./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1556109507
<...>
DUID 00:04:d6:b0:09:ff:72:32:c6:5d:c0:56:b1:2d:70:06:fa:56
forked to background, child pid 3184
[ 27.361301][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0
[ 27.373709][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.10.22' (ECDSA) to the list of known hosts.
execve("./syz-executor1556109507", ["./syz-executor1556109507"], 0x7fff3d922160 /* 10 vars */) = 0
brk(NULL) = 0x555555798000
brk(0x555555798c40) = 0x555555798c40
arch_prctl(ARCH_SET_FS, 0x555555798300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1556109507", 4096) = 28
brk(0x5555557b9c40) = 0x5555557b9c40
brk(0x5555557ba000) = 0x5555557ba000
mprotect(0x7f65b6557000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557985d0) = 3606
./strace-static-x86_64: Process 3606 attached
[pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3606] setpgid(0, 0) = 0
[pid 3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3606] write(3, "1000", 4) = 4
[pid 3606] close(3) = 0
[pid 3606] memfd_create("syzkaller", 0) = 3
[pid 3606] ftruncate(3, 129171264) = 0
[pid 3606] pwrite64(3, "\x00\x40\x00\x00\x68\x02\x00\x00\x97\x3d\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03\x00\x00\x1e\x00\x00\x00\x00\x00\x27\xd0\x00\x10\xcc\x03\x02\x00\x01\x00\x52\x65\x49\x73\x45\x72\x33\x46\x73\x00\x00\x00\x03\x00\x00\x00\x02", 69, 8192) = 69
[pid 3606] pwrite64(3, "\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\xed\x15\x00\x00\x00\x00\x1e\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03", 34, 64577536) = 34
[pid 3606] pwrite64(3, "\x01\x00\x02\x00\x5c\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x2c\x00\xd4\x0f\x01\x00\x01\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\xf4\x01\x00\x00\x02\x00\x30\x00\xa4\x0f", 70, 64581632) = 70
[pid 3606] pwrite64(3, "\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x28\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x04\x00\x2e\x2e\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x00\x00\x00\x00\xed\x41\x00\x00\x03\x44\x4e\x3e\x03", 61, 64585632) = 61
[pid 3606] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3606] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3606] mkdir("./file0", 0777) = 0
syzkaller login: [ 49.970296][ T3606] loop0: detected capacity change from 0 to 252287
[ 49.982699][ T3606] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 49.995905][ T3606] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 50.005613][ T3606] REISERFS (device loop0): using ordered data mode
[ 50.013239][ T3606] reiserfs: using flush barriers
[ 50.020162][ T3606] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[ 50.042489][ T3606] REISERFS (device loop0): checking transaction log (loop0)
[ 50.051886][ T3606] REISERFS (device loop0): Using r5 hash to sort names
[ 50.059364][ T3606] REISERFS (device loop0): using 3.5.x disk format
[pid 3606] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = -1 EOPNOTSUPP (Operation not supported)
[ 50.066676][ T3606] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[pid 3606] ioctl(4, LOOP_CLR_FD) = 0
[pid 3606] close(4) = 0
[pid 3606] close(3) = 0
[pid 3606] exit_group(0) = ?
