DUID 00:04:9a:9b:60:6a:39:26:c8:65:2f:c5:16:4d:58:03:30:c2
forked to background, child pid 3175
[ 29.542211][ T3176] 8021q: adding VLAN 0 to HW filter on device bond0
[ 29.558545][ T3176] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
syzkaller login: [ 76.359760][ T1860] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.131' (ED25519) to the list of known hosts.
executing program
[ 142.409978][ T3519] loop0: detected capacity change from 0 to 8192
[ 142.490307][ T3519] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 142.500029][ T3519] REISERFS (device loop0): using ordered data mode
[ 142.506571][ T3519] reiserfs: using flush barriers
[ 142.513123][ T3519] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 142.530143][ T3519] REISERFS (device loop0): checking transaction log (loop0)
[ 142.585493][ T3519] REISERFS (device loop0): Using tea hash to sort names
[ 142.593687][ T3519] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 142.642669][ T3519] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 142.653289][ T3519] REISERFS (device loop0): Remounting filesystem read-only
[ 142.661417][ T3519] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 142.672032][ T3519] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 142.682624][ T3519] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 142.692778][ T3519] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 142.703076][ T3519] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 142.894217][ T3522] loop0: detected capacity change from 0 to 8192
[ 142.989213][ T3522] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 142.998764][ T3522] REISERFS (device loop0): using ordered data mode
[ 143.005406][ T3522] reiserfs: using flush barriers
[ 143.012326][ T3522] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 143.028920][ T3522] REISERFS (device loop0): checking transaction log (loop0)
[ 143.082306][ T3522] REISERFS (device loop0): Using tea hash to sort names
[ 143.089651][ T3522] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 143.141833][ T3522] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 143.152686][ T3522] REISERFS (device loop0): Remounting filesystem read-only
[ 143.160497][ T3522] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 143.171315][ T3522] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 143.182509][ T3522] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 143.192910][ T3522] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 143.203341][ T3522] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 143.341974][ T3524] loop0: detected capacity change from 0 to 8192
[ 143.429183][ T3524] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 143.438699][ T3524] REISERFS (device loop0): using ordered data mode
[ 143.445324][ T3524] reiserfs: using flush barriers
[ 143.451589][ T3524] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 143.468242][ T3524] REISERFS (device loop0): checking transaction log (loop0)
[ 143.521865][ T3524] REISERFS (device loop0): Using tea hash to sort names
[ 143.529197][ T3524] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 143.561608][ T3524] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 143.572210][ T3524] REISERFS (device loop0): Remounting filesystem read-only
[ 143.580195][ T3524] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 143.590962][ T3524] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 143.601602][ T3524] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 143.611799][ T3524] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 143.622190][ T3524] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 143.769699][ T3526] loop0: detected capacity change from 0 to 8192
