Warning: Permanently added '10.128.10.30' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   59.547054][ T3548] loop0: detected capacity change from 0 to 8192
[   59.557625][ T3548] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   59.570767][ T3548] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   59.580169][ T3548] REISERFS (device loop0): using ordered data mode
[   59.586779][ T3548] reiserfs: using flush barriers
[   59.593064][ T3548] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   59.610117][ T3548] REISERFS (device loop0): checking transaction log (loop0)
[   59.664496][ T3548] REISERFS (device loop0): Using r5 hash to sort names
[   59.671679][ T3548] REISERFS (device loop0): using 3.5.x disk format
[   59.679194][ T3548] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   59.727982][ T3548] ==================================================================
[   59.736085][ T3548] BUG: KASAN: out-of-bounds in leaf_paste_in_buffer+0x1b8/0xab0
[   59.743765][ T3548] Read of size 18446744073709551365 at addr ffff888070318000 by task syz-executor241/3548
[   59.753665][ T3548] 
[   59.756001][ T3548] CPU: 0 PID: 3548 Comm: syz-executor241 Not tainted 6.1.53-syzkaller #0
[   59.764420][ T3548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   59.774476][ T3548] Call Trace:
[   59.777759][ T3548]  <TASK>
[   59.780690][ T3548]  dump_stack_lvl+0x1e3/0x2cb
[   59.785385][ T3548]  ? nf_tcp_handle_invalid+0x642/0x642
[   59.790851][ T3548]  ? panic+0x75d/0x75d
[   59.794935][ T3548]  ? _printk+0xd1/0x111
[   59.799158][ T3548]  ? _raw_spin_lock_irqsave+0xac/0x120
[   59.804654][ T3548]  print_report+0x15f/0x4f0
[   59.809160][ T3548]  ? leaf_move_items+0x1c4c/0x28a0
[   59.814270][ T3548]  ? __virt_addr_valid+0x22b/0x2e0
[   59.819388][ T3548]  ? __phys_addr+0xb6/0x170
[   59.823906][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   59.829277][ T3548]  kasan_report+0x136/0x160
[   59.833782][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   59.839167][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   59.844551][ T3548]  kasan_check_range+0x27f/0x290
[   59.849501][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   59.854885][ T3548]  memmove+0x25/0x60
[   59.858792][ T3548]  leaf_paste_in_buffer+0x1b8/0xab0
[   59.864006][ T3548]  balance_leaf+0x667c/0x12510
[   59.868787][ T3548]  ? print_irqtrace_events+0x210/0x210
[   59.874261][ T3548]  ? do_balance+0x8f0/0x8f0
[   59.878776][ T3548]  ? write_boundary_block+0xb0/0xb0
[   59.883981][ T3548]  ? do_raw_spin_lock+0x14a/0x370
[   59.889022][ T3548]  ? do_raw_spin_unlock+0x137/0x8a0
[   59.894239][ T3548]  ? __getblk_gfp+0x934/0xa20
[   59.898928][ T3548]  ? get_empty_nodes+0xad9/0xd70
[   59.903881][ T3548]  ? direntry_part_size+0xb0/0x1a0
[   59.909009][ T3548]  ? __wake_up+0x1c0/0x1c0
[   59.913431][ T3548]  ? get_neighbors+0x1010/0x1010
[   59.918481][ T3548]  ? is_leaf_removable+0x8c0/0x8c0
[   59.923607][ T3548]  ? get_neighbors+0x631/0x1010
[   59.928481][ T3548]  ? reiserfs_prepare_for_journal+0x269/0x280
[   59.934562][ T3548]  ? fix_nodes+0x7abc/0x8c70
