Warning: Permanently added '10.128.0.95' (ED25519) to the list of known hosts.
executing program
[ 49.421318][ T3543] loop0: detected capacity change from 0 to 8192
[ 49.432285][ T3543] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 49.445389][ T3543] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 49.455534][ T3543] REISERFS (device loop0): using ordered data mode
[ 49.462128][ T3543] reiserfs: using flush barriers
[ 49.468252][ T3543] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 49.485202][ T3543] REISERFS (device loop0): checking transaction log (loop0)
[ 49.538289][ T3543] REISERFS (device loop0): Using r5 hash to sort names
[ 49.545557][ T3543] REISERFS (device loop0): using 3.5.x disk format
[ 49.552999][ T3543] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 49.574039][ T27] audit: type=1800 audit(1694839850.447:2): pid=3543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor303" name="file0" dev="loop0" ino=2 res=0 errno=0
[ 49.605053][ T3543] ==================================================================
[ 49.613418][ T3543] BUG: KASAN: out-of-bounds in leaf_paste_in_buffer+0x1b8/0xab0
[ 49.621174][ T3543] Read of size 18446744073709551305 at addr ffff888070e1f000 by task syz-executor303/3543
[ 49.632324][ T3543]
[ 49.634685][ T3543] CPU: 1 PID: 3543 Comm: syz-executor303 Not tainted 6.1.53-syzkaller #0
[ 49.644790][ T3543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 49.655118][ T3543] Call Trace:
[ 49.658421][ T3543]
[ 49.661288][ T27] audit: type=1800 audit(1694839850.477:3): pid=3543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor303" name="bus" dev="loop0" ino=3 res=0 errno=0
[ 49.661339][ T3543] dump_stack_lvl+0x1e3/0x2cb
[ 49.686597][ T3543] ? nf_tcp_handle_invalid+0x642/0x642
[ 49.692065][ T3543] ? panic+0x75d/0x75d
[ 49.696151][ T3543] ? _printk+0xd1/0x111
[ 49.700294][ T3543] ? _raw_spin_lock_irqsave+0xac/0x120
[ 49.705846][ T3543] print_report+0x15f/0x4f0
[ 49.710952][ T3543] ? leaf_move_items+0x1c4c/0x28a0
[ 49.716146][ T3543] ? __virt_addr_valid+0x22b/0x2e0
[ 49.721368][ T3543] ? __phys_addr+0xb6/0x170
[ 49.726221][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 49.732040][ T3543] kasan_report+0x136/0x160
[ 49.736906][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 49.742744][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 49.748317][ T3543] kasan_check_range+0x27f/0x290
[ 49.753385][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 49.759668][ T3543] memmove+0x25/0x60
[ 49.763846][ T3543] leaf_paste_in_buffer+0x1b8/0xab0
[ 49.769501][ T3543] balance_leaf+0x667c/0x12510
[ 49.774538][ T3543] ? print_irqtrace_events+0x210/0x210
[ 49.780377][ T3543] ? do_balance+0x8f0/0x8f0
[ 49.785077][ T3543] ? write_boundary_block+0xb0/0xb0
[ 49.790546][ T3543] ? do_raw_spin_lock+0x14a/0x370
[ 49.795585][ T3543] ? do_raw_spin_unlock+0x137/0x8a0
[ 49.800902][ T3543] ? __getblk_gfp+0x934/0xa20
[ 49.805594][ T3543] ? get_empty_nodes+0xad9/0xd70
[ 49.810637][ T3543] ? direntry_part_size+0xb0/0x1a0
[ 49.815862][ T3543] ? __wake_up+0x1c0/0x1c0
[ 49.820511][ T3543] ? get_neighbors+0x1010/0x1010
