff 0f 0b e8 46 72 8b ff 0f 0b e8 3f 72 8b ff <0f> 0b e8 38 72 8b ff 0f 0b e8 31 72 8b ff 48 8b 44 24 08 48 8b 54 [ 56.968998] RSP: 0018:ffff88809e29f998 EFLAGS: 00010293 [ 56.974435] RAX: ffff8880aa372640 RBX: ffffc9000600a000 RCX: ffffffff81d6e003 [ 56.981869] RDX: 0000000000000000 RSI: ffffffff81d70fe1 RDI: 0000000000000007 [ 56.989568] RBP: ffff8880aa6841c0 R08: 0000000000000001 R09: 0000000000000000 [ 56.997322] R10: 0000000000000007 R11: 0000000000000000 R12: 0000000000000000 [ 57.004766] R13: ffffc9000600a058 R14: ffff88809e29fbc8 R15: 0000000000000000 [ 57.012115] FS: 00007f2b73dbd700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 57.020339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.026205] CR2: 00007ffa51f96000 CR3: 00000000abb0e000 CR4: 00000000001406e0 [ 57.033465] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.041046] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.048321] Call Trace: [ 57.051066] ? reiserfs_info.cold+0x1d/0x7c [ 57.055485] ? wake_up_var+0x110/0x110 [ 57.059385] journal_end+0x277/0x310 [ 57.063102] reiserfs_fill_super+0x2002/0x2cf0 [ 57.067789] ? reiserfs_remount+0x1540/0x1540 [ 57.072295] ? lock_downgrade+0x720/0x720 [ 57.076719] ? snprintf+0xbb/0xf0 [ 57.080173] ? wait_for_completion_io+0x10/0x10 [ 57.084937] mount_bdev+0x2fc/0x3b0 [ 57.088834] ? reiserfs_remount+0x1540/0x1540 [ 57.093562] mount_fs+0xa3/0x310 [ 57.096947] vfs_kern_mount.part.0+0x68/0x470 [ 57.101756] do_mount+0x113c/0x2f10 [ 57.105471] ? cmp_ex_sort+0xc0/0xc0 [ 57.109191] ? __do_page_fault+0x180/0xd60 [ 57.113420] ? copy_mount_string+0x40/0x40 [ 57.117672] ? copy_mount_options+0x1cd/0x380 [ 57.122156] ? memset+0x20/0x40 [ 57.125548] ? copy_mount_options+0x26f/0x380 [ 57.130028] ksys_mount+0xcf/0x130 [ 57.133558] __x64_sys_mount+0xba/0x150 [ 57.137614] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 57.142311] do_syscall_64+0xf9/0x620 [ 57.146198] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.151388] RIP: 0033:0x44b7da [ 57.154724] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.174477] RSP: 002b:00007f2b73dbd168 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 57.182678] RAX: ffffffffffffffda RBX: 00007f2b73dbd1c0 RCX: 000000000044b7da [ 57.190564] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f2b73dbd180 [ 57.197929] RBP: 0000000000000005 R08: 00007f2b73dbd1c0 R09: 00007f2b73dbd6b8 [ 57.205467] R10: 0000000000000000 R11: 0000000000000286 R12: 00007f2b73dbd180 [ 57.212811] R13: 0000000020000278 R14: 0000000000000005 R15: 0000000000000006 [ 57.220067] Modules linked in: [ 57.223318] ---[ end trace d12ab05f50b4338b ]--- [ 57.228089] RIP: 0010:do_journal_end+0x3601/0x4840 [ 57.233158] Code: 55 0e ff ff e9 9a f9 ff ff e8 5b 72 8b ff 0f 0b e8 54 72 8b ff 0f 0b e8 4d 72 8b ff 0f 0b e8 46 72 8b ff 0f 0b e8 3f 72 8b ff <0f> 0b e8 38 72 8b ff 0f 0b e8 31 72 8b ff 48 8b 44 24 08 48 8b 54 [ 57.252459] RSP: 0018:ffff88809e29f998 EFLAGS: 00010293 [ 57.258700] RAX: ffff8880aa372640 RBX: ffffc9000600a000 RCX: ffffffff81d6e003 [ 57.266231] RDX: 0000000000000000 RSI: ffffffff81d70fe1 RDI: 0000000000000007 [ 57.273594] RBP: ffff8880aa6841c0 R08: 0000000000000001 R09: 0000000000000000 [ 57.280952] R10: 0000000000000007 R11: 0000000000000000 R12: 0000000000000000 [ 57.288255] R13: ffffc9000600a058 R14: ffff88809e29fbc8 R15: 0000000000000000 [ 57.295913] FS: 00007f2b73dbd700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 57.304728] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.310616] CR2: 00007ffa51f96000 CR3: 00000000abb0e000 CR4: 00000000001406e0 [ 57.317938] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.325349] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.332805] Kernel panic - not syncing: Fatal exception [ 57.339906] Kernel Offset: disabled [ 57.343530] Rebooting in 86400 seconds..