Warning: Permanently added '10.128.1.139' (ED25519) to the list of known hosts.
executing program
[   53.533006][ T3500] loop0: detected capacity change from 0 to 8192
[   53.544003][ T3500] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   53.554193][ T3500] REISERFS (device loop0): using ordered data mode
[   53.560855][ T3500] reiserfs: using flush barriers
[   53.567186][ T3500] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   53.583833][ T3500] REISERFS (device loop0): checking transaction log (loop0)
[   53.631978][ T3500] REISERFS (device loop0): Using r5 hash to sort names
[   53.639154][ T3500] REISERFS (device loop0): using 3.5.x disk format
[   53.647177][ T3500] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   53.660402][   T26] audit: type=1800 audit(1691309111.624:2): pid=3500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor140" name="file0" dev="loop0" ino=2 res=0 errno=0
[   53.698937][   T26] audit: type=1800 audit(1691309111.664:3): pid=3500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor140" name="bus" dev="loop0" ino=3 res=0 errno=0
[   53.707923][ T3500] ==================================================================
[   53.727712][ T3500] BUG: KASAN: out-of-bounds in leaf_paste_in_buffer+0x1b8/0xab0
[   53.735366][ T3500] Read of size 18446744073709551305 at addr ffff88806fb94000 by task syz-executor140/3500
[   53.745251][ T3500] 
[   53.747572][ T3500] CPU: 1 PID: 3500 Comm: syz-executor140 Not tainted 5.15.124-syzkaller #0
[   53.756161][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[   53.766213][ T3500] Call Trace:
[   53.769492][ T3500]  <TASK>
[   53.772449][ T3500]  dump_stack_lvl+0x1e3/0x2cb
[   53.777135][ T3500]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   53.782769][ T3500]  ? _printk+0xd1/0x111
[   53.786929][ T3500]  ? __wake_up_klogd+0xcc/0x100
[   53.791781][ T3500]  ? panic+0x84d/0x84d
[   53.795848][ T3500]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   53.801328][ T3500]  ? leaf_move_items+0x1c4c/0x28a0
[   53.806459][ T3500]  print_address_description+0x63/0x3b0
[   53.812027][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   53.817410][ T3500]  kasan_report+0x16b/0x1c0
[   53.821921][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   53.827298][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   53.832685][ T3500]  kasan_check_range+0x27e/0x290
[   53.837629][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   53.843007][ T3500]  memmove+0x25/0x60
[   53.846906][ T3500]  leaf_paste_in_buffer+0x1b8/0xab0
[   53.852118][ T3500]  balance_leaf+0x667c/0x12510
[   53.856914][ T3500]  ? do_balance+0x8f0/0x8f0
[   53.861420][ T3500]  ? do_raw_spin_lock+0x14a/0x370
[   53.866478][ T3500]  ? __lock_acquire+0x1ff0/0x1ff0
[   53.871517][ T3500]  ? do_raw_spin_unlock+0x137/0x8b0
[   53.876727][ T3500]  ? unlock_page+0x188/0x200
[   53.881325][ T3500]  ? __getblk_gfp+0x9b0/0xaf0
[   53.886022][ T3500]  ? get_empty_nodes+0xad9/0xd70
[   53.890981][ T3500]  ? direntry_part_size+0xb0/0x1a0
[   53.896106][ T3500]  ? get_neighbors+0x1010/0x1010
[   53.901052][ T3500]  ? __wake_up_bit+0x190/0x190
[   53.905827][ T3500]  ? is_leaf_removable+0x8c0/0x8c0
[   53.910971][ T3500]  ? get_neighbors+0x631/0x1010
[   53.915829][ T3500]  ? reiserfs_prepare_for_journal+0x26b/0x280
[   53.921916][ T3500]  ? fix_nodes+0x7abc/0x8c70
[   53.926510][ T3500]  ? __might_sleep+0xc0/0xc0
[   53.931124][ T3500]  do_balance+0x309/0x8f0
[   53.935461][ T3500]  ? get_right_neighbor_position+0x210/0x210
[   53.941453][ T3500]  ? reiserfs_paste_into_item+0x3ef/0x880
[   53.947185][ T3500]  reiserfs_paste_into_item+0x73b/0x880
[   53.952748][ T3500]  ? reiserfs_cut_from_item+0x2560/0x2560
