Warning: Permanently added '10.128.1.174' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   51.435961][ T3499] loop0: detected capacity change from 0 to 8192
[   51.446391][ T3499] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   51.457327][ T3499] REISERFS (device loop0): using ordered data mode
[   51.464005][ T3499] reiserfs: using flush barriers
[   51.470398][ T3499] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   51.486845][ T3499] REISERFS (device loop0): checking transaction log (loop0)
[   51.536543][ T3499] REISERFS (device loop0): Using r5 hash to sort names
[   51.545314][ T3499] REISERFS (device loop0): using 3.5.x disk format
[   51.552966][ T3499] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   51.572979][   T25] audit: type=1800 audit(1687865517.262:2): pid=3499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor254" name="bus" dev="loop0" ino=2 res=0 errno=0
[   51.595662][ T3499] ==================================================================
[   51.603855][ T3499] BUG: KASAN: out-of-bounds in leaf_paste_in_buffer+0x1b8/0xab0
[   51.611508][ T3499] Read of size 18446744073709551365 at addr ffff888071a89000 by task syz-executor254/3499
[   51.621386][ T3499] 
[   51.623705][ T3499] CPU: 1 PID: 3499 Comm: syz-executor254 Not tainted 5.15.118-syzkaller #0
[   51.632280][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   51.642329][ T3499] Call Trace:
[   51.645604][ T3499]  <TASK>
[   51.648526][ T3499]  dump_stack_lvl+0x1e3/0x2cb
[   51.653199][ T3499]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   51.658823][ T3499]  ? _printk+0xd1/0x111
[   51.662984][ T3499]  ? __wake_up_klogd+0xcc/0x100
[   51.667827][ T3499]  ? panic+0x84d/0x84d
[   51.671885][ T3499]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   51.677337][ T3499]  ? leaf_move_items+0x1c4c/0x28a0
[   51.682440][ T3499]  print_address_description+0x63/0x3b0
[   51.687981][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   51.693341][ T3499]  kasan_report+0x16b/0x1c0
[   51.697836][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   51.703196][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   51.708557][ T3499]  kasan_check_range+0x27e/0x290
[   51.713487][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   51.718850][ T3499]  memmove+0x25/0x60
[   51.722735][ T3499]  leaf_paste_in_buffer+0x1b8/0xab0
[   51.727934][ T3499]  balance_leaf+0x667c/0x12510
[   51.732718][ T3499]  ? do_balance+0x8f0/0x8f0
[   51.737209][ T3499]  ? do_raw_spin_lock+0x14a/0x370
[   51.742223][ T3499]  ? __lock_acquire+0x1ff0/0x1ff0
[   51.747246][ T3499]  ? do_raw_spin_unlock+0x137/0x8b0
[   51.752436][ T3499]  ? unlock_page+0x188/0x200
[   51.757021][ T3499]  ? __getblk_gfp+0x9b0/0xaf0
[   51.761699][ T3499]  ? get_empty_nodes+0xad9/0xd70
[   51.766624][ T3499]  ? direntry_part_size+0xb0/0x1a0
[   51.771731][ T3499]  ? get_neighbors+0x1010/0x1010
[   51.776657][ T3499]  ? __wake_up_bit+0x190/0x190
[   51.781415][ T3499]  ? is_leaf_removable+0x8c0/0x8c0
[   51.786515][ T3499]  ? get_neighbors+0x631/0x1010
[   51.791360][ T3499]  ? reiserfs_prepare_for_journal+0x26b/0x280
[   51.797422][ T3499]  ? fix_nodes+0x7abc/0x8c70
[   51.802003][ T3499]  ? __might_sleep+0xc0/0xc0
[   51.806604][ T3499]  do_balance+0x309/0x8f0
[   51.810927][ T3499]  ? get_right_neighbor_position+0x210/0x210
[   51.816919][ T3499]  ? reiserfs_paste_into_item+0x3ef/0x880
[   51.822634][ T3499]  reiserfs_paste_into_item+0x73b/0x880
[   51.828195][ T3499]  ? reiserfs_cut_from_item+0x2560/0x2560
[   51.833962][ T3499]  ? __kmalloc+0x168/0x300
[   51.838372][ T3499]  reiserfs_get_block+0x226a/0x5390
[   51.843598][ T3499]  ? make_le_item_head+0x5c0/0x5c0
[   51.848702][ T3499]  ? register_lock_class+0x100/0x9a0
[   51.853979][ T3499]  ? notify_change+0xd4d/0x1000