[ 143.827249][ T3526] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 143.836776][ T3526] REISERFS (device loop0): using ordered data mode
[ 143.843629][ T3526] reiserfs: using flush barriers
[ 143.852132][ T3526] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 143.868755][ T3526] REISERFS (device loop0): checking transaction log (loop0)
[ 143.923867][ T3526] REISERFS (device loop0): Using tea hash to sort names
[ 143.931131][ T3526] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 143.961740][ T3526] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 143.972298][ T3526] REISERFS (device loop0): Remounting filesystem read-only
[ 143.979824][ T3526] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 143.990518][ T3526] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 144.001154][ T3526] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 144.011386][ T3526] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 144.021658][ T3526] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 144.180144][ T3528] loop0: detected capacity change from 0 to 8192
[ 144.238054][ T3528] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 144.247552][ T3528] REISERFS (device loop0): using ordered data mode
[ 144.254410][ T3528] reiserfs: using flush barriers
[ 144.261193][ T3528] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 144.278482][ T3528] REISERFS (device loop0): checking transaction log (loop0)
[ 144.328278][ T3528] REISERFS (device loop0): Using tea hash to sort names
[ 144.335434][ T3528] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 144.371458][ T3528] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 144.382038][ T3528] REISERFS (device loop0): Remounting filesystem read-only
[ 144.390275][ T3528] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 144.401033][ T3528] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 144.411788][ T3528] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 144.422141][ T3528] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 144.432568][ T3528] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 144.569153][ T3530] loop0: detected capacity change from 0 to 8192
[ 144.639391][ T3530] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 144.648866][ T3530] REISERFS (device loop0): using ordered data mode
[ 144.655409][ T3530] reiserfs: using flush barriers
[ 144.661954][ T3530] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 144.678515][ T3530] REISERFS (device loop0): checking transaction log (loop0)
[ 144.729809][ T3530] REISERFS (device loop0): Using tea hash to sort names
[ 144.737283][ T3530] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 144.772000][ T3530] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 144.782698][ T3530] REISERFS (device loop0): Remounting filesystem read-only
[ 144.790311][ T3530] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 144.801117][ T3530] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 144.811777][ T3530] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 144.822119][ T3530] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 144.832899][ T3530] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 144.982988][ T3532] loop0: detected capacity change from 0 to 8192
[ 145.042710][ T3532] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 145.052329][ T3532] REISERFS (device loop0): using ordered data mode
