Warning: Permanently added '10.128.1.96' (ED25519) to the list of known hosts.
executing program
[   66.085324][ T4161] loop0: detected capacity change from 0 to 8192
[   66.174246][ T4161] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   66.184104][ T4161] REISERFS (device loop0): using ordered data mode
[   66.190667][ T4161] reiserfs: using flush barriers
[   66.198066][ T4161] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   66.215148][ T4161] REISERFS (device loop0): checking transaction log (loop0)
[   66.224993][ T4161] REISERFS (device loop0): Using tea hash to sort names
[   66.232723][ T4161] ==================================================================
[   66.240876][ T4161] BUG: KASAN: use-after-free in search_by_entry_key+0x575/0x1380
[   66.248609][ T4161] Read of size 4 at addr ffff888075584fc4 by task syz-executor291/4161
[   66.256838][ T4161] 
[   66.259159][ T4161] CPU: 1 PID: 4161 Comm: syz-executor291 Not tainted 5.15.179-syzkaller #0
[   66.267731][ T4161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.277797][ T4161] Call Trace:
[   66.281086][ T4161]  <TASK>
[   66.284013][ T4161]  dump_stack_lvl+0x1e3/0x2d0
[   66.288692][ T4161]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   66.294315][ T4161]  ? _printk+0xd1/0x120
[   66.298463][ T4161]  ? __wake_up_klogd+0xcc/0x100
[   66.303307][ T4161]  ? panic+0x860/0x860
[   66.307367][ T4161]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   66.312825][ T4161]  print_address_description+0x63/0x3b0
[   66.318362][ T4161]  ? search_by_entry_key+0x575/0x1380
[   66.323736][ T4161]  kasan_report+0x16b/0x1c0
[   66.328227][ T4161]  ? search_by_entry_key+0x575/0x1380
[   66.333601][ T4161]  search_by_entry_key+0x575/0x1380
[   66.338805][ T4161]  ? make_cpu_key+0x2b/0x220
[   66.343403][ T4161]  reiserfs_find_entry+0x2ca/0x19b0
[   66.348625][ T4161]  ? mark_lock+0x98/0x340
[   66.352953][ T4161]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   66.358947][ T4161]  ? reiserfs_get_parent+0x2c0/0x2c0
[   66.364246][ T4161]  ? mutex_lock_nested+0x17/0x20
[   66.369184][ T4161]  reiserfs_lookup+0x1e6/0x4b0
[   66.373947][ T4161]  ? reiserfs_find_entry+0x19b0/0x19b0
[   66.379418][ T4161]  ? d_hash_and_lookup+0x1b0/0x1b0
[   66.384538][ T4161]  ? __init_waitqueue_head+0xaa/0x140
[   66.389905][ T4161]  __lookup_slow+0x275/0x3d0
[   66.394490][ T4161]  ? lookup_one_len+0x2d0/0x2d0
[   66.399347][ T4161]  lookup_one_len+0x187/0x2d0
[   66.404020][ T4161]  ? lookup_one_common+0x460/0x460
[   66.409136][ T4161]  reiserfs_lookup_privroot+0x85/0x1e0
[   66.414589][ T4161]  reiserfs_fill_super+0x2224/0x2690
[   66.419883][ T4161]  ? reiserfs_kill_sb+0x150/0x150
[   66.424909][ T4161]  ? snprintf+0xd6/0x120
[   66.429159][ T4161]  mount_bdev+0x2c9/0x3f0
[   66.433480][ T4161]  ? reiserfs_kill_sb+0x150/0x150
[   66.438499][ T4161]  legacy_get_tree+0xeb/0x180
[   66.443164][ T4161]  ? remove_save_link+0x540/0x540
[   66.448181][ T4161]  vfs_get_tree+0x88/0x270
[   66.452606][ T4161]  do_new_mount+0x2ba/0xb40
[   66.457102][ T4161]  ? do_move_mount_old+0x160/0x160
[   66.462205][ T4161]  ? user_path_at_empty+0x12b/0x180
[   66.467391][ T4161]  __se_sys_mount+0x2d5/0x3c0
[   66.472080][ T4161]  ? __x64_sys_mount+0xc0/0xc0
[   66.476835][ T4161]  ? syscall_enter_from_user_mode+0x2e/0x240
[   66.482806][ T4161]  ? lockdep_hardirqs_on+0x94/0x130
[   66.488003][ T4161]  ? __x64_sys_mount+0x1c/0xc0
[   66.492769][ T4161]  do_syscall_64+0x3b/0xb0
[   66.497191][ T4161]  ? clear_bhb_loop+0x15/0x70
