./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor612954523
<...>
Warning: Permanently added '10.128.0.89' (ED25519) to the list of known hosts.
execve("./syz-executor612954523", ["./syz-executor612954523"], 0x7ffe061aeb70 /* 10 vars */) = 0
brk(NULL) = 0x555555be2000
brk(0x555555be2d00) = 0x555555be2d00
arch_prctl(ARCH_SET_FS, 0x555555be2380) = 0
set_tid_address(0x555555be2650) = 5061
set_robust_list(0x555555be2660, 24) = 0
rseq(0x555555be2ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor612954523", 4096) = 27
getrandom("\x00\xd6\x6d\x61\x5a\x3b\x9b\x57", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555555be2d00
brk(0x555555c03d00) = 0x555555c03d00
brk(0x555555c04000) = 0x555555c04000
mprotect(0x7f2fe834e000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555be2650) = 5062
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached
<unfinished ...>
[pid 5062] set_robust_list(0x555555be2660, 24) = 0
./strace-static-x86_64: Process 5063 attached
[pid 5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid 5063] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5061] <... clone resumed>, child_tidptr=0x555555be2650) = 5063
[pid 5063] <... set_robust_list resumed>) = 0
[ 72.995225][ T27] audit: type=1400 audit(1701343206.939:83): avc: denied { execmem } for pid=5061 comm="syz-executor612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5063] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid 5062] <... openat resumed>) = 3
[pid 5062] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5064 attached
<unfinished ...>
[pid 5063] <... openat resumed>) = 3
[pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address)
[pid 5061] <... clone resumed>, child_tidptr=0x555555be2650) = 5064
[pid 5064] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5063] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5064] <... set_robust_list resumed>) = 0
[pid 5063] <... ioctl resumed>) = -1 ENXIO (No such device or address)
[pid 5062] close(3 <unfinished ...>
[pid 5064] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid 5062] <... close resumed>) = 0
[pid 5063] close(3) = 0
[ 73.040639][ T27] audit: type=1400 audit(1701343206.979:84): avc: denied { read write } for pid=5062 comm="syz-executor612" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 73.065000][ T27] audit: type=1400 audit(1701343206.989:85): avc: denied { open } for pid=5062 comm="syz-executor612" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached
<unfinished ...>
[pid 5064] <... openat resumed>) = 3
[pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5061] <... clone resumed>, child_tidptr=0x555555be2650) = 5065
[pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached
, child_tidptr=0x555555be2650) = 5067
[pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached
<unfinished ...>
[pid 5067] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5064] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid 5067] <... set_robust_list resumed>) = 0
[ 73.091227][ T27] audit: type=1400 audit(1701343206.999:86): avc: denied { ioctl } for pid=5062 comm="syz-executor612" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 5067] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5069 attached
./strace-static-x86_64: Process 5068 attached
<unfinished ...>
[pid 5065] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5066] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address)
[pid 5063] <... clone resumed>, child_tidptr=0x555555be2650) = 5066
[pid 5069] set_robust_list(0x555555be2660, 24) = 0
[pid 5067] <... openat resumed>) = 3
[pid 5061] <... clone resumed>, child_tidptr=0x555555be2650) = 5068
[pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5068] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5069] <... prctl resumed>) = 0
[pid 5068] <... set_robust_list resumed>) = 0
[pid 5068] openat(AT_FDCWD, "/dev/loop5", O_RDWR <unfinished ...>
[pid 5069] setpgid(0, 0 <unfinished ...>
[pid 5067] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid 5069] <... setpgid resumed>) = 0
[pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address)
[pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5068] <... openat resumed>) = 3
[pid 5069] <... openat resumed>) = 3
[pid 5067] close(3 <unfinished ...>
[pid 5065] <... set_robust_list resumed>) = 0
[pid 5066] <... set_robust_list resumed>) = 0
[pid 5064] close(3 <unfinished ...>
