Warning: Permanently added '10.128.0.217' (ED25519) to the list of known hosts.
executing program
[   45.205100][ T4021] loop0: detected capacity change from 0 to 8192
[   45.281769][ T4021] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   45.284084][ T4021] REISERFS (device loop0): using ordered data mode
[   45.285534][ T4021] reiserfs: using flush barriers
[   45.287850][ T4021] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   45.292397][ T4021] REISERFS (device loop0): checking transaction log (loop0)
[   45.298611][ T4021] REISERFS (device loop0): Using r5 hash to sort names
[   45.300781][ T4021] REISERFS (device loop0): using 3.5.x disk format
[   45.303543][ T4021] REISERFS warning (device loop0): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[   45.306881][ T4021] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   45.317051][ T4021] ==================================================================
[   45.318956][ T4021] BUG: KASAN: use-after-free in leaf_paste_in_buffer+0x578/0x9f0
[   45.320720][ T4021] Read of size 48 at addr ffff0001890c7ff0 by task syz-executor198/4021
[   45.322574][ T4021] 
[   45.323095][ T4021] CPU: 0 PID: 4021 Comm: syz-executor198 Not tainted 5.15.178-syzkaller #0
[   45.325025][ T4021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   45.327316][ T4021] Call trace:
[   45.328069][ T4021]  dump_backtrace+0x0/0x530
[   45.329131][ T4021]  show_stack+0x2c/0x3c
[   45.330027][ T4021]  dump_stack_lvl+0x108/0x170
[   45.331071][ T4021]  print_address_description+0x7c/0x3f0
[   45.332325][ T4021]  kasan_report+0x174/0x1e4
[   45.333362][ T4021]  kasan_check_range+0x274/0x2b4
[   45.334472][ T4021]  memcpy+0x90/0xe8
[   45.335324][ T4021]  leaf_paste_in_buffer+0x578/0x9f0
[   45.336504][ T4021]  leaf_copy_dir_entries+0x2b4/0xa04
[   45.337694][ T4021]  leaf_copy_boundary_item+0x8c4/0x1a34
[   45.338933][ T4021]  leaf_move_items+0xa0c/0x1f7c
[   45.340035][ T4021]  leaf_shift_left+0xc8/0x39c
[   45.341067][ T4021]  balance_leaf+0x103c/0xe860
[   45.342119][ T4021]  do_balance+0x27c/0x790
[   45.343116][ T4021]  reiserfs_insert_item+0x940/0xa84
[   45.344306][ T4021]  add_save_link+0x390/0x678
[   45.345334][ T4021]  reiserfs_truncate_file+0x38c/0x6f0
[   45.346563][ T4021]  reiserfs_setattr+0x8e8/0xd94
[   45.347676][ T4021]  notify_change+0xa34/0xcf8
[   45.348711][ T4021]  do_truncate+0x1c0/0x28c
[   45.349706][ T4021]  path_openat+0x20c4/0x26cc
[   45.350768][ T4021]  do_filp_open+0x1a8/0x3b4
[   45.351779][ T4021]  do_sys_openat2+0x128/0x3e0
[   45.352864][ T4021]  __arm64_sys_openat+0x1f0/0x240
[   45.354009][ T4021]  invoke_syscall+0x98/0x2b8
[   45.355039][ T4021]  el0_svc_common+0x138/0x258
[   45.356101][ T4021]  do_el0_svc+0x58/0x14c
[   45.357098][ T4021]  el0_svc+0x7c/0x1f0
[   45.358030][ T4021]  el0t_64_sync_handler+0x84/0xe4
[   45.359162][ T4021]  el0t_64_sync+0x1a0/0x1a4
[   45.360197][ T4021] 
[   45.360707][ T4021] The buggy address belongs to the page:
[   45.361988][ T4021] page:00000000a6c0828e refcount:2 mapcount:0 mapping:00000000bd40c4bb index:0x214 pfn:0x1c90c7
[   45.364335][ T4021] memcg:ffff0000c08a4000
[   45.365287][ T4021] aops:def_blk_aops ino:700000
[   45.366365][ T4021] flags: 0x5ffc00000002032(referenced|lru|active|private|node=0|zone=2|lastcpupid=0x7ff)
[   45.368537][ T4021] raw: 05ffc00000002032 fffffc00037c2a48 fffffc00037c2a88 ffff0000c058cf48
[   45.370495][ T4021] raw: 0000000000000214 ffff0000dbf21828 00000002ffffffff ffff0000c08a4000
[   45.372481][ T4021] page dumped because: kasan: bad access detected
[   45.373879][ T4021] 
[   45.374421][ T4021] Memory state around the buggy address:
[   45.375682][ T4021]  ffff0001890c7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   45.377516][ T4021]  ffff0001890c7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   45.379322][ T4021] >ffff0001890c8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   45.381125][ T4021]                    ^
[   45.382065][ T4021]  ffff0001890c8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   45.383892][ T4021]  ffff0001890c8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   45.385716][ T4021] ==================================================================
[   45.387570][ T4021] Disabling lock debugging due to kernel taint
[   45.389132][ T4021] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2
[   45.392596][ T4021] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[   45.394918][ T4021] REISERFS (device loop0): Remounting filesystem read-only
[   45.396530][ T4021] REISERFS error (device loop0): vs-5657 reiserfs_do_truncate: i/o failure occurred trying to truncate [2 2 0xffffffff DIRECT]
[   45.399536][ T4021] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 2 on readonly FS
executing program
[   45.402733][ T4021] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2
[   45.406030][ T4021] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[   45.408252][ T4021] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 2 0x0 SD] stat data
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program