[ 145.059337][ T3532] reiserfs: using flush barriers
[ 145.065237][ T3532] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 145.082104][ T3532] REISERFS (device loop0): checking transaction log (loop0)
[ 145.136602][ T3532] REISERFS (device loop0): Using tea hash to sort names
[ 145.143837][ T3532] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 145.181793][ T3532] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 11822 (1024)
[ 145.192501][ T3532] REISERFS (device loop0): Remounting filesystem read-only
[ 145.200724][ T3532] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 265880 (1024)
[ 145.211837][ T3532] REISERFS error (device loop0): vs-4010 is_reusable: block number is out of range 593568 (1024)
[ 145.222664][ T3532] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 145.232886][ T3532] REISERFS error (device loop0): vs-4080 _reiserfs_free_block: block 1: bit already cleared
[ 145.243310][ T3532] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 5 on readonly FS
executing program
[ 145.413973][ T3534] loop0: detected capacity change from 0 to 8192
[ 145.539199][ T3534] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 145.548809][ T3534] REISERFS (device loop0): using ordered data mode
[ 145.555451][ T3534] reiserfs: using flush barriers
[ 145.561985][ T3534] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 145.578813][ T3534] REISERFS (device loop0): checking transaction log (loop0)
[ 145.633093][ T3534] REISERFS (device loop0): Using tea hash to sort names
[ 145.640472][ T3534] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 145.682309][ T3534] ==================================================================
[ 145.690615][ T3534] BUG: KASAN: use-after-free in leaf_paste_in_buffer+0x631/0xab0
[ 145.698378][ T3534] Read of size 48 at addr ffff888070720ff0 by task syz-executor222/3534
[ 145.706857][ T3534]
[ 145.709300][ T3534] CPU: 1 PID: 3534 Comm: syz-executor222 Not tainted 5.15.158-syzkaller #0
[ 145.718014][ T3534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 145.728071][ T3534] Call Trace:
[ 145.731369][ T3534]
[ 145.734295][ T3534] dump_stack_lvl+0x1e3/0x2d0
[ 145.738976][ T3534] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 145.744629][ T3534] ? _printk+0xd1/0x120
[ 145.749063][ T3534] ? __wake_up_klogd+0xcc/0x100
[ 145.753928][ T3534] ? panic+0x860/0x860
[ 145.758221][ T3534] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 145.763684][ T3534] ? validate_chain+0x112/0x5930
[ 145.768718][ T3534] ? mark_lock+0x98/0x340
[ 145.773076][ T3534] print_address_description+0x63/0x3b0
[ 145.778622][ T3534] ? leaf_paste_in_buffer+0x631/0xab0
[ 145.784004][ T3534] kasan_report+0x16b/0x1c0
[ 145.788538][ T3534] ? leaf_paste_in_buffer+0x631/0xab0
[ 145.793929][ T3534] kasan_check_range+0x27e/0x290
[ 145.798881][ T3534] ? leaf_paste_in_buffer+0x631/0xab0
[ 145.804255][ T3534] memcpy+0x25/0x60
[ 145.808123][ T3534] leaf_paste_in_buffer+0x631/0xab0
[ 145.813363][ T3534] leaf_copy_dir_entries+0x71a/0xc60
[ 145.818658][ T3534] ? unwind_next_frame+0x1437/0x1fa0
[ 145.823954][ T3534] ? leaf_copy_items_entirely+0xee0/0xee0
[ 145.829714][ T3534] ? __lock_acquire+0x1295/0x1ff0
[ 145.834740][ T3534] leaf_copy_boundary_item+0xbbe/0x21b0
[ 145.840421][ T3534] ? get_right_neighbor_position+0x14f/0x210
[ 145.846417][ T3534] leaf_move_items+0xcd0/0x28a0
[ 145.851309][ T3534] ? journal_mark_dirty+0xb7e/0xe30
[ 145.856518][ T3534] ? reiserfs_convert_objectid_map_v1+0x450/0x450
