[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.44' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 34.792040] audit: type=1400 audit(1600739923.588:8): avc: denied { execmem } for pid=6359 comm="syz-executor238" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 34.821668] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 34.830833] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 34.840007] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 34.847322] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 34.852948] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 34.857362] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 34.865998] REISERFS (device loop5): using ordered data mode [ 34.880264] REISERFS (device loop1): using ordered data mode [ 34.880269] reiserfs: using flush barriers [ 34.881072] REISERFS (device loop3): using ordered data mode [ 34.896946] REISERFS (device loop1): journal params: device loop1, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 34.899356] REISERFS (device loop0): using ordered data mode [ 34.913385] REISERFS (device loop4): using ordered data mode [ 34.924669] reiserfs: using flush barriers [ 34.924797] REISERFS (device loop2): using ordered data mode [ 34.929200] reiserfs: using flush barriers [ 34.944565] REISERFS (device loop5): journal params: device loop5, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 34.952252] reiserfs: using flush barriers [ 34.963170] REISERFS (device loop1): checking transaction log (loop1) [ 34.968503] reiserfs: using flush barriers [ 34.972204] reiserfs: using flush barriers [ 34.981999] REISERFS (device loop3): journal params: device loop3, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 34.991300] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.024066] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.027241] REISERFS (device loop4): journal params: device loop4, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.059099] REISERFS (device loop5): checking transaction log (loop5) [ 35.076758] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.090753] REISERFS (device loop0): checking transaction log (loop0) [ 35.094827] REISERFS (device loop3): checking transaction log (loop3) [ 35.105620] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.121108] REISERFS (device loop1): Using rupasov hash to sort names [ 35.125891] REISERFS (device loop2): checking transaction log (loop2) [ 35.131358] REISERFS (device loop4): checking transaction log (loop4) executing program [ 35.141633] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.159750] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.177135] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.193543] REISERFS (device loop5): Using rupasov hash to sort names [ 35.202480] REISERFS (device loop0): Using rupasov hash to sort names [ 35.204778] REISERFS (device loop3): Using rupasov hash to sort names [ 35.216951] REISERFS (device loop4): Using rupasov hash to sort names [ 35.225371] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program [ 35.244989] REISERFS (device loop2): Using rupasov hash to sort names executing program [ 35.295078] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 35.307347] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 35.322314] REISERFS (device loop1): using ordered data mode [ 35.328673] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal executing program [ 35.342439] reiserfs: using flush barriers [ 35.351277] REISERFS (device loop4): using ordered data mode [ 35.357552] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 35.359341] REISERFS (device loop1): journal params: device loop1, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.371252] REISERFS (device loop3): using ordered data mode executing program [ 35.392186] REISERFS (device loop5): using ordered data mode [ 35.397990] reiserfs: using flush barriers [ 35.399564] REISERFS (device loop1): checking transaction log (loop1) [ 35.403901] reiserfs: using flush barriers [ 35.414529] reiserfs: using flush barriers [ 35.414941] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.440524] REISERFS (device loop4): journal params: device loop4, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.447690] REISERFS (device loop1): Using rupasov hash to sort names [ 35.457621] REISERFS (device loop5): journal params: device loop5, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.464104] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 35.482273] REISERFS (device loop3): journal params: device loop3, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.491309] REISERFS (device loop0): using ordered data mode [ 35.509080] reiserfs: using flush barriers [ 35.513501] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 35.514991] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.533361] REISERFS (device loop2): using ordered data mode [ 35.548280] REISERFS (device loop0): checking transaction log (loop0) [ 