./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor500838583

<...>
Warning: Permanently added '10.128.0.151' (ED25519) to the list of known hosts.
execve("./syz-executor500838583", ["./syz-executor500838583"], 0x7ffcb29d57a0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556d49000
brk(0x555556d49d00)                     = 0x555556d49d00
arch_prctl(ARCH_SET_FS, 0x555556d49380) = 0
set_tid_address(0x555556d49650)         = 5035
set_robust_list(0x555556d49660, 24)     = 0
rseq(0x555556d49ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor500838583", 4096) = 27
getrandom("\xe2\xa2\x5d\x74\x27\xdd\x87\xcc", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556d49d00
brk(0x555556d6ad00)                     = 0x555556d6ad00
brk(0x555556d6b000)                     = 0x555556d6b000
mprotect(0x7f143edea000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d49650) = 5036
./strace-static-x86_64: Process 5036 attached
[pid  5036] set_robust_list(0x555556d49660, 24) = 0
[pid  5036] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5036] setsid()                    = 1
[pid  5036] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5036] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5036] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5036] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5036] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5036] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5036] unshare(CLONE_NEWNS)        = 0
[pid  5036] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5036] unshare(CLONE_NEWIPC)       = 0
[pid  5036] unshare(CLONE_NEWCGROUP)    = 0
[pid  5036] unshare(CLONE_NEWUTS)       = 0
[pid  5036] unshare(CLONE_SYSVSEM)      = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "16777216", 8)     = 8
[pid  5036] close(3)                    = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "536870912", 9)    = 9
[pid  5036] close(3)                    = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "1024", 4)         = 4
[pid  5036] close(3)                    = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "8192", 4)         = 4
[pid  5036] close(3)                    = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "1024", 4)         = 4
[pid  5036] close(3)                    = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "1024", 4)         = 4
[pid  5036] close(3)                    = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5036] close(3)                    = 0
[pid  5036] getpid()                    = 1
[pid  5036] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5036] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5036] unshare(CLONE_NEWNET)       = 0
[pid  5036] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5036] write(3, "0 65535", 7)      = 7
[pid  5036] close(3)                    = 0
[pid  5036] mkdir("/dev/binderfs", 0777) = 0
[pid  5036] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5036] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5036] memfd_create("syzkaller", 0) = 3
[pid  5036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1436937000
[pid  5036] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304
[pid  5036] munmap(0x7f1436937000, 4194304) = 0
[pid  5036] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5036] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5036] close(3)                    = 0
[pid  5036] mkdir("./file0", 0777)      = 0
[   56.197045][ T5036] syz-executor500[5036]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   56.235786][ T5036] loop0: detected capacity change from 0 to 8192
[   56.245238][ T5036] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   56.258267][ T5036] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   56.267553][ T5036] REISERFS (device loop0): using ordered data mode
[   56.274104][ T5036] reiserfs: using flush barriers
[   56.280263][ T5036] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30
[pid  5036] mount("/dev/loop0", "./file0", "reiserfs", MS_RDONLY|MS_SILENT, "") = 0
[pid  5036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  5036] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5036] close(4)                    = 0
[pid  5036] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4
[pid  5036] mount("/dev/loop0", "./bus", NULL, MS_NOEXEC|MS_BIND, NULL) = 0
[pid  5036] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[   56.296902][ T5036] REISERFS (device loop0): checking transaction log (loop0)
[   56.305182][ T5036] REISERFS (device loop0): Using r5 hash to sort names
[pid  5036] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 4194304
[pid  5036] exit_group(1)               = ?