[ 145.862930][ T3534] ? __lock_acquire+0x1295/0x1ff0
[ 145.867980][ T3534] ? do_raw_spin_unlock+0x137/0x8b0
[ 145.873214][ T3534] ? _raw_spin_unlock+0x24/0x40
[ 145.878075][ T3534] balance_leaf+0xd479/0x12510
[ 145.882870][ T3534] ? do_balance+0x8f0/0x8f0
[ 145.887369][ T3534] ? __mutex_trylock_common+0x17e/0x2e0
[ 145.892943][ T3534] ? __might_sleep+0xc0/0xc0
[ 145.897534][ T3534] ? rcu_lock_release+0x20/0x20
[ 145.902385][ T3534] ? ____kasan_kmalloc+0xd1/0xf0
[ 145.907321][ T3534] ? __mutex_lock_common+0x444/0x25a0
[ 145.912696][ T3534] ? __mutex_unlock_slowpath+0x218/0x750
[ 145.918325][ T3534] ? reiserfs_write_lock_nested+0x5b/0xd0
[ 145.924041][ T3534] ? get_empty_nodes+0x7ec/0xd70
[ 145.928976][ T3534] ? mutex_lock_io_nested+0x60/0x60
[ 145.934290][ T3534] ? get_neighbors+0x1010/0x1010
[ 145.939247][ T3534] ? create_virtual_node+0x1b7/0x1bf0
[ 145.944622][ T3534] ? __wake_up_bit+0x190/0x190
[ 145.949390][ T3534] ? reiserfs_write_lock_nested+0x5b/0xd0
[ 145.955204][ T3534] ? get_neighbors+0x631/0x1010
[ 145.960055][ T3534] ? reiserfs_prepare_for_journal+0x26b/0x280
[ 145.966122][ T3534] ? fix_nodes+0x7abc/0x8c70
[ 145.970721][ T3534] ? reiserfs_restore_prepared_buffer+0x2de/0x300
[ 145.977148][ T3534] do_balance+0x309/0x8f0
[ 145.981486][ T3534] ? get_right_neighbor_position+0x210/0x210
[ 145.987464][ T3534] ? reiserfs_delete_item+0x1030/0x1030
[ 145.993017][ T3534] reiserfs_cut_from_item+0x1945/0x2560
[ 145.998580][ T3534] ? reiserfs_do_truncate+0x15b0/0x15b0
[ 146.004210][ T3534] ? search_by_key+0x4730/0x4730
[ 146.009190][ T3534] ? journal_transaction_should_end+0x298/0x3f0
[ 146.015433][ T3534] reiserfs_do_truncate+0xa12/0x15b0
[ 146.020729][ T3534] ? reiserfs_delete_object+0x1a0/0x1a0
[ 146.026283][ T3534] ? up_write+0x19d/0x580
[ 146.030613][ T3534] ? journal_begin+0x1ef/0x350
[ 146.035373][ T3534] reiserfs_truncate_file+0x638/0xda0
[ 146.040751][ T3534] ? reiserfs_new_symlink+0x760/0x760
[ 146.046391][ T3534] ? truncate_setsize+0xcb/0xf0
[ 146.051244][ T3534] reiserfs_setattr+0xa4d/0xf90
[ 146.056119][ T3534] ? reiserfs_commit_write+0x5a0/0x5a0
[ 146.061684][ T3534] ? ktime_get_coarse_real_ts64+0x107/0x120
[ 146.067585][ T3534] ? current_time+0x1d1/0x2f0
[ 146.073354][ T3534] ? atime_needs_update+0x7b0/0x7b0
[ 146.079108][ T3534] ? evm_inode_setattr+0xf7/0x5b0
[ 146.084178][ T3534] ? rwsem_write_trylock+0x166/0x210
[ 146.089468][ T3534] ? bpf_lsm_inode_setattr+0x5/0x10
[ 146.094669][ T3534] ? security_inode_setattr+0xce/0x120
[ 146.100700][ T3534] ? reiserfs_commit_write+0x5a0/0x5a0
[ 146.106179][ T3534] notify_change+0xc6d/0xf50
[ 146.110812][ T3534] do_truncate+0x21c/0x300
[ 146.115250][ T3534] ? rcu_lock_release+0x20/0x20
[ 146.120600][ T3534] ? ima_bprm_check+0x2b0/0x2b0
[ 146.125464][ T3534] ? bpf_lsm_path_truncate+0x5/0x10
[ 146.130694][ T3534] path_openat+0x28a3/0x2f20
[ 146.135441][ T3534] ? do_filp_open+0x460/0x460
[ 146.140155][ T3534] do_filp_open+0x21c/0x460
[ 146.144676][ T3534] ? vfs_tmpfile+0x2e0/0x2e0
[ 146.149283][ T3534] ? _raw_spin_unlock+0x24/0x40
[ 146.154139][ T3534] ? alloc_fd+0x594/0x630
[ 146.158473][ T3534] do_sys_openat2+0x13b/0x500
[ 146.163147][ T3534] ? read_lock_is_recursive+0x10/0x10
[ 146.168606][ T3534] ? __context_tracking_exit+0x4c/0x80
[ 146.174064][ T3534] ? do_sys_open+0x220/0x220
[ 146.178650][ T3534] ? rcu_is_watching+0x11/0xa0
[ 146.183611][ T3534] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 146.189592][ T3534] __x64_sys_creat+0x11f/0x160
[ 146.194444][ T3534] ? __x64_compat_sys_openat+0x290/0x290
