reiserfs: using flush barriers REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 REISERFS (device loop0): checking transaction log (loop0) REISERFS (device loop0): Using rupasov hash to sort names BUG: unable to handle kernel paging request at ffff8880913af000 PGD de01067 P4D de01067 PUD 23ffff067 PMD 913ad063 PTE ffe2002e00000000 Oops: 0002 [#1] PREEMPT SMP KASAN CPU: 0 PID: 8117 Comm: syz-executor301 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 RIP: 0010:__memmove+0x24/0x1a0 arch/x86/lib/memmove_64.S:43 syz-executor301[8116]: segfault at 20000 ip 00007fb7ae90de53 sp 00007fff5d1165c8 error 4 in syz-executor3016693707[7fb7ae90a000+9a000] Code: 90 90 90 90 90 90 48 89 f8 48 83 fa 20 0f 82 03 01 00 00 48 39 fe 7d 0f 49 89 f0 49 01 d0 49 39 f8 0f 8f 9f 00 00 00 48 89 d1 a4 c3 48 81 fa a8 02 00 00 72 05 40 38 fe 74 3b 48 83 ea 20 48 Code: 00 00 00 2e 00 e2 ff 2e 72 65 69 2e 2e 00 00 00 00 00 00 2e 00 e2 ff 2e 72 65 69 2e 2e 00 00 00 00 00 00 2e 00 e2 ff 2e 72 65 <69> 2e 2e 00 00 00 00 00 00 2e 00 e2 ff 2e 72 65 69 2e 2e 00 00 00 RSP: 0018:ffff888094906f78 EFLAGS: 00010293 RAX: ffff888090ac4fb4 RBX: 0000000000000002 RCX: ffffffffff715fb0 RDX: fffffffffffffffc RSI: ffff8880913aeff0 RDI: ffff8880913af000 RBP: 0000000000000020 R08: ffff888090ac4fa0 R09: ffffed10121589f5 R10: ffff888090ac4faf R11: 00002e2e0004003c R12: 0000000000000001 R13: 000000000000001c R14: ffff888090ac4fa4 R15: 0000000000000010 FS: 00007fb7ae900700(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffff8880913af000 CR3: 00000000b452b000 CR4: 00000000003406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 in:imklog[7783]: segfault at 0 ip 00005594b2c31f18 sp 00007f51ebeaf458 error 6 in rsyslogd[5594b2c1e000+95000] Call Trace: Code: e2 ff 2e 72 65 69 2e 2e 00 00 00 00 00 00 2e 00 e2 ff 2e 72 65 69 2e 2e 00 00 00 00 00 00 2e 00 e2 ff 2e 72 65 69 2e 2e 00 00 <00> 00 00 00 2e 00 e2 ff 2e 72 65 69 2e 2e 00 00 00 00 00 00 2e 00 memmove include/linux/string.h:392 [inline] leaf_paste_entries+0x449/0x910 fs/reiserfs/lbalance.c:1378 traps: systemd[1] general protection ip:7f7b552fe25b sp:7fff34941af0 error:0 in libc-2.24.so[7f7b55287000+195000] balance_leaf_finish_node_paste_dirent fs/reiserfs/do_balan.c:1306 [inline] balance_leaf_finish_node_paste fs/reiserfs/do_balan.c:1332 [inline] balance_leaf_finish_node fs/reiserfs/do_balan.c:1375 [inline] balance_leaf+0x8fd7/0xca70 fs/reiserfs/do_balan.c:1463 do_balance+0x30a/0x760 fs/reiserfs/do_balan.c:1899 reiserfs_paste_into_item+0x636/0x7d0 fs/reiserfs/stree.c:2169 reiserfs_add_entry+0x89a/0xcc0 fs/reiserfs/namei.c:566 reiserfs_mkdir+0x66e/0x980 fs/reiserfs/namei.c:858 create_privroot fs/reiserfs/xattr.c:880 [inline] reiserfs_xattr_init+0x406/0xae0 fs/reiserfs/xattr.c:1002 reiserfs_fill_super+0x1f54/0x2d80 fs/reiserfs/super.c:2188 mount_bdev+0x2fc/0x3b0 fs/super.c:1158 mount_fs+0xa3/0x310 fs/super.c:1261 vfs_kern_mount.part.0+0x68/0x470 fs/namespace.c:961 vfs_kern_mount fs/namespace.c:951 [inline] do_new_mount fs/namespace.c:2492 [inline] do_mount+0x115c/0x2f50 fs/namespace.c:2822 ksys_mount+0xcf/0x130 fs/namespace.c:3038 __do_sys_mount fs/namespace.c:3052 [inline] __se_sys_mount fs/namespace.c:3049 [inline] __x64_sys_mount+0xba/0x150 fs/namespace.c:3049 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fb7ae95407a Code: 89 c7 b8 3c 00 00 00 0f 05 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fb7ae900168 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb7ae95407a RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fb7ae900180 RBP: 0000000000000004 R08: 00007fb7ae9001c0 R09: 00007fb7ae9006b8 systemd: 45 output lines suppressed due to ratelimiting R10: 000000000020441a R11: 0000000000000286 R12: 00007fb7ae9001c0 R13: 0000000000000008 R14: 00007fb7ae900180 R15: 0000000020000600 Modules linked in: CR2: ffff8880913af000 ---[ end trace 2affd36cd395dc8a ]--- RIP: 0010:__memmove+0x24/0x1a0 arch/x86/lib/memmove_64.S:43 Code: 90 90 90 90 90 90 48 89 f8 48 83 fa 20 0f 82 03 01 00 00 48 39 fe 7d 0f 49 89 f0 49 01 d0 49 39 f8 0f 8f 9f 00 00 00 48 89 d1 a4 c3 48 81 fa a8 02 00 00 72 05 40 38 fe 74 3b 48 83 ea 20 48 RSP: 0018:ffff888094906f78 EFLAGS: 00010293 RAX: ffff888090ac4fb4 RBX: 0000000000000002 RCX: ffffffffff715fb0 RDX: fffffffffffffffc RSI: ffff8880913aeff0 RDI: ffff8880913af000 RBP: 0000000000000020 R08: ffff888090ac4fa0 R09: ffffed10121589f5 R10: ffff888090ac4faf R11: 00002e2e0004003c R12: 0000000000000001 R13: 000000000000001c R14: ffff888090ac4fa4 R15: 0000000000000010 FS: 00007fb7ae900700(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffff8880913af000 CR3: 00000000b452b000 CR4: 00000000003406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 90 nop 1: 90 nop 2: 90 nop 3: 90 nop 4: 90 nop 5: 90 nop 6: 48 89 f8 mov %rdi,%rax 9: 48 83 fa 20 cmp $0x20,%rdx d: 0f 82 03 01 00 00 jb 0x116 13: 48 39 fe cmp %rdi,%rsi 16: 7d 0f jge 0x27 18: 49 89 f0 mov %rsi,%r8 1b: 49 01 d0 add %rdx,%r8 1e: 49 39 f8 cmp %rdi,%r8 21: 0f 8f 9f 00 00 00 jg 0xc6 27: 48 89 d1 mov %rdx,%rcx * 2a: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) <-- trapping instruction 2c: c3 retq 2d: 48 81 fa a8 02 00 00 cmp $0x2a8,%rdx 34: 72 05 jb 0x3b 36: 40 38 fe cmp %dil,%sil 39: 74 3b je 0x76 3b: 48 83 ea 20 sub $0x20,%rdx 3f: 48 rex.W