[   53.958533][ T3500]  ? __kmalloc+0x168/0x300
[   53.962962][ T3500]  reiserfs_get_block+0x226a/0x5390
[   53.968208][ T3500]  ? make_le_item_head+0x5c0/0x5c0
[   53.973323][ T3500]  ? register_lock_class+0x100/0x9a0
[   53.978624][ T3500]  ? notify_change+0xd4d/0x1000
[   53.983483][ T3500]  ? is_dynamic_key+0x1f0/0x1f0
[   53.988342][ T3500]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   53.994417][ T3500]  ? mark_lock+0x98/0x340
[   53.998756][ T3500]  ? __lock_acquire+0x1295/0x1ff0
[   54.003818][ T3500]  ? __lock_acquire+0x1ff0/0x1ff0
[   54.008849][ T3500]  ? alloc_buffer_head+0xd3/0xf0
[   54.013877][ T3500]  ? alloc_page_buffers+0x54a/0x660
[   54.019091][ T3500]  ? create_page_buffers+0x24b/0x330
[   54.024385][ T3500]  __block_write_begin_int+0x60b/0x1650
[   54.029953][ T3500]  ? make_le_item_head+0x5c0/0x5c0
[   54.035104][ T3500]  ? page_zero_new_buffers+0x510/0x510
[   54.040703][ T3500]  ? __mutex_lock_common+0x444/0x25a0
[   54.046128][ T3500]  ? fix_tail_page_for_writing+0x97/0x220
[   54.051866][ T3500]  reiserfs_write_begin+0x346/0x810
[   54.057073][ T3500]  ? pagecache_write_begin+0x33/0xa0
[   54.062373][ T3500]  generic_cont_expand_simple+0x144/0x230
[   54.068107][ T3500]  ? submit_bh+0x30/0x30
[   54.072356][ T3500]  ? setattr_prepare+0x1f7/0xe30
[   54.077302][ T3500]  ? mutex_lock_nested+0x17/0x20
[   54.082249][ T3500]  reiserfs_setattr+0x3ff/0xf90
[   54.087116][ T3500]  ? reiserfs_commit_write+0x5a0/0x5a0
[   54.092584][ T3500]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   54.098485][ T3500]  ? current_time+0x1d1/0x2f0
[   54.103166][ T3500]  ? atime_needs_update+0x7b0/0x7b0
[   54.108369][ T3500]  ? evm_inode_setattr+0xf7/0x5b0
[   54.113403][ T3500]  ? bpf_lsm_inode_setattr+0x5/0x10
[   54.118608][ T3500]  ? security_inode_setattr+0xce/0x120
[   54.124073][ T3500]  ? reiserfs_commit_write+0x5a0/0x5a0
[   54.129547][ T3500]  notify_change+0xd4d/0x1000
[   54.134236][ T3500]  do_truncate+0x21c/0x300
[   54.138661][ T3500]  ? put_page_bootmem+0x280/0x280
[   54.143714][ T3500]  ? print_irqtrace_events+0x210/0x210
[   54.149185][ T3500]  ? vtime_user_exit+0x2d1/0x400
[   54.154147][ T3500]  ? bpf_lsm_path_truncate+0x5/0x10
[   54.159367][ T3500]  do_sys_ftruncate+0x2eb/0x390
[   54.164232][ T3500]  do_syscall_64+0x3d/0xb0
[   54.168656][ T3500]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.174557][ T3500] RIP: 0033:0x7f14a37cf679
[   54.178979][ T3500] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   54.198587][ T3500] RSP: 002b:00007fffb0b30268 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[   54.207017][ T3500] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f14a37cf679
[   54.215079][ T3500] RDX: 00007f14a37cf679 RSI: 0000000002007fff RDI: 0000000000000005
[   54.223080][ T3500] RBP: 00007f14a3843610 R08: 00007fffb0b30438 R09: 00007fffb0b30438
[   54.231071][ T3500] R10: 00007fffb0b30438 R11: 0000000000000246 R12: 0000000000000001
[   54.239053][ T3500] R13: 00007fffb0b30428 R14: 0000000000000001 R15: 0000000000000001
[   54.247049][ T3500]  </TASK>
[   54.250073][ T3500] 
[   54.252389][ T3500] The buggy address belongs to the page:
[   54.258164][ T3500] page:ffffea0001bee500 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6fb94
[   54.268329][ T3500] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   54.275459][ T3500] raw: 00fff00000000000 ffffea0001bee548 ffffea0001d45bc8 0000000000000000
[   54.284046][ T3500] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   54.292789][ T3500] page dumped because: kasan: bad access detected
[   54.299206][ T3500] page_owner tracks the page as freed
[   54.304585][ T3500] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 3357, ts 45290681435, free_ts 45439635177
