[   81.235812][   T14] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.61' (ECDSA) to the list of known hosts.
executing program
[   84.284677][ T3541] loop0: detected capacity change from 0 to 8192
[   84.295461][ T3541] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   84.308537][ T3541] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   84.318622][ T3541] REISERFS (device loop0): using ordered data mode
[   84.325152][ T3541] reiserfs: using flush barriers
[   84.331430][ T3541] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   84.348078][ T3541] REISERFS (device loop0): checking transaction log (loop0)
[   84.395603][ T3541] REISERFS (device loop0): Using r5 hash to sort names
[   84.407380][ T3541] ==================================================================
[   84.415464][ T3541] BUG: KASAN: use-after-free in reiserfs_readdir_inode+0x5d8/0x14c0
[   84.423489][ T3541] Read of size 8 at addr ffff8880706a7000 by task syz-executor463/3541
[   84.431744][ T3541] 
[   84.434103][ T3541] CPU: 1 PID: 3541 Comm: syz-executor463 Not tainted 6.1.27-syzkaller #0
[   84.442536][ T3541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[   84.452644][ T3541] Call Trace:
[   84.455943][ T3541]  <TASK>
[   84.458885][ T3541]  dump_stack_lvl+0x1e3/0x2cb
[   84.463568][ T3541]  ? irq_work_queue+0xcd/0x150
[   84.468347][ T3541]  ? nf_tcp_handle_invalid+0x642/0x642
[   84.473810][ T3541]  ? panic+0x75d/0x75d
[   84.477874][ T3541]  ? _printk+0xd1/0x111
[   84.482025][ T3541]  ? _raw_spin_lock_irqsave+0xac/0x120
[   84.487501][ T3541]  print_report+0x15f/0x4f0
[   84.492023][ T3541]  ? __virt_addr_valid+0x22b/0x2e0
[   84.497136][ T3541]  ? __phys_addr+0xb6/0x170
[   84.501662][ T3541]  ? reiserfs_readdir_inode+0x5d8/0x14c0
[   84.507297][ T3541]  kasan_report+0x136/0x160
[   84.511813][ T3541]  ? reiserfs_readdir_inode+0x5d8/0x14c0
[   84.517476][ T3541]  kasan_check_range+0x27f/0x290
[   84.522423][ T3541]  reiserfs_readdir_inode+0x5d8/0x14c0
[   84.527896][ T3541]  ? __lock_acquire+0x125b/0x1f80
[   84.532947][ T3541]  ? reiserfs_dir_fsync+0x100/0x100
[   84.538172][ T3541]  ? read_lock_is_recursive+0x10/0x10
[   84.543543][ T3541]  ? __might_sleep+0xb0/0xb0
[   84.548157][ T3541]  ? __down_read_common+0x184/0x2c0
[   84.553363][ T3541]  ? iterate_dir+0x10a/0x560
[   84.557947][ T3541]  iterate_dir+0x224/0x560
[   84.562359][ T3541]  ? reiserfs_sync_file+0x270/0x270
[   84.567557][ T3541]  __se_sys_getdents64+0x209/0x4f0
[   84.572666][ T3541]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   84.578645][ T3541]  ? __x64_sys_getdents64+0x80/0x80
[   84.583835][ T3541]  ? filldir+0x6f0/0x6f0
[   84.588079][ T3541]  ? syscall_enter_from_user_mode+0x2e/0x220
[   84.594066][ T3541]  ? lockdep_hardirqs_on+0x94/0x130
[   84.599267][ T3541]  ? syscall_enter_from_user_mode+0x2e/0x220
[   84.605252][ T3541]  do_syscall_64+0x3d/0xb0
[   84.609680][ T3541]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.615612][ T3541] RIP: 0033:0x7fb60f4c32e9
[   84.620044][ T3541] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   84.639668][ T3541] RSP: 002b:00007ffda609aa18 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   84.648262][ T3541] RAX: ffffffffffffffda RBX: 00007ffda609aa68 RCX: 00007fb60f4c32e9
[   84.656229][ T3541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   84.664212][ T3541] RBP: 0000000000000000 R08: 00007ffda609ab40 R09: 00007ffda609ab40
[   84.672181][ T3541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffda609aa60
[   84.680157][ T3541] R13: 00007ffda609ab40 R14: 431bde82d7b634db R15: 00007ffda609aa40
[   84.688144][ T3541]  </TASK>
[   84.691163][ T3541] 
[   84.693493][ T3541] The buggy address belongs to the physical page:
[   84.699918][ T3541] page:ffffea0001c1a9c0 refcount:1 mapcount:1 mapping:0000000000000000 index:0x55be18401 pfn:0x706a7
[   84.710768][ T3541] memcg:ffff88813ff58000
[   84.715004][ T3541] anon flags: 0xfff800000a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[   84.725773][ T3541] raw: 00fff800000a0014 ffffea000048b888 ffffea0001e6a648 ffff888028074dd1
[   84.734360][ T3541] raw: 000000055be18401 0000000000000000 0000000100000000 ffff88813ff58000
[   84.742930][ T3541] page dumped because: kasan: bad access detected
[   84.749332][ T3541] page_owner tracks the page as allocated
[   84.755034][ T3541] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 3537, tgid 3537 (udevd), ts 84425568408, free_ts 15349359611
[   84.772164][ T3541]  post_alloc_hook+0x18d/0x1b0
[   84.776954][ T3541]  get_page_from_freelist+0x32ed/0x3480
[   84.782496][ T3541]  __alloc_pages+0x28d/0x770
