[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.6' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 43.795268] audit: type=1400 audit(1600620916.296:8): avc: denied { execmem } for pid=6347 comm="syz-executor839" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 43.831432] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 43.833358] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 43.845733] REISERFS (device loop4): using ordered data mode [ 43.849234] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 43.855903] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 43.872614] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 43.875501] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 43.882448] REISERFS (device loop1): using ordered data mode [ 43.896409] REISERFS (device loop0): using ordered data mode [ 43.902977] reiserfs: using flush barriers [ 43.905662] REISERFS (device loop3): using ordered data mode [ 43.907310] reiserfs: using flush barriers [ 43.916904] REISERFS (device loop5): using ordered data mode [ 43.920729] REISERFS (device loop4): journal params: device loop4, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 43.930159] REISERFS (device loop2): using ordered data mode [ 43.940473] reiserfs: using flush barriers [ 43.952214] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 43.960214] reiserfs: using flush barriers [ 43.969153] REISERFS (device loop1): journal params: device loop1, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 43.972327] reiserfs: using flush barriers [ 44.011744] reiserfs: using flush barriers [ 44.012940] REISERFS (device loop4): checking transaction log (loop4) [ 44.021907] REISERFS (device loop5): journal params: device loop5, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.036358] REISERFS (device loop0): checking transaction log (loop0) [ 44.047312] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.064750] REISERFS (device loop1): checking transaction log (loop1) [ 44.073165] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.083881] REISERFS (device loop3): journal params: device loop3, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.104270] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.123067] REISERFS (device loop5): checking transaction log (loop5) [ 44.126226] REISERFS (device loop0): Using tea hash to sort names [ 44.136381] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.136443] REISERFS (device loop2): checking transaction log (loop2) [ 44.152178] REISERFS (device loop0): using 3.5.x disk format [ 44.164575] REISERFS (device loop4): Using tea hash to sort names [ 44.171893] REISERFS (device loop4): using 3.5.x disk format [ 44.179599] REISERFS (device loop1): Using tea hash to sort names [ 44.179985] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.191881] REISERFS (device loop1): using 3.5.x disk format executing program [ 44.203986] REISERFS (device loop3): checking transaction log (loop3) [ 44.215224] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.232203] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.248764] REISERFS (device loop5): Using tea hash to sort names [ 44.255977] REISERFS (device loop3): Using tea hash to sort names [ 44.263111] REISERFS (device loop2): Using tea hash to sort names [ 44.269451] REISERFS (device loop5): using 3.5.x disk format [ 44.276405] REISERFS (device loop3): using 3.5.x disk format [ 44.279209] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 44.284649] REISERFS (device loop2): using 3.5.x disk format [ 44.291512] REISERFS (device loop4): using ordered data mode [ 44.304516] reiserfs: using flush barriers executing program [ 44.309820] REISERFS (device loop4): journal params: device loop4, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.334939] REISERFS (device loop4): checking transaction log (loop4) [ 44.342914] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program executing program executing program executing program [ 44.360354] REISERFS (device loop4): Using tea hash to sort names [ 44.367312] REISERFS (device loop4): using 3.5.x disk format [ 44.395967] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal executing program [ 44.405800] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 44.407409] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 44.415872] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 44.433785] REISERFS (device loop5): using ordered data mode [ 44.436568] REISERFS (device loop1): using ordered data mode [ 44.441562] reiserfs: using flush barriers [ 44.446800] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 44.454002] REISERFS (device loop5): journal params: device loop5, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.460243] REISERFS (device loop0): using ordered data mode [ 44.478978] REISERFS (device loop5): checking transaction log (loop5) [ 44.487086] REISERFS (device loop3): using ordered data mode [ 44.493791] REISERFS (device loop2): using ordered data mode [ 44.494821] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.503131] reiserfs: using flush barriers [ 44.516114] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 44.521328] reiserfs: using flush barriers [ 44.528943] REISERFS (device loop4): using ordered data mode [ 44.533268] reiserfs: using flush barriers [ 44.538578] reiserfs: using flush barriers [ 44.546534] reiserfs: using flush barriers [ 44.548127] REISERFS (device loop5): Using tea hash to sort names [ 44.557693] REISERFS (device loop4): journal params: device loop4, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.560157] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.574419] REISERFS (device loop5): using 3.5.x disk format [ 44.589370] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.598484] REISERFS (device loop4): checking transaction log (loop4) [ 44.610792] REISERFS (device loop1): journal params: device loop1, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.633585] REISERFS (device loop3): journal params: device loop3, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.634396] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.729801] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 44.736926] REISERFS (device loop3): checking transaction log (loop3) [ 44.771606] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.777351] REISERFS (device loop0): checking transaction log (loop0) [ 44.792062] REISERFS (device loop2): checking transaction log (loop2) [ 44.800701] REISERFS (device loop4): Using tea hash to sort names [ 44.808779] REISERFS (device loop5): using ordered data mode [ 44.823275] REISERFS (device loop1): checking transaction log (loop1) [ 44.838474] reiserfs: using flush barriers [ 44.845792] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.856252] REISERFS (device loop4): using 3.5.x disk format [ 44.870364] REISERFS (device loop3): Using tea hash to sort names [ 44.881348] REISERFS (device loop5): journal params: device loop5, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 44.893435] REISERFS (device loop3): using 3.5.x disk format [ 44.899610] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.917575] REISERFS (device loop2): Using tea hash to sort names [ 44.928407] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.936384] REISERFS (device loop2): using 3.5.x disk format [ 44.948694] REISERFS (device loop5): checking transaction log (loop5) [ 44.956665] REISERFS (device loop0): Using tea hash to sort names executing program executing program [ 44.971016] REISERFS (device loop1): Using tea hash to sort names [ 44.980613] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 44.981792] REISERFS (device loop1): using 3.5.x disk format [ 44.998568] REISERFS (device loop0): using 3.5.x disk format [ 45.012080] REISERFS (device loop5): Using tea hash to sort names [ 45.018484] REISERFS (device loop5): using 3.5.x disk format executing program [ 45.030780] ------------[ cut here ]------------ [ 45.035615] kernel BUG at fs/reiserfs/journal.c:3640! [ 45.045288] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 45.050652] Modules linked in: [ 45.053861] CPU: 0 PID: 6421 Comm: syz-executor839 Not tainted 4.14.198-syzkaller #0 [ 45.060052] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 45.061744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.061750] task: ffff8880983e43c0 task.stack: ffff88809a508000 [ 45.061762] RIP: 0010:do_journal_end+0x3081/0x41d0 [ 45.061765] RSP: 0018:ffff88809a50f9f8 EFLAGS: 00010297 [ 45.061771] RAX: ffff8880983e43c0 RBX: ffffc900078af000 RCX: 0000000000000000 [ 45.061775] RDX: 0000000000000000 RSI: ffff88809a50fc30 RDI: ffff88809a50fc3c [ 45.061779] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000004057c [ 45.061783] R10: ffff8880983e4c98 R11: ffff8880983e43c0 R12: ffffc900078af058 [ 45.061787] R13: ffffc900078af048 R14: ffff88809a50fc38 R15: ffff888095fbcbc0 [ 45.061795] FS: 00007f1389626700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 [ 45.074514] REISERFS (device loop3): using ordered data mode [ 45.079533] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.079537] CR2: 00000000004c204c CR3: 000000008221e000 CR4: 00000000001406f0 [ 45.079544] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.079551] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.101260] reiserfs: using flush barriers [ 45.103110] Call Trace: [ 45.103130] ? reiserfs_info.cold+0x1d/0x67 [ 45.103138] ? __reiserfs_warning+0xb0/0xb0 [ 45.103148] journal_end+0x259/0x300 [ 45.103155] reiserfs_fill_super+0x1ab8/0x28b6 [ 45.103165] ? reiserfs_remount+0x1390/0x1390 [ 45.103176] ? lock_downgrade+0x740/0x740 [ 45.111110] REISERFS (device loop3): journal params: device loop3, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 45.117688] ? snprintf+0xa5/0xd0 [ 45.117702] mount_bdev+0x2b3/0x360 [ 45.117709] ? reiserfs_remount+0x1390/0x1390 [ 45.117716] mount_fs+0x92/0x2a0 [ 45.117725] vfs_kern_mount.part.0+0x5b/0x470 [ 45.155700] REISERFS (device loop3): checking transaction log (loop3) [ 45.159409] do_mount+0xe53/0x2a00 [ 45.159420] ? copy_mount_string+0x40/0x40 [ 45.159432] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 45.166827] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 45.173934] ? copy_mnt_ns+0xa30/0xa30 [ 45.173941] ? copy_mount_options+0x1fa/0x2f0 [ 45.173948] ? copy_mnt_ns+0xa30/0xa30 [ 45.173954] SyS_mount+0xa8/0x120 [ 45.173960] ? copy_mnt_ns+0xa30/0xa30 [ 45.173970] do_syscall_64+0x1d5/0x640 [ 45.173980] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.173989] RIP: 0033:0x44d4fa [ 45.183007] REISERFS (device loop4): using ordered data mode [ 45.185066] RSP: 002b:00007f1389625bf8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5 [ 45.185075] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000044d4fa [ 45.185079] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f1389625c10 [ 45.185083] RBP: 00007f1389625c10 R08: 00007f1389625c50 R09: 0000000000000000 [ 45.185087] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000004 [ 45.185091] R13: 00007f1389625c50 R14: 00007f13896266d0 R15: 0000000000000003 [ 45.185099] Code: [ 45.189458] reiserfs: using flush barriers [ 45.193214] e8 45 23 ff ff e9 11 fa ff ff e8 5b 88 a1 ff 0f 0b e8 54 88 a1 ff 0f 0b e8 4d 88 a1 ff 0f 0b e8 46 88 a1 ff 0f 0b e8 3f 88 a1 ff <0f> 0b e8 38 88 a1 ff 48 8d bb [ 45.202487] init_special_inode: bogus i_mode (0) for inode loop3:2 [ 45.206476] d0 01 00 00 48 b8 00 00 00 00 00 [ 45.206513] RIP: do_journal_end+0x3081/0x41d0 RSP: ffff88809a50f9f8 [ 45.222133] REISERFS (device loop4): journal params: device loop4, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30 [ 45.229254] ---[ end trace 00cec84140e965f1 ]--- [ 45.238215] REISERFS (device loop4): checking transaction log (loop4) [ 45.250281] Kernel panic - not syncing: Fatal exception [ 45.252492] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 45.257132] Kernel Offset: disabled [ 45.435611] Rebooting in 86400 seconds..