[pid 5062] <... clone resumed>, child_tidptr=0x555555be2650) = 5069
[pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[pid 5068] close(3) = 0
[pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5069] write(3, "1000", 4 <unfinished ...>
[pid 5067] <... close resumed>) = 0
[pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5064] <... close resumed>) = 0
[pid 5065] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5069] <... write resumed>) = 4
[pid 5068] <... clone resumed>, child_tidptr=0x555555be2650) = 5071
[pid 5069] close(3) = 0
./strace-static-x86_64: Process 5071 attached
[pid 5069] memfd_create("syzkaller", 0 <unfinished ...>
[pid 5071] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5069] <... memfd_create resumed>) = 3
[pid 5071] <... set_robust_list resumed>) = 0
[pid 5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5069] <... mmap resumed>) = 0x7f2fdfe9c000
[pid 5071] <... prctl resumed>) = 0
[pid 5071] setpgid(0, 0) = 0
[pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5067] <... clone resumed>, child_tidptr=0x555555be2650) = 5072
[pid 5071] <... openat resumed>) = 3
[pid 5071] write(3, "1000", 4) = 4
[pid 5071] close(3) = 0
[pid 5071] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5073 attached
./strace-static-x86_64: Process 5072 attached
<unfinished ...>
[pid 5065] <... openat resumed>) = 3
[pid 5066] <... prctl resumed>) = 0
[pid 5064] <... clone resumed>, child_tidptr=0x555555be2650) = 5073
[pid 5066] setpgid(0, 0 <unfinished ...>
[pid 5072] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5066] <... setpgid resumed>) = 0
[pid 5073] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5071] <... memfd_create resumed>) = 3
[pid 5073] <... set_robust_list resumed>) = 0
[pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5072] <... set_robust_list resumed>) = 0
[pid 5065] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5071] <... mmap resumed>) = 0x7f2fdfe9c000
[ 73.120174][ T27] audit: type=1400 audit(1701343207.039:87): avc: denied { append } for pid=4492 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 73.143531][ T27] audit: type=1400 audit(1701343207.039:88): avc: denied { open } for pid=4492 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 73.168415][ T27] audit: type=1400 audit(1701343207.039:89): avc: denied { getattr } for pid=4492 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[pid 5065] <... ioctl resumed>) = -1 ENXIO (No such device or address)
[pid 5066] <... openat resumed>) = 3
[pid 5073] <... prctl resumed>) = 0
[pid 5072] <... prctl resumed>) = 0
[pid 5073] setpgid(0, 0 <unfinished ...>
[pid 5072] setpgid(0, 0 <unfinished ...>
[pid 5065] close(3 <unfinished ...>
[pid 5066] write(3, "1000", 4 <unfinished ...>
[pid 5065] <... close resumed>) = 0
[pid 5066] <... write resumed>) = 4
[pid 5073] <... setpgid resumed>) = 0
[pid 5072] <... setpgid resumed>) = 0
[pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5066] close(3./strace-static-x86_64: Process 5075 attached
<unfinished ...>
[pid 5073] <... openat resumed>) = 3
[pid 5072] <... openat resumed>) = 3
[pid 5066] <... close resumed>) = 0
[pid 5073] write(3, "1000", 4 <unfinished ...>
[pid 5072] write(3, "1000", 4 <unfinished ...>
[pid 5065] <... clone resumed>, child_tidptr=0x555555be2650) = 5075
[pid 5066] memfd_create("syzkaller", 0 <unfinished ...>
[pid 5073] <... write resumed>) = 4
[pid 5072] <... write resumed>) = 4
[pid 5072] close(3) = 0
[pid 5073] close(3 <unfinished ...>
[pid 5075] set_robust_list(0x555555be2660, 24 <unfinished ...>
[pid 5073] <... close resumed>) = 0
[pid 5072] memfd_create("syzkaller", 0 <unfinished ...>
[pid 5066] <... memfd_create resumed>) = 3
[pid 5073] memfd_create("syzkaller", 0 <unfinished ...>
[pid 5072] <... memfd_create resumed>) = 3
[pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid 5073] <... memfd_create resumed>) = 3
[pid 5075] <... set_robust_list resumed>) = 0
[pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid 5069] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 <unfinished ...>
[pid 5066] <... mmap resumed>) = 0x7f2fdfe9c000
[pid 5073] <... mmap resumed>) = 0x7f2fdfe9c000
[pid 5072] <... mmap resumed>) = 0x7f2fdfe9c000
[pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 <unfinished ...>
[pid 5075] <... prctl resumed>) = 0
[pid 5075] setpgid(0, 0) = 0
[pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5075] write(3, "1000", 4) = 4
[pid 5075] close(3) = 0