[   56.395833][ T5036] ==================================================================
[   56.403952][ T5036] BUG: KASAN: vmalloc-out-of-bounds in cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   56.412833][ T5036] Read of size 8 at addr ffffc90000b1e008 by task syz-executor500/5036
[   56.421065][ T5036] 
[   56.423371][ T5036] CPU: 0 PID: 5036 Comm: syz-executor500 Not tainted 6.5.0-syzkaller-09276-g99d99825fc07 #0
[   56.433414][ T5036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   56.443449][ T5036] Call Trace:
[   56.446710][ T5036]  <TASK>
[   56.449727][ T5036]  dump_stack_lvl+0xd9/0x1b0
[   56.454327][ T5036]  print_report+0xc4/0x620
[   56.458753][ T5036]  ? __virt_addr_valid+0x5e/0x2d0
[   56.463777][ T5036]  kasan_report+0xda/0x110
[   56.468193][ T5036]  ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   56.474252][ T5036]  ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   56.480131][ T5036]  cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   56.485842][ T5036]  ? work_on_cpu_safe+0xb0/0xb0
[   56.490684][ T5036]  free_journal_ram+0x160/0x650
[   56.495547][ T5036]  ? do_raw_spin_unlock+0x173/0x230
[   56.500740][ T5036]  ? _raw_spin_unlock+0x28/0x40
[   56.505576][ T5036]  journal_release+0x2a4/0x660
[   56.510329][ T5036]  ? reiserfs_end_persistent_transaction+0x1b0/0x1b0
[   56.517000][ T5036]  reiserfs_put_super+0xe9/0x5c0
[   56.521920][ T5036]  ? reiserfs_quota_read+0x4e0/0x4e0
[   56.527189][ T5036]  ? fscrypt_destroy_keyring+0x1e/0x390
[   56.532718][ T5036]  ? reiserfs_quota_read+0x4e0/0x4e0
[   56.537981][ T5036]  generic_shutdown_super+0x161/0x3c0
[   56.543342][ T5036]  kill_block_super+0x3b/0x70
[   56.548094][ T5036]  deactivate_locked_super+0x9a/0x170
[   56.553468][ T5036]  deactivate_super+0xde/0x100
[   56.558221][ T5036]  cleanup_mnt+0x222/0x3d0
[   56.562627][ T5036]  task_work_run+0x14d/0x240
[   56.567212][ T5036]  ? task_work_cancel+0x30/0x30
[   56.572059][ T5036]  ? __put_net+0x61/0x70
[   56.576296][ T5036]  do_exit+0xa99/0x2a20
[   56.580437][ T5036]  ? do_group_exit+0x1c5/0x2a0
[   56.585193][ T5036]  ? reacquire_held_locks+0x4b0/0x4b0
[   56.590583][ T5036]  ? do_raw_spin_lock+0x12e/0x2b0
[   56.595602][ T5036]  ? mm_update_next_owner+0x850/0x850
[   56.600964][ T5036]  ? spin_bug+0x1d0/0x1d0
[   56.605289][ T5036]  ? rcu_is_watching+0x12/0xb0
[   56.610037][ T5036]  do_group_exit+0xd4/0x2a0
[   56.614528][ T5036]  __x64_sys_exit_group+0x3e/0x50
[   56.619543][ T5036]  do_syscall_64+0x38/0xb0
[   56.623946][ T5036]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.629823][ T5036] RIP: 0033:0x7f143ed73809
[   56.634222][ T5036] Code: Unable to access opcode bytes at 0x7f143ed737df.