[   59.939167][ T3548]  ? __might_sleep+0xb0/0xb0
[   59.943777][ T3548]  do_balance+0x309/0x8f0
[   59.948172][ T3548]  ? get_right_neighbor_position+0x210/0x210
[   59.954169][ T3548]  ? reiserfs_paste_into_item+0x3ef/0x880
[   59.959897][ T3548]  reiserfs_paste_into_item+0x73b/0x880
[   59.965456][ T3548]  ? reiserfs_cut_from_item+0x2580/0x2580
[   59.971192][ T3548]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   59.977136][ T3548]  ? reiserfs_get_block+0x19b3/0x5150
[   59.982518][ T3548]  ? rcu_is_watching+0x11/0xb0
[   59.987291][ T3548]  ? __kmalloc+0xe2/0x230
[   59.991629][ T3548]  reiserfs_get_block+0x2259/0x5150
[   59.996865][ T3548]  ? make_le_item_head+0x5c0/0x5c0
[   60.001988][ T3548]  ? reiserfs_write_begin+0x249/0x510
[   60.007370][ T3548]  ? generic_cont_expand_simple+0x187/0x2a0
[   60.013276][ T3548]  ? reiserfs_setattr+0x606/0x11c0
[   60.018412][ T3548]  ? notify_change+0xdcd/0x1080
[   60.023271][ T3548]  ? do_truncate+0x21c/0x300
[   60.027883][ T3548]  ? do_sys_ftruncate+0x2e2/0x380
[   60.032924][ T3548]  ? do_syscall_64+0x3d/0xb0
[   60.037528][ T3548]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   60.043604][ T3548]  ? mark_lock+0x9a/0x340
[   60.047964][ T3548]  ? __lock_acquire+0x125b/0x1f80
[   60.053014][ T3548]  ? create_page_buffers+0x1d2/0x4b0
[   60.058310][ T3548]  ? __lock_acquire+0x1f80/0x1f80
[   60.063344][ T3548]  ? attach_page_private+0x110/0x300
[   60.068650][ T3548]  ? create_page_buffers+0x24e/0x4b0
[   60.073945][ T3548]  __block_write_begin_int+0x544/0x1a30
[   60.079506][ T3548]  ? xas_load+0x11a/0x140
[   60.083861][ T3548]  ? make_le_item_head+0x5c0/0x5c0
[   60.088987][ T3548]  ? page_zero_new_buffers+0x650/0x650
[   60.094460][ T3548]  ? __block_write_begin+0x61/0x150
[   60.099673][ T3548]  ? reiserfs_write_begin+0x17f/0x510
[   60.105057][ T3548]  reiserfs_write_begin+0x249/0x510
[   60.110273][ T3548]  generic_cont_expand_simple+0x187/0x2a0
[   60.116011][ T3548]  ? submit_bh+0x20/0x20
[   60.120266][ T3548]  ? ktime_get_coarse_real_ts64+0x36/0x120
[   60.126081][ T3548]  ? mutex_lock_nested+0x17/0x20
[   60.131032][ T3548]  reiserfs_setattr+0x606/0x11c0
[   60.135986][ T3548]  ? reiserfs_commit_write+0x5a0/0x5a0
[   60.141456][ T3548]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   60.147361][ T3548]  ? current_time+0x1d1/0x2f0
[   60.152046][ T3548]  ? atime_needs_update+0x7b0/0x7b0
[   60.157250][ T3548]  ? rwsem_write_trylock+0x166/0x210
[   60.162551][ T3548]  ? bpf_lsm_inode_setattr+0x5/0x10
[   60.167768][ T3548]  ? reiserfs_commit_write+0x5a0/0x5a0
[   60.173240][ T3548]  notify_change+0xdcd/0x1080
[   60.177937][ T3548]  do_truncate+0x21c/0x300
[   60.182371][ T3548]  ? put_page_bootmem+0x2e0/0x2e0
[   60.187411][ T3548]  ? print_irqtrace_events+0x210/0x210
[   60.192882][ T3548]  ? print_irqtrace_events+0x210/0x210
[   60.198350][ T3548]  ? bpf_lsm_path_truncate+0x5/0x10
[   60.203564][ T3548]  do_sys_ftruncate+0x2e2/0x380
[   60.208433][ T3548]  do_syscall_64+0x3d/0xb0
[   60.212881][ T3548]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   60.218781][ T3548] RIP: 0033:0x7fbe296d8739
