syzbot

Unable to handle kernel paging request at virtual address dfff800000000000
Mem abort info:
  ESR = 0x0000000096000006
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x06: level 2 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000006
  CM = 0, WnR = 0
[dfff800000000000] address between user and kernel address ranges
Internal error: Oops: 96000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 3996 Comm: syz-executor152 Not tainted 5.15.120-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_test_bit include/asm-generic/bitops/non-atomic.h:118 [inline]
pc : set_buffer_uptodate include/linux/buffer_head.h:147 [inline]
pc : do_journal_end+0xf7c/0x3c50 fs/reiserfs/journal.c:4077
lr : __getblk include/linux/buffer_head.h:416 [inline]
lr : do_journal_end+0xf74/0x3c50 fs/reiserfs/journal.c:4074
sp : ffff80001cb975f0
x29: ffff80001cb97750 x28: ffff0000d78b8678 x27: 1ffff00003bbb20b
x26: 0000000000000000 x25: 0000000000000000 x24: ffff0000dcc3b017
x23: ffff0000d78b8018 x22: ffff80001ddd9040 x21: 0000000006393dfe
x20: ffff0000c058d240 x19: dfff800000000000 x18: ffff80001cb96900
x17: ff8080000889b904 x16: ffff80000824cbf4 x15: ffff800008a089e8
x14: 1ffff0000291e06a x13: ffffffffffffffff x12: 0000000000000000
x11: ff80800008a6a4c4 x10: 0000000000000000 x9 : ffff800008a6a4c4
x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000008 x3 : ffff800008a705b8
x2 : 0000000000000001 x1 : 0000000000000003 x0 : 0000000000000000
Call trace:
 __getblk include/linux/buffer_head.h:416 [inline]
 do_journal_end+0xf7c/0x3c50 fs/reiserfs/journal.c:4074
 journal_end_sync+0x164/0x1d0 fs/reiserfs/journal.c:3533
 reiserfs_sync_fs+0xd4/0x150 fs/reiserfs/super.c:78
 sync_filesystem+0xe8/0x218 fs/sync.c:56
 generic_shutdown_super+0x70/0x29c fs/super.c:448
 kill_block_super+0x70/0xdc fs/super.c:1405
 reiserfs_kill_sb+0x134/0x14c fs/reiserfs/super.c:570
 deactivate_locked_super+0xb8/0x13c fs/super.c:335
 deactivate_super+0x108/0x128 fs/super.c:366
 cleanup_mnt+0x3c0/0x474 fs/namespace.c:1143
 __cleanup_mnt+0x20/0x30 fs/namespace.c:1150
 task_work_run+0x130/0x1e4 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 do_notify_resume+0x262c/0x32b8 arch/arm64/kernel/signal.c:946
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_svc+0xfc/0x1f0 arch/arm64/kernel/entry-common.c:597
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Code: f81b03b7 97f60470 d343fc08 aa0003fa (38736908) 
---[ end trace f3d2883a97d76a0e ]---
----------------
Code disassembly (best guess):
   0:	f81b03b7 	stur	x23, [x29, #-80]
   4:	97f60470 	bl	0xffffffffffd811c4
   8:	d343fc08 	lsr	x8, x0, #3
   c:	aa0003fa 	mov	x26, x0
* 10:	38736908 	ldrb	w8, [x8, x19] <-- trapping instruction