Warning: Permanently added '10.128.1.47' (ED25519) to the list of known hosts.
executing program
[   60.998167][ T4168] loop0: detected capacity change from 0 to 8192
[   61.078917][ T4168] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   61.088887][ T4168] REISERFS (device loop0): using ordered data mode
[   61.096200][ T4168] reiserfs: using flush barriers
[   61.102841][ T4168] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   61.120347][ T4168] REISERFS (device loop0): checking transaction log (loop0)
[   61.130412][ T4168] REISERFS (device loop0): Using r5 hash to sort names
[   61.137912][ T4168] ==================================================================
[   61.146089][ T4168] BUG: KASAN: use-after-free in search_by_entry_key+0x575/0x1380
[   61.153857][ T4168] Read of size 4 at addr ffff88800a86a754 by task syz-executor351/4168
[   61.162185][ T4168] 
[   61.164642][ T4168] CPU: 1 PID: 4168 Comm: syz-executor351 Not tainted 5.15.179-syzkaller #0
[   61.173253][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.183327][ T4168] Call Trace:
[   61.186616][ T4168]  <TASK>
[   61.189662][ T4168]  dump_stack_lvl+0x1e3/0x2d0
[   61.194352][ T4168]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   61.200002][ T4168]  ? _printk+0xd1/0x120
[   61.204304][ T4168]  ? __wake_up_klogd+0xcc/0x100
[   61.209193][ T4168]  ? panic+0x860/0x860
[   61.213275][ T4168]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   61.218755][ T4168]  print_address_description+0x63/0x3b0
[   61.224317][ T4168]  ? search_by_entry_key+0x575/0x1380
[   61.229718][ T4168]  kasan_report+0x16b/0x1c0
[   61.234499][ T4168]  ? search_by_entry_key+0x575/0x1380
[   61.240214][ T4168]  search_by_entry_key+0x575/0x1380
[   61.245442][ T4168]  ? make_cpu_key+0x2b/0x220
[   61.250068][ T4168]  reiserfs_find_entry+0x2ca/0x19b0
[   61.255267][ T4168]  ? mark_lock+0x98/0x340
[   61.259600][ T4168]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   61.265714][ T4168]  ? reiserfs_get_parent+0x2c0/0x2c0
[   61.271159][ T4168]  ? mutex_lock_nested+0x17/0x20
[   61.276234][ T4168]  reiserfs_lookup+0x1e6/0x4b0
[   61.281153][ T4168]  ? reiserfs_find_entry+0x19b0/0x19b0
[   61.286655][ T4168]  ? d_hash_and_lookup+0x1b0/0x1b0
[   61.291804][ T4168]  ? __init_waitqueue_head+0xaa/0x140
[   61.297193][ T4168]  __lookup_slow+0x275/0x3d0
[   61.301821][ T4168]  ? lookup_one_len+0x2d0/0x2d0
[   61.306703][ T4168]  lookup_one_len+0x187/0x2d0
[   61.311417][ T4168]  ? lookup_one_common+0x460/0x460
[   61.316563][ T4168]  reiserfs_lookup_privroot+0x85/0x1e0
[   61.322064][ T4168]  reiserfs_fill_super+0x191e/0x2690
[   61.327373][ T4168]  ? reiserfs_kill_sb+0x150/0x150
[   61.332403][ T4168]  ? snprintf+0xd6/0x120
[   61.336777][ T4168]  mount_bdev+0x2c9/0x3f0
[   61.341116][ T4168]  ? reiserfs_kill_sb+0x150/0x150
[   61.346154][ T4168]  legacy_get_tree+0xeb/0x180
[   61.350831][ T4168]  ? remove_save_link+0x540/0x540
[   61.355853][ T4168]  vfs_get_tree+0x88/0x270
[   61.360284][ T4168]  do_new_mount+0x2ba/0xb40
[   61.364799][ T4168]  ? do_move_mount_old+0x160/0x160
[   61.369929][ T4168]  ? user_path_at_empty+0x12b/0x180
[   61.375129][ T4168]  __se_sys_mount+0x2d5/0x3c0
[   61.379836][ T4168]  ? __x64_sys_mount+0xc0/0xc0
[   61.384709][ T4168]  ? syscall_enter_from_user_mode+0x2e/0x240
[   61.390797][ T4168]  ? lockdep_hardirqs_on+0x94/0x130
[   61.396158][ T4168]  ? __x64_sys_mount+0x1c/0xc0
[   61.400939][ T4168]  do_syscall_64+0x3b/0xb0
[   61.405373][ T4168]  ? clear_bhb_loop+0x15/0x70