[   60.223206][ T3548] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   60.242818][ T3548] RSP: 002b:00007fff0e468308 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[   60.251238][ T3548] RAX: ffffffffffffffda RBX: 00007fff0e4684d8 RCX: 00007fbe296d8739
[   60.259217][ T3548] RDX: 00007fbe296d8739 RSI: 0000000002007fff RDI: 0000000000000005
[   60.267201][ T3548] RBP: 00007fbe2974c610 R08: 00007fff0e4684d8 R09: 00007fff0e4684d8
[   60.275175][ T3548] R10: 00007fff0e4684d8 R11: 0000000000000246 R12: 0000000000000001
[   60.283152][ T3548] R13: 00007fff0e4684c8 R14: 0000000000000001 R15: 0000000000000001
[   60.291158][ T3548]  </TASK>
[   60.294179][ T3548] 
[   60.296510][ T3548] The buggy address belongs to the physical page:
[   60.302922][ T3548] page:ffffea0001c0c600 refcount:1 mapcount:1 mapping:0000000000000000 index:0x20002 pfn:0x70318
[   60.313422][ T3548] memcg:ffff88813fe30000
[   60.317662][ T3548] anon flags: 0xfff800000a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[   60.328432][ T3548] raw: 00fff800000a0014 ffffea0001e2c988 ffffea0001c0c6c8 ffff88807e8bf991
[   60.337025][ T3548] raw: 0000000000020002 0000000000000000 0000000100000000 ffff88813fe30000
[   60.345629][ T3548] page dumped because: kasan: bad access detected
[   60.352041][ T3548] page_owner tracks the page as allocated
[   60.357753][ T3548] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 3548, tgid 3548 (syz-executor241), ts 59695867333, free_ts 16426398259
[   60.376685][ T3548]  post_alloc_hook+0x18d/0x1b0
[   60.381541][ T3548]  get_page_from_freelist+0x32ed/0x3480
[   60.387095][ T3548]  __alloc_pages+0x28d/0x770
[   60.391687][ T3548]  __folio_alloc+0xf/0x30
[   60.396020][ T3548]  vma_alloc_folio+0x486/0x990
[   60.400789][ T3548]  handle_mm_fault+0x2e85/0x5330
[   60.405731][ T3548]  exc_page_fault+0x26f/0x660
[   60.410420][ T3548]  asm_exc_page_fault+0x22/0x30
[   60.415276][ T3548] page last free stack trace:
[   60.419953][ T3548]  free_unref_page_prepare+0xf63/0x1120
[   60.425500][ T3548]  free_unref_page+0x98/0x570
[   60.430177][ T3548]  free_contig_range+0x9a/0x150
[   60.435033][ T3548]  destroy_args+0xfe/0x997
[   60.439457][ T3548]  debug_vm_pgtable+0x416/0x46b
[   60.444320][ T3548]  do_one_initcall+0x265/0x8f0
[   60.449135][ T3548]  do_initcall_level+0x157/0x207
[   60.454081][ T3548]  do_initcalls+0x49/0x86
[   60.458418][ T3548]  kernel_init_freeable+0x473/0x61f
[   60.463631][ T3548]  kernel_init+0x19/0x290
[   60.467971][ T3548]  ret_from_fork+0x1f/0x30
[   60.472402][ T3548] 
[   60.474726][ T3548] Memory state around the buggy address:
[   60.480357][ T3548]  ffff888070317f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   60.488429][ T3548]  ffff888070317f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   60.496495][ T3548] >ffff888070318000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   60.504554][ T3548]                    ^
[   60.508626][ T3548]  ffff888070318080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   60.516689][ T3548]  ffff888070318100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   60.524772][ T3548] ==================================================================
