Warning: Permanently added '10.128.1.48' (ECDSA) to the list of known hosts.
executing program
[   66.958324][   T26] audit: type=1400 audit(1639423071.870:75): avc:  denied  { execmem } for  pid=3604 comm="syz-executor913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   66.978540][   T26] audit: type=1400 audit(1639423071.870:76): avc:  denied  { read write } for  pid=3604 comm="syz-executor913" name="loop0" dev="devtmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   66.984238][ T3605] loop0: detected capacity change from 0 to 252287
[   67.002996][   T26] audit: type=1400 audit(1639423071.870:77): avc:  denied  { open } for  pid=3604 comm="syz-executor913" path="/dev/loop0" dev="devtmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.041682][   T26] audit: type=1400 audit(1639423071.870:78): avc:  denied  { ioctl } for  pid=3604 comm="syz-executor913" path="/dev/loop0" dev="devtmpfs" ino=645 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   67.068152][ T3605] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   67.078013][ T3605] REISERFS (device loop0): using ordered data mode
[   67.085207][ T3605] reiserfs: using flush barriers
[   67.092683][ T3605] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30
[   67.109424][   T26] audit: type=1400 audit(1639423071.950:79): avc:  denied  { mounton } for  pid=3605 comm="syz-executor913" path="/root/file0" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   67.134426][ T3605] REISERFS (device loop0): checking transaction log (loop0)
[   68.499280][ T3605] REISERFS (device loop0): Using tea hash to sort names
[   68.507354][ T3605] ==================================================================
[   68.515487][ T3605] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x449/0x910
[   68.522950][ T3605] Read of size 18446744073709551584 at addr ffff888064651fa4 by task syz-executor913/3605
[   68.532820][ T3605] 
[   68.535132][ T3605] CPU: 1 PID: 3605 Comm: syz-executor913 Not tainted 5.16.0-rc5-syzkaller #0
[   68.543873][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   68.553912][ T3605] Call Trace:
[   68.557177][ T3605]  <TASK>
[   68.560093][ T3605]  dump_stack_lvl+0xcd/0x134
[   68.564731][ T3605]  print_address_description.constprop.0.cold+0x8d/0x2ed
[   68.571746][ T3605]  ? leaf_paste_entries+0x449/0x910
[   68.576995][ T3605]  ? leaf_paste_entries+0x449/0x910
[   68.582180][ T3605]  kasan_report.cold+0x83/0xdf
[   68.586933][ T3605]  ? leaf_paste_entries+0x449/0x910
[   68.592120][ T3605]  kasan_check_range+0x13d/0x180
[   68.597043][ T3605]  memmove+0x20/0x60
[   68.600926][ T3605]  leaf_paste_entries+0x449/0x910
[   68.605940][ T3605]  balance_leaf+0x951e/0xd8b0
[   68.610617][ T3605]  ? reiserfs_prepare_for_journal+0x115/0x2a0
[   68.616673][ T3605]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[   68.622391][ T3605]  ? fix_nodes+0x14cb/0x8650
[   68.626968][ T3605]  ? replace_key+0x160/0x160
[   68.631544][ T3605]  do_balance+0x315/0x810
[   68.635863][ T3605]  ? get_right_neighbor_position+0x170/0x170
[   68.641832][ T3605]  ? wait_for_completion_io+0x270/0x270
[   68.647364][ T3605]  reiserfs_paste_into_item+0x762/0x8e0
[   68.652898][ T3605]  ? reiserfs_delete_object+0x200/0x200
[   68.658436][ T3605]  ? search_by_entry_key+0x960/0x960