[   54.320134][ T3500]  get_page_from_freelist+0x322a/0x33c0
[   54.325705][ T3500]  __alloc_pages+0x272/0x700
[   54.330330][ T3500]  alloc_pages_vma+0x39a/0x800
[   54.335162][ T3500]  handle_mm_fault+0x2f49/0x5950
[   54.340108][ T3500]  exc_page_fault+0x271/0x740
[   54.344786][ T3500]  asm_exc_page_fault+0x22/0x30
[   54.349644][ T3500] page last free stack trace:
[   54.354318][ T3500]  free_unref_page_prepare+0xc34/0xcf0
[   54.359784][ T3500]  free_unref_page_list+0x1f7/0x8e0
[   54.365018][ T3500]  release_pages+0x1bb9/0x1f40
[   54.369784][ T3500]  tlb_finish_mmu+0x177/0x320
[   54.374463][ T3500]  unmap_region+0x304/0x350
[   54.378988][ T3500]  __do_munmap+0x12db/0x1740
[   54.383585][ T3500]  __vm_munmap+0x134/0x230
[   54.388039][ T3500]  __x64_sys_munmap+0x67/0x70
[   54.392744][ T3500]  do_syscall_64+0x3d/0xb0
[   54.397174][ T3500]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.403074][ T3500] 
[   54.405395][ T3500] Memory state around the buggy address:
[   54.411022][ T3500]  ffff88806fb93f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   54.419082][ T3500]  ffff88806fb93f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   54.427145][ T3500] >ffff88806fb94000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.435201][ T3500]                    ^
[   54.439271][ T3500]  ffff88806fb94080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.447381][ T3500]  ffff88806fb94100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.455438][ T3500] ==================================================================
[   54.463502][ T3500] Disabling lock debugging due to kernel taint
[   54.470345][ T3500] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   54.477558][ T3500] CPU: 1 PID: 3500 Comm: syz-executor140 Tainted: G    B             5.15.124-syzkaller #0
[   54.487554][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[   54.497619][ T3500] Call Trace:
[   54.500895][ T3500]  <TASK>
[   54.503823][ T3500]  dump_stack_lvl+0x1e3/0x2cb
[   54.508520][ T3500]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   54.514163][ T3500]  ? panic+0x84d/0x84d
[   54.518233][ T3500]  ? preempt_schedule_common+0xa6/0xd0
[   54.523706][ T3500]  ? preempt_schedule+0xd9/0xe0
[   54.528576][ T3500]  panic+0x318/0x84d
[   54.532481][ T3500]  ? check_panic_on_warn+0x1d/0xa0
[   54.537597][ T3500]  ? fb_is_primary_device+0xcc/0xcc
[   54.542797][ T3500]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   54.548779][ T3500]  ? _raw_spin_unlock+0x40/0x40
[   54.553664][ T3500]  check_panic_on_warn+0x7e/0xa0
[   54.558605][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   54.563981][ T3500]  end_report+0x6d/0xf0
[   54.568158][ T3500]  kasan_report+0x18e/0x1c0
[   54.572685][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   54.578058][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   54.583433][ T3500]  kasan_check_range+0x27e/0x290
[   54.588375][ T3500]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   54.593750][ T3500]  memmove+0x25/0x60
[   54.597644][ T3500]  leaf_paste_in_buffer+0x1b8/0xab0
[   54.602849][ T3500]  balance_leaf+0x667c/0x12510
[   54.607626][ T3500]  ? do_balance+0x8f0/0x8f0
[   54.612127][ T3500]  ? do_raw_spin_lock+0x14a/0x370
[   54.617151][ T3500]  ? __lock_acquire+0x1ff0/0x1ff0
[   54.622182][ T3500]  ? do_raw_spin_unlock+0x137/0x8b0
[   54.627383][ T3500]  ? unlock_page+0x188/0x200
[   54.631978][ T3500]  ? __getblk_gfp+0x9b0/0xaf0
[   54.636659][ T3500]  ? get_empty_nodes+0xad9/0xd70
[   54.641601][ T3500]  ? direntry_part_size+0xb0/0x1a0
[   54.646726][ T3500]  ? get_neighbors+0x1010/0x1010
[   54.651665][ T3500]  ? __wake_up_bit+0x190/0x190