[   66.501871][ T4161]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.507785][ T4161] RIP: 0033:0x7fe37273982a
[   66.512198][ T4161] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 ee 08 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   66.531796][ T4161] RSP: 002b:00007fffa2bb18d8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   66.540222][ T4161] RAX: ffffffffffffffda RBX: 00007fffa2bb18f0 RCX: 00007fe37273982a
[   66.548183][ T4161] RDX: 0000400000000180 RSI: 0000400000000040 RDI: 00007fffa2bb18f0
[   66.556148][ T4161] RBP: 0000400000000040 R08: 00007fffa2bb1930 R09: 0000000000001127
[   66.564118][ T4161] R10: 000000000001801c R11: 0000000000000286 R12: 0000400000000180
[   66.572083][ T4161] R13: 00007fffa2bb1930 R14: 0000000000000003 R15: 000000000001801c
[   66.580100][ T4161]  </TASK>
[   66.583131][ T4161] 
[   66.585445][ T4161] The buggy address belongs to the page:
[   66.591093][ T4161] page:ffffea0001d56100 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x75584
[   66.601263][ T4161] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   66.608376][ T4161] raw: 00fff00000000000 ffffea00003da648 ffffea0001ff1688 0000000000000000
[   66.616948][ T4161] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   66.625533][ T4161] page dumped because: kasan: bad access detected
[   66.631937][ T4161] page_owner tracks the page as freed
[   66.637289][ T4161] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 4153, ts 59679276000, free_ts 59716887877
[   66.652812][ T4161]  get_page_from_freelist+0x3b78/0x3d40
[   66.658355][ T4161]  __alloc_pages+0x272/0x700
[   66.662935][ T4161]  alloc_pages_vma+0x39a/0x800
[   66.667689][ T4161]  handle_mm_fault+0x2f49/0x5960
[   66.672634][ T4161]  exc_page_fault+0x271/0x700
[   66.677301][ T4161]  asm_exc_page_fault+0x22/0x30
[   66.682145][ T4161] page last free stack trace:
[   66.686803][ T4161]  free_unref_page_prepare+0xc34/0xcf0
[   66.692255][ T4161]  free_unref_page_list+0x1f7/0x8e0
[   66.697442][ T4161]  release_pages+0x1bb9/0x1f40
[   66.702196][ T4161]  tlb_finish_mmu+0x177/0x320
[   66.706861][ T4161]  unmap_region+0x304/0x350
[   66.711356][ T4161]  __do_munmap+0x130a/0x1710
[   66.715951][ T4161]  __vm_munmap+0x134/0x230
[   66.720357][ T4161]  __x64_sys_munmap+0x67/0x70
[   66.725019][ T4161]  do_syscall_64+0x3b/0xb0
[   66.729424][ T4161]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.735303][ T4161] 
[   66.737614][ T4161] Memory state around the buggy address:
[   66.743229][ T4161]  ffff888075584e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   66.751378][ T4161]  ffff888075584f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   66.759424][ T4161] >ffff888075584f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   66.767472][ T4161]                                            ^
[   66.773633][ T4161]  ffff888075585000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   66.781681][ T4161]  ffff888075585080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   66.789729][ T4161] ==================================================================
[   66.797859][ T4161] Disabling lock debugging due to kernel taint
[   66.804250][ T4161] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   66.811459][ T4161] CPU: 1 PID: 4161 Comm: syz-executor291 Tainted: G    B             5.15.179-syzkaller #0
[   66.821445][ T4161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.831491][ T4161] Call Trace:
[   66.834758][ T4161]  <TASK>
[   66.837698][ T4161]  dump_stack_lvl+0x1e3/0x2d0