[   61.410099][ T4168]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   61.416167][ T4168] RIP: 0033:0x7f786bbe4c2a
[   61.420595][ T4168] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 ee 08 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   61.440469][ T4168] RSP: 002b:00007ffde1e65418 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   61.449038][ T4168] RAX: ffffffffffffffda RBX: 00007ffde1e65430 RCX: 00007f786bbe4c2a
[   61.457124][ T4168] RDX: 0000200000000000 RSI: 0000200000000440 RDI: 00007ffde1e65430
[   61.465121][ T4168] RBP: 0000200000000440 R08: 00007ffde1e65470 R09: 0000000000001102
[   61.473119][ T4168] R10: 000000000120c081 R11: 0000000000000286 R12: 0000200000000000
[   61.481225][ T4168] R13: 0000000000000004 R14: 0000000000000003 R15: 00007ffde1e65470
[   61.489337][ T4168]  </TASK>
[   61.492384][ T4168] 
[   61.494709][ T4168] The buggy address belongs to the page:
[   61.500336][ T4168] page:ffffea00002a1a80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0xa86a
[   61.510405][ T4168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   61.517570][ T4168] raw: 00fff00000000000 ffffea00002a1888 ffffea00002a1b88 0000000000000000
[   61.526437][ T4168] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   61.535160][ T4168] page dumped because: kasan: bad access detected
[   61.541701][ T4168] page_owner tracks the page as freed
[   61.547076][ T4168] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 4084, ts 54571730114, free_ts 54620518422
[   61.562638][ T4168]  get_page_from_freelist+0x3b78/0x3d40
[   61.568480][ T4168]  __alloc_pages+0x272/0x700
[   61.573097][ T4168]  alloc_pages_vma+0x39a/0x800
[   61.577874][ T4168]  handle_mm_fault+0x2f49/0x5960
[   61.583224][ T4168]  exc_page_fault+0x271/0x700
[   61.587927][ T4168]  asm_exc_page_fault+0x22/0x30
[   61.592950][ T4168] page last free stack trace:
[   61.597635][ T4168]  free_unref_page_prepare+0xc34/0xcf0
[   61.603200][ T4168]  free_unref_page_list+0x1f7/0x8e0
[   61.608423][ T4168]  release_pages+0x1bb9/0x1f40
[   61.613217][ T4168]  tlb_finish_mmu+0x177/0x320
[   61.618023][ T4168]  unmap_region+0x304/0x350
[   61.622657][ T4168]  __do_munmap+0x130a/0x1710
[   61.627259][ T4168]  __vm_munmap+0x134/0x230
[   61.631674][ T4168]  __x64_sys_munmap+0x67/0x70
[   61.637472][ T4168]  do_syscall_64+0x3b/0xb0
[   61.641893][ T4168]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   61.648018][ T4168] 
[   61.650345][ T4168] Memory state around the buggy address:
[   61.656123][ T4168]  ffff88800a86a600: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   61.664202][ T4168]  ffff88800a86a680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   61.672272][ T4168] >ffff88800a86a700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   61.680390][ T4168]                                                  ^
[   61.687074][ T4168]  ffff88800a86a780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   61.695130][ T4168]  ffff88800a86a800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   61.703176][ T4168] ==================================================================
[   61.711226][ T4168] Disabling lock debugging due to kernel taint
[   61.717919][ T4168] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   61.725127][ T4168] CPU: 1 PID: 4168 Comm: syz-executor351 Tainted: G    B             5.15.179-syzkaller #0
[   61.735115][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.745179][ T4168] Call Trace:
[   61.748454][ T4168]  <TASK>
[   61.751377][ T4168]  dump_stack_lvl+0x1e3/0x2d0