[pid 3606] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3606, si_uid=0, si_status=0, si_utime=0, si_stime=12} ---
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557985d0) = 3609
./strace-static-x86_64: Process 3609 attached
[pid 3609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3609] setpgid(0, 0) = 0
[pid 3609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3609] write(3, "1000", 4) = 4
[pid 3609] close(3) = 0
[pid 3609] memfd_create("syzkaller", 0) = 3
[pid 3609] ftruncate(3, 129171264) = 0
[pid 3609] pwrite64(3, "\x00\x40\x00\x00\x68\x02\x00\x00\x97\x3d\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03\x00\x00\x1e\x00\x00\x00\x00\x00\x27\xd0\x00\x10\xcc\x03\x02\x00\x01\x00\x52\x65\x49\x73\x45\x72\x33\x46\x73\x00\x00\x00\x03\x00\x00\x00\x02", 69, 8192) = 69
[pid 3609] pwrite64(3, "\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\xed\x15\x00\x00\x00\x00\x1e\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03", 34, 64577536) = 34
[pid 3609] pwrite64(3, "\x01\x00\x02\x00\x5c\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x2c\x00\xd4\x0f\x01\x00\x01\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\xf4\x01\x00\x00\x02\x00\x30\x00\xa4\x0f", 70, 64581632) = 70
[pid 3609] pwrite64(3, "\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x28\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x04\x00\x2e\x2e\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x00\x00\x00\x00\xed\x41\x00\x00\x03\x44\x4e\x3e\x03", 61, 64585632) = 61
[pid 3609] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3609] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3609] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 50.162870][ T3609] loop0: detected capacity change from 0 to 252287
[ 50.174074][ T3609] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 50.187943][ T3609] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 50.197971][ T3609] REISERFS (device loop0): using ordered data mode
[ 50.204727][ T3609] reiserfs: using flush barriers
[ 50.211271][ T3609] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[ 50.233260][ T3609] REISERFS (device loop0): checking transaction log (loop0)
[ 50.242571][ T3609] REISERFS (device loop0): Using r5 hash to sort names
[ 50.249711][ T3609] REISERFS (device loop0): using 3.5.x disk format
[pid 3609] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = -1 EOPNOTSUPP (Operation not supported)
[ 50.256457][ T3609] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[pid 3609] ioctl(4, LOOP_CLR_FD) = 0
[pid 3609] close(4) = 0
[pid 3609] close(3) = 0
[pid 3609] exit_group(0) = ?
[pid 3609] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3609, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557985d0) = 3611
./strace-static-x86_64: Process 3611 attached
[pid 3611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3611] setpgid(0, 0) = 0
[pid 3611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3611] write(3, "1000", 4) = 4
[pid 3611] close(3) = 0
[pid 3611] memfd_create("syzkaller", 0) = 3
[pid 3611] ftruncate(3, 129171264) = 0
[pid 3611] pwrite64(3, "\x00\x40\x00\x00\x68\x02\x00\x00\x97\x3d\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03\x00\x00\x1e\x00\x00\x00\x00\x00\x27\xd0\x00\x10\xcc\x03\x02\x00\x01\x00\x52\x65\x49\x73\x45\x72\x33\x46\x73\x00\x00\x00\x03\x00\x00\x00\x02", 69, 8192) = 69
[pid 3611] pwrite64(3, "\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\xed\x15\x00\x00\x00\x00\x1e\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03", 34, 64577536) = 34
[pid 3611] pwrite64(3, "\x01\x00\x02\x00\x5c\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x2c\x00\xd4\x0f\x01\x00\x01\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\xf4\x01\x00\x00\x02\x00\x30\x00\xa4\x0f", 70, 64581632) = 70
[pid 3611] pwrite64(3, "\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x28\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x04\x00\x2e\x2e\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x00\x00\x00\x00\xed\x41\x00\x00\x03\x44\x4e\x3e\x03", 61, 64585632) = 61
[pid 3611] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3611] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3611] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 50.367763][ T3611] loop0: detected capacity change from 0 to 252287
[ 50.378278][ T3611] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 50.391684][ T3611] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 50.401125][ T3611] REISERFS (device loop0): using ordered data mode
[ 50.407638][ T3611] reiserfs: using flush barriers
[ 50.414034][ T3611] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[ 50.436917][ T3611] REISERFS (device loop0): checking transaction log (loop0)
[ 50.445275][ T3611] REISERFS (device loop0): Using r5 hash to sort names
[ 50.452460][ T3611] REISERFS (device loop0): using 3.5.x disk format
[pid 3611] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = -1 EOPNOTSUPP (Operation not supported)
[ 50.459481][ T3611] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[pid 3611] ioctl(4, LOOP_CLR_FD) = 0
[pid 3611] close(4) = 0
[pid 3611] close(3) = 0
[pid 3611] exit_group(0) = ?