[   68.663711][ T3605]  ? keyed_hash+0x83b/0xee0
[   68.668224][ T3605]  ? make_cpu_key+0x22/0x2a0
[   68.672797][ T3605]  reiserfs_add_entry+0x8cb/0xcf0
[   68.677851][ T3605]  ? reiserfs_lookup+0x490/0x490
[   68.682775][ T3605]  ? do_journal_begin_r+0xd2e/0x10d0
[   68.688052][ T3605]  reiserfs_mkdir+0x675/0x980
[   68.692713][ T3605]  ? reiserfs_mknod+0x700/0x700
[   68.697550][ T3605]  ? down_write+0xdf/0x150
[   68.701958][ T3605]  ? down_write_killable_nested+0x180/0x180
[   68.707837][ T3605]  reiserfs_xattr_init+0x4de/0xb60
[   68.712936][ T3605]  reiserfs_fill_super+0x21ea/0x2f80
[   68.718207][ T3605]  ? reiserfs_remount+0x1530/0x1530
[   68.723387][ T3605]  ? sget+0x472/0x580
[   68.727354][ T3605]  ? snprintf+0xbb/0xf0
[   68.731500][ T3605]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   68.737743][ T3605]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[   68.743449][ T3605]  ? set_blocksize+0x2e5/0x370
[   68.748197][ T3605]  mount_bdev+0x34d/0x410
[   68.752512][ T3605]  ? reiserfs_remount+0x1530/0x1530
[   68.757695][ T3605]  ? reiserfs_kill_sb+0x1e0/0x1e0
[   68.762702][ T3605]  legacy_get_tree+0x105/0x220
[   68.767452][ T3605]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   68.773682][ T3605]  vfs_get_tree+0x89/0x2f0
[   68.778106][ T3605]  path_mount+0x1320/0x1fa0
[   68.782614][ T3605]  ? kmem_cache_free.part.0+0xe1/0x200
[   68.788076][ T3605]  ? finish_automount+0xaf0/0xaf0
[   68.793092][ T3605]  ? lockdep_hardirqs_on+0x79/0x100
[   68.798276][ T3605]  ? putname+0xfe/0x140
[   68.802417][ T3605]  __x64_sys_mount+0x27f/0x300
[   68.807171][ T3605]  ? copy_mnt_ns+0xae0/0xae0
[   68.811746][ T3605]  ? syscall_enter_from_user_mode+0x21/0x70
[   68.817628][ T3605]  do_syscall_64+0x35/0xb0
[   68.822031][ T3605]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   68.827913][ T3605] RIP: 0033:0x7f1bcda75d2a
[   68.832316][ T3605] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   68.851905][ T3605] RSP: 002b:00007ffd9ad780d8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   68.860302][ T3605] RAX: ffffffffffffffda RBX: 00007ffd9ad78130 RCX: 00007f1bcda75d2a
[   68.868258][ T3605] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd9ad780f0
[   68.876212][ T3605] RBP: 00007ffd9ad780f0 R08: 00007ffd9ad78130 R09: 0000000000000000
[   68.884166][ T3605] R10: 0000000000000000 R11: 0000000000000286 R12: 00000000200002a8
[   68.892123][ T3605] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000007
[   68.900091][ T3605]  </TASK>
[   68.903102][ T3605] 
[   68.905415][ T3605] The buggy address belongs to the page:
[   68.911032][ T3605] page:ffffea0001919440 refcount:3 mapcount:0 mapping:ffff88801715bc80 index:0x3d97 pfn:0x64651
[   68.921438][ T3605] memcg:ffff8880114d4000
[   68.925680][ T3605] aops:def_blk_aops ino:700000
[   68.930436][ T3605] flags: 0xfff00000002022(referenced|active|private|node=0|zone=1|lastcpupid=0x7ff)
[   68.939797][ T3605] raw: 00fff00000002022 0000000000000000 dead000000000122 ffff88801715bc80
[   68.948376][ T3605] raw: 0000000000003d97 ffff8880701d4040 00000003ffffffff ffff8880114d4000
[   68.956939][ T3605] page dumped because: kasan: bad access detected
[   68.963337][ T3605] page_owner tracks the page as allocated