[ 49.825484][ T3543] ? is_leaf_removable+0x8c0/0x8c0
[ 49.830602][ T3543] ? get_neighbors+0x631/0x1010
[ 49.835560][ T3543] ? reiserfs_prepare_for_journal+0x269/0x280
[ 49.842018][ T3543] ? fix_nodes+0x7abc/0x8c70
[ 49.846790][ T3543] ? __might_sleep+0xb0/0xb0
[ 49.851476][ T3543] do_balance+0x309/0x8f0
[ 49.855997][ T3543] ? get_right_neighbor_position+0x210/0x210
[ 49.864060][ T3543] ? reiserfs_paste_into_item+0x3ef/0x880
[ 49.869963][ T3543] reiserfs_paste_into_item+0x73b/0x880
[ 49.875639][ T3543] ? reiserfs_cut_from_item+0x2580/0x2580
[ 49.881626][ T3543] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 49.887563][ T3543] ? reiserfs_get_block+0x19b3/0x5150
[ 49.892941][ T3543] ? rcu_is_watching+0x11/0xb0
[ 49.897920][ T3543] ? __kmalloc+0xe2/0x230
[ 49.902244][ T3543] reiserfs_get_block+0x2259/0x5150
[ 49.907500][ T3543] ? make_le_item_head+0x5c0/0x5c0
[ 49.912796][ T3543] ? register_lock_class+0x100/0x990
[ 49.919330][ T3543] ? generic_cont_expand_simple+0x187/0x2a0
[ 49.925272][ T3543] ? reiserfs_setattr+0x606/0x11c0
[ 49.930572][ T3543] ? notify_change+0xdcd/0x1080
[ 49.935774][ T3543] ? do_truncate+0x21c/0x300
[ 49.940493][ T3543] ? do_sys_ftruncate+0x2e2/0x380
[ 49.946130][ T3543] ? do_syscall_64+0x3d/0xb0
[ 49.951197][ T3543] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 49.957509][ T3543] ? is_dynamic_key+0x230/0x230
[ 49.962407][ T3543] ? mark_lock+0x9a/0x340
[ 49.966918][ T3543] ? __lock_acquire+0x125b/0x1f80
[ 49.972141][ T3543] ? create_page_buffers+0x1d2/0x4b0
[ 49.977455][ T3543] ? __lock_acquire+0x1f80/0x1f80
[ 49.982682][ T3543] ? create_page_buffers+0x24e/0x4b0
[ 49.987975][ T3543] __block_write_begin_int+0x544/0x1a30
[ 49.993626][ T3543] ? xas_load+0x11a/0x140
[ 49.998239][ T3543] ? make_le_item_head+0x5c0/0x5c0
[ 50.003371][ T3543] ? page_zero_new_buffers+0x650/0x650
[ 50.008852][ T3543] ? __block_write_begin+0x61/0x150
[ 50.014664][ T3543] ? reiserfs_write_begin+0x17f/0x510
[ 50.020403][ T3543] reiserfs_write_begin+0x249/0x510
[ 50.025706][ T3543] generic_cont_expand_simple+0x187/0x2a0
[ 50.031516][ T3543] ? submit_bh+0x20/0x20
[ 50.035783][ T3543] ? ktime_get_coarse_real_ts64+0x36/0x120
[ 50.041587][ T3543] ? mutex_lock_nested+0x17/0x20
[ 50.046955][ T3543] reiserfs_setattr+0x606/0x11c0
[ 50.052038][ T3543] ? reiserfs_commit_write+0x5a0/0x5a0
[ 50.058070][ T3543] ? ktime_get_coarse_real_ts64+0x107/0x120
[ 50.064149][ T3543] ? current_time+0x1d1/0x2f0
[ 50.068831][ T3543] ? atime_needs_update+0x7b0/0x7b0
[ 50.074820][ T3543] ? rwsem_write_trylock+0x166/0x210
[ 50.080156][ T3543] ? bpf_lsm_inode_setattr+0x5/0x10
[ 50.085440][ T3543] ? reiserfs_commit_write+0x5a0/0x5a0
[ 50.091089][ T3543] notify_change+0xdcd/0x1080
[ 50.095885][ T3543] do_truncate+0x21c/0x300
[ 50.100668][ T3543] ? put_page_bootmem+0x2e0/0x2e0
[ 50.105797][ T3543] ? print_irqtrace_events+0x210/0x210
[ 50.111704][ T3543] ? print_irqtrace_events+0x210/0x210
[ 50.117193][ T3543] ? bpf_lsm_path_truncate+0x5/0x10
[ 50.122415][ T3543] do_sys_ftruncate+0x2e2/0x380
[ 50.127353][ T3543] do_syscall_64+0x3d/0xb0
[ 50.131859][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.138111][ T3543] RIP: 0033:0x7f6bcb068679
