Warning: Permanently added '10.128.1.236' (ED25519) to the list of known hosts.
2025/08/12 09:44:23 ignoring optional flag "sandboxArg"="0"
2025/08/12 09:44:25 parsed 1 programs
[   65.458468][ T5786] cgroup: Unknown subsys name 'net'
[   65.622133][ T5786] cgroup: Unknown subsys name 'rlimit'
[   67.052696][ T5786] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   68.943642][ T1317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.959500][ T1317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.996384][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.007075][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.367254][ T5817] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.374987][ T5817] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.383547][ T5817] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.392740][ T5817] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.401698][ T5817] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   69.409151][ T5817] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.418101][ T5867] chnl_net:caif_netlink_parms(): no params data found
[   71.489354][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.496607][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.503829][ T5867] bridge_slave_0: entered allmulticast mode
[   71.513007][ T5867] bridge_slave_0: entered promiscuous mode
[   71.532141][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.539328][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.546949][ T5867] bridge_slave_1: entered allmulticast mode
[   71.553637][ T5867] bridge_slave_1: entered promiscuous mode
[   71.578370][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.593689][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.607344][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[   71.613894][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[   71.647093][ T5867] team0: Port device team_slave_0 added
[   71.654498][ T5867] team0: Port device team_slave_1 added
[   71.679559][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.686616][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.713476][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.742653][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.749753][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.775828][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.812292][ T5867] hsr_slave_0: entered promiscuous mode
[   71.818908][ T5867] hsr_slave_1: entered promiscuous mode
[   71.986007][ T5867] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.996339][ T5867] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.009683][ T5867] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.019944][ T5867] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.084622][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.091979][ T5867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.100036][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.107162][ T5867] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.176834][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.197274][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.205813][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.220477][ T5867] 8021q: adding VLAN 0 to HW filter on device team0
[   72.233099][ T1317] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.240221][ T1317] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.251988][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.259143][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.438728][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.494749][ T5867] veth0_vlan: entered promiscuous mode
[   72.515534][ T5867] veth1_vlan: entered promiscuous mode
[   72.554022][ T5867] veth0_macvtap: entered promiscuous mode
[   72.562689][ T5867] veth1_macvtap: entered promiscuous mode
[   72.580186][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.604789][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.619153][ T5867] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.629095][ T5867] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.640507][ T5867] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.650294][ T5867] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.772280][ T5867] syz-executor (5867) used greatest stack depth: 20912 bytes left
[   73.073301][ T1317] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/08/12 09:44:34 executed programs: 0
[   73.302629][ T5817] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   73.310691][ T5817] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   73.319435][ T5817] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   73.327921][ T5817] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   73.336418][ T5817] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   73.343799][ T5817] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   73.473642][ T5892] chnl_net:caif_netlink_parms(): no params data found
[   73.531655][ T5892] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.538912][ T5892] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.546226][ T5892] bridge_slave_0: entered allmulticast mode
[   73.552879][ T5892] bridge_slave_0: entered promiscuous mode
[   73.561368][ T5892] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.568546][ T5892] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.575954][ T5892] bridge_slave_1: entered allmulticast mode
[   73.582603][ T5892] bridge_slave_1: entered promiscuous mode
[   73.610554][ T5892] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.622913][ T5892] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.651975][ T5892] team0: Port device team_slave_0 added