[   68.969035][ T3605] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 3605, ts 68498864248, free_ts 15483839908
[   68.987079][ T3605]  get_page_from_freelist+0xa72/0x2f50
[   68.992534][ T3605]  __alloc_pages+0x1b2/0x500
[   68.997118][ T3605]  alloc_pages+0x1a7/0x300
[   69.001522][ T3605]  folio_alloc+0x1c/0x70
[   69.005752][ T3605]  __filemap_get_folio+0x5f2/0xd60
[   69.010850][ T3605]  pagecache_get_page+0x2c/0x1a0
[   69.015774][ T3605]  __getblk_slow+0x1ed/0xae0
[   69.020402][ T3605]  __getblk_gfp+0x6e/0x80
[   69.024722][ T3605]  search_by_key+0x3a5/0x3cc0
[   69.029394][ T3605]  reiserfs_read_locked_inode+0x154/0x2160
[   69.035189][ T3605]  reiserfs_fill_super+0x1350/0x2f80
[   69.040462][ T3605]  mount_bdev+0x34d/0x410
[   69.044779][ T3605]  legacy_get_tree+0x105/0x220
[   69.049528][ T3605]  vfs_get_tree+0x89/0x2f0
[   69.055146][ T3605]  path_mount+0x1320/0x1fa0
[   69.059640][ T3605]  __x64_sys_mount+0x27f/0x300
[   69.064398][ T3605] page last free stack trace:
[   69.069049][ T3605]  free_pcp_prepare+0x374/0x870
[   69.073892][ T3605]  free_unref_page+0x19/0x690
[   69.078562][ T3605]  free_contig_range+0xa8/0xf0
[   69.083338][ T3605]  destroy_args+0xa8/0x646
[   69.087745][ T3605]  debug_vm_pgtable+0x2984/0x2a16
[   69.092762][ T3605]  do_one_initcall+0x103/0x650
[   69.097525][ T3605]  kernel_init_freeable+0x6b1/0x73a
[   69.102717][ T3605]  kernel_init+0x1a/0x1d0
[   69.107054][ T3605]  ret_from_fork+0x1f/0x30
[   69.111463][ T3605] 
[   69.113786][ T3605] Memory state around the buggy address:
[   69.119403][ T3605]  ffff888064651e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   69.127466][ T3605]  ffff888064651f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   69.135513][ T3605] >ffff888064651f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   69.143551][ T3605]                                ^
[   69.148641][ T3605]  ffff888064652000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   69.156682][ T3605]  ffff888064652080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   69.164721][ T3605] ==================================================================
[   69.172767][ T3605] Disabling lock debugging due to kernel taint
[   69.179336][ T3605] Kernel panic - not syncing: panic_on_warn set ...
[   69.185935][ T3605] CPU: 0 PID: 3605 Comm: syz-executor913 Tainted: G    B             5.16.0-rc5-syzkaller #0
[   69.196068][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.206104][ T3605] Call Trace:
[   69.209369][ T3605]  <TASK>
[   69.212281][ T3605]  dump_stack_lvl+0xcd/0x134
[   69.216856][ T3605]  panic+0x2b0/0x6dd
[   69.220733][ T3605]  ? __warn_printk+0xf3/0xf3
[   69.225315][ T3605]  ? preempt_schedule_common+0x59/0xc0
[   69.230755][ T3605]  ? leaf_paste_entries+0x449/0x910
[   69.235940][ T3605]  ? preempt_schedule_thunk+0x16/0x18
[   69.241309][ T3605]  ? trace_hardirqs_on+0x38/0x1c0
[   69.246419][ T3605]  ? trace_hardirqs_on+0x51/0x1c0
[   69.251439][ T3605]  ? leaf_paste_entries+0x449/0x910
[   69.256632][ T3605]  ? leaf_paste_entries+0x449/0x910
[   69.261824][ T3605]  end_report.cold+0x63/0x6f
[   69.266415][ T3605]  kasan_report.cold+0x71/0xdf
[   69.271172][ T3605]  ? leaf_paste_entries+0x449/0x910
[   69.276365][ T3605]  kasan_check_range+0x13d/0x180
[   69.281298][ T3605]  memmove+0x20/0x60
