R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 R13: 0000000000000000 R14: 00000000004d7ec0 R15: 0000000000000004 input: syz1 as /devices/virtual/input/input28204 REISERFS warning (device loop3): reiserfs_fill_super: Cannot allocate memory for journal device name ------------[ cut here ]------------ kernel BUG at fs/reiserfs/lock.c:44! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 24727 Comm: syz-executor3 Not tainted 4.19.0-rc6+ #49 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:reiserfs_write_unlock+0xeb/0x110 fs/reiserfs/lock.c:44 Code: 5d c3 e8 38 44 6f ff 48 8d 7b 28 48 c7 83 a8 00 00 00 00 00 00 00 e8 44 d6 9f 05 e8 1f 44 6f ff 5b 41 5c 5d c3 e8 15 44 6f ff <0f> 0b e8 6e b3 b2 ff eb a1 e8 87 b3 b2 ff e9 33 ff ff ff e8 7d b3 RSP: 0018:ffff8801872e7738 EFLAGS: 00010246 RAX: 0000000000040000 RBX: ffff880182077240 RCX: ffffc90007f18000 RDX: 0000000000040000 RSI: ffffffff820f917b RDI: ffff8801820772e8 RBP: ffff8801872e7748 R08: 0000000000000000 R09: ffffed003b5c4fe8 R10: ffffed003b5c4fe8 R11: ffff8801dae27f47 R12: ffff8801872e7a20 R13: ffffed0030e5cf28 R14: ffffed0030e5cf18 R15: ffffed0030e5cf08 FS: 00007f698a79e700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b2c621000 CR3: 00000001d7a02000 CR4: 00000000001426f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: reiserfs_fill_super+0xfa0/0x3b90 fs/reiserfs/super.c:2219 mount_bdev+0x30c/0x3e0 fs/super.c:1158 get_super_block+0x34/0x40 fs/reiserfs/super.c:2605 mount_fs+0xae/0x31d fs/super.c:1261 vfs_kern_mount.part.35+0xdc/0x4f0 fs/namespace.c:961 vfs_kern_mount fs/namespace.c:951 [inline] do_new_mount fs/namespace.c:2457 [inline] do_mount+0x581/0x31f0 fs/namespace.c:2787 ksys_mount+0x12d/0x140 fs/namespace.c:3003 __do_sys_mount fs/namespace.c:3017 [inline] __se_sys_mount fs/namespace.c:3014 [inline] __x64_sys_mount+0xbe/0x150 fs/namespace.c:3014 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x459fea Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 RSP: 002b:00007f698a79da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007f698a79db30 RCX: 0000000000459fea RDX: 00007f698a79dad0 RSI: 0000000020000040 RDI: 00007f698a79daf0 RBP: 0000000020000040 R08: 00007f698a79db30 R09: 00007f698a79dad0 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 R13: 0000000000000000 R14: 00000000004d7ec0 R15: 0000000000000004 Modules linked in: uinput: write device info first kobject: 'event7' (000000007c1b74fa): kobject_cleanup, parent (null) kobject: 'input28205' (00000000e56f5c88): kobject_cleanup, parent (null) kobject: 'event7' (000000007c1b74fa): calling ktype release kobject: 'input28205' (00000000e56f5c88): calling ktype release kobject: 'event7': free name kobject: 'input28205': free name kobject: 'input28203' (000000005eba5a19): kobject_uevent_env ---[ end trace be65df1dcc92e7ca ]--- kobject: 'loop3' (00000000058cc61d): kobject_uevent_env RIP: 0010:reiserfs_write_unlock+0xeb/0x110 fs/reiserfs/lock.c:44 kobject: 'input28203' (000000005eba5a19): fill_kobj_path: path = '/devices/virtual/input/input28203' kobject: 'input28197' (00000000f59818e9): kobject_uevent_env kobject: 'loop3' (00000000058cc61d): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'event5' (00000000d0816f3c): kobject_uevent_env kobject: 'input28203' (000000005eba5a19): kobject_cleanup, parent (null) Code: 5d c3 e8 38 44 6f ff 48 8d 7b 28 48 c7 83 a8 00 00 00 00 00 00 00 e8 44 d6 9f 05 e8 1f 44 6f ff 5b 41 5c 5d c3 e8 15 44 6f ff <0f> 0b e8 6e b3 b2 ff eb a1 e8 87 b3 b2 ff e9 33 ff ff ff e8 7d b3 kobject: 