Warning: Permanently added '10.128.10.34' (ED25519) to the list of known hosts. executing program syzkaller login: [ 37.628120][ T3962] loop0: detected capacity change from 0 to 8192 [ 37.716536][ T3962] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 37.719136][ T3962] REISERFS (device loop0): using ordered data mode [ 37.720816][ T3962] reiserfs: using flush barriers [ 37.723117][ T3962] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 37.728164][ T3962] REISERFS (device loop0): checking transaction log (loop0) [ 37.732077][ T3962] REISERFS (device loop0): Using r5 hash to sort names [ 37.734218][ T3962] ================================================================== [ 37.736378][ T3962] BUG: KASAN: use-after-free in search_by_entry_key+0x45c/0xe88 [ 37.738429][ T3962] Read of size 4 at addr ffff0000df616754 by task syz-executor249/3962 [ 37.740664][ T3962] [ 37.741273][ T3962] CPU: 1 PID: 3962 Comm: syz-executor249 Not tainted 5.15.153-syzkaller #0 [ 37.743582][ T3962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 37.746326][ T3962] Call trace: [ 37.747199][ T3962] dump_backtrace+0x0/0x530 [ 37.748401][ T3962] show_stack+0x2c/0x3c [ 37.749590][ T3962] dump_stack_lvl+0x108/0x170 [ 37.750819][ T3962] print_address_description+0x7c/0x3f0 [ 37.752344][ T3962] kasan_report+0x174/0x1e4 [ 37.753563][ T3962] __asan_report_load_n_noabort+0x40/0x4c [ 37.755162][ T3962] search_by_entry_key+0x45c/0xe88 [ 37.756531][ T3962] reiserfs_find_entry+0x2a8/0x1624 [ 37.757905][ T3962] reiserfs_lookup+0x184/0x3c4 [ 37.759179][ T3962] __lookup_slow+0x250/0x388 [ 37.760455][ T3962] lookup_one_len+0x178/0x28c [ 37.761707][ T3962] reiserfs_lookup_privroot+0x8c/0x204 [ 37.763238][ T3962] reiserfs_fill_super+0x1494/0x1e8c [ 37.764667][ T3962] mount_bdev+0x274/0x370 [ 37.765871][ T3962] get_super_block+0x44/0x58 [ 37.767047][ T3962] legacy_get_tree+0xd4/0x16c [ 37.768255][ T3962] vfs_get_tree+0x90/0x274 [ 37.769461][ T3962] do_new_mount+0x278/0x8fc [ 37.770643][ T3962] path_mount+0x594/0x101c [ 37.771885][ T3962] __arm64_sys_mount+0x510/0x5e0 [ 37.773190][ T3962] invoke_syscall+0x98/0x2b8 [ 37.774434][ T3962] el0_svc_common+0x138/0x258 [ 37.775709][ T3962] do_el0_svc+0x58/0x14c [ 37.776752][ T3962] el0_svc+0x7c/0x1f0 [ 37.777868][ T3962] el0t_64_sync_handler+0x84/0xe4 [ 37.779194][ T3962] el0t_64_sync+0x1a0/0x1a4 [ 37.780471][ T3962] [ 37.781121][ T3962] The buggy address belongs to the page: [ 37.782600][ T3962] page:0000000023a050d8 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x11f616 [ 37.785478][ T3962] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff) [ 37.787394][ T3962] raw: 05ffc00000000000 fffffc00037d85c8 ffff0001b482d520 0000000000000000 [ 37.789731][ T3962] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 37.792071][ T3962] page dumped because: kasan: bad access detected [ 37.793731][ T3962] [ 37.794337][ T3962] Memory state around the buggy address: [ 37.795869][ T3962] ffff0000df616600: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 37.797982][ T3962] ffff0000df616680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 37.800280][ T3962] >ffff0000df616700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 37.802512][ T3962] ^ [ 37.804291][ T3962] ffff0000df616780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 37.806388][ T3962] ffff0000df616800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 37.808480][ T3962] ================================================================== [ 37.810655][ T3962] Disabling lock debugging due to kernel taint executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program