[   61.756062][ T4168]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   61.761691][ T4168]  ? panic+0x860/0x860
[   61.765752][ T4168]  ? preempt_schedule_common+0xa6/0xd0
[   61.771414][ T4168]  ? preempt_schedule+0xd9/0xe0
[   61.776398][ T4168]  panic+0x318/0x860
[   61.780356][ T4168]  ? check_panic_on_warn+0x1d/0xa0
[   61.785543][ T4168]  ? fb_is_primary_device+0xd0/0xd0
[   61.790749][ T4168]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   61.796723][ T4168]  ? _raw_spin_unlock+0x40/0x40
[   61.801602][ T4168]  check_panic_on_warn+0x7e/0xa0
[   61.806556][ T4168]  ? search_by_entry_key+0x575/0x1380
[   61.811962][ T4168]  end_report+0x6d/0xf0
[   61.816235][ T4168]  kasan_report+0x18e/0x1c0
[   61.820841][ T4168]  ? search_by_entry_key+0x575/0x1380
[   61.826253][ T4168]  search_by_entry_key+0x575/0x1380
[   61.831467][ T4168]  ? make_cpu_key+0x2b/0x220
[   61.836053][ T4168]  reiserfs_find_entry+0x2ca/0x19b0
[   61.841247][ T4168]  ? mark_lock+0x98/0x340
[   61.845568][ T4168]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   61.851684][ T4168]  ? reiserfs_get_parent+0x2c0/0x2c0
[   61.856976][ T4168]  ? mutex_lock_nested+0x17/0x20
[   61.861913][ T4168]  reiserfs_lookup+0x1e6/0x4b0
[   61.866779][ T4168]  ? reiserfs_find_entry+0x19b0/0x19b0
[   61.872316][ T4168]  ? d_hash_and_lookup+0x1b0/0x1b0
[   61.877447][ T4168]  ? __init_waitqueue_head+0xaa/0x140
[   61.883044][ T4168]  __lookup_slow+0x275/0x3d0
[   61.887646][ T4168]  ? lookup_one_len+0x2d0/0x2d0
[   61.892588][ T4168]  lookup_one_len+0x187/0x2d0
[   61.897264][ T4168]  ? lookup_one_common+0x460/0x460
[   61.902383][ T4168]  reiserfs_lookup_privroot+0x85/0x1e0
[   61.907967][ T4168]  reiserfs_fill_super+0x191e/0x2690
[   61.913439][ T4168]  ? reiserfs_kill_sb+0x150/0x150
[   61.918599][ T4168]  ? snprintf+0xd6/0x120
[   61.922874][ T4168]  mount_bdev+0x2c9/0x3f0
[   61.927212][ T4168]  ? reiserfs_kill_sb+0x150/0x150
[   61.932267][ T4168]  legacy_get_tree+0xeb/0x180
[   61.937094][ T4168]  ? remove_save_link+0x540/0x540
[   61.942372][ T4168]  vfs_get_tree+0x88/0x270
[   61.946926][ T4168]  do_new_mount+0x2ba/0xb40
[   61.951427][ T4168]  ? do_move_mount_old+0x160/0x160
[   61.956538][ T4168]  ? user_path_at_empty+0x12b/0x180
[   61.961745][ T4168]  __se_sys_mount+0x2d5/0x3c0
[   61.966444][ T4168]  ? __x64_sys_mount+0xc0/0xc0
[   61.971243][ T4168]  ? syscall_enter_from_user_mode+0x2e/0x240
[   61.977248][ T4168]  ? lockdep_hardirqs_on+0x94/0x130
[   61.982457][ T4168]  ? __x64_sys_mount+0x1c/0xc0
[   61.987387][ T4168]  do_syscall_64+0x3b/0xb0
[   61.991820][ T4168]  ? clear_bhb_loop+0x15/0x70
[   61.996499][ T4168]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   62.002403][ T4168] RIP: 0033:0x7f786bbe4c2a
[   62.006864][ T4168] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 ee 08 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   62.026535][ T4168] RSP: 002b:00007ffde1e65418 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   62.034991][ T4168] RAX: ffffffffffffffda RBX: 00007ffde1e65430 RCX: 00007f786bbe4c2a
[   62.042985][ T4168] RDX: 0000200000000000 RSI: 0000200000000440 RDI: 00007ffde1e65430
[   62.050961][ T4168] RBP: 0000200000000440 R08: 00007ffde1e65470 R09: 0000000000001102
[   62.059176][ T4168] R10: 000000000120c081 R11: 0000000000000286 R12: 0000200000000000
[   62.067195][ T4168] R13: 0000000000000004 R14: 0000000000000003 R15: 00007ffde1e65470
[   62.075174][ T4168]  </TASK>
[   62.078538][ T4168] Kernel Offset: disabled
[   62.082968][ T4168] Rebooting in 86400 seconds..