REISERFS (device loop4): using 3.5.x disk format
REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
REISERFS (device loop5): using ordered data mode
reiserfs: using flush barriers
REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
INFO: task kworker/0:3:8670 blocked for more than 140 seconds.
REISERFS (device loop5): checking transaction log (loop5)
      Not tainted 4.14.302-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/0:3     D27240  8670      2 0x80000000
REISERFS (device loop5): Using r5 hash to sort names
REISERFS (device loop5): using 3.5.x disk format
REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
REISERFS (device loop0): using ordered data mode
Workqueue: events_long flush_old_commits
reiserfs: using flush barriers
REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
Call Trace:
 context_switch kernel/sched/core.c:2811 [inline]
 __schedule+0x88b/0x1de0 kernel/sched/core.c:3387
REISERFS (device loop0): checking transaction log (loop0)
 schedule+0x8d/0x1b0 kernel/sched/core.c:3431
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3489
 __mutex_lock_common kernel/locking/mutex.c:833 [inline]
 __mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
 reiserfs_write_lock+0x75/0xf0 fs/reiserfs/lock.c:27
 reiserfs_sync_fs+0x65/0xd0 fs/reiserfs/super.c:76
 flush_old_commits+0xdd/0x1d0 fs/reiserfs/super.c:111
 process_one_work+0x793/0x14a0 kernel/workqueue.c:2117
 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2251
 kthread+0x30d/0x420 kernel/kthread.c:232
REISERFS (device loop0): Using r5 hash to sort names
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:406
REISERFS (device loop0): using 3.5.x disk format
REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
INFO: task syz-executor.1:10733 blocked for more than 140 seconds.
      Not tainted 4.14.302-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1  D25616 10733   8056 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2811 [inline]
 __schedule+0x88b/0x1de0 kernel/sched/core.c:3387
 schedule+0x8d/0x1b0 kernel/sched/core.c:3431
 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:588 [inline]
 rwsem_down_write_failed+0x343/0x6d0 kernel/locking/rwsem-xadd.c:617
 call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
 __down_write arch/x86/include/asm/rwsem.h:126 [inline]
 down_write+0x4f/0x90 kernel/locking/rwsem.c:56
 inode_lock include/linux/fs.h:719 [inline]
 reiserfs_sync_file+0x9b/0x2d0 fs/reiserfs/file.c:161
 vfs_fsync_range+0x103/0x260 fs/sync.c:196
 generic_write_sync include/linux/fs.h:2684 [inline]
 generic_file_write_iter+0x410/0x650 mm/filemap.c:3212
 call_write_iter include/linux/fs.h:1780 [inline]
 do_iter_readv_writev+0x4cf/0x5f0 fs/read_write.c:675
 do_iter_write+0x152/0x550 fs/read_write.c:954
 vfs_iter_write+0x70/0xa0 fs/read_write.c:967
 iter_file_splice_write+0x52b/0xa90 fs/splice.c:749
REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
REISERFS (device loop4): using ordered data mode
reiserfs: using flush barriers
 do_splice_from fs/splice.c:851 [inline]
 direct_splice_actor+0x115/0x160 fs/splice.c:1018
REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
 splice_direct_to_actor+0x27c/0x730 fs/splice.c:973
REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
REISERFS (device loop4): checking transaction log (loop4)
REISERFS (device loop2): using ordered data mode
reiserfs: using flush barriers
REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
 do_splice_direct+0x164/0x210 fs/splice.c:1061
REISERFS (device loop2): checking transaction log (loop2)
REISERFS (device loop3): using ordered data mode
REISERFS (device loop2): Using r5 hash to sort names
REISERFS (device loop2): using 3.5.x disk format
REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
reiserfs: using flush barriers
 do_sendfile+0x47f/0xb30 fs/read_write.c:1441
REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop4): Using r5 hash to sort names
REISERFS (device loop3): checking transaction log (loop3)
REISERFS (device loop4): using 3.5.x disk format
REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
 SYSC_sendfile64 fs/read_write.c:1502 [inline]
 SyS_sendfile64+0xff/0x110 fs/read_write.c:1488
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
RIP: 0033:0x7f54254ec0a9
RSP: 002b:00007f542485e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 00007f542560bf80 RCX: 00007f54254ec0a9
RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
RBP: 00007f5425547ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 000080001d00c0d0 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffa27d76af R14: 00007f542485e300 R15: 0000000000022000
INFO: task syz-executor.1:10765 blocked for more than 140 seconds.