[   73.659828][ T5892] team0: Port device team_slave_1 added
[   73.686347][ T5892] batman_adv: batadv0: Adding interface: batadv_slave_0
[   73.693323][ T5892] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.719297][ T5892] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.732009][ T5892] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.739175][ T5892] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.765311][ T5892] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.805928][ T5892] hsr_slave_0: entered promiscuous mode
[   73.812205][ T5892] hsr_slave_1: entered promiscuous mode
[   73.818512][ T5892] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.826651][ T5892] Cannot create hsr debugfs directory
[   75.407311][ T1317] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.436541][ T5817] Bluetooth: hci0: command tx timeout
[   77.515689][ T5817] Bluetooth: hci0: command tx timeout
[   77.623979][ T1317] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.698780][ T1317] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.542069][ T1317] hsr_slave_0: left promiscuous mode
[   78.551556][ T1317] hsr_slave_1: left promiscuous mode
[   78.558848][ T1317] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   78.567030][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_0
[   78.575836][ T1317] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   78.583243][ T1317] batman_adv: batadv0: Removing interface: batadv_slave_1
[   78.595917][ T1317] bridge_slave_1: left allmulticast mode
[   78.602170][ T1317] bridge_slave_1: left promiscuous mode
[   78.608724][ T1317] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.619837][ T1317] bridge_slave_0: left allmulticast mode
[   78.625608][ T1317] bridge_slave_0: left promiscuous mode
[   78.631314][ T1317] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.658479][ T1317] veth1_macvtap: left promiscuous mode
[   78.664195][ T1317] veth0_macvtap: left promiscuous mode
[   78.670376][ T1317] veth1_vlan: left promiscuous mode
[   78.676274][ T1317] veth0_vlan: left promiscuous mode
[   78.999242][ T1317] team0 (unregistering): Port device team_slave_1 removed
[   79.033183][ T1317] team0 (unregistering): Port device team_slave_0 removed
[   79.060920][ T1317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   79.091825][ T1317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   79.344191][ T1317] bond0 (unregistering): Released all slaves
[   79.432407][ T5892] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.441573][ T5892] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.450679][ T5892] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.460796][ T5892] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.551082][ T5892] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.568610][ T5892] 8021q: adding VLAN 0 to HW filter on device team0
[   79.580707][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.587854][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.595164][ T5817] Bluetooth: hci0: command tx timeout
[   79.610822][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.617971][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.818620][ T5892] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.854478][ T5892] veth0_vlan: entered promiscuous mode
[   79.864483][ T5892] veth1_vlan: entered promiscuous mode
[   79.893328][ T5892] veth0_macvtap: entered promiscuous mode
[   79.902247][ T5892] veth1_macvtap: entered promiscuous mode
[   79.919207][ T5892] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.932522][ T5892] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.950384][ T5892] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.959527][ T5892] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.968673][ T5892] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.977476][ T5892] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.033364][  T985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.043705][  T985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.069435][  T985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
2025/08/12 09:44:41 executed programs: 2
[   80.077645][  T985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.130930][ T5942] syz.0.17[5942]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   80.188542][ T5942] loop0: detected capacity change from 0 to 8192
[   80.204617][ T5942] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   80.218694][ T5942] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   80.229277][ T5942] REISERFS (device loop0): using ordered data mode
[   80.237063][ T5942] reiserfs: using flush barriers
[   80.244326][ T5942] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   80.261896][ T5942] REISERFS (device loop0): checking transaction log (loop0)
[   80.391622][ T5942] REISERFS (device loop0): Using tea hash to sort names
[   80.400931][ T5942] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   80.626585][   T28] audit: type=1804 audit(1754991881.940:2): pid=5945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.17" name="/newroot/0/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   80.654385][ T5945] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   80.672865][ T5945] REISERFS (device loop0): Remounting filesystem read-only
[   80.680538][ T5945] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265068 (1024)
[   80.691283][ T5945] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592756 (1024)
[   80.704626][ T5945] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   80.717289][ T5945] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   80.728193][ T5945] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   80.927191][ T5947] loop0: detected capacity change from 0 to 8192