[pid 3611] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3611, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557985d0) = 3613
./strace-static-x86_64: Process 3613 attached
[pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3613] setpgid(0, 0) = 0
[pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3613] write(3, "1000", 4) = 4
[pid 3613] close(3) = 0
[pid 3613] memfd_create("syzkaller", 0) = 3
[pid 3613] ftruncate(3, 129171264) = 0
[pid 3613] pwrite64(3, "\x00\x40\x00\x00\x68\x02\x00\x00\x97\x3d\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03\x00\x00\x1e\x00\x00\x00\x00\x00\x27\xd0\x00\x10\xcc\x03\x02\x00\x01\x00\x52\x65\x49\x73\x45\x72\x33\x46\x73\x00\x00\x00\x03\x00\x00\x00\x02", 69, 8192) = 69
[pid 3613] pwrite64(3, "\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\xed\x15\x00\x00\x00\x00\x1e\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03", 34, 64577536) = 34
[pid 3613] pwrite64(3, "\x01\x00\x02\x00\x5c\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x2c\x00\xd4\x0f\x01\x00\x01\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\xf4\x01\x00\x00\x02\x00\x30\x00\xa4\x0f", 70, 64581632) = 70
[pid 3613] pwrite64(3, "\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x28\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x04\x00\x2e\x2e\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x00\x00\x00\x00\xed\x41\x00\x00\x03\x44\x4e\x3e\x03", 61, 64585632) = 61
[pid 3613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3613] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3613] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 50.556501][ T3613] loop0: detected capacity change from 0 to 252287
[ 50.565939][ T3613] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 50.579331][ T3613] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 50.589395][ T3613] REISERFS (device loop0): using ordered data mode
[ 50.596006][ T3613] reiserfs: using flush barriers
[ 50.601974][ T3613] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[ 50.624143][ T3613] REISERFS (device loop0): checking transaction log (loop0)
[ 50.632376][ T3613] REISERFS (device loop0): Using r5 hash to sort names
[ 50.639649][ T3613] REISERFS (device loop0): using 3.5.x disk format
[pid 3613] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = -1 EOPNOTSUPP (Operation not supported)
[ 50.646645][ T3613] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[pid 3613] ioctl(4, LOOP_CLR_FD) = 0
[pid 3613] close(4) = 0
[pid 3613] close(3) = 0
[pid 3613] exit_group(0) = ?
[pid 3613] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3613, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557985d0) = 3615
./strace-static-x86_64: Process 3615 attached
[pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3615] setpgid(0, 0) = 0
[pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3615] write(3, "1000", 4) = 4
[pid 3615] close(3) = 0
[pid 3615] memfd_create("syzkaller", 0) = 3
[pid 3615] ftruncate(3, 129171264) = 0
[pid 3615] pwrite64(3, "\x00\x40\x00\x00\x68\x02\x00\x00\x97\x3d\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03\x00\x00\x1e\x00\x00\x00\x00\x00\x27\xd0\x00\x10\xcc\x03\x02\x00\x01\x00\x52\x65\x49\x73\x45\x72\x33\x46\x73\x00\x00\x00\x03\x00\x00\x00\x02", 69, 8192) = 69
[pid 3615] pwrite64(3, "\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\xed\x15\x00\x00\x00\x00\x1e\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03", 34, 64577536) = 34
[pid 3615] pwrite64(3, "\x01\x00\x02\x00\x5c\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x2c\x00\xd4\x0f\x01\x00\x01\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\xf4\x01\x00\x00\x02\x00\x30\x00\xa4\x0f", 70, 64581632) = 70
[pid 3615] pwrite64(3, "\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x28\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x04\x00\x2e\x2e\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x00\x00\x00\x00\xed\x41\x00\x00\x03\x44\x4e\x3e\x03", 61, 64585632) = 61
[pid 3615] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3615] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3615] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 50.729210][ T3615] loop0: detected capacity change from 0 to 252287
[ 50.738287][ T3615] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 50.752502][ T3615] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 50.762639][ T3615] REISERFS (device loop0): using ordered data mode
[ 50.769853][ T3615] reiserfs: using flush barriers
[ 50.776907][ T3615] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[ 50.799503][ T3615] REISERFS (device loop0): checking transaction log (loop0)
[ 50.807931][ T3615] REISERFS (device loop0): Using r5 hash to sort names
[ 50.814967][ T3615] REISERFS (device loop0): using 3.5.x disk format
[pid 3615] mount("/dev/loop0", "./file0", "reiserfs", 0, "") = -1 EOPNOTSUPP (Operation not supported)
[pid 3615] ioctl(4, LOOP_CLR_FD) = 0
[pid 3615] close(4) = 0
[ 50.822392][ T3615] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[pid 3615] close(3) = 0
[pid 3615] exit_group(0) = ?