      Not tainted 4.14.302-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1  D26200 10765   8056 0x80000004
Call Trace:
 context_switch kernel/sched/core.c:2811 [inline]
 __schedule+0x88b/0x1de0 kernel/sched/core.c:3387
REISERFS (device loop3): Using r5 hash to sort names
REISERFS (device loop3): using 3.5.x disk format
REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
 schedule+0x8d/0x1b0 kernel/sched/core.c:3431
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3489
 __mutex_lock_common kernel/locking/mutex.c:833 [inline]
 __mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
 reiserfs_write_lock+0x75/0xf0 fs/reiserfs/lock.c:27
REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal
 reiserfs_get_block+0x1a1/0x36b0 fs/reiserfs/inode.c:688
REISERFS (device loop5): using ordered data mode
reiserfs: using flush barriers
REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop5): checking transaction log (loop5)
REISERFS (device loop5): Using r5 hash to sort names
REISERFS (device loop5): using 3.5.x disk format
REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
 do_mpage_readpage+0x615/0x1470 fs/mpage.c:211
 mpage_readpages+0x2d6/0x5f0 fs/mpage.c:383
 read_pages mm/readahead.c:121 [inline]
 __do_page_cache_readahead+0x522/0x940 mm/readahead.c:199
 ra_submit mm/internal.h:66 [inline]
 ondemand_readahead.isra.0+0x514/0xb60 mm/readahead.c:486
 page_cache_sync_readahead mm/readahead.c:518 [inline]
 page_cache_sync_readahead+0xa6/0xf0 mm/readahead.c:503
 generic_file_buffered_read mm/filemap.c:2003 [inline]
 generic_file_read_iter+0xfbc/0x21c0 mm/filemap.c:2273
 call_read_iter include/linux/fs.h:1774 [inline]
 new_sync_read fs/read_write.c:401 [inline]
 __vfs_read+0x449/0x620 fs/read_write.c:413
 integrity_kernel_read+0x11b/0x1b0 security/integrity/iint.c:199
 ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:381 [inline]
 ima_calc_file_shash security/integrity/ima/ima_crypto.c:410 [inline]
 ima_calc_file_hash+0x3ee/0x780 security/integrity/ima/ima_crypto.c:467
 ima_collect_measurement+0x39d/0x430 security/integrity/ima/ima_api.c:227
 process_measurement+0x78b/0xb20 security/integrity/ima/ima_main.c:264
 do_last fs/namei.c:3435 [inline]
 path_openat+0x10ad/0x2970 fs/namei.c:3571
 do_filp_open+0x179/0x3c0 fs/namei.c:3605
 do_sys_open+0x296/0x410 fs/open.c:1081
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
RIP: 0033:0x7f54254ec0a9
RSP: 002b:00007f541c83d168 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007f542560c050 RCX: 00007f54254ec0a9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000200
RBP: 00007f5425547ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffa27d76af R14: 00007f541c83d300 R15: 0000000000022000
INFO: task syz-executor.1:10766 blocked for more than 140 seconds.
      Not tainted 4.14.302-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1  D29936 10766   8056 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2811 [inline]
 __schedule+0x88b/0x1de0 kernel/sched/core.c:3387
 schedule+0x8d/0x1b0 kernel/sched/core.c:3431
 io_schedule+0xb5/0x120 kernel/sched/core.c:5035
 wait_on_page_bit_common mm/filemap.c:1025 [inline]
 __lock_page+0x27b/0x380 mm/filemap.c:1197
 lock_page include/linux/pagemap.h:480 [inline]
 pagecache_get_page+0x479/0xab0 mm/filemap.c:1478
 find_or_create_page include/linux/pagemap.h:326 [inline]
 grab_cache_page include/linux/pagemap.h:384 [inline]
 grab_tail_page fs/reiserfs/inode.c:2210 [inline]
 reiserfs_truncate_file+0x5b2/0xdb0 fs/reiserfs/inode.c:2278
 reiserfs_setattr+0xb2d/0xe00 fs/reiserfs/inode.c:3411
 notify_change+0x56b/0xd10 fs/attr.c:315
 do_truncate+0xff/0x1a0 fs/open.c:63
 vfs_truncate+0x456/0x680 fs/open.c:120
 do_sys_truncate.part.0+0xdc/0xf0 fs/open.c:143
 do_sys_truncate fs/open.c:137 [inline]
 SYSC_truncate fs/open.c:155 [inline]
 SyS_truncate+0x23/0x40 fs/open.c:153
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x5e/0xd3
RIP: 0033:0x7f54254ec0a9
RSP: 002b:00007f541c81c168 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
RAX: ffffffffffffffda RBX: 00007f542560c120 RCX: 00007f54254ec0a9
REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
REISERFS (device loop2): using ordered data mode
REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
RDX: 0000000000000000 RSI: 0000000000000006 RDI: 00000000200001c0
REISERFS (device loop0): using ordered data mode
REISERFS (device loop4): using ordered data mode
reiserfs: using flush barriers
REISERFS (device loop3): using ordered data mode
reiserfs: using flush barriers
REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
reiserfs: using flush barriers
reiserfs: using flush barriers
RBP: 00007f5425547ae9 R08: 0000000000000000 R09: 0000000000000000
REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop3): checking transaction log (loop3)
REISERFS (device loop0): checking transaction log (loop0)
REISERFS (device loop2): checking transaction log (loop2)
REISERFS (device loop4): checking transaction log (loop4)
R13: 00007fffa27d76af R14: 00007f541c81c300 R15: 0000000000022000

Showing all locks held in the system:
1 lock held by khungtaskd/1534:
 #0:  (tasklist_lock){.+.+}, at: [<ffffffff8702b3a4>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548
4 locks held by kworker/0:3/8670:
 #0:  ("events_long"){+.+.}, at: [<ffffffff81366130>] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2088
 #1:  ((&(&sbi->old_work)->work)){+.+.}, at: [<ffffffff81366166>] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2092
 #2:  (&type->s_umount_key#47){++++}, at: [<ffffffff81af3be7>] flush_old_commits+0x77/0x1d0 fs/reiserfs/super.c:97
 #3:  (&sbi->lock){+.+.}, at: [<ffffffff81b3fca5>] reiserfs_write_lock+0x75/0xf0 fs/reiserfs/lock.c:27
2 locks held by syz-executor.1/10733:
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff8187069f>] file_start_write include/linux/fs.h:2714 [inline]
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff8187069f>] do_sendfile+0x84f/0xb30 fs/read_write.c:1440
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff81adcc4b>] inode_lock include/linux/fs.h:719 [inline]
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff81adcc4b>] reiserfs_sync_file+0x9b/0x2d0 fs/reiserfs/file.c:161
2 locks held by syz-executor.1/10765:
 #0:  (&iint->mutex){+.+.}, at: [<ffffffff82ef3740>] process_measurement+0x270/0xb20 security/integrity/ima/ima_main.c:225
 #1:  (&sbi->lock){+.+.}, at: [<ffffffff81b3fca5>] reiserfs_write_lock+0x75/0xf0 fs/reiserfs/lock.c:27
4 locks held by syz-executor.1/10766:
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff818e1ffa>] sb_start_write include/linux/fs.h:1551 [inline]
 #0:  (sb_writers#13){.+.+}, at: [<ffffffff818e1ffa>] mnt_want_write+0x3a/0xb0 fs/namespace.c:386
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff818674b0>] inode_lock include/linux/fs.h:719 [inline]
 #1:  (&sb->s_type->i_mutex_key#21){+.+.}, at: [<ffffffff818674b0>] do_truncate+0xf0/0x1a0 fs/open.c:61
 #2:  (&ei->tailpack){+.+.}, at: [<ffffffff81adc8a5>] reiserfs_setattr+0xaf5/0xe00 fs/reiserfs/inode.c:3409
 #3:  (&sbi->lock){+.+.}, at: [<ffffffff81b3fca5>] reiserfs_write_lock+0x75/0xf0 fs/reiserfs/lock.c:27

=============================================

REISERFS (device loop2): Using r5 hash to sort names
REISERFS (device loop3): Using r5 hash to sort names
REISERFS (device loop2): using 3.5.x disk format
REISERFS (device loop0): Using r5 hash to sort names
REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
kauditd_printk_skb: 63 callbacks suppressed
audit: type=1800 audit(1672217278.913:3747): pid=22823 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=14715 res=0
REISERFS (device loop0): using 3.5.x disk format
REISERFS (device loop3): using 3.5.x disk format
REISERFS (device loop4): Using r5 hash to sort names
REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
audit: type=1800 audit(1672217278.953:3748): pid=22799 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="bus" dev="loop2" ino=2 res=0
REISERFS (device loop4): using 3.5.x disk format
REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal
audit: type=1804 audit(1672217279.043:3749): pid=22833 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir999246059/syzkaller.3PZ22o/527/bus" dev="sda1" ino=14715 res=1
REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
REISERFS (device loop5): using ordered data mode
reiserfs: using flush barriers
REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
audit: type=1800 audit(1672217279.043:3750): pid=22797 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.3" name="bus" dev="loop3" ino=2 res=0
REISERFS (device loop5): checking transaction log (loop5)
audit: type=1800 audit(1672217279.073:3751): pid=22795 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="bus" dev="loop0" ino=2 res=0
audit: type=1800 audit(1672217279.193:3752): pid=22796 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.4" name="bus" dev="loop4" ino=2 res=0
NMI backtrace for cpu 1
CPU: 1 PID: 1534 Comm: khungtaskd Not tainted 4.14.302-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x13a/0x180 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
 watchdog+0x5b9/0xb40 kernel/hung_task.c:274
 kthread+0x30d/0x420 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:406
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 8038 Comm: syz-executor.0 Not tainted 4.14.302-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
task: ffff8880b43e46c0 task.stack: ffff8880b32f8000
RIP: 0010:arch_local_save_flags arch/x86/include/asm/paravirt.h:774 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/paravirt.h:796 [inline]
RIP: 0010:lock_acquire+0x97/0x3f0 kernel/locking/lockdep.c:3993
RSP: 0018:ffff8880b32ffcc0 EFLAGS: 00000082
RAX: 1ffffffff11e13d8 RBX: ffff8880b43e46c0 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffff8880b43e4f44
RBP: ffffffff893d66d8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001
FS:  0000555555713400(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f14f098b020 CR3: 00000000b5035000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
Code: c0 9e f0 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 22 03 00 00 48 83 3d b0 b5 ae 07 00 0f 84 95 02 00 00 9c <58> 0f 1f 44 00 00 48 ba 00 00 00 00 00 fc ff df 48 89 44 24 08