[   60.533871][ T3548] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   60.541132][ T3548] CPU: 0 PID: 3548 Comm: syz-executor241 Not tainted 6.1.53-syzkaller #0
[   60.549704][ T3548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   60.559787][ T3548] Call Trace:
[   60.563075][ T3548]  <TASK>
[   60.566014][ T3548]  dump_stack_lvl+0x1e3/0x2cb
[   60.570707][ T3548]  ? nf_tcp_handle_invalid+0x642/0x642
[   60.576173][ T3548]  ? panic+0x75d/0x75d
[   60.580258][ T3548]  ? vscnprintf+0x59/0x80
[   60.584600][ T3548]  panic+0x318/0x75d
[   60.588529][ T3548]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   60.594691][ T3548]  ? check_panic_on_warn+0x1d/0xa0
[   60.599812][ T3548]  ? memcpy_page_flushcache+0xfc/0xfc
[   60.605202][ T3548]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   60.611203][ T3548]  ? _raw_spin_unlock+0x40/0x40
[   60.616076][ T3548]  check_panic_on_warn+0x7e/0xa0
[   60.621023][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   60.626433][ T3548]  end_report+0x66/0x110
[   60.630687][ T3548]  kasan_report+0x143/0x160
[   60.635194][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   60.640575][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   60.645976][ T3548]  kasan_check_range+0x27f/0x290
[   60.650934][ T3548]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   60.656317][ T3548]  memmove+0x25/0x60
[   60.660229][ T3548]  leaf_paste_in_buffer+0x1b8/0xab0
[   60.665441][ T3548]  balance_leaf+0x667c/0x12510
[   60.670237][ T3548]  ? print_irqtrace_events+0x210/0x210
[   60.675727][ T3548]  ? do_balance+0x8f0/0x8f0
[   60.680241][ T3548]  ? write_boundary_block+0xb0/0xb0
[   60.685449][ T3548]  ? do_raw_spin_lock+0x14a/0x370
[   60.690486][ T3548]  ? do_raw_spin_unlock+0x137/0x8a0
[   60.695702][ T3548]  ? __getblk_gfp+0x934/0xa20
[   60.700394][ T3548]  ? get_empty_nodes+0xad9/0xd70
[   60.705349][ T3548]  ? direntry_part_size+0xb0/0x1a0
[   60.710476][ T3548]  ? __wake_up+0x1c0/0x1c0
[   60.714926][ T3548]  ? get_neighbors+0x1010/0x1010
[   60.719901][ T3548]  ? is_leaf_removable+0x8c0/0x8c0
[   60.725043][ T3548]  ? get_neighbors+0x631/0x1010
[   60.729917][ T3548]  ? reiserfs_prepare_for_journal+0x269/0x280
[   60.736031][ T3548]  ? fix_nodes+0x7abc/0x8c70
[   60.740638][ T3548]  ? __might_sleep+0xb0/0xb0
[   60.745273][ T3548]  do_balance+0x309/0x8f0
[   60.749648][ T3548]  ? get_right_neighbor_position+0x210/0x210
[   60.755676][ T3548]  ? reiserfs_paste_into_item+0x3ef/0x880
[   60.761420][ T3548]  reiserfs_paste_into_item+0x73b/0x880
[   60.766984][ T3548]  ? reiserfs_cut_from_item+0x2580/0x2580
[   60.772713][ T3548]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   60.778673][ T3548]  ? reiserfs_get_block+0x19b3/0x5150
[   60.784332][ T3548]  ? rcu_is_watching+0x11/0xb0
[   60.789152][ T3548]  ? __kmalloc+0xe2/0x230
[   60.793501][ T3548]  reiserfs_get_block+0x2259/0x5150
[   60.798747][ T3548]  ? make_le_item_head+0x5c0/0x5c0
[   60.803874][ T3548]  ? reiserfs_write_begin+0x249/0x510
