Warning: Permanently added '10.128.1.79' (ECDSA) to the list of known hosts.
executing program
[   37.907228][ T3611] loop0: detected capacity change from 0 to 252287
[   37.912225][ T3611] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   37.912246][ T3611] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   37.912246][ T3611] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   37.912402][ T3611] REISERFS (device loop0): using ordered data mode
[   37.912410][ T3611] reiserfs: using flush barriers
[   37.913442][ T3611] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[   37.939650][ T3611] REISERFS (device loop0): checking transaction log (loop0)
[   37.941253][ T3611] REISERFS (device loop0): Using r5 hash to sort names
[   37.941337][ T3611] REISERFS (device loop0): using 3.5.x disk format
[   37.941535][ T3611] ==================================================================
[   37.941540][ T3611] BUG: KASAN: use-after-free in search_by_entry_key+0x81f/0x960
[   37.941562][ T3611] Read of size 4 at addr ffff8880715ee014 by task syz-executor352/3611
[   37.941575][ T3611] 
[   37.941579][ T3611] CPU: 0 PID: 3611 Comm: syz-executor352 Not tainted 5.19.0-rc1-syzkaller-00263-g1c27f1fc1549 #0
[   37.941596][ T3611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   37.941604][ T3611] Call Trace:
[   37.941609][ T3611]  <TASK>
[   37.941614][ T3611]  dump_stack_lvl+0xcd/0x134
[   37.941649][ T3611]  print_address_description.constprop.0.cold+0xeb/0x495
[   37.941671][ T3611]  ? search_by_entry_key+0x81f/0x960
[   37.941687][ T3611]  kasan_report.cold+0xf4/0x1c6
[   37.941706][ T3611]  ? search_by_entry_key+0x81f/0x960
[   37.941724][ T3611]  search_by_entry_key+0x81f/0x960
[   37.941742][ T3611]  reiserfs_find_entry.part.0+0x139/0xdf0
[   37.941760][ T3611]  ? mutex_lock_io_nested+0x1190/0x1190
[   37.941776][ T3611]  ? find_held_lock+0x2d/0x110
[   37.941795][ T3611]  ? search_by_entry_key+0x960/0x960
[   37.941812][ T3611]  ? lock_downgrade+0x6e0/0x6e0
[   37.941832][ T3611]  reiserfs_lookup+0x24a/0x490
[   37.941853][ T3611]  ? reiserfs_unlink+0x760/0x760
[   37.941869][ T3611]  ? d_alloc_parallel+0x9af/0x1af0
[   37.941887][ T3611]  ? __lock_acquire+0x2581/0x5660
[   37.941905][ T3611]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   37.941928][ T3611]  ? lockdep_init_map_type+0x21a/0x7f0
[   37.941945][ T3611]  __lookup_slow+0x24c/0x480
[   37.941961][ T3611]  ? page_get_link+0x7b0/0x7b0
[   37.941977][ T3611]  ? __d_lookup+0x44b/0x790
[   37.941994][ T3611]  ? d_lookup+0x101/0x170
[   37.942010][ T3611]  lookup_one_len+0x16a/0x1a0
[   37.942027][ T3611]  ? try_lookup_one_len+0x180/0x180
[   37.942044][ T3611]  ? down_write_killable+0x170/0x170
[   37.942059][ T3611]  ? reiserfs_schedule_old_flush+0x60/0x230
[   37.942080][ T3611]  reiserfs_lookup_privroot+0x92/0x280
[   37.942099][ T3611]  reiserfs_fill_super+0x21bb/0x2fb0
[   37.942120][ T3611]  ? reiserfs_remount+0x1530/0x1530
[   37.942138][ T3611]  ? sget+0x472/0x580
[   37.942155][ T3611]  ? snprintf+0xbb/0xf0
[   37.942171][ T3611]  ? set_blocksize+0x2e5/0x370
[   37.942188][ T3611]  mount_bdev+0x34d/0x410
[   37.942203][ T3611]  ? reiserfs_remount+0x1530/0x1530
[   37.942221][ T3611]  ? reiserfs_kill_sb+0x1e0/0x1e0
[   37.942239][ T3611]  legacy_get_tree+0x105/0x220
[   37.942255][ T3611]  vfs_get_tree+0x89/0x2f0
[   37.942270][ T3611]  path_mount+0x1320/0x1fa0
[   37.942285][ T3611]  ? kmem_cache_free+0xdd/0x5a0