35.554661] REISERFS (device loop4): checking transaction log (loop4) [ 35.563702] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.572211] REISERFS (device loop5): checking transaction log (loop5) [ 35.579614] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 35.589856] reiserfs: using flush barriers [ 35.596054] REISERFS (device loop1): using ordered data mode [ 35.600889] REISERFS (device loop3): checking transaction log (loop3) [ 35.605278] REISERFS (device loop0): Using rupasov hash to sort names [ 35.618473] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.618761] reiserfs: using flush barriers [ 35.642194] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.643835] REISERFS (device loop1): journal params: device loop1, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 35.673440] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.679344] REISERFS (device loop1): checking transaction log (loop1) [ 35.695778] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.711811] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.712292] REISERFS (device loop4): Using rupasov hash to sort names [ 35.731876] REISERFS (device loop2): checking transaction log (loop2) [ 35.747182] REISERFS (device loop1): Using rupasov hash to sort names [ 35.754903] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 35.772159] ------------[ cut here ]------------ [ 35.777483] kernel BUG at fs/reiserfs/journal.c:3640! [ 35.785553] REISERFS (device loop2): Using rupasov hash to sort names [ 35.788767] REISERFS (device loop5): Using rupasov hash to sort names [ 35.793268] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 35.804116] Modules linked in: [ 35.807320] CPU: 1 PID: 6406 Comm: syz-executor238 Not tainted 4.14.198-syzkaller #0 [ 35.815203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.824581] task: ffff8880957e03c0 task.stack: ffff8880968a0000 [ 35.827829] REISERFS (device loop3): Using rupasov hash to sort names [ 35.830634] RIP: 0010:do_journal_end+0x3081/0x41d0 [ 35.830638] RSP: 0018:ffff8880968a79f8 EFLAGS: 00010297 [ 35.830644] RAX: ffff8880957e03c0 RBX: ffffc9000741f000 RCX: 0000000000000000 [ 35.830648] RDX: 0000000000000000 RSI: ffff8880968a7c30 RDI: ffff8880968a7c3c [ 35.830651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000040576 [ 35.830659] R10: ffff8880957e0c98 R11: ffff8880957e03c0 R12: ffffc9000741f058 [ 35.876525] R13: ffffc9000741f048 R14: ffff8880968a7c38 R15: ffff8880973b27c0 [ 35.883783] FS: 00007f1a1ce31700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 35.892012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.898692] CR2: 00007f4e9fb59000 CR3: 000000009729f000 CR4: 00000000001406e0 [ 35.906822] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 35.914201] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 35.921456] Call Trace: [ 35.924064] ? do_journal_end+0x41d0/0x41d0 [ 35.928373] ? reiserfs_info.cold+0x1d/0x67 [ 35.932709] ? __reiserfs_warning+0xb0/0xb0 [ 35.937019] ? __wake_up_bit+0xd0/0xd0 [ 35.940910] journal_end+0x259/0x300 [ 35.944629] reiserfs_fill_super+0x1ab8/0x28b6 [ 35.949212] ? reiserfs_remount+0x1390/0x1390 [ 35.955261] ? lock_downgrade+0x740/0x740 [ 35.959397] ? snprintf+0xa5/0xd0 [ 35.962844] mount_bdev+0x2b3/0x360 [ 35.966459] ? reiserfs_remount+0x1390/0x1390 [ 35.970940] mount_fs+0x92/0x2a0 [ 35.974307] vfs_kern_mount.part.0+0x5b/0x470 [ 35.978807] do_mount+0xe53/0x2a00 [ 35.982354] ? do_raw_spin_unlock+0x164/0x220 [ 35.986925] ? copy_mount_string+0x40/0x40 [ 35.991157] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 35.996163] ? copy_mnt_ns+0xa30/0xa30 [ 36.000060] ? copy_mount_options+0x1fa/0x2f0 [ 36.004545] ? copy_mnt_ns+0xa30/0xa30 [ 36.008422] SyS_mount+0xa8/0x120 [ 36.011869] ? copy_mnt_ns+0xa30/0xa30 [ 36.015749] do_syscall_64+0x1d5/0x640 [ 36.019650] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 36.024878] RIP: 0033:0x44d51a [ 36.029108] RSP: 002b:00007f1a1ce30bf8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5 [ 36.036925] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000044d51a [ 36.044194] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1a1ce30c10 [ 36.052609] RBP: 00007f1a1ce30c10 R08: 00007f1a1ce30c50 R09: 0000000000000000 [ 36.060059] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000005 [ 36.067422] R13: 00007f1a1ce30c50 R14: 00007f1a1ce316d0 R15: 0000000000000003 [ 36.074702] Code: e8 45 23 ff ff e9 11 fa ff ff e8 5b 88 a1 ff 0f 0b e8 54 88 a1 ff 0f 0b e8 4d 88 a1 ff 0f 0b e8 46 88 a1 ff 0f 0b e8 3f 88 a1 ff <0f> 0b e8 38 88 a1 ff 48 8d bb d0 01 00 00 48 b8 00 00 00 00 00 [ 36.093870] RIP: do_journal_end+0x3081/0x41d0 RSP: ffff8880968a79f8 executing program [ 36.100875] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 36.122685] ---[ end trace b0bc5f077f8202bf ]--- [ 36.128249] REISERFS (device loop0): using ordered data mode [ 36.132652] Kernel panic - not syncing: Fatal exception [ 36.140702] Kernel Offset: disabled [ 36.144313] Rebooting in 86400 seconds..