[   60.809265][ T3548]  ? generic_cont_expand_simple+0x187/0x2a0
[   60.815170][ T3548]  ? reiserfs_setattr+0x606/0x11c0
[   60.820292][ T3548]  ? notify_change+0xdcd/0x1080
[   60.825171][ T3548]  ? do_truncate+0x21c/0x300
[   60.829792][ T3548]  ? do_sys_ftruncate+0x2e2/0x380
[   60.834841][ T3548]  ? do_syscall_64+0x3d/0xb0
[   60.839448][ T3548]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   60.845534][ T3548]  ? mark_lock+0x9a/0x340
[   60.849877][ T3548]  ? __lock_acquire+0x125b/0x1f80
[   60.854937][ T3548]  ? create_page_buffers+0x1d2/0x4b0
[   60.860235][ T3548]  ? __lock_acquire+0x1f80/0x1f80
[   60.865269][ T3548]  ? attach_page_private+0x110/0x300
[   60.870569][ T3548]  ? create_page_buffers+0x24e/0x4b0
[   60.875867][ T3548]  __block_write_begin_int+0x544/0x1a30
[   60.881431][ T3548]  ? xas_load+0x11a/0x140
[   60.885792][ T3548]  ? make_le_item_head+0x5c0/0x5c0
[   60.890914][ T3548]  ? page_zero_new_buffers+0x650/0x650
[   60.896391][ T3548]  ? __block_write_begin+0x61/0x150
[   60.901602][ T3548]  ? reiserfs_write_begin+0x17f/0x510
[   60.906991][ T3548]  reiserfs_write_begin+0x249/0x510
[   60.912208][ T3548]  generic_cont_expand_simple+0x187/0x2a0
[   60.917938][ T3548]  ? submit_bh+0x20/0x20
[   60.922193][ T3548]  ? ktime_get_coarse_real_ts64+0x36/0x120
[   60.928014][ T3548]  ? mutex_lock_nested+0x17/0x20
[   60.932967][ T3548]  reiserfs_setattr+0x606/0x11c0
[   60.937923][ T3548]  ? reiserfs_commit_write+0x5a0/0x5a0
[   60.943393][ T3548]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   60.949308][ T3548]  ? current_time+0x1d1/0x2f0
[   60.954011][ T3548]  ? atime_needs_update+0x7b0/0x7b0
[   60.959250][ T3548]  ? rwsem_write_trylock+0x166/0x210
[   60.964587][ T3548]  ? bpf_lsm_inode_setattr+0x5/0x10
[   60.969821][ T3548]  ? reiserfs_commit_write+0x5a0/0x5a0
[   60.975307][ T3548]  notify_change+0xdcd/0x1080
[   60.980023][ T3548]  do_truncate+0x21c/0x300
[   60.984471][ T3548]  ? put_page_bootmem+0x2e0/0x2e0
[   60.989530][ T3548]  ? print_irqtrace_events+0x210/0x210
[   60.995006][ T3548]  ? print_irqtrace_events+0x210/0x210
[   61.000505][ T3548]  ? bpf_lsm_path_truncate+0x5/0x10
[   61.005738][ T3548]  do_sys_ftruncate+0x2e2/0x380
[   61.010623][ T3548]  do_syscall_64+0x3d/0xb0
[   61.015075][ T3548]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   61.020994][ T3548] RIP: 0033:0x7fbe296d8739
[   61.025419][ T3548] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   61.045034][ T3548] RSP: 002b:00007fff0e468308 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[   61.053459][ T3548] RAX: ffffffffffffffda RBX: 00007fff0e4684d8 RCX: 00007fbe296d8739
[   61.061441][ T3548] RDX: 00007fbe296d8739 RSI: 0000000002007fff RDI: 0000000000000005
[   61.069422][ T3548] RBP: 00007fbe2974c610 R08: 00007fff0e4684d8 R09: 00007fff0e4684d8
[   61.077399][ T3548] R10: 00007fff0e4684d8 R11: 0000000000000246 R12: 0000000000000001
[   61.085379][ T3548] R13: 00007fff0e4684c8 R14: 0000000000000001 R15: 0000000000000001
[   61.093365][ T3548]  </TASK>
[   61.096591][ T3548] Kernel Offset: disabled
[   61.100923][ T3548] Rebooting in 86400 seconds..