[   54.656431][ T3500]  ? is_leaf_removable+0x8c0/0x8c0
[   54.661549][ T3500]  ? get_neighbors+0x631/0x1010
[   54.666405][ T3500]  ? reiserfs_prepare_for_journal+0x26b/0x280
[   54.672473][ T3500]  ? fix_nodes+0x7abc/0x8c70
[   54.677077][ T3500]  ? __might_sleep+0xc0/0xc0
[   54.681705][ T3500]  do_balance+0x309/0x8f0
[   54.686049][ T3500]  ? get_right_neighbor_position+0x210/0x210
[   54.692201][ T3500]  ? reiserfs_paste_into_item+0x3ef/0x880
[   54.698048][ T3500]  reiserfs_paste_into_item+0x73b/0x880
[   54.703607][ T3500]  ? reiserfs_cut_from_item+0x2560/0x2560
[   54.709361][ T3500]  ? __kmalloc+0x168/0x300
[   54.713780][ T3500]  reiserfs_get_block+0x226a/0x5390
[   54.718999][ T3500]  ? make_le_item_head+0x5c0/0x5c0
[   54.724108][ T3500]  ? register_lock_class+0x100/0x9a0
[   54.729400][ T3500]  ? notify_change+0xd4d/0x1000
[   54.734249][ T3500]  ? is_dynamic_key+0x1f0/0x1f0
[   54.739193][ T3500]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.745259][ T3500]  ? mark_lock+0x98/0x340
[   54.749589][ T3500]  ? __lock_acquire+0x1295/0x1ff0
[   54.754630][ T3500]  ? __lock_acquire+0x1ff0/0x1ff0
[   54.759657][ T3500]  ? alloc_buffer_head+0xd3/0xf0
[   54.764588][ T3500]  ? alloc_page_buffers+0x54a/0x660
[   54.769788][ T3500]  ? create_page_buffers+0x24b/0x330
[   54.775073][ T3500]  __block_write_begin_int+0x60b/0x1650
[   54.780625][ T3500]  ? make_le_item_head+0x5c0/0x5c0
[   54.785738][ T3500]  ? page_zero_new_buffers+0x510/0x510
[   54.791201][ T3500]  ? __mutex_lock_common+0x444/0x25a0
[   54.796600][ T3500]  ? fix_tail_page_for_writing+0x97/0x220
[   54.802322][ T3500]  reiserfs_write_begin+0x346/0x810
[   54.807517][ T3500]  ? pagecache_write_begin+0x33/0xa0
[   54.812804][ T3500]  generic_cont_expand_simple+0x144/0x230
[   54.818530][ T3500]  ? submit_bh+0x30/0x30
[   54.822866][ T3500]  ? setattr_prepare+0x1f7/0xe30
[   54.827801][ T3500]  ? mutex_lock_nested+0x17/0x20
[   54.832740][ T3500]  reiserfs_setattr+0x3ff/0xf90
[   54.837595][ T3500]  ? reiserfs_commit_write+0x5a0/0x5a0
[   54.843055][ T3500]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   54.849011][ T3500]  ? current_time+0x1d1/0x2f0
[   54.853689][ T3500]  ? atime_needs_update+0x7b0/0x7b0
[   54.858981][ T3500]  ? evm_inode_setattr+0xf7/0x5b0
[   54.864006][ T3500]  ? bpf_lsm_inode_setattr+0x5/0x10
[   54.869208][ T3500]  ? security_inode_setattr+0xce/0x120
[   54.874666][ T3500]  ? reiserfs_commit_write+0x5a0/0x5a0
[   54.880132][ T3500]  notify_change+0xd4d/0x1000
[   54.884817][ T3500]  do_truncate+0x21c/0x300
[   54.889324][ T3500]  ? put_page_bootmem+0x280/0x280
[   54.894349][ T3500]  ? print_irqtrace_events+0x210/0x210
[   54.899812][ T3500]  ? vtime_user_exit+0x2d1/0x400
[   54.904751][ T3500]  ? bpf_lsm_path_truncate+0x5/0x10
[   54.909950][ T3500]  do_sys_ftruncate+0x2eb/0x390
[   54.914805][ T3500]  do_syscall_64+0x3d/0xb0
[   54.919222][ T3500]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.925113][ T3500] RIP: 0033:0x7f14a37cf679
[   54.929532][ T3500] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   54.949131][ T3500] RSP: 002b:00007fffb0b30268 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[   54.957542][ T3500] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f14a37cf679
[   54.965514][ T3500] RDX: 00007f14a37cf679 RSI: 0000000002007fff RDI: 0000000000000005
[   54.973485][ T3500] RBP: 00007f14a3843610 R08: 00007fffb0b30438 R09: 00007fffb0b30438
[   54.981459][ T3500] R10: 00007fffb0b30438 R11: 0000000000000246 R12: 0000000000000001
[   54.989436][ T3500] R13: 00007fffb0b30428 R14: 0000000000000001 R15: 0000000000000001
[   54.997413][ T3500]  </TASK>
[   55.000703][ T3500] Kernel Offset: disabled
[   55.005031][ T3500] Rebooting in 86400 seconds..