[pid 5075] memfd_create("syzkaller", 0 <unfinished ...>
[pid 5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 <unfinished ...>
[pid 5075] <... memfd_create resumed>) = 3
[pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2fdfe9c000
[pid 5066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 <unfinished ...>
[pid 5072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 <unfinished ...>
[pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304 <unfinished ...>
[pid 5071] <... write resumed>) = 4194304
[pid 5069] <... write resumed>) = 4194304
[pid 5073] <... write resumed>) = 4194304
[pid 5069] munmap(0x7f2fdfe9c000, 138412032 <unfinished ...>
[pid 5071] munmap(0x7f2fdfe9c000, 138412032) = 0
[pid 5069] <... munmap resumed>) = 0
[pid 5069] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid 5073] munmap(0x7f2fdfe9c000, 138412032 <unfinished ...>
[pid 5071] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4
[pid 5071] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid 5069] <... openat resumed>) = 4
[pid 5073] <... munmap resumed>) = 0
[pid 5069] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid 5066] <... write resumed>) = 4194304
[pid 5073] <... openat resumed>) = 4
[pid 5069] <... ioctl resumed>) = 0
[pid 5073] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid 5069] close(3 <unfinished ...>
[pid 5066] munmap(0x7f2fdfe9c000, 138412032 <unfinished ...>
[pid 5073] <... ioctl resumed>) = 0
[pid 5071] <... ioctl resumed>) = 0
[pid 5069] <... close resumed>) = 0
[pid 5066] <... munmap resumed>) = 0
[pid 5069] mkdir("./file0", 0777 <unfinished ...>
[pid 5066] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid 5073] close(3 <unfinished ...>
[pid 5071] close(3 <unfinished ...>
[pid 5069] <... mkdir resumed>) = 0
[pid 5066] <... openat resumed>) = 4
[pid 5073] <... close resumed>) = 0
[pid 5066] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid 5073] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[pid 5073] mount("/dev/loop2", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "" <unfinished ...>
[pid 5071] <... close resumed>) = 0
[pid 5071] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 73.530254][ T5071] loop5: detected capacity change from 0 to 8192
[ 73.538817][ T5069] loop0: detected capacity change from 0 to 8192
[ 73.563041][ T5073] loop2: detected capacity change from 0 to 8192
[pid 5071] mount("/dev/loop5", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "" <unfinished ...>
[pid 5072] <... write resumed>) = 4194304
[pid 5069] mount("/dev/loop0", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "" <unfinished ...>
[pid 5072] munmap(0x7f2fdfe9c000, 138412032 <unfinished ...>
[pid 5075] <... write resumed>) = 4194304
[pid 5072] <... munmap resumed>) = 0
[pid 5075] munmap(0x7f2fdfe9c000, 138412032 <unfinished ...>
[pid 5066] <... ioctl resumed>) = 0
[pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4
[pid 5075] <... munmap resumed>) = 0
[pid 5072] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[ 73.597002][ T5066] loop1: detected capacity change from 0 to 8192
[ 73.610490][ T27] audit: type=1400 audit(1701343207.539:90): avc: denied { mounton } for pid=5073 comm="syz-executor612" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[pid 5075] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4
[pid 5066] close(3) = 0
[pid 5075] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid 5066] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 73.647685][ T5072] loop4: detected capacity change from 0 to 8192
[ 73.658009][ T5073] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 73.658012][ T5071] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 73.658093][ T5073] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[pid 5072] <... ioctl resumed>) = 0
[pid 5066] mount("/dev/loop1", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "" <unfinished ...>
[pid 5072] close(3) = 0
[pid 5072] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[pid 5072] mount("/dev/loop4", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "" <unfinished ...>
[pid 5075] <... ioctl resumed>) = 0
[pid 5075] close(3) = 0
[pid 5075] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 73.673058][ T5075] loop3: detected capacity change from 0 to 8192
[ 73.685508][ T5073] REISERFS (device loop2): using ordered data mode