[pid 3615] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3615, si_uid=0, si_status=0, si_utime=0, si_stime=11} ---
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557985d0) = 3617
./strace-static-x86_64: Process 3617 attached
[pid 3617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3617] setpgid(0, 0) = 0
[pid 3617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3617] write(3, "1000", 4) = 4
[pid 3617] close(3) = 0
[pid 3617] memfd_create("syzkaller", 0) = 3
[pid 3617] ftruncate(3, 129171264) = 0
[pid 3617] pwrite64(3, "\x00\x40\x00\x00\x68\x02\x00\x00\x97\x3d\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03\x00\x00\x1e\x00\x00\x00\x00\x00\x27\xd0\x00\x10\xcc\x03\x02\x00\x01\x00\x52\x65\x49\x73\x45\x72\x33\x46\x73\x00\x00\x00\x03\x00\x00\x00\x02", 69, 8192) = 69
[pid 3617] pwrite64(3, "\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\xed\x15\x00\x00\x00\x00\x1e\x00\x00\x84\x3d\x00\x00\x00\x04\x00\x00\x73\x56\x4d\x38\x84\x03", 34, 64577536) = 34
[pid 3617] pwrite64(3, "\x01\x00\x02\x00\x5c\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x2c\x00\xd4\x0f\x01\x00\x01\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\xf4\x01\x00\x00\x02\x00\x30\x00\xa4\x0f", 70, 64581632) = 70
[pid 3617] pwrite64(3, "\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\x28\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x20\x00\x04\x00\x2e\x2e\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x00\x00\x00\x00\xed\x41\x00\x00\x03\x44\x4e\x3e\x03", 61, 64585632) = 61
[pid 3617] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3617] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3617] mkdir("./file0", 0777) = -1 EEXIST (File exists)
[ 50.915995][ T3617] loop0: detected capacity change from 0 to 252287
[ 50.925224][ T3617] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 50.938918][ T3617] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 50.949520][ T3617] REISERFS (device loop0): using ordered data mode
[ 50.956048][ T3617] reiserfs: using flush barriers
[ 50.962423][ T3617] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[ 50.985665][ T3617] REISERFS (device loop0): checking transaction log (loop0)
[ 50.994129][ T3617] REISERFS (device loop0): Using r5 hash to sort names
[ 51.001066][ T3617] REISERFS (device loop0): using 3.5.x disk format
[ 51.007630][ T3617] ==================================================================
[ 51.015679][ T3617] BUG: KASAN: use-after-free in search_by_entry_key+0x581/0x1350
[ 51.023410][ T3617] Read of size 4 at addr ffff888071669014 by task syz-executor155/3617
[ 51.031647][ T3617]
[ 51.033955][ T3617] CPU: 0 PID: 3617 Comm: syz-executor155 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 51.044620][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 51.054725][ T3617] Call Trace:
[ 51.058373][ T3617]
[ 51.061587][ T3617] dump_stack_lvl+0x1e3/0x2cb
[ 51.066748][ T3617] ? io_alloc_page_table+0x110/0x110
[ 51.072123][ T3617] ? _printk+0xcf/0x10f
[ 51.076379][ T3617] ? __wake_up_klogd+0xd6/0x100
[ 51.081238][ T3617] ? __wake_up_klogd+0xcd/0x100
[ 51.086403][ T3617] ? panic+0x76b/0x76b
[ 51.090532][ T3617] ? _printk+0xcf/0x10f
[ 51.094917][ T3617] print_address_description+0x65/0x4b0
[ 51.100563][ T3617] print_report+0x108/0x220
[ 51.105177][ T3617] ? search_by_entry_key+0x581/0x1350
[ 51.110925][ T3617] kasan_report+0xfb/0x130
[ 51.115436][ T3617] ? search_by_entry_key+0x581/0x1350
[ 51.121170][ T3617] search_by_entry_key+0x581/0x1350
[ 51.126475][ T3617] ? make_cpu_key+0x2b/0x220
[ 51.131764][ T3617] reiserfs_find_entry+0x2c6/0x1a10
[ 51.137234][ T3617] ? rcu_read_lock_sched_held+0x89/0x130
[ 51.143844][ T3617] ? mark_lock+0x9a/0x350
[ 51.148288][ T3617] ? reiserfs_write_lock+0x77/0xd0
[ 51.153473][ T3617] ? mutex_lock_io_nested+0x60/0x60
[ 51.158917][ T3617] ? reiserfs_get_parent+0x2c0/0x2c0
[ 51.164465][ T3617] ? mutex_lock_nested+0x17/0x20
[ 51.169895][ T3617] reiserfs_lookup+0x1e3/0x4a0
[ 51.174755][ T3617] ? reiserfs_find_entry+0x1a10/0x1a10
[ 51.180238][ T3617] ? d_hash_and_lookup+0x1c0/0x1c0
[ 51.185377][ T3617] ? __init_waitqueue_head+0xa6/0x140
[ 51.190840][ T3617] __lookup_slow+0x286/0x3e0
[ 51.195817][ T3617] ? lookup_one_len+0x690/0x690
[ 51.202710][ T3617] lookup_one_len+0x430/0x690
[ 51.207650][ T3617] ? try_lookup_one_len+0x670/0x670
[ 51.214140][ T3617] reiserfs_lookup_privroot+0x85/0x1e0
[ 51.221014][ T3617] reiserfs_fill_super+0x21c0/0x2620
[ 51.227893][ T3617] ? reiserfs_kill_sb+0x150/0x150
[ 51.233046][ T3617] ? snprintf+0xd6/0x120
[ 51.238021][ T3617] mount_bdev+0x26c/0x3a0
[ 51.243301][ T3617] ? reiserfs_kill_sb+0x150/0x150
[ 51.249916][ T3617] legacy_get_tree+0xea/0x180
[ 51.257107][ T3617] ? remove_save_link+0x500/0x500
[ 51.262477][ T3617] vfs_get_tree+0x88/0x270
[ 51.267116][ T3617] do_new_mount+0x289/0xad0
[ 51.272946][ T3617] ? do_move_mount_old+0x160/0x160
[ 51.279054][ T3617] ? user_path_at_empty+0x149/0x1a0
[ 51.285755][ T3617] __se_sys_mount+0x2e3/0x3d0
[ 51.291687][ T3617] ? __x64_sys_mount+0xc0/0xc0
[ 51.297103][ T3617] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 51.303719][ T3617] ? __x64_sys_mount+0x1c/0xc0
[ 51.310518][ T3617] do_syscall_64+0x2b/0x70
[ 51.316077][ T3617] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.324921][ T3617] RIP: 0033:0x7f65b64ebc8a
[ 51.331153][ T3617] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 51.356633][ T3617] RSP: 002b:00007ffc7ac91528 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 51.366664][ T3617] RAX: ffffffffffffffda RBX: 00007ffc7ac91580 RCX: 00007f65b64ebc8a