[   51.858815][ T3499]  ? is_dynamic_key+0x1f0/0x1f0
[   51.863656][ T3499]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   51.869716][ T3499]  ? mark_lock+0x98/0x340
[   51.874035][ T3499]  ? __lock_acquire+0x1295/0x1ff0
[   51.879078][ T3499]  ? __lock_acquire+0x1ff0/0x1ff0
[   51.884090][ T3499]  ? alloc_buffer_head+0xd3/0xf0
[   51.889016][ T3499]  ? alloc_page_buffers+0x54a/0x660
[   51.894215][ T3499]  ? create_page_buffers+0x24b/0x330
[   51.899495][ T3499]  __block_write_begin_int+0x60b/0x1650
[   51.905043][ T3499]  ? make_le_item_head+0x5c0/0x5c0
[   51.910145][ T3499]  ? page_zero_new_buffers+0x510/0x510
[   51.915597][ T3499]  ? __mutex_lock_common+0x444/0x25a0
[   51.920970][ T3499]  ? fix_tail_page_for_writing+0x97/0x220
[   51.926681][ T3499]  reiserfs_write_begin+0x346/0x810
[   51.931871][ T3499]  ? pagecache_write_begin+0x33/0xa0
[   51.937147][ T3499]  generic_cont_expand_simple+0x144/0x230
[   51.942857][ T3499]  ? submit_bh+0x30/0x30
[   51.947088][ T3499]  ? setattr_prepare+0x1f7/0xe30
[   51.952015][ T3499]  ? mutex_lock_nested+0x17/0x20
[   51.956949][ T3499]  reiserfs_setattr+0x3ff/0xf90
[   51.961791][ T3499]  ? reiserfs_commit_write+0x5a0/0x5a0
[   51.967240][ T3499]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   51.973124][ T3499]  ? current_time+0x1d1/0x2f0
[   51.977791][ T3499]  ? atime_needs_update+0x7b0/0x7b0
[   51.982984][ T3499]  ? evm_inode_setattr+0xf7/0x5b0
[   51.987998][ T3499]  ? bpf_lsm_inode_setattr+0x5/0x10
[   51.993182][ T3499]  ? security_inode_setattr+0xce/0x120
[   51.998628][ T3499]  ? reiserfs_commit_write+0x5a0/0x5a0
[   52.004074][ T3499]  notify_change+0xd4d/0x1000
[   52.008746][ T3499]  do_truncate+0x21c/0x300
[   52.013156][ T3499]  ? put_page_bootmem+0x280/0x280
[   52.018186][ T3499]  ? print_irqtrace_events+0x210/0x210
[   52.023644][ T3499]  ? vtime_user_exit+0x2d1/0x400
[   52.028575][ T3499]  ? bpf_lsm_path_truncate+0x5/0x10
[   52.033766][ T3499]  do_sys_ftruncate+0x2eb/0x390
[   52.038614][ T3499]  do_syscall_64+0x3d/0xb0
[   52.043024][ T3499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.048908][ T3499] RIP: 0033:0x7fbde99267e9
[   52.053318][ T3499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   52.072913][ T3499] RSP: 002b:00007ffeb74a3a98 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[   52.081322][ T3499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbde99267e9
[   52.089285][ T3499] RDX: 0000000000000000 RSI: 0000000002007fff RDI: 0000000000000004
[   52.097244][ T3499] RBP: 00007fbde98e6080 R08: 0000000000000000 R09: 0000000000000000
[   52.105205][ T3499] R10: 00000000000010f1 R11: 0000000000000246 R12: 00007fbde98e6110
[   52.113169][ T3499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   52.121145][ T3499]  </TASK>
[   52.124153][ T3499] 
[   52.126466][ T3499] The buggy address belongs to the page:
[   52.132082][ T3499] page:ffffea0001c6a240 refcount:4 mapcount:0 mapping:ffff888075b290f8 index:0x2007 pfn:0x71a89
[   52.142479][ T3499] memcg:ffff8881407a4000
[   52.146707][ T3499] aops:reiserfs_address_space_operations ino:2 dentry name:"bus"
[   52.154417][ T3499] flags: 0xfff00000002001(locked|private|node=0|zone=1|lastcpupid=0x7ff)
[   52.162829][ T3499] raw: 00fff00000002001 0000000000000000 dead000000000122 ffff888075b290f8
[   52.171490][ T3499] raw: 0000000000002007 ffff888072d203a0 00000004ffffffff ffff8881407a4000
[   52.180058][ T3499] page dumped because: kasan: bad access detected
[   52.186451][ T3499] page_owner tracks the page as allocated
[   52.192147][ T3499] page last allocated via order 0, migratetype Movable, gfp_mask 0x1101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), pid 3499, ts 51594380309, free_ts 12801104296
[   52.207792][ T3499]  get_page_from_freelist+0x322a/0x33c0
[   52.213331][ T3499]  __alloc_pages+0x272/0x700