[ 73.695976][ T5069] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 73.711133][ T5072] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 73.720026][ T5071] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[ 73.735955][ T5073] reiserfs: using flush barriers
[ 73.742286][ T5071] REISERFS (device loop5): using ordered data mode
[ 73.749876][ T5066] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 73.753190][ T5071] reiserfs: using flush barriers
[ 73.774308][ T5071] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 73.790553][ T5072] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[ 73.799801][ T5072] REISERFS (device loop4): using ordered data mode
[ 73.799922][ T5069] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 73.806374][ T5072] reiserfs: using flush barriers
[ 73.817422][ T5066] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[ 73.822071][ T5071] REISERFS (device loop5): checking transaction log (loop5)
[ 73.831274][ T5073] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 73.837175][ T5066] REISERFS (device loop1): using ordered data mode
[ 73.852980][ T5075] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 73.867149][ T5069] REISERFS (device loop0): using ordered data mode
[ 73.873875][ T5075] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[ 73.884562][ T5069] reiserfs: using flush barriers
[ 73.893712][ T5073] REISERFS (device loop2): checking transaction log (loop2)
[ 73.902633][ T5075] REISERFS (device loop3): using ordered data mode
[ 73.908691][ T5072] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 73.916970][ T5075] reiserfs: using flush barriers
[ 73.927914][ T5066] reiserfs: using flush barriers
[ 73.938127][ T5069] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 73.958030][ T5075] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 73.968089][ T5066] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 73.980646][ T5072] REISERFS (device loop4): checking transaction log (loop4)
[ 74.003465][ T5069] REISERFS (device loop0): checking transaction log (loop0)
[ 74.004399][ T5075] REISERFS (device loop3): checking transaction log (loop3)
[ 74.049354][ T5066] REISERFS (device loop1): checking transaction log (loop1)
[ 74.074210][ T5071] REISERFS (device loop5): Using r5 hash to sort names
[pid 5075] mount("/dev/loop3", "./file0", "reiserfs", MS_NOEXEC|MS_I_VERSION, "" <unfinished ...>
[pid 5071] <... mount resumed>) = 0
[ 74.116607][ T5071] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[pid 5071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5071] chdir("./file0") = 0
[pid 5071] ioctl(4, LOOP_CLR_FD) = 0
[pid 5071] close(4) = 0
[ 74.150964][ T27] audit: type=1400 audit(1701343208.089:91): avc: denied { mount } for pid=5071 comm="syz-executor612" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[pid 5071] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 5073] <... mount resumed>) = 0
[pid 5071] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0
[pid 5071] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[pid 5071] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid 5073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[ 74.207770][ T5073] REISERFS (device loop2): Using r5 hash to sort names
[ 74.220639][ T5073] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[ 74.236194][ T27] audit: type=1800 audit(1701343208.169:92): pid=5071 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor612" name="bus" dev="loop5" ino=4 res=0 errno=0
[pid 5073] chdir("./file0") = 0
[pid 5073] ioctl(4, LOOP_CLR_FD) = 0
[pid 5073] close(4) = 0
[pid 5073] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[ 74.280607][ T5066] REISERFS warning: reiserfs-5090 is_tree_node: node level 0 does not match to the expected one -1
[ 74.301187][ T5075] REISERFS (device loop3): Using r5 hash to sort names
[ 74.321176][ T5075] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[pid 5073] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid 5075] <... mount resumed>) = 0
[pid 5073] <... mount resumed>) = 0
[pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5073] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c <unfinished ...>
[pid 5075] chdir("./file0") = 0
[pid 5073] <... open resumed>) = 5
[pid 5075] ioctl(4, LOOP_CLR_FD) = 0
[pid 5073] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid 5075] close(4) = 0
[ 74.324493][ T5072] REISERFS (device loop4): Using r5 hash to sort names
[ 74.338750][ T5066] REISERFS error (device loop1): vs-5150 search_by_key: invalid format found in block 0. Fsck?
