Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   43.934038][ T3960] loop0: detected capacity change from 0 to 8192
[   43.960778][ T3960] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   43.962818][ T3960] REISERFS (device loop0): using ordered data mode
[   43.964142][ T3960] reiserfs: using flush barriers
[   43.966141][ T3960] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   43.970117][ T3960] REISERFS (device loop0): checking transaction log (loop0)
[   43.973462][ T3960] REISERFS (device loop0): Using r5 hash to sort names
[   43.975043][ T3960] REISERFS (device loop0): using 3.5.x disk format
[   43.977009][ T3960] ==================================================================
[   43.978835][ T3960] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x504/0x944
[   43.980389][ T3960] Read of size 18446744073709551584 at addr ffff0000df44dfa4 by task syz-executor252/3960
[   43.982521][ T3960] 
[   43.983051][ T3960] CPU: 1 PID: 3960 Comm: syz-executor252 Not tainted 5.15.113-syzkaller #0
[   43.984908][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   43.987100][ T3960] Call trace:
[   43.987756][ T3960]  dump_backtrace+0x0/0x530
[   43.988822][ T3960]  show_stack+0x2c/0x3c
[   43.989778][ T3960]  dump_stack_lvl+0x108/0x170
[   43.990846][ T3960]  print_address_description+0x7c/0x3f0
[   43.992078][ T3960]  kasan_report+0x174/0x1e4
[   43.993061][ T3960]  kasan_check_range+0x274/0x2b4
[   43.994145][ T3960]  memmove+0x90/0xe8
[   43.995008][ T3960]  leaf_paste_entries+0x504/0x944
[   43.996056][ T3960]  balance_leaf+0xa0d4/0xe860
[   43.997035][ T3960]  do_balance+0x27c/0x790
[   43.997972][ T3960]  reiserfs_paste_into_item+0x630/0x744
[   43.999170][ T3960]  reiserfs_add_entry+0x8c0/0xc8c
[   44.000315][ T3960]  reiserfs_mkdir+0x588/0x77c
[   44.001290][ T3960]  reiserfs_xattr_init+0x2b0/0x6dc
[   44.002412][ T3960]  reiserfs_fill_super+0x1b28/0x1e8c
[   44.003549][ T3960]  mount_bdev+0x26c/0x368
[   44.004531][ T3960]  get_super_block+0x44/0x58
[   44.005517][ T3960]  legacy_get_tree+0xd4/0x16c
[   44.006505][ T3960]  vfs_get_tree+0x90/0x274
[   44.007473][ T3960]  do_new_mount+0x25c/0x8c8
[   44.008425][ T3960]  path_mount+0x590/0x104c
[   44.009434][ T3960]  __arm64_sys_mount+0x510/0x5e0
[   44.010529][ T3960]  invoke_syscall+0x98/0x2b8
[   44.011573][ T3960]  el0_svc_common+0x138/0x258
[   44.012619][ T3960]  do_el0_svc+0x58/0x14c
[   44.013530][ T3960]  el0_svc+0x7c/0x1f0
[   44.014349][ T3960]  el0t_64_sync_handler+0x84/0xe4
[   44.015416][ T3960]  el0t_64_sync+0x1a0/0x1a4
[   44.016446][ T3960] 
[   44.016970][ T3960] The buggy address belongs to the page:
[   44.018200][ T3960] page:00000000bf27a573 refcount:3 mapcount:0 mapping:000000008a2a752b index:0x213 pfn:0x11f44d
[   44.020559][ T3960] memcg:ffff0000c0894000
[   44.021368][ T3960] aops:def_blk_aops ino:700000
[   44.022353][ T3960] flags: 0x5ffc00000002022(referenced|active|private|node=0|zone=2|lastcpupid=0x7ff)
[   44.024025][ T3960] raw: 05ffc00000002022 0000000000000000 dead000000000122 ffff0000c049db08
[   44.025460][ T3960] raw: 0000000000000213 ffff0000dbfcfd98 00000003ffffffff ffff0000c0894000
[   44.026932][ T3960] page dumped because: kasan: bad access detected
[   44.028207][ T3960] 
[   44.028645][ T3960] Memory state around the buggy address:
[   44.029871][ T3960]  ffff0000df44de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.031692][ T3960]  ffff0000df44df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.033401][ T3960] >ffff0000df44df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.035091][ T3960]                                ^
[   44.036183][ T3960]  ffff0000df44e000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   44.037817][ T3960]  ffff0000df44e080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   44.039465][ T3960] ==================================================================
[   44.041143][ T3960] Disabling lock debugging due to kernel taint
[   44.042641][ T3960] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376
[   44.047035][ T3960] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[   44.049356][ T3960] REISERFS (device loop0): Remounting filesystem read-only
[   44.050869][ T3960] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [1 2 0x0 SD] stat data
[   44.053723][ T3960] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[   44.056795][ T3960] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376
[   44.061078][ T3960] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[   44.063453][ T3960] REISERFS error (device loop0): zam-7001 reiserfs_find_entry: io error