[   52.217910][ T3499]  __page_cache_alloc+0xd4/0x4a0
[   52.222840][ T3499]  pagecache_get_page+0xa91/0x1010
[   52.227941][ T3499]  grab_cache_page_write_begin+0x57/0x90
[   52.233561][ T3499]  reiserfs_write_begin+0x159/0x810
[   52.238759][ T3499]  generic_cont_expand_simple+0x144/0x230
[   52.244475][ T3499]  reiserfs_setattr+0x3ff/0xf90
[   52.249316][ T3499]  notify_change+0xd4d/0x1000
[   52.254000][ T3499]  do_truncate+0x21c/0x300
[   52.258420][ T3499]  do_sys_ftruncate+0x2eb/0x390
[   52.263278][ T3499]  do_syscall_64+0x3d/0xb0
[   52.267697][ T3499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.273594][ T3499] page last free stack trace:
[   52.278262][ T3499]  free_unref_page_prepare+0xc34/0xcf0
[   52.283721][ T3499]  free_unref_page+0x95/0x2d0
[   52.288395][ T3499]  free_contig_range+0x95/0xf0
[   52.293159][ T3499]  destroy_args+0xfe/0x97f
[   52.297578][ T3499]  debug_vm_pgtable+0x40d/0x462
[   52.302420][ T3499]  do_one_initcall+0x22b/0x7a0
[   52.307199][ T3499]  do_initcall_level+0x157/0x207
[   52.312141][ T3499]  do_initcalls+0x49/0x86
[   52.316476][ T3499]  kernel_init_freeable+0x43c/0x5c5
[   52.321668][ T3499]  kernel_init+0x19/0x290
[   52.326002][ T3499]  ret_from_fork+0x1f/0x30
[   52.330429][ T3499] 
[   52.332744][ T3499] Memory state around the buggy address:
[   52.338363][ T3499]  ffff888071a88f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.346420][ T3499]  ffff888071a88f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.354474][ T3499] >ffff888071a89000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.362524][ T3499]                    ^
[   52.366582][ T3499]  ffff888071a89080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.374634][ T3499]  ffff888071a89100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.382679][ T3499] ==================================================================
[   52.390722][ T3499] Disabling lock debugging due to kernel taint
[   52.397139][ T3499] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   52.404451][ T3499] CPU: 0 PID: 3499 Comm: syz-executor254 Tainted: G    B             5.15.118-syzkaller #0
[   52.414439][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   52.424572][ T3499] Call Trace:
[   52.427840][ T3499]  <TASK>
[   52.430762][ T3499]  dump_stack_lvl+0x1e3/0x2cb
[   52.435451][ T3499]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   52.441075][ T3499]  ? panic+0x84d/0x84d
[   52.445131][ T3499]  ? preempt_schedule_common+0xa6/0xd0
[   52.450584][ T3499]  ? preempt_schedule+0xd9/0xe0
[   52.455425][ T3499]  panic+0x318/0x84d
[   52.459314][ T3499]  ? check_panic_on_warn+0x1d/0xa0
[   52.464415][ T3499]  ? fb_is_primary_device+0xcc/0xcc
[   52.469607][ T3499]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   52.475576][ T3499]  ? _raw_spin_unlock+0x40/0x40
[   52.480419][ T3499]  check_panic_on_warn+0x7e/0xa0
[   52.485374][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   52.490737][ T3499]  end_report+0x6d/0xf0
[   52.494881][ T3499]  kasan_report+0x18e/0x1c0
[   52.499372][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   52.504735][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   52.510108][ T3499]  kasan_check_range+0x27e/0x290
[   52.515034][ T3499]  ? leaf_paste_in_buffer+0x1b8/0xab0
[   52.520391][ T3499]  memmove+0x25/0x60
[   52.524276][ T3499]  leaf_paste_in_buffer+0x1b8/0xab0
[   52.529487][ T3499]  balance_leaf+0x667c/0x12510
[   52.534251][ T3499]  ? do_balance+0x8f0/0x8f0
[   52.538742][ T3499]  ? do_raw_spin_lock+0x14a/0x370
[   52.543753][ T3499]  ? __lock_acquire+0x1ff0/0x1ff0
[   52.548771][ T3499]  ? do_raw_spin_unlock+0x137/0x8b0
[   52.553977][ T3499]  ? unlock_page+0x188/0x200
[   52.558559][ T3499]  ? __getblk_gfp+0x9b0/0xaf0
[   52.563228][ T3499]  ? get_empty_nodes+0xad9/0xd70
[   52.568151][ T3499]  ? direntry_part_size+0xb0/0x1a0