'input28203' (000000005eba5a19): calling ktype release kobject: 'event5' (00000000d0816f3c): fill_kobj_path: path = '/devices/virtual/input/input28195/event5' kobject: 'input28197' (00000000f59818e9): fill_kobj_path: path = '/devices/virtual/input/input28197' kobject: 'input28203': free name kobject: 'input28197' (00000000f59818e9): kobject_cleanup, parent (null) kobject: '(null)' (00000000a9688be1): kobject_cleanup, parent 00000000d0816f3c kobject: '(null)' (00000000a9688be1): calling ktype release kobject: 'input28197' (00000000f59818e9): calling ktype release kobject: 'input28197': free name kobject: 'loop1' (00000000a625c93f): kobject_uevent_env kobject: 'input28201' (00000000a0793d88): kobject_uevent_env kobject: 'input28206' (00000000f186ec9f): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'loop1' (00000000a625c93f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'input28206' (00000000f186ec9f): kobject_uevent_env kobject: 'input28201' (00000000a0793d88): fill_kobj_path: path = '/devices/virtual/input/input28201' kobject: 'event5' (00000000d0816f3c): kobject_cleanup, parent (null) kobject: 'input28201' (00000000a0793d88): kobject_cleanup, parent (null) kobject: 'input28206' (00000000f186ec9f): fill_kobj_path: path = '/devices/virtual/input/input28206' kobject: 'event5' (00000000d0816f3c): calling ktype release kobject: 'event5': free name kobject: 'input28201' (00000000a0793d88): calling ktype release kobject: 'input28195' (000000000dc6f85e): kobject_uevent_env kobject: 'event6' (00000000d7c64f97): kobject_uevent_env kobject: 'input28195' (000000000dc6f85e): fill_kobj_path: path = '/devices/virtual/input/input28195' kobject: 'input28206' (00000000f186ec9f): fill_kobj_path: path = '/devices/virtual/input/input28206' kobject: 'input28195' (000000000dc6f85e): kobject_cleanup, parent (null) kobject: 'event6' (00000000d7c64f97): fill_kobj_path: path = '/devices/virtual/input/input28196/event6' kobject: 'input28195' (000000000dc6f85e): calling ktype release kobject: 'input28201': free name kobject: 'input28195': free name kobject: 'input28207' (000000007c80e8d8): kobject_cleanup, parent (null) kobject: 'input28207' (000000007c80e8d8): calling ktype release input: syz1 as /devices/virtual/input/input28206 kobject: 'input28207': free name kobject: 'input28204' (0000000091d77e4d): kobject_uevent_env kobject: '(null)' (00000000eab48cf0): kobject_cleanup, parent 00000000d7c64f97 kobject: 'input28204' (0000000091d77e4d): fill_kobj_path: path = '/devices/virtual/input/input28204' kobject: 'input28202' (00000000ee7256d7): kobject_cleanup, parent (null) kobject: 'loop5' (000000005450a8f7): kobject_uevent_env kobject: 'loop5' (000000005450a8f7): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: '(null)' (00000000eab48cf0): calling ktype release kobject: 'input28204' (0000000091d77e4d): kobject_cleanup, parent (null) kobject: 'input28202' (00000000ee7256d7): calling ktype release kobject: 'input28208' (00000000dd445213): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'input28202': free name kobject: 'input28204' (0000000091d77e4d): calling ktype release RSP: 0018:ffff8801872e7738 EFLAGS: 00010246 kobject: 'input28208' (00000000dd445213): kobject_uevent_env kobject: 'input28204': free name RAX: 0000000000040000 RBX: ffff880182077240 RCX: ffffc90007f18000 kobject: 'event6' (00000000d7c64f97): kobject_cleanup, parent (null) kobject: 'input28208' (00000000dd445213): fill_kobj_path: path = '/devices/virtual/input/input28208' kobject: 'event6' (00000000d7c64f97): calling