[ 74.362113][ T5069] REISERFS (device loop0): Using r5 hash to sort names
[ 74.369823][ T5069] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[pid 5075] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5069] <... mount resumed>) = 0
[pid 5075] <... open resumed>) = 4
[pid 5069] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5069] chdir("./file0") = 0
[pid 5069] ioctl(4, LOOP_CLR_FD) = 0
[pid 5069] close(4) = 0
[pid 5069] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000 <unfinished ...>
[pid 5075] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid 5069] <... open resumed>) = 4
[pid 5069] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid 5075] <... mount resumed>) = 0
[pid 5069] <... mount resumed>) = 0
[pid 5069] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[pid 5069] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[ 74.383155][ T5066] REISERFS (device loop1): Remounting filesystem read-only
[ 74.390734][ T5066] REISERFS error (device loop1): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD]
[ 74.400877][ T5072] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[ 74.405303][ T5066] REISERFS warning (device loop1): reiserfs_fill_super: corrupt root inode, run fsck
[pid 5075] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[ 74.440750][ T5066] ==================================================================
[ 74.448841][ T5066] BUG: KASAN: vmalloc-out-of-bounds in cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 74.457732][ T5066] Read of size 8 at addr ffffc90002056008 by task syz-executor612/5066
[ 74.465981][ T5066]
[ 74.468309][ T5066] CPU: 1 PID: 5066 Comm: syz-executor612 Not tainted 6.7.0-rc3-syzkaller-00033-g3b47bc037bd4 #0
[ 74.478727][ T5066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 74.488797][ T5066] Call Trace:
[ 74.492079][ T5066] <TASK>
[ 74.495005][ T5066] dump_stack_lvl+0xd9/0x1b0
[ 74.499609][ T5066] print_report+0xc4/0x620
[ 74.504042][ T5066] ? __virt_addr_valid+0x5e/0x2d0
[ 74.509069][ T5066] kasan_report+0xda/0x110
[ 74.513483][ T5066] ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 74.519389][ T5066] ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 74.525328][ T5066] cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 74.531055][ T5066] ? lockdep_hardirqs_on+0x7d/0x110
[ 74.536260][ T5066] free_journal_ram+0x15e/0x5c0
[ 74.541124][ T5066] ? do_raw_spin_unlock+0x173/0x230
[ 74.546332][ T5066] ? _raw_spin_unlock+0x28/0x40
[ 74.551179][ T5066] journal_release_error+0x76/0xa0
[ 74.556300][ T5066] reiserfs_fill_super+0xecc/0x3160
[ 74.561496][ T5066] ? reiserfs_remount+0x1640/0x1640
[ 74.566692][ T5066] ? up_write+0x510/0x510
[ 74.571034][ T5066] ? lock_sync+0x190/0x190
[ 74.575455][ T5066] ? reiserfs_remount+0x1640/0x1640
[ 74.580652][ T5066] mount_bdev+0x1f3/0x2e0
[ 74.584990][ T5066] ? sget+0x640/0x640
[ 74.588974][ T5066] ? selinux_sb_eat_lsm_opts+0x594/0x700
[ 74.594607][ T5066] ? cap_capable+0x1d8/0x240
[ 74.599201][ T5066] ? reiserfs_kill_sb+0x1e0/0x1e0
[ 74.604221][ T5066] legacy_get_tree+0x109/0x220
[ 74.608980][ T5066] vfs_get_tree+0x8c/0x370
[ 74.613398][ T5066] path_mount+0x1492/0x1ed0
[ 74.617931][ T5066] ? lockdep_hardirqs_on+0x7d/0x110
[ 74.623129][ T5066] ? finish_automount+0xa40/0xa40
[ 74.628155][ T5066] ? putname+0x12e/0x170
[ 74.632402][ T5066] __x64_sys_mount+0x293/0x310
[ 74.637170][ T5066] ? copy_mnt_ns+0xb60/0xb60
[ 74.641763][ T5066] ? syscall_trace_enter.constprop.0+0xaf/0x1e0
[ 74.648001][ T5066] do_syscall_64+0x40/0x110
[ 74.652511][ T5066] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 74.658408][ T5066] RIP: 0033:0x7f2fe82dbf5a