[ 50.142976][ T3543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 50.163551][ T3543] RSP: 002b:00007fff0bedf7f8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 50.173982][ T3543] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f6bcb068679
[ 50.182758][ T3543] RDX: 00007f6bcb068679 RSI: 0000000002007fff RDI: 0000000000000005
[ 50.191608][ T3543] RBP: 00007f6bcb0dc610 R08: 00007fff0bedf9c8 R09: 00007fff0bedf9c8
[ 50.200638][ T3543] R10: 00007fff0bedf9c8 R11: 0000000000000246 R12: 0000000000000001
[ 50.208702][ T3543] R13: 00007fff0bedf9b8 R14: 0000000000000001 R15: 0000000000000001
[ 50.217261][ T3543]
[ 50.220489][ T3543]
[ 50.223070][ T3543] The buggy address belongs to the physical page:
[ 50.229914][ T3543] page:ffffea0001c387c0 refcount:4 mapcount:0 mapping:ffff8880714c1798 index:0x2007 pfn:0x70e1f
[ 50.242127][ T3543] memcg:ffff88813fe40000
[ 50.246674][ T3543] aops:reiserfs_address_space_operations ino:3 dentry name:"bus"
[ 50.254611][ T3543] flags: 0xfff00000002001(locked|private|node=0|zone=1|lastcpupid=0x7ff)
[ 50.263559][ T3543] raw: 00fff00000002001 0000000000000000 dead000000000122 ffff8880714c1798
[ 50.272559][ T3543] raw: 0000000000002007 ffff8880714842b8 00000004ffffffff ffff88813fe40000
[ 50.281326][ T3543] page dumped because: kasan: bad access detected
[ 50.288013][ T3543] page_owner tracks the page as allocated
[ 50.293803][ T3543] page last allocated via order 0, migratetype Movable, gfp_mask 0x141cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_WRITE), pid 3543, tgid 3543 (syz-executor303), ts 49604686714, free_ts 12544853611
[ 50.313157][ T3543] post_alloc_hook+0x18d/0x1b0
[ 50.317977][ T3543] get_page_from_freelist+0x32ed/0x3480
[ 50.323873][ T3543] __alloc_pages+0x28d/0x770
[ 50.328636][ T3543] folio_alloc+0x1a/0x50
[ 50.332875][ T3543] filemap_alloc_folio+0xda/0x4f0
[ 50.338082][ T3543] __filemap_get_folio+0x711/0xe30
[ 50.343279][ T3543] pagecache_get_page+0x28/0x250
[ 50.348304][ T3543] reiserfs_write_begin+0x51/0x510
[ 50.353460][ T3543] generic_cont_expand_simple+0x187/0x2a0
[ 50.359361][ T3543] reiserfs_setattr+0x606/0x11c0
[ 50.364492][ T3543] notify_change+0xdcd/0x1080
[ 50.370581][ T3543] do_truncate+0x21c/0x300
[ 50.375356][ T3543] do_sys_ftruncate+0x2e2/0x380
[ 50.380477][ T3543] do_syscall_64+0x3d/0xb0
[ 50.384988][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.390906][ T3543] page last free stack trace:
[ 50.395668][ T3543] free_unref_page_prepare+0xf63/0x1120
[ 50.401468][ T3543] free_unref_page+0x98/0x570
[ 50.406155][ T3543] free_contig_range+0x9a/0x150
[ 50.411102][ T3543] destroy_args+0xfe/0x997
[ 50.415545][ T3543] debug_vm_pgtable+0x416/0x46b
[ 50.420449][ T3543] do_one_initcall+0x265/0x8f0
[ 50.425212][ T3543] do_initcall_level+0x157/0x207
[ 50.430240][ T3543] do_initcalls+0x49/0x86
[ 50.434665][ T3543] kernel_init_freeable+0x473/0x61f
[ 50.439863][ T3543] kernel_init+0x19/0x290
[ 50.444199][ T3543] ret_from_fork+0x1f/0x30
[ 50.448844][ T3543]
[ 50.451184][ T3543] Memory state around the buggy address:
[ 50.456987][ T3543] ffff888070e1ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.465048][ T3543] ffff888070e1ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.473308][ T3543] >ffff888070e1f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.482441][ T3543] ^
[ 50.486669][ T3543] ffff888070e1f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.495185][ T3543] ffff888070e1f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 50.503526][ T3543] ==================================================================
[ 50.512743][ T3543] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 50.520569][ T3543] CPU: 1 PID: 3543 Comm: syz-executor303 Not tainted 6.1.53-syzkaller #0
[ 50.530065][ T3543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 50.540744][ T3543] Call Trace:
[ 50.544828][ T3543]
[ 50.547869][ T3543] dump_stack_lvl+0x1e3/0x2cb
[ 50.552765][ T3543] ? nf_tcp_handle_invalid+0x642/0x642
[ 50.558597][ T3543] ? panic+0x75d/0x75d
[ 50.562899][ T3543] ? vscnprintf+0x59/0x80
[ 50.567232][ T3543] panic+0x318/0x75d
[ 50.571398][ T3543] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 50.577757][ T3543] ? check_panic_on_warn+0x1d/0xa0
[ 50.582985][ T3543] ? memcpy_page_flushcache+0xfc/0xfc
[ 50.588389][ T3543] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 50.594483][ T3543] ? _raw_spin_unlock+0x40/0x40
[ 50.599453][ T3543] check_panic_on_warn+0x7e/0xa0
[ 50.604415][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 50.609993][ T3543] end_report+0x66/0x110
[ 50.614246][ T3543] kasan_report+0x143/0x160
[ 50.619197][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 50.624758][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 50.631707][ T3543] kasan_check_range+0x27f/0x290
[ 50.636746][ T3543] ? leaf_paste_in_buffer+0x1b8/0xab0
[ 50.642169][ T3543] memmove+0x25/0x60
[ 50.646166][ T3543] leaf_paste_in_buffer+0x1b8/0xab0
[ 50.651566][ T3543] balance_leaf+0x667c/0x12510
[ 50.656437][ T3543] ? print_irqtrace_events+0x210/0x210
[ 50.662095][ T3543] ? do_balance+0x8f0/0x8f0
[ 50.666635][ T3543] ? write_boundary_block+0xb0/0xb0
[ 50.672018][ T3543] ? do_raw_spin_lock+0x14a/0x370
[ 50.677233][ T3543] ? do_raw_spin_unlock+0x137/0x8a0
[ 50.682619][ T3543] ? __getblk_gfp+0x934/0xa20
[ 50.687301][ T3543] ? get_empty_nodes+0xad9/0xd70
[ 50.692420][ T3543] ? direntry_part_size+0xb0/0x1a0
[ 50.697554][ T3543] ? __wake_up+0x1c0/0x1c0
[ 50.701963][ T3543] ? get_neighbors+0x1010/0x1010
[ 50.707021][ T3543] ? is_leaf_removable+0x8c0/0x8c0
[ 50.712218][ T3543] ? get_neighbors+0x631/0x1010
[ 50.717422][ T3543] ? reiserfs_prepare_for_journal+0x269/0x280
[ 50.723585][ T3543] ? fix_nodes+0x7abc/0x8c70
[ 50.728201][ T3543] ? __might_sleep+0xb0/0xb0
[ 50.733084][ T3543] do_balance+0x309/0x8f0
[ 50.737459][ T3543] ? get_right_neighbor_position+0x210/0x210
[ 50.743487][ T3543] ? reiserfs_paste_into_item+0x3ef/0x880
[ 50.749876][ T3543] reiserfs_paste_into_item+0x73b/0x880
[ 50.755741][ T3543] ? reiserfs_cut_from_item+0x2580/0x2580
[ 50.761667][ T3543] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 50.768209][ T3543] ? reiserfs_get_block+0x19b3/0x5150
[ 50.773574][ T3543] ? rcu_is_watching+0x11/0xb0
[ 50.778350][ T3543] ? __kmalloc+0xe2/0x230