ktype release kobject: 'input28209' (00000000f7317104): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'loop2' (000000008b9121ed): kobject_uevent_env kobject: 'input28208' (00000000dd445213): fill_kobj_path: path = '/devices/virtual/input/input28208' kobject: 'input28209' (00000000f7317104): kobject_uevent_env kobject: 'loop2' (000000008b9121ed): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'event6': free name input: syz1 as /devices/virtual/input/input28208 kobject: 'input28209' (00000000f7317104): fill_kobj_path: path = '/devices/virtual/input/input28209' kobject: 'input28210' (0000000036553f27): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'input28196' (0000000071945b4a): kobject_uevent_env kobject: 'event5' (000000000630e76c): kobject_add_internal: parent: 'input28206', set: 'devices' kobject: 'input28196' (0000000071945b4a): fill_kobj_path: path = '/devices/virtual/input/input28196' kobject: 'input28209' (00000000f7317104): fill_kobj_path: path = '/devices/virtual/input/input28209' kobject: 'input28196' (0000000071945b4a): kobject_cleanup, parent (null) kobject: 'input28196' (0000000071945b4a): calling ktype release kobject: 'event5' (000000000630e76c): kobject_uevent_env kobject: 'input28196': free name kobject: 'event5' (000000000630e76c): fill_kobj_path: path = '/devices/virtual/input/input28206/event5' kobject: 'mouse1' (0000000072b642b7): kobject_add_internal: parent: 'input28208', set: 'devices' kobject: 'input28210' (0000000036553f27): kobject_uevent_env input: syz0 as /devices/virtual/input/input28209 kobject: 'input28210' (0000000036553f27): fill_kobj_path: path = '/devices/virtual/input/input28210' kobject: 'mouse1' (0000000072b642b7): kobject_uevent_env kobject: 'input28210' (0000000036553f27): fill_kobj_path: path = '/devices/virtual/input/input28210' input: syz1 as /devices/virtual/input/input28210 kobject: 'mouse1' (0000000072b642b7): fill_kobj_path: path = '/devices/virtual/input/input28208/mouse1' RDX: 0000000000040000 RSI: ffffffff820f917b RDI: ffff8801820772e8 RBP: ffff8801872e7748 R08: 0000000000000000 R09: ffffed003b5c4fe8 kobject: 'event6' (000000005a6ff99d): kobject_add_internal: parent: 'input28208', set: 'devices' R10: ffffed003b5c4fe8 R11: ffff8801dae27f47 R12: ffff8801872e7a20 kobject: 'event6' (000000005a6ff99d): kobject_uevent_env kobject: 'event6' (000000005a6ff99d): fill_kobj_path: path = '/devices/virtual/input/input28208/event6' R13: ffffed0030e5cf28 R14: ffffed0030e5cf18 R15: ffffed0030e5cf08 kobject: 'event4' (000000002aab34ab): kobject_uevent_env kobject: 'input28211' (00000000fd587293): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'event4' (000000002aab34ab): fill_kobj_path: path = '/devices/virtual/input/input28198/event4' kobject: 'input28211' (00000000fd587293): kobject_uevent_env kobject: 'input28211' (00000000fd587293): fill_kobj_path: path = '/devices/virtual/input/input28211' kobject: 'input28211' (00000000fd587293): fill_kobj_path: path = '/devices/virtual/input/input28211' kobject: '(null)' (0000000037403bcb): kobject_cleanup, parent 000000002aab34ab input: syz1 as /devices/virtual/input/input28211 kobject: '(null)' (0000000037403bcb): calling ktype release FS: 00007f698a79e700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffcd1f60b98 CR3: 00000001d7a02000 CR4: 00000000001426f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 kobject: 'event4' (000000002aab34ab): kobject_cleanup, parent (null) kobject: 'event4' (000000002aab34ab): calling ktype release