[   37.942304][ T3611]  ? finish_automount+0xaf0/0xaf0
[   37.942321][ T3611]  ? putname+0xfe/0x140
[   37.942336][ T3611]  __x64_sys_mount+0x27f/0x300
[   37.942352][ T3611]  ? copy_mnt_ns+0xae0/0xae0
[   37.942367][ T3611]  ? syscall_enter_from_user_mode+0x21/0x70
[   37.942385][ T3611]  do_syscall_64+0x35/0xb0
[   37.942403][ T3611]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[   37.942421][ T3611] RIP: 0033:0x7f33c6185c8a
[   37.942434][ T3611] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   37.942448][ T3611] RSP: 002b:00007ffcd4af74c8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   37.942464][ T3611] RAX: ffffffffffffffda RBX: 00007ffcd4af7520 RCX: 00007f33c6185c8a
[   37.942475][ T3611] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd4af74e0
[   37.942485][ T3611] RBP: 00007ffcd4af74e0 R08: 00007ffcd4af7520 R09: 0000000000000000
[   37.942495][ T3611] R10: 0000000000000000 R11: 0000000000000286 R12: 00000000200000a0
[   37.942504][ T3611] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000004
[   37.942518][ T3611]  </TASK>
[   37.942523][ T3611] 
[   37.942525][ T3611] The buggy address belongs to the physical page:
[   37.942530][ T3611] page:ffffea0001c57b80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x715ee
[   37.942546][ T3611] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   37.942566][ T3611] raw: 00fff00000000000 ffffea0001c57bc8 ffff8880b9a403c0 0000000000000000
[   37.942580][ T3611] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   37.942587][ T3611] page dumped because: kasan: bad access detected
[   37.942593][ T3611] page_owner tracks the page as freed
[   37.942596][ T3611] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 8666191765, free_ts 9438327718
[   37.942620][ T3611]  split_map_pages+0x1ef/0x520
[   37.942638][ T3611]  isolate_freepages_range+0x30f/0x350
[   37.942655][ T3611]  alloc_contig_range+0x2f6/0x490
[   37.942670][ T3611]  alloc_contig_pages+0x35a/0x4c0
[   37.942685][ T3611]  debug_vm_pgtable+0x88f/0x2a94
[   37.942699][ T3611]  do_one_initcall+0x103/0x650
[   37.942715][ T3611]  kernel_init_freeable+0x6b1/0x73a
[   37.942733][ T3611]  kernel_init+0x1a/0x1d0
[   37.942746][ T3611]  ret_from_fork+0x1f/0x30
[   37.942760][ T3611] page last free stack trace:
[   37.942763][ T3611]  free_pcp_prepare+0x549/0xd20
[   37.942776][ T3611]  free_unref_page+0x19/0x6a0
[   37.942789][ T3611]  free_contig_range+0xb1/0x180
[   37.942803][ T3611]  destroy_args+0xa8/0x646
[   37.942815][ T3611]  debug_vm_pgtable+0x2a03/0x2a94
[   37.942828][ T3611]  do_one_initcall+0x103/0x650
[   37.942848][ T3611]  kernel_init_freeable+0x6b1/0x73a
[   37.942865][ T3611]  kernel_init+0x1a/0x1d0
[   37.942878][ T3611]  ret_from_fork+0x1f/0x30
[   37.942892][ T3611] 
[   37.942895][ T3611] Memory state around the buggy address:
[   37.942901][ T3611]  ffff8880715edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   37.942911][ T3611]  ffff8880715edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   37.942920][ T3611] >ffff8880715ee000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   37.942927][ T3611]                          ^
[   37.942934][ T3611]  ffff8880715ee080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   37.942943][ T3611]  ffff8880715ee100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   37.942951][ T3611] ==================================================================
[   37.943007][ T3611] Kernel panic - not syncing: panic_on_warn set ...