[ 146.200083][ T3534] ? syscall_enter_from_user_mode+0x2e/0x240
[ 146.206071][ T3534] ? lockdep_hardirqs_on+0x94/0x130
[ 146.211349][ T3534] ? syscall_enter_from_user_mode+0x2e/0x240
[ 146.217339][ T3534] do_syscall_64+0x3b/0xb0
[ 146.221763][ T3534] ? clear_bhb_loop+0x15/0x70
[ 146.226443][ T3534] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 146.232338][ T3534] RIP: 0033:0x7f637f650229
[ 146.236751][ T3534] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 146.256365][ T3534] RSP: 002b:00007ffcf9f17e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 146.264810][ T3534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f637f650229
[ 146.272795][ T3534] RDX: 00007f637f650229 RSI: 0000000000000000 RDI: 00000000200001c0
[ 146.280790][ T3534] RBP: 0000000000000000 R08: 00007ffcf9f17eb0 R09: 00007ffcf9f17eb0
[ 146.288788][ T3534] R10: 00007ffcf9f17eb0 R11: 0000000000000246 R12: 00007ffcf9f17e9c
[ 146.296888][ T3534] R13: 0000000000000007 R14: 431bde82d7b634db R15: 00007ffcf9f17ed0
[ 146.304885][ T3534]
[ 146.307913][ T3534]
[ 146.310238][ T3534] The buggy address belongs to the page:
[ 146.315858][ T3534] page:ffffea0001c1c800 refcount:2 mapcount:0 mapping:ffff88814088daf0 index:0x224 pfn:0x70720
[ 146.326180][ T3534] memcg:ffff888011e84000
[ 146.330425][ T3534] aops:def_blk_aops ino:700000
[ 146.335304][ T3534] flags: 0xfff00000002032(referenced|lru|active|private|node=0|zone=1|lastcpupid=0x7ff)
[ 146.345041][ T3534] raw: 00fff00000002032 ffffea0001c13048 ffffea0001c32988 ffff88814088daf0
[ 146.353640][ T3534] raw: 0000000000000224 ffff8880736fcae0 00000002ffffffff ffff888011e84000
[ 146.362233][ T3534] page dumped because: kasan: bad access detected
[ 146.368654][ T3534] page_owner tracks the page as allocated
[ 146.374449][ T3534] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 3534, ts 145655642381, free_ts 144844477721
[ 146.391717][ T3534] get_page_from_freelist+0x322a/0x33c0
[ 146.397267][ T3534] __alloc_pages+0x272/0x700
[ 146.401847][ T3534] __page_cache_alloc+0xd4/0x4a0
[ 146.406776][ T3534] pagecache_get_page+0xa91/0x1010
[ 146.411902][ T3534] __getblk_gfp+0x22a/0xaf0
[ 146.416400][ T3534] get_empty_nodes+0x8c1/0xd70
[ 146.421158][ T3534] fix_nodes+0x2615/0x8c70
[ 146.425569][ T3534] reiserfs_paste_into_item+0x65d/0x880
[ 146.431105][ T3534] reiserfs_get_block+0x226a/0x5390
[ 146.436296][ T3534] __block_write_begin_int+0x60b/0x1650
[ 146.441877][ T3534] reiserfs_write_begin+0x346/0x810
[ 146.447083][ T3534] generic_cont_expand_simple+0x144/0x230
[ 146.457030][ T3534] reiserfs_setattr+0x3ff/0xf90
[ 146.461911][ T3534] notify_change+0xc6d/0xf50
[ 146.466500][ T3534] do_truncate+0x21c/0x300
[ 146.470910][ T3534] do_sys_ftruncate+0x2eb/0x390
[ 146.475769][ T3534] page last free stack trace:
[ 146.480562][ T3534] free_unref_page_prepare+0xc34/0xcf0
[ 146.486042][ T3534] free_unref_page_list+0x1f7/0x8e0
[ 146.491259][ T3534] release_pages+0x1bb9/0x1f40
[ 146.496024][ T3534] tlb_finish_mmu+0x177/0x320
[ 146.500695][ T3534] exit_mmap+0x3cd/0x670
[ 146.504950][ T3534] __mmput+0x112/0x3b0
[ 146.509016][ T3534] exit_mm+0x688/0x7f0
[ 146.513099][ T3534] do_exit+0x626/0x2480
[ 146.517256][ T3534] do_group_exit+0x144/0x310
[ 146.521846][ T3534] __x64_sys_exit_group+0x3b/0x40
[ 146.526867][ T3534] do_syscall_64+0x3b/0xb0
[ 146.531278][ T3534] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 146.537175][ T3534]
[ 146.539501][ T3534] Memory state around the buggy address:
[ 146.545120][ T3534] ffff888070720f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 146.553179][ T3534] ffff888070720f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 146.561236][ T3534] >ffff888070721000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 146.569302][ T3534] ^
[ 146.573359][ T3534] ffff888070721080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 146.581567][ T3534] ffff888070721100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 146.589631][ T3534] ==================================================================
[ 146.597682][ T3534] Disabling lock debugging due to kernel taint
[ 146.604085][ T3534] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 146.611403][ T3534] CPU: 0 PID: 3534 Comm: syz-executor222 Tainted: G B 5.15.158-syzkaller #0
[ 146.621400][ T3534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 146.631452][ T3534] Call Trace:
[ 146.634726][ T3534]
[ 146.637706][ T3534] dump_stack_lvl+0x1e3/0x2d0
[ 146.642447][ T3534] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 146.648095][ T3534] ? panic+0x860/0x860
[ 146.652170][ T3534] ? preempt_schedule_common+0xa6/0xd0
[ 146.657647][ T3534] ? preempt_schedule+0xd9/0xe0
[ 146.662503][ T3534] panic+0x318/0x860
[ 146.666421][ T3534] ? check_panic_on_warn+0x1d/0xa0
[ 146.671533][ T3534] ? fb_is_primary_device+0xd0/0xd0
[ 146.676737][ T3534] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 146.682718][ T3534] ? _raw_spin_unlock+0x40/0x40
[ 146.687566][ T3534] check_panic_on_warn+0x7e/0xa0
[ 146.692499][ T3534] ? leaf_paste_in_buffer+0x631/0xab0
[ 146.697889][ T3534] end_report+0x6d/0xf0
[ 146.702042][ T3534] kasan_report+0x18e/0x1c0
[ 146.706560][ T3534] ? leaf_paste_in_buffer+0x631/0xab0
[ 146.711930][ T3534] kasan_check_range+0x27e/0x290
[ 146.716862][ T3534] ? leaf_paste_in_buffer+0x631/0xab0
[ 146.722350][ T3534] memcpy+0x25/0x60
[ 146.726156][ T3534] leaf_paste_in_buffer+0x631/0xab0
[ 146.731357][ T3534] leaf_copy_dir_entries+0x71a/0xc60
[ 146.736669][ T3534] ? unwind_next_frame+0x1437/0x1fa0
[ 146.741961][ T3534] ? leaf_copy_items_entirely+0xee0/0xee0
[ 146.747681][ T3534] ? __lock_acquire+0x1295/0x1ff0
[ 146.752704][ T3534] leaf_copy_boundary_item+0xbbe/0x21b0
[ 146.758252][ T3534] ? get_right_neighbor_position+0x14f/0x210
[ 146.764265][ T3534] leaf_move_items+0xcd0/0x28a0
[ 146.769118][ T3534] ? journal_mark_dirty+0xb7e/0xe30
[ 146.774312][ T3534] ? reiserfs_convert_objectid_map_v1+0x450/0x450
[ 146.780732][ T3534] ? __lock_acquire+0x1295/0x1ff0
[ 146.785854][ T3534] ? do_raw_spin_unlock+0x137/0x8b0
[ 146.791082][ T3534] ? _raw_spin_unlock+0x24/0x40
[ 146.795943][ T3534] balance_leaf+0xd479/0x12510
[ 146.800723][ T3534] ? do_balance+0x8f0/0x8f0
[ 146.805230][ T3534] ? __mutex_trylock_common+0x17e/0x2e0
[ 146.810796][ T3534] ? __might_sleep+0xc0/0xc0
[ 146.815408][ T3534] ? rcu_lock_release+0x20/0x20
[ 146.820253][ T3534] ? ____kasan_kmalloc+0xd1/0xf0
[ 146.825192][ T3534] ? __mutex_lock_common+0x444/0x25a0
[ 146.830563][ T3534] ? __mutex_unlock_slowpath+0x218/0x750
[ 146.836199][ T3534] ? reiserfs_write_lock_nested+0x5b/0xd0
[ 146.842140][ T3534] ? get_empty_nodes+0x7ec/0xd70
[ 146.847098][ T3534] ? mutex_lock_io_nested+0x60/0x60
[ 146.852337][ T3534] ? get_neighbors+0x1010/0x1010
[ 146.857456][ T3534] ? create_virtual_node+0x1b7/0x1bf0
[ 146.862846][ T3534] ? __wake_up_bit+0x190/0x190
[ 146.867608][ T3534] ? reiserfs_write_lock_nested+0x5b/0xd0
[ 146.873343][ T3534] ? get_neighbors+0x631/0x1010
[ 146.878193][ T3534] ? reiserfs_prepare_for_journal+0x26b/0x280
[ 146.884346][ T3534] ? fix_nodes+0x7abc/0x8c70
