Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.27' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 32.817848] audit: type=1400 audit(1600867805.699:8): avc: denied { execmem } for pid=6361 comm="syz-executor232" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 32.839711] IPVS: ftp: loaded support on port[0] = 21 [ 32.878855] IPVS: ftp: loaded support on port[0] = 21 [ 32.903513] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 32.916767] REISERFS (device loop5): using ordered data mode [ 32.934344] reiserfs: using flush barriers executing program [ 32.943375] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 32.961342] REISERFS (device loop5): checking transaction log (loop5) [ 32.970189] IPVS: ftp: loaded support on port[0] = 21 [ 32.995902] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 33.013167] REISERFS (device loop3): using ordered data mode [ 33.030252] reiserfs: using flush barriers executing program [ 33.042636] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.066338] REISERFS (device loop3): checking transaction log (loop3) [ 33.076226] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 33.093555] IPVS: ftp: loaded support on port[0] = 21 [ 33.096810] REISERFS (device loop5): Using r5 hash to sort names [ 33.123343] REISERFS (device loop5): using 3.5.x disk format [ 33.130867] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 33.148179] REISERFS (device loop1): using ordered data mode [ 33.155070] reiserfs: using flush barriers [ 33.168006] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program [ 33.186947] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.192129] REISERFS (device loop3): Using r5 hash to sort names [ 33.217448] REISERFS (device loop3): using 3.5.x disk format executing program [ 33.239482] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 33.249609] REISERFS (device loop1): checking transaction log (loop1) [ 33.265114] IPVS: ftp: loaded support on port[0] = 21 [ 33.267206] REISERFS (device loop5): using ordered data mode executing program [ 33.295256] reiserfs: using flush barriers [ 33.304187] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.331554] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 33.343394] REISERFS (device loop0): using ordered data mode [ 33.351551] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 33.368957] reiserfs: using flush barriers [ 33.374728] REISERFS (device loop3): using ordered data mode [ 33.381780] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 33.389704] REISERFS (device loop5): checking transaction log (loop5) [ 33.397820] REISERFS (device loop1): Using r5 hash to sort names [ 33.409324] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.410505] REISERFS (device loop1): using 3.5.x disk format [ 33.440802] reiserfs: using flush barriers executing program executing program [ 33.464793] IPVS: ftp: loaded support on port[0] = 21 [ 33.472986] REISERFS (device loop0): checking transaction log (loop0) [ 33.481476] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.542412] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 33.551118] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 33.565687] REISERFS (device loop3): checking transaction log (loop3) [ 33.574837] REISERFS (device loop5): Using r5 hash to sort names [ 33.582815] REISERFS (device loop5): using 3.5.x disk format [ 33.590095] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 33.593834] REISERFS (device loop1): using ordered data mode [ 33.600337] REISERFS (device loop4): using ordered data mode [ 33.621366] reiserfs: using flush barriers [ 33.630708] reiserfs: using flush barriers executing program [ 33.668759] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.686725] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 executing program [ 33.707732] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 33.730666] REISERFS (device loop4): checking transaction log (loop4) [ 33.740165] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 33.747901] REISERFS (device loop1): checking transaction log (loop1) [ 33.751963] REISERFS (device loop5): using ordered data mode [ 33.767412] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 33.786842] REISERFS (device loop0): Using r5 hash to sort names [ 33.796943] REISERFS (device loop0): using 3.5.x disk format [ 33.804970] reiserfs: using flush barriers [ 33.811252] REISERFS (device loop3): Using r5 hash to sort names [ 33.822696] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 33.839867] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.858683] REISERFS (device loop2): using ordered data mode [ 33.871316] REISERFS (device loop3): using 3.5.x disk format [ 33.884969] reiserfs: using flush barriers [ 33.892105] REISERFS (device loop5): checking transaction log (loop5) [ 33.900209] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore executing program [ 33.928386] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 33.943895] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 33.968719] REISERFS (device loop4): Using r5 hash to sort names [ 33.975353] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 33.990008] REISERFS (device loop1): Using r5 hash to sort names [ 33.996930] REISERFS (device loop0): using ordered data mode [ 34.006504] REISERFS (device loop4): using 3.5.x disk format [ 34.014191] REISERFS (device loop2): checking transaction log (loop2) executing program [ 34.022720] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.025422] REISERFS (device loop1): using 3.5.x disk format [ 34.038518] REISERFS (device loop5): Using r5 hash to sort names [ 34.044743] reiserfs: using flush barriers [ 34.050384] REISERFS (device loop5): using 3.5.x disk format [ 34.086236] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 34.098583] REISERFS (device loop3): using ordered data mode executing program [ 34.127852] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.135251] reiserfs: using flush barriers [ 34.160302] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 34.171889] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.178699] REISERFS (device loop5): using ordered data mode [ 34.188861] REISERFS (device loop0): checking transaction log (loop0) [ 34.193576] reiserfs: using flush barriers [ 34.208388] REISERFS (device loop2): Using r5 hash to sort names [ 34.220773] REISERFS (device loop2): using 3.5.x disk format [ 34.228687] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.245857] REISERFS (device loop3): checking transaction log (loop3) [ 34.264019] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal executing program [ 34.277090] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.286781] REISERFS (device loop4): using ordered data mode [ 34.321166] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 34.332784] REISERFS warning (device loop0): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.346971] REISERFS (device loop5): checking transaction log (loop5) [ 34.352960] reiserfs: using flush barriers [ 34.355643] REISERFS (device loop1): using ordered data mode [ 34.371146] REISERFS warning (device loop3): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.374699] REISERFS (device loop0): Using r5 hash to sort names [ 34.391658] reiserfs: using flush barriers executing program [ 34.410349] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.410636] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.436220] REISERFS (device loop0): using 3.5.x disk format [ 34.448587] REISERFS (device loop3): Using r5 hash to sort names [ 34.453987] REISERFS (device loop4): checking transaction log (loop4) [ 34.472159] REISERFS (device loop3): using 3.5.x disk format [ 34.478913] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal executing program [ 34.512608] REISERFS (device loop2): using ordered data mode [ 34.532569] REISERFS warning (device loop5): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.551955] reiserfs: using flush barriers [ 34.558152] REISERFS (device loop1): checking transaction log (loop1) [ 34.566241] REISERFS (device loop5): Using r5 hash to sort names [ 34.578469] REISERFS (device loop5): using 3.5.x disk format [ 34.594607] ------------[ cut here ]------------ [ 34.599508] kernel BUG at fs/reiserfs/journal.c:3640! [ 34.605072] REISERFS warning (device loop4): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.610037] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 34.621298] REISERFS (device loop4): Using r5 hash to sort names [ 34.625440] Modules linked in: [ 34.625451] CPU: 1 PID: 6579 Comm: syz-executor232 Not tainted 4.14.198-syzkaller #0 [ 34.625455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.625460] task: ffff888093636200 task.stack: ffff888094440000 [ 34.625471] RIP: 0010:do_journal_end+0x3081/0x41d0 [ 34.625474] RSP: 0018:ffff8880944479f8 EFLAGS: 00010297 [ 34.625479] RAX: ffff888093636200 RBX: ffffc90005d45000 RCX: 0000000000000000 [ 34.625483] RDX: 0000000000000000 RSI: ffff888094447c30 RDI: ffff888094447c3c [ 34.625486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000040577 [ 34.625489] R10: ffff888093636ad8 R11: ffff888093636200 R12: ffffc90005d45058 [ 34.625492] R13: ffffc90005d45048 R14: ffff888094447c38 R15: ffff888093572b80 [ 34.625497] FS: 00007f4f07b1b700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 34.625504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.631750] REISERFS (device loop4): using 3.5.x disk format [ 34.634812] CR2: 00007fbd45de7000 CR3: 000000009eaff000 CR4: 00000000001406e0 [ 34.634819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.634822] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.634824] Call Trace: [ 34.634844] ? reiserfs_info.cold+0x1d/0x67 [ 34.634851] ? __reiserfs_warning+0xb0/0xb0 [ 34.634861] journal_end+0x259/0x300 [ 34.634868] reiserfs_fill_super+0x1ab8/0x28b6 [ 34.634877] ? reiserfs_remount+0x1390/0x1390 [ 34.634886] ? lock_downgrade+0x740/0x740 [ 34.634896] ? snprintf+0xa5/0xd0 [ 34.662817] init_special_inode: bogus i_mode (0) for inode loop1:2 [ 34.663061] mount_bdev+0x2b3/0x360 [ 34.668568] REISERFS warning (device loop1): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore [ 34.675707] ? reiserfs_remount+0x1390/0x1390 [ 34.675719] mount_fs+0x92/0x2a0 [ 34.675727] vfs_kern_mount.part.0+0x5b/0x470 [ 34.675735] do_mount+0xe53/0x2a00 [ 34.675742] ? retint_kernel+0x2d/0x2d [ 34.675749] ? copy_mount_string+0x40/0x40 [ 34.675758] ? __sanitizer_cov_trace_pc+0x23/0x50 [ 34.683159] REISERFS (device loop1): Using r5 hash to sort names [ 34.690266] ? copy_mount_options+0x1fa/0x2f0 [ 34.690273] ? copy_mnt_ns+0xa30/0xa30 [ 34.690280] SyS_mount+0xa8/0x120 [ 34.690286] ? copy_mnt_ns+0xa30/0xa30 [ 34.690296] do_syscall_64+0x1d5/0x640 [ 34.697646] REISERFS (device loop1): using 3.5.x disk format [ 34.704814] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 34.704821] RIP: 0033:0x44d64a [ 34.704825] RSP: 002b:00007f4f07b1abf8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5 [ 34.704832] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000044d64a [ 34.704836] RDX: 0000000020000000 RSI: 0000000020000080 RDI: 00007f4f07b1ac10 [ 34.704839] RBP: 00007f4f07b1ac10 R08: 00007f4f07b1ac50 R09: 0000000000000000 [ 34.704842] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000005 [ 34.704846] R13: 00007f4f07b1ac50 R14: 00007f4f07b1b6d0 R15: 0000000000000003 [ 34.704852] Code: e8 45 23 ff ff e9 11 fa ff ff e8 5b 88 a1 ff 0f 0b e8 54 88 a1 ff 0f 0b e8 4d 88 a1 ff 0f 0b e8 46 88 a1 ff 0f 0b e8 3f 88 a1 ff <0f> 0b e8 38 88 a1 ff 48 8d bb d0 01 00 00 48 b8 00 00 00 00 00 [ 34.935420] RIP: do_journal_end+0x3081/0x41d0 RSP: ffff8880944479f8 [ 34.942170] ---[ end trace a4617f7cba41e20b ]--- [ 34.947014] Kernel panic - not syncing: Fatal exception [ 34.953707] Kernel Offset: disabled [ 34.957333] Rebooting in 86400 seconds..