[   84.787088][ T3541]  __folio_alloc+0xf/0x30
[   84.791422][ T3541]  vma_alloc_folio+0x486/0x990
[   84.796210][ T3541]  wp_page_copy+0x289/0x1740
[   84.800816][ T3541]  handle_mm_fault+0x2522/0x5330
[   84.805761][ T3541]  exc_page_fault+0x58d/0x790
[   84.810437][ T3541]  asm_exc_page_fault+0x22/0x30
[   84.815311][ T3541] page last free stack trace:
[   84.819973][ T3541]  free_unref_page_prepare+0xf63/0x1120
[   84.825528][ T3541]  free_unref_page+0x98/0x570
[   84.830222][ T3541]  free_contig_range+0x9a/0x150
[   84.835061][ T3541]  destroy_args+0xfe/0x997
[   84.839478][ T3541]  debug_vm_pgtable+0x416/0x46b
[   84.844356][ T3541]  do_one_initcall+0x265/0x8f0
[   84.849126][ T3541]  do_initcall_level+0x157/0x207
[   84.854054][ T3541]  do_initcalls+0x49/0x86
[   84.858409][ T3541]  kernel_init_freeable+0x473/0x61f
[   84.863604][ T3541]  kernel_init+0x19/0x290
[   84.867946][ T3541]  ret_from_fork+0x1f/0x30
[   84.872380][ T3541] 
[   84.874707][ T3541] Memory state around the buggy address:
[   84.880351][ T3541]  ffff8880706a6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.888403][ T3541]  ffff8880706a6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.896456][ T3541] >ffff8880706a7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.904509][ T3541]                    ^
[   84.908575][ T3541]  ffff8880706a7080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.916625][ T3541]  ffff8880706a7100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   84.924681][ T3541] ==================================================================
[   84.932990][ T3541] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   84.940223][ T3541] CPU: 0 PID: 3541 Comm: syz-executor463 Not tainted 6.1.27-syzkaller #0
[   84.948660][ T3541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[   84.958714][ T3541] Call Trace:
[   84.961985][ T3541]  <TASK>
[   84.964907][ T3541]  dump_stack_lvl+0x1e3/0x2cb
[   84.969579][ T3541]  ? nf_tcp_handle_invalid+0x642/0x642
[   84.975036][ T3541]  ? panic+0x75d/0x75d
[   84.979107][ T3541]  ? preempt_schedule_common+0xa6/0xd0
[   84.984598][ T3541]  ? vscnprintf+0x59/0x80
[   84.988935][ T3541]  panic+0x318/0x75d
[   84.992833][ T3541]  ? check_panic_on_warn+0x1d/0xa0
[   84.997949][ T3541]  ? memcpy_page_flushcache+0xfc/0xfc
[   85.003324][ T3541]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   85.009312][ T3541]  ? _raw_spin_unlock+0x40/0x40
[   85.014190][ T3541]  ? print_report+0x4a3/0x4f0
[   85.018877][ T3541]  check_panic_on_warn+0x7e/0xa0
[   85.023812][ T3541]  ? reiserfs_readdir_inode+0x5d8/0x14c0
[   85.029449][ T3541]  end_report+0x66/0x110
[   85.033696][ T3541]  kasan_report+0x143/0x160
[   85.038205][ T3541]  ? reiserfs_readdir_inode+0x5d8/0x14c0
[   85.043845][ T3541]  kasan_check_range+0x27f/0x290
[   85.048791][ T3541]  reiserfs_readdir_inode+0x5d8/0x14c0
[   85.054280][ T3541]  ? __lock_acquire+0x125b/0x1f80
[   85.059308][ T3541]  ? reiserfs_dir_fsync+0x100/0x100
[   85.064527][ T3541]  ? read_lock_is_recursive+0x10/0x10
[   85.069900][ T3541]  ? __might_sleep+0xb0/0xb0
[   85.074490][ T3541]  ? __down_read_common+0x184/0x2c0
[   85.079697][ T3541]  ? iterate_dir+0x10a/0x560
[   85.084461][ T3541]  iterate_dir+0x224/0x560
[   85.088963][ T3541]  ? reiserfs_sync_file+0x270/0x270
[   85.094184][ T3541]  __se_sys_getdents64+0x209/0x4f0
[   85.099298][ T3541]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   85.105278][ T3541]  ? __x64_sys_getdents64+0x80/0x80
[   85.110472][ T3541]  ? filldir+0x6f0/0x6f0
[   85.114736][ T3541]  ? syscall_enter_from_user_mode+0x2e/0x220
[   85.120719][ T3541]  ? lockdep_hardirqs_on+0x94/0x130
[   85.125925][ T3541]  ? syscall_enter_from_user_mode+0x2e/0x220
[   85.132004][ T3541]  do_syscall_64+0x3d/0xb0
[   85.136513][ T3541]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.142415][ T3541] RIP: 0033:0x7fb60f4c32e9
[   85.146825][ T3541] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   85.166433][ T3541] RSP: 002b:00007ffda609aa18 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   85.174856][ T3541] RAX: ffffffffffffffda RBX: 00007ffda609aa68 RCX: 00007fb60f4c32e9
[   85.182830][ T3541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   85.190799][ T3541] RBP: 0000000000000000 R08: 00007ffda609ab40 R09: 00007ffda609ab40
[   85.198772][ T3541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffda609aa60
[   85.206757][ T3541] R13: 00007ffda609ab40 R14: 431bde82d7b634db R15: 00007ffda609aa40
[   85.214741][ T3541]  </TASK>
[   85.218020][ T3541] Kernel Offset: disabled
[   85.222347][ T3541] Rebooting in 86400 seconds..