[ 74.662814][ T5066] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 74.682426][ T5066] RSP: 002b:00007fff4a0e9f68 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 74.690845][ T5066] RAX: ffffffffffffffda RBX: 00007fff4a0e9f80 RCX: 00007f2fe82dbf5a
[ 74.698893][ T5066] RDX: 0000000020001100 RSI: 0000000020001140 RDI: 00007fff4a0e9f80
[ 74.706860][ T5066] RBP: 0000000000000004 R08: 00007fff4a0e9fc0 R09: 00000000000010f8
[ 74.714824][ T5066] R10: 0000000000800008 R11: 0000000000000286 R12: 0000000000800008
[ 74.722786][ T5066] R13: 00007fff4a0e9fc0 R14: 0000000000000003 R15: 0000000000400000
[ 74.730756][ T5066] </TASK>
[ 74.733764][ T5066]
[ 74.736078][ T5066] The buggy address belongs to the virtual mapping at
[ 74.736078][ T5066] [ffffc90002056000, ffffc90002058000) created by:
[ 74.736078][ T5066] reiserfs_allocate_list_bitmaps+0x58/0x1c0
[ 74.755088][ T5066]
[ 74.757400][ T5066] The buggy address belongs to the physical page:
[ 74.763796][ T5066] page:ffffea0001cce140 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x73385
[ 74.773936][ T5066] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 74.781036][ T5066] page_type: 0xffffffff()
[ 74.785356][ T5066] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 74.793928][ T5066] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 74.802496][ T5066] page dumped because: kasan: bad access detected
[ 74.808892][ T5066] page_owner tracks the page as allocated
[ 74.814592][ T5066] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5066, tgid 5066 (syz-executor612), ts 73961432385, free_ts 22875533464
[ 74.834122][ T5066] post_alloc_hook+0x2d0/0x350
[ 74.838882][ T5066] get_page_from_freelist+0xa25/0x36d0
[ 74.844335][ T5066] __alloc_pages+0x22e/0x2420
[ 74.849005][ T5066] __alloc_pages_bulk+0x742/0x14f0
[ 74.854112][ T5066] alloc_pages_bulk_array_mempolicy+0x21e/0x400
[ 74.860368][ T5066] __vmalloc_node_range+0xd09/0x1540
[ 74.865658][ T5066] vzalloc+0x6b/0x80
[ 74.869562][ T5066] reiserfs_allocate_list_bitmaps+0x58/0x1c0
[ 74.875542][ T5066] journal_init+0x3e2/0x6990
[ 74.880129][ T5066] reiserfs_fill_super+0xcc6/0x3160
[ 74.885322][ T5066] mount_bdev+0x1f3/0x2e0
[ 74.889651][ T5066] legacy_get_tree+0x109/0x220
[ 74.894409][ T5066] vfs_get_tree+0x8c/0x370
[ 74.898824][ T5066] path_mount+0x1492/0x1ed0
[ 74.903327][ T5066] __x64_sys_mount+0x293/0x310
[ 74.908091][ T5066] do_syscall_64+0x40/0x110
[ 74.912595][ T5066] page last free stack trace:
[ 74.917260][ T5066] free_unref_page_prepare+0x4fa/0xaa0
[ 74.922720][ T5066] free_unref_page+0x33/0x3b0
[ 74.927391][ T5066] free_contig_range+0xb6/0x190
[ 74.932237][ T5066] destroy_args+0xa69/0xe40
[ 74.936736][ T5066] debug_vm_pgtable+0x16fe/0x3250
[ 74.941754][ T5066] do_one_initcall+0x11c/0x650
[ 74.946515][ T5066] kernel_init_freeable+0x687/0xc10
[ 74.951717][ T5066] kernel_init+0x1c/0x2a0
[ 74.956036][ T5066] ret_from_fork+0x45/0x80
[ 74.960449][ T5066] ret_from_fork_asm+0x11/0x20
[ 74.965210][ T5066]
[ 74.967519][ T5066] Memory state around the buggy address:
[ 74.973220][ T5066] ffffc90002055f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 74.981272][ T5066] ffffc90002055f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[pid 5075] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651 <unfinished ...>
[pid 5072] <... mount resumed>) = 0
[ 74.989325][ T5066] >ffffc90002056000: 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 74.997371][ T5066] ^
[ 75.001690][ T5066] ffffc90002056080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 75.009741][ T5066] ffffc90002056100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 75.017788][ T5066] ==================================================================