[   69.285186][ T3605]  leaf_paste_entries+0x449/0x910
[   69.290207][ T3605]  balance_leaf+0x951e/0xd8b0
[   69.294882][ T3605]  ? reiserfs_prepare_for_journal+0x115/0x2a0
[   69.300950][ T3605]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[   69.306665][ T3605]  ? fix_nodes+0x14cb/0x8650
[   69.311250][ T3605]  ? replace_key+0x160/0x160
[   69.315840][ T3605]  do_balance+0x315/0x810
[   69.320338][ T3605]  ? get_right_neighbor_position+0x170/0x170
[   69.326309][ T3605]  ? wait_for_completion_io+0x270/0x270
[   69.331850][ T3605]  reiserfs_paste_into_item+0x762/0x8e0
[   69.337397][ T3605]  ? reiserfs_delete_object+0x200/0x200
[   69.342947][ T3605]  ? search_by_entry_key+0x960/0x960
[   69.348223][ T3605]  ? keyed_hash+0x83b/0xee0
[   69.352722][ T3605]  ? make_cpu_key+0x22/0x2a0
[   69.357305][ T3605]  reiserfs_add_entry+0x8cb/0xcf0
[   69.362323][ T3605]  ? reiserfs_lookup+0x490/0x490
[   69.367251][ T3605]  ? do_journal_begin_r+0xd2e/0x10d0
[   69.372535][ T3605]  reiserfs_mkdir+0x675/0x980
[   69.377206][ T3605]  ? reiserfs_mknod+0x700/0x700
[   69.382051][ T3605]  ? down_write+0xdf/0x150
[   69.386461][ T3605]  ? down_write_killable_nested+0x180/0x180
[   69.392347][ T3605]  reiserfs_xattr_init+0x4de/0xb60
[   69.397454][ T3605]  reiserfs_fill_super+0x21ea/0x2f80
[   69.402736][ T3605]  ? reiserfs_remount+0x1530/0x1530
[   69.407934][ T3605]  ? sget+0x472/0x580
[   69.411907][ T3605]  ? snprintf+0xbb/0xf0
[   69.416055][ T3605]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   69.422295][ T3605]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[   69.428012][ T3605]  ? set_blocksize+0x2e5/0x370
[   69.432772][ T3605]  mount_bdev+0x34d/0x410
[   69.437094][ T3605]  ? reiserfs_remount+0x1530/0x1530
[   69.442285][ T3605]  ? reiserfs_kill_sb+0x1e0/0x1e0
[   69.447304][ T3605]  legacy_get_tree+0x105/0x220
[   69.452060][ T3605]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   69.458299][ T3605]  vfs_get_tree+0x89/0x2f0
[   69.462727][ T3605]  path_mount+0x1320/0x1fa0
[   69.467230][ T3605]  ? kmem_cache_free.part.0+0xe1/0x200
[   69.472681][ T3605]  ? finish_automount+0xaf0/0xaf0
[   69.477704][ T3605]  ? lockdep_hardirqs_on+0x79/0x100
[   69.482901][ T3605]  ? putname+0xfe/0x140
[   69.487049][ T3605]  __x64_sys_mount+0x27f/0x300
[   69.491811][ T3605]  ? copy_mnt_ns+0xae0/0xae0
[   69.496399][ T3605]  ? syscall_enter_from_user_mode+0x21/0x70
[   69.502287][ T3605]  do_syscall_64+0x35/0xb0
[   69.506693][ T3605]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   69.512584][ T3605] RIP: 0033:0x7f1bcda75d2a
[   69.516991][ T3605] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   69.536595][ T3605] RSP: 002b:00007ffd9ad780d8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   69.545001][ T3605] RAX: ffffffffffffffda RBX: 00007ffd9ad78130 RCX: 00007f1bcda75d2a
[   69.552961][ T3605] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffd9ad780f0
[   69.560924][ T3605] RBP: 00007ffd9ad780f0 R08: 00007ffd9ad78130 R09: 0000000000000000
[   69.568887][ T3605] R10: 0000000000000000 R11: 0000000000000286 R12: 00000000200002a8
[   69.576848][ T3605] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000007
[   69.584897][ T3605]  </TASK>
[   69.587959][ T3605] Kernel Offset: disabled
[   69.592280][ T3605] Rebooting in 86400 seconds..