[   80.944882][ T5947] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   80.958832][ T5947] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   80.968127][ T5947] REISERFS (device loop0): using ordered data mode
[   80.974728][ T5947] reiserfs: using flush barriers
[   80.981594][ T5947] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   80.999372][ T5947] REISERFS (device loop0): checking transaction log (loop0)
[   81.093001][ T5947] REISERFS (device loop0): Using tea hash to sort names
[   81.100307][ T5947] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   81.253949][   T28] audit: type=1804 audit(1754991882.570:3): pid=5950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.18" name="/newroot/1/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   81.263225][ T5950] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   81.286661][ T5950] REISERFS (device loop0): Remounting filesystem read-only
[   81.293954][ T5950] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265172 (1024)
[   81.307089][ T5950] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592860 (1024)
[   81.318752][ T5950] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   81.330841][ T5950] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   81.341336][ T5950] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   81.484504][ T5952] loop0: detected capacity change from 0 to 8192
[   81.501745][ T5952] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   81.514827][ T5952] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   81.524530][ T5952] REISERFS (device loop0): using ordered data mode
[   81.531564][ T5952] reiserfs: using flush barriers
[   81.538382][ T5952] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   81.556401][ T5952] REISERFS (device loop0): checking transaction log (loop0)
[   81.654321][ T5952] REISERFS (device loop0): Using tea hash to sort names
[   81.661900][ T5952] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   81.675349][ T5817] Bluetooth: hci0: command tx timeout
[   81.806748][   T28] audit: type=1804 audit(1754991883.130:4): pid=5954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.19" name="/newroot/2/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   81.837274][  T787] cfg80211: failed to load regulatory.db
[   81.849071][ T5954] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   81.859660][ T5954] REISERFS (device loop0): Remounting filesystem read-only
[   81.867125][ T5954] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264964 (1024)
[   81.877753][ T5954] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592652 (1024)
[   81.888836][ T5952] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 4 on readonly FS
[   81.906784][ T5954] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   81.917125][ T5954] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   81.927751][ T5954] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   82.095686][ T5956] loop0: detected capacity change from 0 to 8192
[   82.110062][ T5956] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   82.123210][ T5956] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   82.132528][ T5956] REISERFS (device loop0): using ordered data mode
[   82.139378][ T5956] reiserfs: using flush barriers
[   82.146711][ T5956] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   82.165485][ T5956] REISERFS (device loop0): checking transaction log (loop0)
[   82.252122][ T5956] REISERFS (device loop0): Using tea hash to sort names
[   82.261204][ T5956] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   82.400198][   T28] audit: type=1804 audit(1754991883.720:5): pid=5959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.20" name="/newroot/3/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   82.414618][ T5959] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   82.431930][ T5959] REISERFS (device loop0): Remounting filesystem read-only
[   82.439290][ T5959] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264784 (1024)
[   82.450136][ T5959] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592472 (1024)
[   82.463170][ T5959] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   82.473494][ T5959] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   82.484993][ T5959] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   82.617140][ T5961] loop0: detected capacity change from 0 to 8192
[   82.632088][ T5961] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   82.645320][ T5961] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   82.655292][ T5961] REISERFS (device loop0): using ordered data mode
[   82.661817][ T5961] reiserfs: using flush barriers
[   82.668455][ T5961] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   82.689332][ T5961] REISERFS (device loop0): checking transaction log (loop0)
[   82.786645][ T5961] REISERFS (device loop0): Using tea hash to sort names
[   82.793826][ T5961] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   82.943733][   T28] audit: type=1804 audit(1754991884.260:6): pid=5964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.21" name="/newroot/4/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   82.948474][ T5964] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   82.975862][ T5964] REISERFS (device loop0): Remounting filesystem read-only
[   82.983159][ T5964] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264648 (1024)
[   82.994085][ T5964] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592336 (1024)