[ 146.888939][ T3534] ? reiserfs_restore_prepared_buffer+0x2de/0x300
[ 146.895454][ T3534] do_balance+0x309/0x8f0
[ 146.899800][ T3534] ? get_right_neighbor_position+0x210/0x210
[ 146.905782][ T3534] ? reiserfs_delete_item+0x1030/0x1030
[ 146.911449][ T3534] reiserfs_cut_from_item+0x1945/0x2560
[ 146.917005][ T3534] ? reiserfs_do_truncate+0x15b0/0x15b0
[ 146.922586][ T3534] ? search_by_key+0x4730/0x4730
[ 146.927614][ T3534] ? journal_transaction_should_end+0x298/0x3f0
[ 146.933881][ T3534] reiserfs_do_truncate+0xa12/0x15b0
[ 146.939168][ T3534] ? reiserfs_delete_object+0x1a0/0x1a0
[ 146.944718][ T3534] ? up_write+0x19d/0x580
[ 146.949051][ T3534] ? journal_begin+0x1ef/0x350
[ 146.953813][ T3534] reiserfs_truncate_file+0x638/0xda0
[ 146.959192][ T3534] ? reiserfs_new_symlink+0x760/0x760
[ 146.964570][ T3534] ? truncate_setsize+0xcb/0xf0
[ 146.969505][ T3534] reiserfs_setattr+0xa4d/0xf90
[ 146.974354][ T3534] ? reiserfs_commit_write+0x5a0/0x5a0
[ 146.979826][ T3534] ? ktime_get_coarse_real_ts64+0x107/0x120
[ 146.985737][ T3534] ? current_time+0x1d1/0x2f0
[ 146.990413][ T3534] ? atime_needs_update+0x7b0/0x7b0
[ 146.995610][ T3534] ? evm_inode_setattr+0xf7/0x5b0
[ 147.000658][ T3534] ? rwsem_write_trylock+0x166/0x210
[ 147.006022][ T3534] ? bpf_lsm_inode_setattr+0x5/0x10
[ 147.011239][ T3534] ? security_inode_setattr+0xce/0x120
[ 147.016727][ T3534] ? reiserfs_commit_write+0x5a0/0x5a0
[ 147.022223][ T3534] notify_change+0xc6d/0xf50
[ 147.026836][ T3534] do_truncate+0x21c/0x300
[ 147.031255][ T3534] ? rcu_lock_release+0x20/0x20
[ 147.036105][ T3534] ? ima_bprm_check+0x2b0/0x2b0
[ 147.041160][ T3534] ? bpf_lsm_path_truncate+0x5/0x10
[ 147.046376][ T3534] path_openat+0x28a3/0x2f20
[ 147.050988][ T3534] ? do_filp_open+0x460/0x460
[ 147.055691][ T3534] do_filp_open+0x21c/0x460
[ 147.060333][ T3534] ? vfs_tmpfile+0x2e0/0x2e0
[ 147.064954][ T3534] ? _raw_spin_unlock+0x24/0x40
[ 147.069826][ T3534] ? alloc_fd+0x594/0x630
[ 147.074178][ T3534] do_sys_openat2+0x13b/0x500
[ 147.078868][ T3534] ? read_lock_is_recursive+0x10/0x10
[ 147.084254][ T3534] ? __context_tracking_exit+0x4c/0x80
[ 147.089723][ T3534] ? do_sys_open+0x220/0x220
[ 147.094358][ T3534] ? rcu_is_watching+0x11/0xa0
[ 147.099157][ T3534] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 147.105247][ T3534] __x64_sys_creat+0x11f/0x160
[ 147.110050][ T3534] ? __x64_compat_sys_openat+0x290/0x290
[ 147.115707][ T3534] ? syscall_enter_from_user_mode+0x2e/0x240
[ 147.121722][ T3534] ? lockdep_hardirqs_on+0x94/0x130
[ 147.127089][ T3534] ? syscall_enter_from_user_mode+0x2e/0x240
[ 147.133183][ T3534] do_syscall_64+0x3b/0xb0
[ 147.137600][ T3534] ? clear_bhb_loop+0x15/0x70
[ 147.142273][ T3534] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 147.148162][ T3534] RIP: 0033:0x7f637f650229
[ 147.152573][ T3534] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 147.172200][ T3534] RSP: 002b:00007ffcf9f17e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 147.180618][ T3534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f637f650229
[ 147.188603][ T3534] RDX: 00007f637f650229 RSI: 0000000000000000 RDI: 00000000200001c0
[ 147.196612][ T3534] RBP: 0000000000000000 R08: 00007ffcf9f17eb0 R09: 00007ffcf9f17eb0
[ 147.204610][ T3534] R10: 00007ffcf9f17eb0 R11: 0000000000000246 R12: 00007ffcf9f17e9c
[ 147.212579][ T3534] R13: 0000000000000007 R14: 431bde82d7b634db R15: 00007ffcf9f17ed0
[ 147.220556][ T3534]
[ 147.223756][ T3534] Kernel Offset: disabled
[ 147.228077][ T3534] Rebooting in 86400 seconds..