[ 51.379844][ T3617] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffc7ac91540
[ 51.392323][ T3617] RBP: 00007ffc7ac91540 R08: 00007ffc7ac91580 R09: 0000000000000000
[ 51.406080][ T3617] R10: 0000000000000000 R11: 0000000000000286 R12: 00000000200000a0
[ 51.416480][ T3617] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000004
[ 51.424838][ T3617]
[ 51.427887][ T3617]
[ 51.431030][ T3617] The buggy address belongs to the physical page:
[ 51.440136][ T3617] page:ffffea0001c59a40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x71669
[ 51.450317][ T3617] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 51.458052][ T3617] raw: 00fff00000000000 ffffea0001c59688 ffffea0001c7ae08 0000000000000000
[ 51.466637][ T3617] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 51.475222][ T3617] page dumped because: kasan: bad access detected
[ 51.481646][ T3617] page_owner tracks the page as freed
[ 51.487230][ T3617] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 3607, tgid 3607 (udevd), ts 50776327264, free_ts 50777750690
[ 51.506251][ T3617] get_page_from_freelist+0x72b/0x7a0
[ 51.511634][ T3617] __alloc_pages+0x259/0x560
[ 51.516319][ T3617] __folio_alloc+0xf/0x30
[ 51.520637][ T3617] vma_alloc_folio+0x662/0xb60
[ 51.525392][ T3617] do_anonymous_page+0x329/0x1150
[ 51.530444][ T3617] handle_mm_fault+0x186b/0x35c0
[ 51.535376][ T3617] do_user_addr_fault+0x69b/0xcb0
[ 51.540430][ T3617] exc_page_fault+0x7a/0x120
[ 51.545036][ T3617] asm_exc_page_fault+0x22/0x30
[ 51.549979][ T3617] page last free stack trace:
[ 51.554658][ T3617] free_pcp_prepare+0x812/0x900
[ 51.559607][ T3617] free_unref_page_list+0xb4/0x7b0
[ 51.564813][ T3617] release_pages+0x22c3/0x2540
[ 51.569600][ T3617] tlb_flush_mmu+0x850/0xa70
[ 51.574218][ T3617] tlb_finish_mmu+0xcb/0x200
[ 51.578815][ T3617] unmap_region+0x2ba/0x300
[ 51.583489][ T3617] __do_munmap+0x17ef/0x1cd0
[ 51.588088][ T3617] __do_sys_brk+0x452/0x6d0
[ 51.592590][ T3617] do_syscall_64+0x2b/0x70
[ 51.597122][ T3617] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.603221][ T3617]
[ 51.605533][ T3617] Memory state around the buggy address:
[ 51.611148][ T3617] ffff888071668f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 51.619308][ T3617] ffff888071668f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 51.627381][ T3617] >ffff888071669000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 51.635465][ T3617] ^
[ 51.640056][ T3617] ffff888071669080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 51.648133][ T3617] ffff888071669100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 51.656188][ T3617] ==================================================================
[ 51.665182][ T3617] Kernel panic - not syncing: panic_on_warn set ...