[   83.004791][ T5964] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   83.017150][ T5964] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   83.027914][ T5964] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   83.191009][ T5966] loop0: detected capacity change from 0 to 8192
[   83.207082][ T5966] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   83.220277][ T5966] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   83.230093][ T5966] REISERFS (device loop0): using ordered data mode
[   83.237319][ T5966] reiserfs: using flush barriers
[   83.243890][ T5966] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   83.264908][ T5966] REISERFS (device loop0): checking transaction log (loop0)
[   83.349681][ T5966] REISERFS (device loop0): Using tea hash to sort names
[   83.357011][ T5966] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   83.497523][   T28] audit: type=1804 audit(1754991884.820:7): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.22" name="/newroot/5/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   83.513398][ T5969] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   83.529269][ T5969] REISERFS (device loop0): Remounting filesystem read-only
[   83.536865][ T5969] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264804 (1024)
[   83.547841][ T5969] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592492 (1024)
[   83.560004][ T5969] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   83.570251][ T5969] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   83.582203][ T5969] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   83.719302][ T5971] loop0: detected capacity change from 0 to 8192
[   83.738000][ T5971] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   83.751150][ T5971] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   83.762375][ T5971] REISERFS (device loop0): using ordered data mode
[   83.769056][ T5971] reiserfs: using flush barriers
[   83.776227][ T5971] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   83.794025][ T5971] REISERFS (device loop0): checking transaction log (loop0)
[   83.891349][ T5971] REISERFS (device loop0): Using tea hash to sort names
[   83.900464][ T5971] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   84.049787][   T28] audit: type=1804 audit(1754991885.360:8): pid=5974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.23" name="/newroot/6/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   84.071802][ T5974] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   84.082483][ T5974] REISERFS (device loop0): Remounting filesystem read-only
[   84.090528][ T5974] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265036 (1024)
[   84.101251][ T5974] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592724 (1024)
[   84.113799][ T5974] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   84.123961][ T5974] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   84.134345][ T5974] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   84.274853][ T5976] loop0: detected capacity change from 0 to 8192
[   84.293365][ T5976] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   84.306476][ T5976] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   84.316253][ T5976] REISERFS (device loop0): using ordered data mode
[   84.322783][ T5976] reiserfs: using flush barriers
[   84.329691][ T5976] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   84.347328][ T5976] REISERFS (device loop0): checking transaction log (loop0)
[   84.446507][ T5976] REISERFS (device loop0): Using tea hash to sort names
[   84.453757][ T5976] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   84.607488][   T28] audit: type=1804 audit(1754991885.930:9): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.24" name="/newroot/7/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   84.616859][ T5979] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   84.639318][ T5979] REISERFS (device loop0): Remounting filesystem read-only
[   84.648189][ T5979] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264792 (1024)
[   84.658797][ T5979] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592480 (1024)
[   84.669605][ T5979] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   84.680087][ T5979] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   84.690495][ T5979] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   84.824340][ T5981] loop0: detected capacity change from 0 to 8192
[   84.838882][ T5981] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   84.851975][ T5981] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   84.861316][ T5981] REISERFS (device loop0): using ordered data mode
[   84.868365][ T5981] reiserfs: using flush barriers
[   84.874994][ T5981] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   84.894974][ T5981] REISERFS (device loop0): checking transaction log (loop0)
[   84.985881][ T5981] REISERFS (device loop0): Using tea hash to sort names
[   84.993120][ T5981] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   85.137481][   T28] audit: type=1804 audit(1754991886.460:10): pid=5984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.25" name="/newroot/8/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   85.175953][ T5984] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   85.186590][ T5984] REISERFS (device loop0): Remounting filesystem read-only
[   85.193833][ T5984] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264600 (1024)
[   85.207056][ T5984] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592288 (1024)
[   85.223873][ T5984] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   85.234093][ T5984] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   85.244751][ T5984] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