[pid 5072] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5072] chdir("./file0") = 0
[pid 5072] ioctl(4, LOOP_CLR_FD) = 0
[pid 5072] close(4) = 0
[pid 5072] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 4
[pid 5072] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0
[pid 5072] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[ 75.108530][ T5066] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 75.115758][ T5066] CPU: 1 PID: 5066 Comm: syz-executor612 Not tainted 6.7.0-rc3-syzkaller-00033-g3b47bc037bd4 #0
[ 75.126182][ T5066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 75.136246][ T5066] Call Trace:
[ 75.139537][ T5066] <TASK>
[ 75.142486][ T5066] dump_stack_lvl+0xd9/0x1b0
[ 75.147101][ T5066] panic+0x6dc/0x790
[ 75.151016][ T5066] ? panic_smp_self_stop+0xa0/0xa0
[ 75.156151][ T5066] ? irqentry_exit+0x3b/0x80
[ 75.160767][ T5066] ? lockdep_hardirqs_on+0x7d/0x110
[ 75.165982][ T5066] ? preempt_schedule_thunk+0x1a/0x30
[ 75.171378][ T5066] ? preempt_schedule_common+0x45/0xc0
[ 75.176856][ T5066] ? check_panic_on_warn+0x1f/0xb0
[ 75.181988][ T5066] check_panic_on_warn+0xab/0xb0
[ 75.186941][ T5066] end_report+0x108/0x150
[ 75.191267][ T5066] kasan_report+0xea/0x110
[ 75.195682][ T5066] ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 75.201573][ T5066] ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 75.207465][ T5066] cleanup_bitmap_list.part.0+0x4dd/0x5c0
[ 75.213270][ T5066] ? lockdep_hardirqs_on+0x7d/0x110
[ 75.218468][ T5066] free_journal_ram+0x15e/0x5c0
[ 75.223318][ T5066] ? do_raw_spin_unlock+0x173/0x230
[ 75.228530][ T5066] ? _raw_spin_unlock+0x28/0x40
[ 75.233370][ T5066] journal_release_error+0x76/0xa0
[ 75.238484][ T5066] reiserfs_fill_super+0xecc/0x3160
[ 75.243683][ T5066] ? reiserfs_remount+0x1640/0x1640
[ 75.248875][ T5066] ? up_write+0x510/0x510
[ 75.253199][ T5066] ? lock_sync+0x190/0x190
[ 75.257615][ T5066] ? reiserfs_remount+0x1640/0x1640
[ 75.262810][ T5066] mount_bdev+0x1f3/0x2e0
[ 75.267139][ T5066] ? sget+0x640/0x640
[ 75.271118][ T5066] ? selinux_sb_eat_lsm_opts+0x594/0x700
[ 75.276744][ T5066] ? cap_capable+0x1d8/0x240
[ 75.281333][ T5066] ? reiserfs_kill_sb+0x1e0/0x1e0
[ 75.286351][ T5066] legacy_get_tree+0x109/0x220
[ 75.291108][ T5066] vfs_get_tree+0x8c/0x370
[ 75.295524][ T5066] path_mount+0x1492/0x1ed0
[ 75.300026][ T5066] ? lockdep_hardirqs_on+0x7d/0x110
[ 75.305221][ T5066] ? finish_automount+0xa40/0xa40
[ 75.310243][ T5066] ? putname+0x12e/0x170
[ 75.314483][ T5066] __x64_sys_mount+0x293/0x310
[ 75.319244][ T5066] ? copy_mnt_ns+0xb60/0xb60
[ 75.323835][ T5066] ? syscall_trace_enter.constprop.0+0xaf/0x1e0
[ 75.330073][ T5066] do_syscall_64+0x40/0x110
[ 75.334571][ T5066] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 75.340466][ T5066] RIP: 0033:0x7f2fe82dbf5a
[ 75.344869][ T5066] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 75.364470][ T5066] RSP: 002b:00007fff4a0e9f68 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 75.372878][ T5066] RAX: ffffffffffffffda RBX: 00007fff4a0e9f80 RCX: 00007f2fe82dbf5a
[ 75.380842][ T5066] RDX: 0000000020001100 RSI: 0000000020001140 RDI: 00007fff4a0e9f80
[ 75.388810][ T5066] RBP: 0000000000000004 R08: 00007fff4a0e9fc0 R09: 00000000000010f8
[ 75.396783][ T5066] R10: 0000000000800008 R11: 0000000000000286 R12: 0000000000800008
[ 75.404755][ T5066] R13: 00007fff4a0e9fc0 R14: 0000000000000003 R15: 0000000000400000
[ 75.412726][ T5066] </TASK>
[ 75.415916][ T5066] Kernel Offset: disabled
[ 75.420229][ T5066] Rebooting in 86400 seconds..