[   56.641212][ T5036] RSP: 002b:00007fffe6a757e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   56.649601][ T5036] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f143ed73809
[   56.657557][ T5036] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   56.665511][ T5036] RBP: 00007f143edf02d0 R08: ffffffffffffffb8 R09: 00007fffe6a758c0
[   56.673475][ T5036] R10: 00007fffe6a758c0 R11: 0000000000000246 R12: 00007f143edf02d0
[   56.681467][ T5036] R13: 0000000000000000 R14: 00007f143edf1040 R15: 00007f143ed41d40
[   56.689556][ T5036]  </TASK>
[   56.692564][ T5036] 
[   56.694890][ T5036] The buggy address belongs to the virtual mapping at
[   56.694890][ T5036]  [ffffc90000b1e000, ffffc90000b20000) created by:
[   56.694890][ T5036]  reiserfs_allocate_list_bitmaps+0x58/0x1c0
[   56.714007][ T5036] 
[   56.716319][ T5036] The buggy address belongs to the physical page:
[   56.722712][ T5036] page:ffffea0001d05400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x74150
[   56.732875][ T5036] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   56.739997][ T5036] page_type: 0xffffffff()
[   56.744334][ T5036] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[   56.752910][ T5036] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   56.761479][ T5036] page dumped because: kasan: bad access detected
[   56.767881][ T5036] page_owner tracks the page as allocated
[   56.773600][ T5036] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5036, tgid 5036 (syz-executor500), ts 56279616304, free_ts 45227057643
[   56.793039][ T5036]  post_alloc_hook+0x2cf/0x340
[   56.797800][ T5036]  get_page_from_freelist+0x10a9/0x31e0
[   56.803430][ T5036]  __alloc_pages+0x1d0/0x4a0
[   56.808005][ T5036]  __alloc_pages_bulk+0x77a/0x1110
[   56.813115][ T5036]  alloc_pages_bulk_array_mempolicy+0x1ca/0x370
[   56.819361][ T5036]  __vmalloc_node_range+0xd08/0x1540
[   56.824634][ T5036]  vzalloc+0x6b/0x80
[   56.828514][ T5036]  reiserfs_allocate_list_bitmaps+0x58/0x1c0
[   56.834498][ T5036]  journal_init+0x3e2/0x64b0
[   56.839083][ T5036]  reiserfs_fill_super+0xcc6/0x3150
[   56.844271][ T5036]  mount_bdev+0x1f3/0x2e0
[   56.848581][ T5036]  legacy_get_tree+0x109/0x220
[   56.853332][ T5036]  vfs_get_tree+0x8c/0x370
[   56.857760][ T5036]  path_mount+0x1492/0x1ed0
[   56.862251][ T5036]  __x64_sys_mount+0x293/0x310
[   56.866996][ T5036]  do_syscall_64+0x38/0xb0
[   56.871398][ T5036] page last free stack trace:
[   56.876059][ T5036]  free_unref_page_prepare+0x476/0xa40
[   56.881515][ T5036]  free_unref_page+0x33/0x3b0
[   56.886182][ T5036]  __folio_put+0xc3/0x110
[   56.890513][ T5036]  anon_pipe_buf_release+0x3fa/0x4b0
[   56.895779][ T5036]  pipe_read+0x635/0x1270
[   56.900089][ T5036]  vfs_read+0x7ef/0x930
[   56.904227][ T5036]  ksys_read+0x1f0/0x250
[   56.908450][ T5036]  do_syscall_64+0x38/0xb0
[   56.912852][ T5036]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.918764][ T5036] 
[   56.921069][ T5036] Memory state around the buggy address:
[   56.926695][ T5036]  ffffc90000b1df00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   56.934740][ T5036]  ffffc90000b1df80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   56.942778][ T5036] >ffffc90000b1e000: 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   56.950816][ T5036]                       ^