2025/08/12 09:44:46 executed programs: 11
[   85.381639][ T5986] loop0: detected capacity change from 0 to 8192
[   85.394860][ T5986] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   85.415439][ T5986] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   85.424932][ T5986] REISERFS (device loop0): using ordered data mode
[   85.431597][ T5986] reiserfs: using flush barriers
[   85.440618][ T5986] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   85.458444][ T5986] REISERFS (device loop0): checking transaction log (loop0)
[   85.549502][ T5986] REISERFS (device loop0): Using tea hash to sort names
[   85.556886][ T5986] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   85.705149][   T28] audit: type=1804 audit(1754991887.020:11): pid=5989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.26" name="/newroot/9/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   85.710482][ T5989] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   85.738457][ T5989] REISERFS (device loop0): Remounting filesystem read-only
[   85.745892][ T5989] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265084 (1024)
[   85.757702][ T5989] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592772 (1024)
[   85.768603][ T5989] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   85.779897][ T5989] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   85.790627][ T5989] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   85.966200][ T5991] loop0: detected capacity change from 0 to 8192
[   85.985733][ T5991] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   85.999786][ T5991] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   86.009688][ T5991] REISERFS (device loop0): using ordered data mode
[   86.017738][ T5991] reiserfs: using flush barriers
[   86.024232][ T5991] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   86.042468][ T5991] REISERFS (device loop0): checking transaction log (loop0)
[   86.129188][ T5991] REISERFS (device loop0): Using tea hash to sort names
[   86.136661][ T5991] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   86.280700][   T28] audit: type=1804 audit(1754991887.600:12): pid=5994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.27" name="/newroot/10/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   86.290001][ T5994] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   86.312695][ T5994] REISERFS (device loop0): Remounting filesystem read-only
[   86.320100][ T5994] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264940 (1024)
[   86.330777][ T5994] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592628 (1024)
[   86.342847][ T5994] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   86.353047][ T5994] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   86.363721][ T5994] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   86.492691][ T5996] loop0: detected capacity change from 0 to 8192
[   86.505203][ T5996] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   86.518615][ T5996] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   86.527957][ T5996] REISERFS (device loop0): using ordered data mode
[   86.534612][ T5996] reiserfs: using flush barriers
[   86.541526][ T5996] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   86.559010][ T5996] REISERFS (device loop0): checking transaction log (loop0)
[   86.621637][ T5996] REISERFS (device loop0): Using tea hash to sort names
[   86.628989][ T5996] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   86.776894][   T28] audit: type=1804 audit(1754991888.100:13): pid=5999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.28" name="/newroot/11/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   86.784551][ T5999] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   86.809255][ T5999] REISERFS (device loop0): Remounting filesystem read-only
[   86.816915][ T5999] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264656 (1024)
[   86.827649][ T5999] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592344 (1024)
[   86.840263][ T5999] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   86.851925][ T5999] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   86.865587][ T5999] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   87.003241][ T6001] loop0: detected capacity change from 0 to 8192
[   87.021463][ T6001] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   87.034547][ T6001] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   87.044036][ T6001] REISERFS (device loop0): using ordered data mode
[   87.051143][ T6001] reiserfs: using flush barriers
[   87.058019][ T6001] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   87.076911][ T6001] REISERFS (device loop0): checking transaction log (loop0)
[   87.166337][ T6001] REISERFS (device loop0): Using tea hash to sort names
[   87.173499][ T6001] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   87.341181][   T28] audit: type=1804 audit(1754991888.660:14): pid=6004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.29" name="/newroot/12/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   87.350601][ T6004] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[   87.373857][ T6004] REISERFS (device loop0): Remounting filesystem read-only
[   87.381269][ T6004] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 264904 (1024)
[   87.391914][ T6004] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 592592 (1024)
[   87.402803][ T6004] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   87.413084][ T6004] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[   87.423460][ T6004] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