[ 50.783286][ T3543] reiserfs_get_block+0x2259/0x5150
[ 50.788862][ T3543] ? make_le_item_head+0x5c0/0x5c0
[ 50.794058][ T3543] ? register_lock_class+0x100/0x990
[ 50.799345][ T3543] ? generic_cont_expand_simple+0x187/0x2a0
[ 50.805419][ T3543] ? reiserfs_setattr+0x606/0x11c0
[ 50.810525][ T3543] ? notify_change+0xdcd/0x1080
[ 50.815480][ T3543] ? do_truncate+0x21c/0x300
[ 50.820233][ T3543] ? do_sys_ftruncate+0x2e2/0x380
[ 50.825264][ T3543] ? do_syscall_64+0x3d/0xb0
[ 50.829853][ T3543] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.836098][ T3543] ? is_dynamic_key+0x230/0x230
[ 50.841235][ T3543] ? mark_lock+0x9a/0x340
[ 50.845593][ T3543] ? __lock_acquire+0x125b/0x1f80
[ 50.850702][ T3543] ? create_page_buffers+0x1d2/0x4b0
[ 50.856000][ T3543] ? __lock_acquire+0x1f80/0x1f80
[ 50.861111][ T3543] ? create_page_buffers+0x24e/0x4b0
[ 50.866418][ T3543] __block_write_begin_int+0x544/0x1a30
[ 50.871983][ T3543] ? xas_load+0x11a/0x140
[ 50.876493][ T3543] ? make_le_item_head+0x5c0/0x5c0
[ 50.881966][ T3543] ? page_zero_new_buffers+0x650/0x650
[ 50.887797][ T3543] ? __block_write_begin+0x61/0x150
[ 50.893216][ T3543] ? reiserfs_write_begin+0x17f/0x510
[ 50.899397][ T3543] reiserfs_write_begin+0x249/0x510
[ 50.905770][ T3543] generic_cont_expand_simple+0x187/0x2a0
[ 50.912042][ T3543] ? submit_bh+0x20/0x20
[ 50.917036][ T3543] ? ktime_get_coarse_real_ts64+0x36/0x120
[ 50.923820][ T3543] ? mutex_lock_nested+0x17/0x20
[ 50.930209][ T3543] reiserfs_setattr+0x606/0x11c0
[ 50.936135][ T3543] ? reiserfs_commit_write+0x5a0/0x5a0
[ 50.941948][ T3543] ? ktime_get_coarse_real_ts64+0x107/0x120
[ 50.952632][ T3543] ? current_time+0x1d1/0x2f0
[ 50.957438][ T3543] ? atime_needs_update+0x7b0/0x7b0
[ 50.963736][ T3543] ? rwsem_write_trylock+0x166/0x210
[ 50.969935][ T3543] ? bpf_lsm_inode_setattr+0x5/0x10
[ 50.975370][ T3543] ? reiserfs_commit_write+0x5a0/0x5a0
[ 50.981016][ T3543] notify_change+0xdcd/0x1080
[ 50.986117][ T3543] do_truncate+0x21c/0x300
[ 50.990575][ T3543] ? put_page_bootmem+0x2e0/0x2e0
[ 50.996330][ T3543] ? print_irqtrace_events+0x210/0x210
[ 51.001990][ T3543] ? print_irqtrace_events+0x210/0x210
[ 51.007992][ T3543] ? bpf_lsm_path_truncate+0x5/0x10
[ 51.013426][ T3543] do_sys_ftruncate+0x2e2/0x380
[ 51.018396][ T3543] do_syscall_64+0x3d/0xb0
[ 51.023157][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.029160][ T3543] RIP: 0033:0x7f6bcb068679
[ 51.035888][ T3543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 51.056677][ T3543] RSP: 002b:00007fff0bedf7f8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 51.066399][ T3543] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f6bcb068679
[ 51.074657][ T3543] RDX: 00007f6bcb068679 RSI: 0000000002007fff RDI: 0000000000000005
[ 51.083254][ T3543] RBP: 00007f6bcb0dc610 R08: 00007fff0bedf9c8 R09: 00007fff0bedf9c8
[ 51.091445][ T3543] R10: 00007fff0bedf9c8 R11: 0000000000000246 R12: 0000000000000001
[ 51.099521][ T3543] R13: 00007fff0bedf9b8 R14: 0000000000000001 R15: 0000000000000001
[ 51.107528][ T3543]
[ 51.110641][ T3543] Kernel Offset: disabled
[ 51.115055][ T3543] Rebooting in 86400 seconds..