[   52.573255][ T3499]  ? get_neighbors+0x1010/0x1010
[   52.578183][ T3499]  ? __wake_up_bit+0x190/0x190
[   52.582941][ T3499]  ? is_leaf_removable+0x8c0/0x8c0
[   52.588047][ T3499]  ? get_neighbors+0x631/0x1010
[   52.592888][ T3499]  ? reiserfs_prepare_for_journal+0x26b/0x280
[   52.598952][ T3499]  ? fix_nodes+0x7abc/0x8c70
[   52.603533][ T3499]  ? __might_sleep+0xc0/0xc0
[   52.608123][ T3499]  do_balance+0x309/0x8f0
[   52.612443][ T3499]  ? get_right_neighbor_position+0x210/0x210
[   52.618418][ T3499]  ? reiserfs_paste_into_item+0x3ef/0x880
[   52.624148][ T3499]  reiserfs_paste_into_item+0x73b/0x880
[   52.629706][ T3499]  ? reiserfs_cut_from_item+0x2560/0x2560
[   52.635455][ T3499]  ? __kmalloc+0x168/0x300
[   52.639867][ T3499]  reiserfs_get_block+0x226a/0x5390
[   52.645075][ T3499]  ? make_le_item_head+0x5c0/0x5c0
[   52.650178][ T3499]  ? register_lock_class+0x100/0x9a0
[   52.655452][ T3499]  ? notify_change+0xd4d/0x1000
[   52.660291][ T3499]  ? is_dynamic_key+0x1f0/0x1f0
[   52.665140][ T3499]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.671209][ T3499]  ? mark_lock+0x98/0x340
[   52.675545][ T3499]  ? __lock_acquire+0x1295/0x1ff0
[   52.680581][ T3499]  ? __lock_acquire+0x1ff0/0x1ff0
[   52.685597][ T3499]  ? alloc_buffer_head+0xd3/0xf0
[   52.690525][ T3499]  ? alloc_page_buffers+0x54a/0x660
[   52.695716][ T3499]  ? create_page_buffers+0x24b/0x330
[   52.700994][ T3499]  __block_write_begin_int+0x60b/0x1650
[   52.706546][ T3499]  ? make_le_item_head+0x5c0/0x5c0
[   52.711653][ T3499]  ? page_zero_new_buffers+0x510/0x510
[   52.717101][ T3499]  ? __mutex_lock_common+0x444/0x25a0
[   52.722466][ T3499]  ? fix_tail_page_for_writing+0x97/0x220
[   52.728176][ T3499]  reiserfs_write_begin+0x346/0x810
[   52.733372][ T3499]  ? pagecache_write_begin+0x33/0xa0
[   52.738656][ T3499]  generic_cont_expand_simple+0x144/0x230
[   52.744368][ T3499]  ? submit_bh+0x30/0x30
[   52.748621][ T3499]  ? setattr_prepare+0x1f7/0xe30
[   52.753547][ T3499]  ? mutex_lock_nested+0x17/0x20
[   52.758473][ T3499]  reiserfs_setattr+0x3ff/0xf90
[   52.763308][ T3499]  ? reiserfs_commit_write+0x5a0/0x5a0
[   52.768756][ T3499]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   52.774638][ T3499]  ? current_time+0x1d1/0x2f0
[   52.779311][ T3499]  ? atime_needs_update+0x7b0/0x7b0
[   52.784602][ T3499]  ? evm_inode_setattr+0xf7/0x5b0
[   52.789615][ T3499]  ? bpf_lsm_inode_setattr+0x5/0x10
[   52.794798][ T3499]  ? security_inode_setattr+0xce/0x120
[   52.800246][ T3499]  ? reiserfs_commit_write+0x5a0/0x5a0
[   52.805690][ T3499]  notify_change+0xd4d/0x1000
[   52.810355][ T3499]  do_truncate+0x21c/0x300
[   52.814762][ T3499]  ? put_page_bootmem+0x280/0x280
[   52.819772][ T3499]  ? print_irqtrace_events+0x210/0x210
[   52.825217][ T3499]  ? vtime_user_exit+0x2d1/0x400
[   52.830141][ T3499]  ? bpf_lsm_path_truncate+0x5/0x10
[   52.835325][ T3499]  do_sys_ftruncate+0x2eb/0x390
[   52.840166][ T3499]  do_syscall_64+0x3d/0xb0
[   52.844570][ T3499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.850450][ T3499] RIP: 0033:0x7fbde99267e9
[   52.854851][ T3499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   52.874440][ T3499] RSP: 002b:00007ffeb74a3a98 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[   52.882839][ T3499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbde99267e9
[   52.890797][ T3499] RDX: 0000000000000000 RSI: 0000000002007fff RDI: 0000000000000004
[   52.898840][ T3499] RBP: 00007fbde98e6080 R08: 0000000000000000 R09: 0000000000000000
[   52.906800][ T3499] R10: 00000000000010f1 R11: 0000000000000246 R12: 00007fbde98e6110
[   52.914758][ T3499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   52.922719][ T3499]  </TASK>
[   52.925797][ T3499] Kernel Offset: disabled
[   52.930111][ T3499] Rebooting in 86400 seconds..