[   87.552565][ T6006] loop0: detected capacity change from 0 to 8192
[   87.561817][ T6006] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   87.575341][ T6006] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   87.584538][ T6006] REISERFS (device loop0): using ordered data mode
[   87.591163][ T6006] reiserfs: using flush barriers
[   87.598033][ T6006] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   87.614791][ T6006] REISERFS (device loop0): checking transaction log (loop0)
[   87.679969][ T6006] REISERFS (device loop0): Using tea hash to sort names
[   87.687611][ T6006] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   87.825358][   T28] audit: type=1804 audit(1754991889.150:15): pid=6009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.30" name="/newroot/13/file6/file1" dev="loop0" ino=5 res=1 errno=0
[   87.863003][ T6009] ==================================================================
[   87.871102][ T6009] BUG: KASAN: use-after-free in leaf_paste_in_buffer+0x6a1/0xbd0
[   87.878842][ T6009] Read of size 48 at addr ffff88806b707ff0 by task syz.0.30/6009
[   87.886538][ T6009] 
[   87.888856][ T6009] CPU: 0 PID: 6009 Comm: syz.0.30 Not tainted 6.6.101-syzkaller #0
[   87.896734][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.906791][ T6009] Call Trace:
[   87.910058][ T6009]  <TASK>
[   87.912978][ T6009]  dump_stack_lvl+0x16c/0x230
[   87.917664][ T6009]  ? __lock_acquire+0x7c80/0x7c80
[   87.922670][ T6009]  ? show_regs_print_info+0x20/0x20
[   87.927866][ T6009]  ? load_image+0x3b0/0x3b0
[   87.932359][ T6009]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[   87.937717][ T6009]  ? __virt_addr_valid+0x18c/0x540
[   87.942818][ T6009]  ? __virt_addr_valid+0x469/0x540
[   87.947918][ T6009]  print_report+0xac/0x220
[   87.952330][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   87.957688][ T6009]  kasan_report+0x117/0x150
[   87.962178][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   87.967545][ T6009]  kasan_check_range+0x288/0x290
[   87.972478][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   87.977851][ T6009]  __asan_memcpy+0x29/0x70
[   87.982428][ T6009]  leaf_paste_in_buffer+0x6a1/0xbd0
[   87.987622][ T6009]  leaf_copy_dir_entries+0x5e7/0x990
[   87.992908][ T6009]  ? leaf_item_bottle+0x1280/0x1280
[   87.998117][ T6009]  leaf_copy_boundary_item+0xb90/0x2180
[   88.003652][ T6009]  ? get_right_neighbor_position+0x147/0x210
[   88.009618][ T6009]  leaf_move_items+0x8b5/0xe90
[   88.014366][ T6009]  ? reiserfs_convert_objectid_map_v1+0x500/0x500
[   88.020779][ T6009]  ? do_raw_spin_unlock+0x121/0x230
[   88.026016][ T6009]  ? _raw_spin_unlock+0x28/0x40
[   88.030868][ T6009]  balance_leaf+0xc257/0x10da0
[   88.035633][ T6009]  ? verify_lock_unused+0x140/0x140
[   88.040848][ T6009]  ? do_balance+0x940/0x940
[   88.045370][ T6009]  ? __mutex_trylock_common+0x153/0x250
[   88.050917][ T6009]  ? trace_raw_output_contention_end+0xd0/0xd0
[   88.057062][ T6009]  ? rcu_is_watching+0x15/0xb0
[   88.061830][ T6009]  ? trace_contention_end+0x39/0xe0
[   88.067014][ T6009]  ? __mutex_lock+0x304/0xcc0
[   88.071678][ T6009]  ? __might_sleep+0xe0/0xe0
[   88.076261][ T6009]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[   88.081895][ T6009]  ? reiserfs_write_lock_nested+0x60/0xd0
[   88.087610][ T6009]  ? mutex_lock_nested+0x20/0x20
[   88.092531][ T6009]  ? get_empty_nodes+0x435/0x8c0
[   88.097454][ T6009]  ? __wake_up+0x190/0x190
[   88.101937][ T6009]  ? indirect_is_left_mergeable+0xe5/0x180
[   88.107993][ T6009]  ? get_neighbors+0x1030/0x1030
[   88.113346][ T6009]  ? create_virtual_node+0x1fc/0x1c70
[   88.118710][ T6009]  ? get_neighbors+0x9ba/0x1030
[   88.123546][ T6009]  ? fix_nodes+0x7b4c/0x82e0
[   88.128141][ T6009]  do_balance+0x2fe/0x940
[   88.132453][ T6009]  ? get_right_neighbor_position+0x210/0x210
[   88.138417][ T6009]  ? reiserfs_delete_item+0xe90/0xe90
[   88.143778][ T6009]  ? calc_deleted_bytes_number+0x465/0x800
[   88.149570][ T6009]  reiserfs_cut_from_item+0x13b2/0x1f10
[   88.155119][ T6009]  ? __might_sleep+0xe0/0xe0
[   88.159728][ T6009]  ? reiserfs_do_truncate+0x1340/0x1340
[   88.165267][ T6009]  ? search_by_key+0x4435/0x4630
[   88.170229][ T6009]  reiserfs_do_truncate+0xa3d/0x1340
[   88.175530][ T6009]  ? reiserfs_delete_object+0x1a0/0x1a0
[   88.181085][ T6009]  ? journal_begin+0x1f5/0x360
[   88.185871][ T6009]  ? reiserfs_update_inode_transaction+0x20/0x130
[   88.192272][ T6009]  reiserfs_truncate_file+0x37a/0x7c0
[   88.197634][ T6009]  ? reiserfs_new_symlink+0x560/0x560
[   88.203007][ T6009]  ? unmap_mapping_range+0xdf/0x170
[   88.208197][ T6009]  ? setattr_prepare+0x1e6/0xac0
[   88.213119][ T6009]  reiserfs_setattr+0xc0c/0x11a0
[   88.218048][ T6009]  ? reiserfs_commit_write+0x590/0x590
[   88.223523][ T6009]  ? ktime_get_coarse_real_ts64+0x110/0x120
[   88.229410][ T6009]  ? current_time+0x1b9/0x270
[   88.234082][ T6009]  ? inode_set_ctime_current+0x2d0/0x2d0
[   88.239722][ T6009]  ? evm_inode_setattr+0x94/0x6a0
[   88.244763][ T6009]  ? bpf_lsm_inode_setattr+0x9/0x10
[   88.249950][ T6009]  ? try_break_deleg+0x79/0x120
[   88.254788][ T6009]  ? reiserfs_commit_write+0x590/0x590
[   88.260234][ T6009]  notify_change+0xb0d/0xe10
[   88.264817][ T6009]  do_truncate+0x19b/0x220
[   88.269221][ T6009]  ? put_page_bootmem+0x2c0/0x2c0
[   88.274237][ T6009]  ? apparmor_file_truncate+0x23f/0x2d0
[   88.279770][ T6009]  ? ima_bprm_check+0x1f0/0x1f0
[   88.284611][ T6009]  path_openat+0x298c/0x3190
[   88.289202][ T6009]  ? __kasan_slab_alloc+0x6c/0x80
[   88.294221][ T6009]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   88.300279][ T6009]  ? verify_lock_unused+0x140/0x140