[   37.943015][ T3611] CPU: 0 PID: 3611 Comm: syz-executor352 Not tainted 5.19.0-rc1-syzkaller-00263-g1c27f1fc1549 #0
[   37.943032][ T3611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   37.943040][ T3611] Call Trace:
[   37.943044][ T3611]  <TASK>
[   37.943049][ T3611]  dump_stack_lvl+0xcd/0x134
[   37.943066][ T3611]  panic+0x2d7/0x636
[   37.943082][ T3611]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   37.943100][ T3611]  ? preempt_schedule_common+0x59/0xc0
[   37.943119][ T3611]  ? search_by_entry_key+0x81f/0x960
[   37.943135][ T3611]  ? preempt_schedule_thunk+0x16/0x18
[   37.943154][ T3611]  ? search_by_entry_key+0x81f/0x960
[   37.943172][ T3611]  end_report.part.0+0x3f/0x7c
[   37.943188][ T3611]  kasan_report.cold+0x93/0x1c6
[   37.943204][ T3611]  ? search_by_entry_key+0x81f/0x960
[   37.943222][ T3611]  search_by_entry_key+0x81f/0x960
[   37.943240][ T3611]  reiserfs_find_entry.part.0+0x139/0xdf0
[   37.943258][ T3611]  ? mutex_lock_io_nested+0x1190/0x1190
[   37.943274][ T3611]  ? find_held_lock+0x2d/0x110
[   37.943292][ T3611]  ? search_by_entry_key+0x960/0x960
[   37.943309][ T3611]  ? lock_downgrade+0x6e0/0x6e0
[   37.943330][ T3611]  reiserfs_lookup+0x24a/0x490
[   37.943346][ T3611]  ? reiserfs_unlink+0x760/0x760
[   37.943362][ T3611]  ? d_alloc_parallel+0x9af/0x1af0
[   37.943379][ T3611]  ? __lock_acquire+0x2581/0x5660
[   37.943398][ T3611]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   37.943421][ T3611]  ? lockdep_init_map_type+0x21a/0x7f0
[   37.943438][ T3611]  __lookup_slow+0x24c/0x480
[   37.943453][ T3611]  ? page_get_link+0x7b0/0x7b0
[   37.943470][ T3611]  ? __d_lookup+0x44b/0x790
[   37.943487][ T3611]  ? d_lookup+0x101/0x170
[   37.943502][ T3611]  lookup_one_len+0x16a/0x1a0
[   37.943517][ T3611]  ? try_lookup_one_len+0x180/0x180
[   37.943532][ T3611]  ? down_write_killable+0x170/0x170
[   37.943547][ T3611]  ? reiserfs_schedule_old_flush+0x60/0x230
[   37.943569][ T3611]  reiserfs_lookup_privroot+0x92/0x280
[   37.943588][ T3611]  reiserfs_fill_super+0x21bb/0x2fb0
[   37.943609][ T3611]  ? reiserfs_remount+0x1530/0x1530
[   37.943627][ T3611]  ? sget+0x472/0x580
[   37.943643][ T3611]  ? snprintf+0xbb/0xf0
[   37.943659][ T3611]  ? set_blocksize+0x2e5/0x370
[   37.943676][ T3611]  mount_bdev+0x34d/0x410
[   37.943691][ T3611]  ? reiserfs_remount+0x1530/0x1530
[   37.943709][ T3611]  ? reiserfs_kill_sb+0x1e0/0x1e0
[   37.943727][ T3611]  legacy_get_tree+0x105/0x220
[   37.943743][ T3611]  vfs_get_tree+0x89/0x2f0
[   37.943758][ T3611]  path_mount+0x1320/0x1fa0
[   37.943773][ T3611]  ? kmem_cache_free+0xdd/0x5a0
[   37.943792][ T3611]  ? finish_automount+0xaf0/0xaf0
[   37.943809][ T3611]  ? putname+0xfe/0x140
[   37.943825][ T3611]  __x64_sys_mount+0x27f/0x300
[   37.943846][ T3611]  ? copy_mnt_ns+0xae0/0xae0
[   37.943862][ T3611]  ? syscall_enter_from_user_mode+0x21/0x70
[   37.943880][ T3611]  do_syscall_64+0x35/0xb0
[   37.943897][ T3611]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[   37.943915][ T3611] RIP: 0033:0x7f33c6185c8a
[   37.943927][ T3611] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   37.943941][ T3611] RSP: 002b:00007ffcd4af74c8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   37.943956][ T3611] RAX: ffffffffffffffda RBX: 00007ffcd4af7520 RCX: 00007f33c6185c8a
[   37.943967][ T3611] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd4af74e0
[   37.943978][ T3611] RBP: 00007ffcd4af74e0 R08: 00007ffcd4af7520 R09: 0000000000000000
[   37.943988][ T3611] R10: 0000000000000000 R11: 0000000000000286 R12: 00000000200000a0
[   37.943997][ T3611] R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000004
[   37.944011][ T3611]  </TASK>
[   37.950419][ T3611] Kernel Offset: disabled