[   66.842368][ T4161]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   66.847989][ T4161]  ? panic+0x860/0x860
[   66.852043][ T4161]  ? preempt_schedule_common+0xa6/0xd0
[   66.857489][ T4161]  ? preempt_schedule+0xd9/0xe0
[   66.862333][ T4161]  panic+0x318/0x860
[   66.866217][ T4161]  ? check_panic_on_warn+0x1d/0xa0
[   66.871317][ T4161]  ? fb_is_primary_device+0xd0/0xd0
[   66.876507][ T4161]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   66.882473][ T4161]  ? _raw_spin_unlock+0x40/0x40
[   66.887335][ T4161]  check_panic_on_warn+0x7e/0xa0
[   66.892283][ T4161]  ? search_by_entry_key+0x575/0x1380
[   66.897650][ T4161]  end_report+0x6d/0xf0
[   66.901801][ T4161]  kasan_report+0x18e/0x1c0
[   66.906290][ T4161]  ? search_by_entry_key+0x575/0x1380
[   66.911655][ T4161]  search_by_entry_key+0x575/0x1380
[   66.916846][ T4161]  ? make_cpu_key+0x2b/0x220
[   66.921425][ T4161]  reiserfs_find_entry+0x2ca/0x19b0
[   66.926612][ T4161]  ? mark_lock+0x98/0x340
[   66.930930][ T4161]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   66.936899][ T4161]  ? reiserfs_get_parent+0x2c0/0x2c0
[   66.942177][ T4161]  ? mutex_lock_nested+0x17/0x20
[   66.947105][ T4161]  reiserfs_lookup+0x1e6/0x4b0
[   66.951862][ T4161]  ? reiserfs_find_entry+0x19b0/0x19b0
[   66.957323][ T4161]  ? d_hash_and_lookup+0x1b0/0x1b0
[   66.962423][ T4161]  ? __init_waitqueue_head+0xaa/0x140
[   66.967787][ T4161]  __lookup_slow+0x275/0x3d0
[   66.972402][ T4161]  ? lookup_one_len+0x2d0/0x2d0
[   66.977249][ T4161]  lookup_one_len+0x187/0x2d0
[   66.981918][ T4161]  ? lookup_one_common+0x460/0x460
[   66.987023][ T4161]  reiserfs_lookup_privroot+0x85/0x1e0
[   66.992485][ T4161]  reiserfs_fill_super+0x2224/0x2690
[   66.997768][ T4161]  ? reiserfs_kill_sb+0x150/0x150
[   67.002785][ T4161]  ? snprintf+0xd6/0x120
[   67.007030][ T4161]  mount_bdev+0x2c9/0x3f0
[   67.011346][ T4161]  ? reiserfs_kill_sb+0x150/0x150
[   67.016359][ T4161]  legacy_get_tree+0xeb/0x180
[   67.021029][ T4161]  ? remove_save_link+0x540/0x540
[   67.026046][ T4161]  vfs_get_tree+0x88/0x270
[   67.030451][ T4161]  do_new_mount+0x2ba/0xb40
[   67.034940][ T4161]  ? do_move_mount_old+0x160/0x160
[   67.040058][ T4161]  ? user_path_at_empty+0x12b/0x180
[   67.045260][ T4161]  __se_sys_mount+0x2d5/0x3c0
[   67.049943][ T4161]  ? __x64_sys_mount+0xc0/0xc0
[   67.054695][ T4161]  ? syscall_enter_from_user_mode+0x2e/0x240
[   67.060663][ T4161]  ? lockdep_hardirqs_on+0x94/0x130
[   67.065870][ T4161]  ? __x64_sys_mount+0x1c/0xc0
[   67.070646][ T4161]  do_syscall_64+0x3b/0xb0
[   67.075053][ T4161]  ? clear_bhb_loop+0x15/0x70
[   67.079720][ T4161]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.085602][ T4161] RIP: 0033:0x7fe37273982a
[   67.090015][ T4161] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 ee 08 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   67.109627][ T4161] RSP: 002b:00007fffa2bb18d8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   67.118031][ T4161] RAX: ffffffffffffffda RBX: 00007fffa2bb18f0 RCX: 00007fe37273982a
[   67.125990][ T4161] RDX: 0000400000000180 RSI: 0000400000000040 RDI: 00007fffa2bb18f0
[   67.133950][ T4161] RBP: 0000400000000040 R08: 00007fffa2bb1930 R09: 0000000000001127
[   67.141912][ T4161] R10: 000000000001801c R11: 0000000000000286 R12: 0000400000000180
[   67.149878][ T4161] R13: 00007fffa2bb1930 R14: 0000000000000003 R15: 000000000001801c
[   67.157859][ T4161]  </TASK>
[   67.161162][ T4161] Kernel Offset: disabled
[   67.165490][ T4161] Rebooting in 86400 seconds..