[   88.305464][ T6009]  ? do_filp_open+0x3d0/0x3d0
[   88.310131][ T6009]  ? __virt_addr_valid+0x18c/0x540
[   88.315239][ T6009]  do_filp_open+0x1c5/0x3d0
[   88.319746][ T6009]  ? vfs_tmpfile+0x490/0x490
[   88.324329][ T6009]  ? _raw_spin_unlock+0x28/0x40
[   88.329255][ T6009]  ? alloc_fd+0x58f/0x630
[   88.333579][ T6009]  do_sys_openat2+0x12c/0x1c0
[   88.338246][ T6009]  ? do_sys_open+0xe0/0xe0
[   88.342642][ T6009]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   88.348604][ T6009]  ? lock_chain_count+0x20/0x20
[   88.353447][ T6009]  ? lock_chain_count+0x20/0x20
[   88.358286][ T6009]  __x64_sys_openat+0x139/0x160
[   88.363119][ T6009]  do_syscall_64+0x55/0xb0
[   88.367517][ T6009]  ? clear_bhb_loop+0x40/0x90
[   88.372171][ T6009]  ? clear_bhb_loop+0x40/0x90
[   88.376828][ T6009]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   88.382708][ T6009] RIP: 0033:0x7f53fff8ebe9
[   88.387114][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.406794][ T6009] RSP: 002b:00007f53ff5fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   88.415197][ T6009] RAX: ffffffffffffffda RBX: 00007f54001b6180 RCX: 00007f53fff8ebe9
[   88.423164][ T6009] RDX: 0000000000000300 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   88.431133][ T6009] RBP: 00007f5400011e19 R08: 0000000000000000 R09: 0000000000000000
[   88.439092][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   88.447045][ T6009] R13: 00007f54001b6218 R14: 00007f54001b6180 R15: 00007ffd9b2d71c8
[   88.455007][ T6009]  </TASK>
[   88.458028][ T6009] 
[   88.460340][ T6009] The buggy address belongs to the physical page:
[   88.466737][ T6009] page:ffffea0001adc1c0 refcount:2 mapcount:0 mapping:ffff888148d00878 index:0x334 pfn:0x6b707
[   88.477046][ T6009] memcg:ffff8880785c0000
[   88.481274][ T6009] aops:def_blk_aops ino:700000
[   88.486019][ T6009] flags: 0xfff58000008234(referenced|dirty|lru|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[   88.496595][ T6009] page_type: 0xffffffff()
[   88.500905][ T6009] raw: 00fff58000008234 ffffea00017bb788 ffffea00017ac908 ffff888148d00878
[   88.509467][ T6009] raw: 0000000000000334 ffff88805f55ce80 00000002ffffffff ffff8880785c0000
[   88.518030][ T6009] page dumped because: kasan: bad access detected
[   88.524435][ T6009] page_owner tracks the page as allocated
[   88.530145][ T6009] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 6008, tgid 6005 (syz.0.30), ts 87763469873, free_ts 85861615908
[   88.550104][ T6009]  post_alloc_hook+0x1cd/0x210
[   88.555889][ T6009]  get_page_from_freelist+0x195c/0x19f0
[   88.561476][ T6009]  __alloc_pages+0x1e3/0x460
[   88.566058][ T6009]  folio_alloc+0x1e/0x30
[   88.570291][ T6009]  filemap_alloc_folio+0xdf/0x470
[   88.575311][ T6009]  __filemap_get_folio+0x3ee/0xbc0
[   88.580417][ T6009]  __getblk_gfp+0x223/0x660
[   88.584901][ T6009]  get_empty_nodes+0x515/0x8c0
[   88.589659][ T6009]  fix_nodes+0x1e52/0x82e0
[   88.594065][ T6009]  reiserfs_paste_into_item+0x5ce/0x7f0
[   88.599614][ T6009]  reiserfs_get_block+0x1bd3/0x3ed0
[   88.604808][ T6009]  __block_write_begin_int+0x566/0x1ad0
[   88.610337][ T6009]  reiserfs_write_begin+0x20a/0x4c0
[   88.615524][ T6009]  generic_perform_write+0x2fb/0x5b0
[   88.620803][ T6009]  generic_file_write_iter+0xaf/0x2e0
[   88.626157][ T6009]  do_iter_write+0x79a/0xc70
[   88.630729][ T6009] page last free stack trace:
[   88.635386][ T6009]  free_unref_page_prepare+0x7ce/0x8e0
[   88.640843][ T6009]  free_unref_page_list+0xbe/0x860
[   88.645939][ T6009]  release_pages+0x1fa0/0x2220
[   88.650687][ T6009]  __folio_batch_release+0x71/0xe0
[   88.655780][ T6009]  truncate_inode_pages_range+0x358/0xf00
[   88.661493][ T6009]  blkdev_flush_mapping+0x132/0x290
[   88.666673][ T6009]  blkdev_put+0x498/0x760
[   88.670982][ T6009]  bdev_release+0x57/0x70
[   88.675296][ T6009]  deactivate_locked_super+0x97/0x100
[   88.680691][ T6009]  cleanup_mnt+0x429/0x4c0
[   88.685094][ T6009]  task_work_run+0x1ce/0x250
[   88.689677][ T6009]  exit_to_user_mode_loop+0xe6/0x110
[   88.694952][ T6009]  exit_to_user_mode_prepare+0xb1/0x140
[   88.700484][ T6009]  syscall_exit_to_user_mode+0x1a/0x50
[   88.705929][ T6009]  do_syscall_64+0x61/0xb0
[   88.710327][ T6009]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   88.716210][ T6009] 
[   88.718523][ T6009] Memory state around the buggy address:
[   88.724129][ T6009]  ffff88806b707f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   88.732192][ T6009]  ffff88806b707f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   88.740232][ T6009] >ffff88806b708000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.748268][ T6009]                    ^
[   88.752313][ T6009]  ffff88806b708080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.760353][ T6009]  ffff88806b708100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.768389][ T6009] ==================================================================
[   88.785712][ T6009] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   88.792934][ T6009] CPU: 0 PID: 6009 Comm: syz.0.30 Not tainted 6.6.101-syzkaller #0
[   88.800823][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.810947][ T6009] Call Trace:
[   88.814212][ T6009]  <TASK>
[   88.817126][ T6009]  dump_stack_lvl+0x16c/0x230
[   88.821800][ T6009]  ? show_regs_print_info+0x20/0x20
[   88.826992][ T6009]  ? load_image+0x3b0/0x3b0
[   88.831491][ T6009]  panic+0x2c0/0x710
[   88.835382][ T6009]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   88.841540][ T6009]  ? bpf_jit_dump+0xd0/0xd0
[   88.846029][ T6009]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[   88.851910][ T6009]  ? _raw_spin_unlock+0x40/0x40