[   56.955122][ T5036]  ffffc90000b1e080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   56.963161][ T5036]  ffffc90000b1e100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   56.971221][ T5036] ==================================================================
[   56.981942][ T5036] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   56.989151][ T5036] CPU: 0 PID: 5036 Comm: syz-executor500 Not tainted 6.5.0-syzkaller-09276-g99d99825fc07 #0
[   56.999235][ T5036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   57.009304][ T5036] Call Trace:
[   57.012602][ T5036]  <TASK>
[   57.015532][ T5036]  dump_stack_lvl+0xd9/0x1b0
[   57.020131][ T5036]  panic+0x6a6/0x750
[   57.024019][ T5036]  ? panic_smp_self_stop+0xa0/0xa0
[   57.029137][ T5036]  ? preempt_schedule_thunk+0x1a/0x30
[   57.034543][ T5036]  ? preempt_schedule_common+0x45/0xc0
[   57.040017][ T5036]  check_panic_on_warn+0xab/0xb0
[   57.044946][ T5036]  end_report+0x108/0x150
[   57.049262][ T5036]  kasan_report+0xea/0x110
[   57.053666][ T5036]  ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   57.059749][ T5036]  ? cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   57.065641][ T5036]  cleanup_bitmap_list.part.0+0x4dd/0x5c0
[   57.071403][ T5036]  ? work_on_cpu_safe+0xb0/0xb0
[   57.076246][ T5036]  free_journal_ram+0x160/0x650
[   57.081083][ T5036]  ? do_raw_spin_unlock+0x173/0x230
[   57.086266][ T5036]  ? _raw_spin_unlock+0x28/0x40
[   57.091115][ T5036]  journal_release+0x2a4/0x660
[   57.095901][ T5036]  ? reiserfs_end_persistent_transaction+0x1b0/0x1b0
[   57.102586][ T5036]  reiserfs_put_super+0xe9/0x5c0
[   57.107523][ T5036]  ? reiserfs_quota_read+0x4e0/0x4e0
[   57.112805][ T5036]  ? fscrypt_destroy_keyring+0x1e/0x390
[   57.118351][ T5036]  ? reiserfs_quota_read+0x4e0/0x4e0
[   57.123628][ T5036]  generic_shutdown_super+0x161/0x3c0
[   57.128997][ T5036]  kill_block_super+0x3b/0x70
[   57.133759][ T5036]  deactivate_locked_super+0x9a/0x170
[   57.139128][ T5036]  deactivate_super+0xde/0x100
[   57.143891][ T5036]  cleanup_mnt+0x222/0x3d0
[   57.148304][ T5036]  task_work_run+0x14d/0x240
[   57.152892][ T5036]  ? task_work_cancel+0x30/0x30
[   57.157769][ T5036]  ? __put_net+0x61/0x70
[   57.162010][ T5036]  do_exit+0xa99/0x2a20
[   57.166173][ T5036]  ? do_group_exit+0x1c5/0x2a0
[   57.170929][ T5036]  ? reacquire_held_locks+0x4b0/0x4b0
[   57.176300][ T5036]  ? do_raw_spin_lock+0x12e/0x2b0
[   57.181316][ T5036]  ? mm_update_next_owner+0x850/0x850
[   57.186702][ T5036]  ? spin_bug+0x1d0/0x1d0
[   57.191031][ T5036]  ? rcu_is_watching+0x12/0xb0
[   57.195782][ T5036]  do_group_exit+0xd4/0x2a0
[   57.200282][ T5036]  __x64_sys_exit_group+0x3e/0x50
[   57.205301][ T5036]  do_syscall_64+0x38/0xb0
[   57.209734][ T5036]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   57.215654][ T5036] RIP: 0033:0x7f143ed73809
[   57.220057][ T5036] Code: Unable to access opcode bytes at 0x7f143ed737df.
[   57.227055][ T5036] RSP: 002b:00007fffe6a757e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   57.235503][ T5036] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f143ed73809
[   57.243469][ T5036] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   57.251432][ T5036] RBP: 00007f143edf02d0 R08: ffffffffffffffb8 R09: 00007fffe6a758c0
[   57.259659][ T5036] R10: 00007fffe6a758c0 R11: 0000000000000246 R12: 00007f143edf02d0
[   57.267629][ T5036] R13: 0000000000000000 R14: 00007f143edf1040 R15: 00007f143ed41d40
[   57.275602][ T5036]  </TASK>
[   57.279400][ T5036] Kernel Offset: disabled
[   57.283706][ T5036] Rebooting in 86400 seconds..