[ 15.281153][ T3892] 8021q: adding VLAN 0 to HW filter on device bond0 [ 15.285500][ T3892] eql: remember to turn off Van-Jacobson compression on your slave devices [ 15.326415][ T545] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 15.332616][ T110] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.81' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 34.692566][ T4216] loop0: detected capacity change from 0 to 8192 [ 34.700117][ T4216] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 34.702940][ T4216] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 34.705191][ T4216] REISERFS (device loop0): using ordered data mode [ 34.706564][ T4216] reiserfs: using flush barriers [ 34.708469][ T4216] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.711980][ T4216] REISERFS (device loop0): checking transaction log (loop0) [ 34.752720][ T4216] REISERFS (device loop0): Using r5 hash to sort names [ 34.754468][ T4216] REISERFS (device loop0): using 3.5.x disk format [ 34.756250][ T4216] ================================================================== [ 34.757934][ T4216] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x698/0xb10 [ 34.759561][ T4216] Read of size 18446744073709551584 at addr ffff0000e2579fa4 by task syz-executor894/4216 [ 34.761808][ T4216] [ 34.762265][ T4216] CPU: 1 PID: 4216 Comm: syz-executor894 Not tainted 6.1.32-syzkaller #0 [ 34.764185][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 34.766416][ T4216] Call trace: [ 34.767136][ T4216] dump_backtrace+0x1c8/0x1f4 [ 34.768148][ T4216] show_stack+0x2c/0x3c [ 34.768996][ T4216] dump_stack_lvl+0x108/0x170 [ 34.770034][ T4216] print_report+0x174/0x4c0 [ 34.771052][ T4216] kasan_report+0xd4/0x130 [ 34.772084][ T4216] kasan_check_range+0x264/0x2a4 [ 34.773178][ T4216] memmove+0x48/0x90 [ 34.774008][ T4216] leaf_paste_entries+0x698/0xb10 [ 34.775084][ T4216] balance_leaf+0xa0d4/0xe860 [ 34.776069][ T4216] do_balance+0x27c/0x788 [ 34.777103][ T4216] reiserfs_paste_into_item+0x630/0x744 [ 34.778345][ T4216] reiserfs_add_entry+0x8ec/0xcc4 [ 34.779410][ T4216] reiserfs_mkdir+0x588/0x77c [ 34.780421][ T4216] reiserfs_xattr_init+0x2b0/0x6bc [ 34.781583][ T4216] reiserfs_fill_super+0x1bfc/0x2028 [ 34.782786][ T4216] mount_bdev+0x274/0x370 [ 34.783711][ T4216] get_super_block+0x44/0x58 [ 34.784699][ T4216] legacy_get_tree+0xd4/0x16c [ 34.785745][ T4216] vfs_get_tree+0x90/0x274 [ 34.786726][ T4216] do_new_mount+0x25c/0x8c4 [ 34.787795][ T4216] path_mount+0x590/0xe58 [ 34.788830][ T4216] __arm64_sys_mount+0x45c/0x594 [ 34.789915][ T4216] invoke_syscall+0x98/0x2c0 [ 34.790907][ T4216] el0_svc_common+0x138/0x258 [ 34.792014][ T4216] do_el0_svc+0x64/0x218 [ 34.792928][ T4216] el0_svc+0x58/0x168 [ 34.793844][ T4216] el0t_64_sync_handler+0x84/0xf0 [ 34.794931][ T4216] el0t_64_sync+0x18c/0x190 [ 34.795951][ T4216] [ 34.796390][ T4216] The buggy address belongs to the physical page: [ 34.797770][ T4216] page:000000002f26af8a refcount:3 mapcount:0 mapping:000000004486e3bf index:0x213 pfn:0x122579 [ 34.799922][ T4216] memcg:ffff0000c0930000 [ 34.800873][ T4216] aops:def_blk_aops ino:700000 [ 34.801878][ T4216] flags: 0x5ffc60000002042(referenced|workingset|private|node=0|zone=2|lastcpupid=0x7ff) [ 34.803989][ T4216] raw: 05ffc60000002042 0000000000000000 dead000000000122 ffff0000c0543f10 [ 34.805870][ T4216] raw: 0000000000000213 ffff0000e28ae3a0 00000003ffffffff ffff0000c0930000 [ 34.807733][ T4216] page dumped because: kasan: bad access detected [ 34.809169][ T4216] [ 34.809636][ T4216] Memory state around the buggy address: [ 34.810890][ T4216] ffff0000e2579e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.812599][ T4216] ffff0000e2579f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.814271][ T4216] >ffff0000e2579f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.816092][ T4216] ^ [ 34.817236][ T4216] ffff0000e257a000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 34.819008][ T4216] ffff0000e257a080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 34.820784][ T4216] ================================================================== [ 34.822705][ T4216] Disabling lock debugging due to kernel taint [ 34.824125][ T4216] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376 [ 34.828406][ T4216] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 34.830679][ T4216] REISERFS (device loop0): Remounting filesystem read-only [ 34.832234][ T4216] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [1 2 0x0 SD] stat data [ 34.835235][ T4216] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount. [ 34.838286][ T4216] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376 [ 34.842621][ T4216] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 34.844939][ T4216] REISERFS error (device loop0): zam-7001 reiserfs_find_entry: io error