syzbot

===================================================================
Unable to handle kernel paging request at virtual address dfff800000000048
KASAN: null-ptr-deref in range [0x0000000000000240-0x0000000000000247]
Mem abort info:
  ESR = 0x0000000096000006
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x06: level 2 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000006
  CM = 0, WnR = 0
[dfff800000000048] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Modules linked in:

CPU: 1 PID: 6298 Comm: syz.2.431 Not tainted 6.1.111-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : scnprintf_block_head fs/reiserfs/prints.c:152 [inline]
pc : prepare_error_buf+0xe80/0x157c fs/reiserfs/prints.c:245
lr : prepare_error_buf+0x660/0x157c fs/reiserfs/prints.c:246
sp : ffff800023ce6ae0
x29: ffff800023ce6c60
 x28: ffff80001cd03979
 x27: ffff80001cd02a79

x26: ffff800023ce6d78
 x25: ffff800023ce6d60
 x24: ffff800023ce6bc0

x23: ffff80001cd02a60
 x22: 0000000000000400 x21: ffff800023ce6d68
x20: 0000000000000242 x19: dfff800000000000 x18: ffff800023ce67e0
x17: ffff800018aa4000 x16: ffff8000084fb1ec x15: 0000000000000000
x14: 000000000000007a x13: ffff0000d01c3780 x12: 0000000000ff0100
x11: 0000000000ff0100 x10: 0000000000000000 x9 : ffff800008d92540
x8 : 0000000000000048 x7 : 20736e6961746e6f x6 : 6961746e6f632029
x5 : ffff80001cd02a79 x4 : ffff80001cd03979 x3 : ffff800012250814
x2 : 000000000000000b x1 : 00000000ffffffc8 x0 : 00000000fffffff9
Call trace:
 scnprintf_block_head fs/reiserfs/prints.c:152 [inline]
 prepare_error_buf+0xe80/0x157c fs/reiserfs/prints.c:245
 reiserfs_printk+0xdc/0x134 fs/reiserfs/prints.c:312
 print_leaf fs/reiserfs/prints.c:496 [inline]
 print_block+0x34c/0x1508 fs/reiserfs/prints.c:626
 reiserfs_cut_from_item+0x1904/0x1c98 fs/reiserfs/stree.c:1726
 reiserfs_do_truncate+0x89c/0x11c8 fs/reiserfs/stree.c:1973
 reiserfs_truncate_file+0x510/0xb1c fs/reiserfs/inode.c:2310
 reiserfs_file_release+0x710/0x884 fs/reiserfs/file.c:109
 __fput+0x1c8/0x7c8 fs/file_table.c:320
 ____fput+0x20/0x30 fs/file_table.c:348
 task_work_run+0x240/0x2f0 kernel/task_work.c:203
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 do_notify_resume+0x2148/0x3474 arch/arm64/kernel/signal.c:1132
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
 el0_svc+0x9c/0x168 arch/arm64/kernel/entry-common.c:638
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: 97efadf5 f9400288 9100a114 d343fe88 (38736908) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	97efadf5 	bl	0xffffffffffbeb7d4
   4:	f9400288 	ldr	x8, [x20]
   8:	9100a114 	add	x20, x8, #0x28
   c:	d343fe88 	lsr	x8, x20, #3
* 10:	38736908 	ldrb	w8, [x8, x19] <-- trapping instruction