[ 51.671790][ T3617] CPU: 0 PID: 3617 Comm: syz-executor155 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0
[ 51.682209][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[ 51.692260][ T3617] Call Trace:
[ 51.695532][ T3617]
[ 51.698456][ T3617] dump_stack_lvl+0x1e3/0x2cb
[ 51.703131][ T3617] ? io_alloc_page_table+0x110/0x110
[ 51.708407][ T3617] ? panic+0x76b/0x76b
[ 51.712674][ T3617] ? preempt_schedule_common+0xb7/0xe0
[ 51.718212][ T3617] ? preempt_schedule+0xd9/0xe0
[ 51.723137][ T3617] ? vscnprintf+0x59/0x80
[ 51.727559][ T3617] panic+0x316/0x76b
[ 51.731461][ T3617] ? fb_is_primary_device+0xcc/0xcc
[ 51.736683][ T3617] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 51.742660][ T3617] ? search_by_entry_key+0x581/0x1350
[ 51.750213][ T3617] end_report+0x91/0xa0
[ 51.754534][ T3617] kasan_report+0x108/0x130
[ 51.759576][ T3617] ? search_by_entry_key+0x581/0x1350
[ 51.764944][ T3617] search_by_entry_key+0x581/0x1350
[ 51.770526][ T3617] ? make_cpu_key+0x2b/0x220
[ 51.775123][ T3617] reiserfs_find_entry+0x2c6/0x1a10
[ 51.780320][ T3617] ? rcu_read_lock_sched_held+0x89/0x130
[ 51.785958][ T3617] ? mark_lock+0x9a/0x350
[ 51.790284][ T3617] ? reiserfs_write_lock+0x77/0xd0
[ 51.795391][ T3617] ? mutex_lock_io_nested+0x60/0x60
[ 51.800586][ T3617] ? reiserfs_get_parent+0x2c0/0x2c0
[ 51.805865][ T3617] ? mutex_lock_nested+0x17/0x20
[ 51.810796][ T3617] reiserfs_lookup+0x1e3/0x4a0
[ 51.815562][ T3617] ? reiserfs_find_entry+0x1a10/0x1a10
[ 51.821052][ T3617] ? d_hash_and_lookup+0x1c0/0x1c0
[ 51.826153][ T3617] ? __init_waitqueue_head+0xa6/0x140
[ 51.831525][ T3617] __lookup_slow+0x286/0x3e0
[ 51.836118][ T3617] ? lookup_one_len+0x690/0x690
[ 51.841050][ T3617] lookup_one_len+0x430/0x690
[ 51.845781][ T3617] ? try_lookup_one_len+0x670/0x670
[ 51.850988][ T3617] reiserfs_lookup_privroot+0x85/0x1e0
[ 51.856463][ T3617] reiserfs_fill_super+0x21c0/0x2620
[ 51.861744][ T3617] ? reiserfs_kill_sb+0x150/0x150
[ 51.866768][ T3617] ? snprintf+0xd6/0x120
[ 51.871020][ T3617] mount_bdev+0x26c/0x3a0
[ 51.875340][ T3617] ? reiserfs_kill_sb+0x150/0x150
[ 51.880439][ T3617] legacy_get_tree+0xea/0x180
[ 51.885117][ T3617] ? remove_save_link+0x500/0x500
[ 51.890152][ T3617] vfs_get_tree+0x88/0x270
[ 51.894573][ T3617] do_new_mount+0x289/0xad0
[ 51.899155][ T3617] ? do_move_mount_old+0x160/0x160
[ 51.904269][ T3617] ? user_path_at_empty+0x149/0x1a0
[ 51.909468][ T3617] __se_sys_mount+0x2e3/0x3d0
[ 51.914336][ T3617] ? __x64_sys_mount+0xc0/0xc0
[ 51.919232][ T3617] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 51.925317][ T3617] ? __x64_sys_mount+0x1c/0xc0
[ 51.930083][ T3617] do_syscall_64+0x2b/0x70
[ 51.934819][ T3617] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.940719][ T3617] RIP: 0033:0x7f65b64ebc8a
[ 51.945128][ T3617] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 51.964833][ T3617] RSP: 002b:00007ffc7ac91528 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[ 51.973871][ T3617] RAX: ffffffffffffffda RBX: 00007ffc7ac91580 RCX: 00007f65b64ebc8a
[ 51.981930][ T3617] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffc7ac91540
[ 51.989990][ T3617] RBP: 00007ffc7ac91540 R08: 00007ffc7ac91580 R09: 0000000000000000
[ 51.997952][ T3617] R10: 0000000000000000 R11: 0000000000000286 R12: 00000000200000a0
[ 52.005943][ T3617] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000004
[ 52.013915][ T3617]
[ 52.016999][ T3617] Kernel Offset: disabled
[ 52.021324][ T3617] Rebooting in 86400 seconds..