[   88.856755][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   88.862110][ T6009]  check_panic_on_warn+0x84/0xa0
[   88.867038][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   88.872392][ T6009]  end_report+0x6f/0x140
[   88.876618][ T6009]  kasan_report+0x128/0x150
[   88.881102][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   88.886464][ T6009]  kasan_check_range+0x288/0x290
[   88.891389][ T6009]  ? leaf_paste_in_buffer+0x6a1/0xbd0
[   88.896754][ T6009]  __asan_memcpy+0x29/0x70
[   88.901163][ T6009]  leaf_paste_in_buffer+0x6a1/0xbd0
[   88.906354][ T6009]  leaf_copy_dir_entries+0x5e7/0x990
[   88.911630][ T6009]  ? leaf_item_bottle+0x1280/0x1280
[   88.916819][ T6009]  leaf_copy_boundary_item+0xb90/0x2180
[   88.922355][ T6009]  ? get_right_neighbor_position+0x147/0x210
[   88.928318][ T6009]  leaf_move_items+0x8b5/0xe90
[   88.933069][ T6009]  ? reiserfs_convert_objectid_map_v1+0x500/0x500
[   88.939474][ T6009]  ? do_raw_spin_unlock+0x121/0x230
[   88.944659][ T6009]  ? _raw_spin_unlock+0x28/0x40
[   88.949502][ T6009]  balance_leaf+0xc257/0x10da0
[   88.954251][ T6009]  ? verify_lock_unused+0x140/0x140
[   88.959441][ T6009]  ? do_balance+0x940/0x940
[   88.963929][ T6009]  ? __mutex_trylock_common+0x153/0x250
[   88.969457][ T6009]  ? trace_raw_output_contention_end+0xd0/0xd0
[   88.975600][ T6009]  ? rcu_is_watching+0x15/0xb0
[   88.980356][ T6009]  ? trace_contention_end+0x39/0xe0
[   88.985539][ T6009]  ? __mutex_lock+0x304/0xcc0
[   88.990472][ T6009]  ? __might_sleep+0xe0/0xe0
[   88.995311][ T6009]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[   89.000929][ T6009]  ? reiserfs_write_lock_nested+0x60/0xd0
[   89.006639][ T6009]  ? mutex_lock_nested+0x20/0x20
[   89.011562][ T6009]  ? get_empty_nodes+0x435/0x8c0
[   89.016487][ T6009]  ? __wake_up+0x190/0x190
[   89.020888][ T6009]  ? indirect_is_left_mergeable+0xe5/0x180
[   89.026677][ T6009]  ? get_neighbors+0x1030/0x1030
[   89.031643][ T6009]  ? create_virtual_node+0x1fc/0x1c70
[   89.037006][ T6009]  ? get_neighbors+0x9ba/0x1030
[   89.041853][ T6009]  ? fix_nodes+0x7b4c/0x82e0
[   89.046446][ T6009]  do_balance+0x2fe/0x940
[   89.050768][ T6009]  ? get_right_neighbor_position+0x210/0x210
[   89.056750][ T6009]  ? reiserfs_delete_item+0xe90/0xe90
[   89.062128][ T6009]  ? calc_deleted_bytes_number+0x465/0x800
[   89.067938][ T6009]  reiserfs_cut_from_item+0x13b2/0x1f10
[   89.073487][ T6009]  ? __might_sleep+0xe0/0xe0
[   89.078089][ T6009]  ? reiserfs_do_truncate+0x1340/0x1340
[   89.083627][ T6009]  ? search_by_key+0x4435/0x4630
[   89.088580][ T6009]  reiserfs_do_truncate+0xa3d/0x1340
[   89.093863][ T6009]  ? reiserfs_delete_object+0x1a0/0x1a0
[   89.099403][ T6009]  ? journal_begin+0x1f5/0x360
[   89.104160][ T6009]  ? reiserfs_update_inode_transaction+0x20/0x130
[   89.110565][ T6009]  reiserfs_truncate_file+0x37a/0x7c0
[   89.115945][ T6009]  ? reiserfs_new_symlink+0x560/0x560
[   89.121399][ T6009]  ? unmap_mapping_range+0xdf/0x170
[   89.126587][ T6009]  ? setattr_prepare+0x1e6/0xac0
[   89.131512][ T6009]  reiserfs_setattr+0xc0c/0x11a0
[   89.136435][ T6009]  ? reiserfs_commit_write+0x590/0x590
[   89.141878][ T6009]  ? ktime_get_coarse_real_ts64+0x110/0x120
[   89.147759][ T6009]  ? current_time+0x1b9/0x270
[   89.152420][ T6009]  ? inode_set_ctime_current+0x2d0/0x2d0
[   89.158034][ T6009]  ? evm_inode_setattr+0x94/0x6a0
[   89.163047][ T6009]  ? bpf_lsm_inode_setattr+0x9/0x10
[   89.168231][ T6009]  ? try_break_deleg+0x79/0x120
[   89.173065][ T6009]  ? reiserfs_commit_write+0x590/0x590
[   89.178511][ T6009]  notify_change+0xb0d/0xe10
[   89.183088][ T6009]  do_truncate+0x19b/0x220
[   89.187497][ T6009]  ? put_page_bootmem+0x2c0/0x2c0
[   89.192504][ T6009]  ? apparmor_file_truncate+0x23f/0x2d0
[   89.198035][ T6009]  ? ima_bprm_check+0x1f0/0x1f0
[   89.202872][ T6009]  path_openat+0x298c/0x3190
[   89.207455][ T6009]  ? __kasan_slab_alloc+0x6c/0x80
[   89.212465][ T6009]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   89.218529][ T6009]  ? verify_lock_unused+0x140/0x140
[   89.223717][ T6009]  ? do_filp_open+0x3d0/0x3d0
[   89.228386][ T6009]  ? __virt_addr_valid+0x18c/0x540
[   89.233489][ T6009]  do_filp_open+0x1c5/0x3d0
[   89.237989][ T6009]  ? vfs_tmpfile+0x490/0x490
[   89.242571][ T6009]  ? _raw_spin_unlock+0x28/0x40
[   89.247423][ T6009]  ? alloc_fd+0x58f/0x630
[   89.251752][ T6009]  do_sys_openat2+0x12c/0x1c0
[   89.256425][ T6009]  ? do_sys_open+0xe0/0xe0
[   89.260835][ T6009]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   89.266812][ T6009]  ? lock_chain_count+0x20/0x20
[   89.271651][ T6009]  ? lock_chain_count+0x20/0x20
[   89.276488][ T6009]  __x64_sys_openat+0x139/0x160
[   89.281326][ T6009]  do_syscall_64+0x55/0xb0
[   89.285729][ T6009]  ? clear_bhb_loop+0x40/0x90
[   89.290391][ T6009]  ? clear_bhb_loop+0x40/0x90
[   89.295061][ T6009]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   89.301046][ T6009] RIP: 0033:0x7f53fff8ebe9
[   89.305447][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.325056][ T6009] RSP: 002b:00007f53ff5fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   89.333467][ T6009] RAX: ffffffffffffffda RBX: 00007f54001b6180 RCX: 00007f53fff8ebe9
[   89.341426][ T6009] RDX: 0000000000000300 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   89.349382][ T6009] RBP: 00007f5400011e19 R08: 0000000000000000 R09: 0000000000000000
[   89.357338][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   89.365294][ T6009] R13: 00007f54001b6218 R14: 00007f54001b6180 R15: 00007ffd9b2d71c8
[   89.373342][ T6009]  </TASK>
[   89.376606][ T6009] Kernel Offset: disabled
[   89.380916][ T6009] Rebooting in 86400 seconds..