Warning: Permanently added '10.128.1.181' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 37.979886][ T4217] loop0: detected capacity change from 0 to 8192 [ 37.982849][ T4217] ======================================================= [ 37.982849][ T4217] WARNING: The mand mount option has been deprecated and [ 37.982849][ T4217] and is ignored by this kernel. Remove the mand [ 37.982849][ T4217] option from the mount to silence this warning. [ 37.982849][ T4217] ======================================================= [ 37.993105][ T4217] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 37.995844][ T4217] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 37.997798][ T4217] REISERFS (device loop0): using ordered data mode [ 37.999017][ T4217] reiserfs: using flush barriers [ 38.000773][ T4217] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 38.004219][ T4217] REISERFS (device loop0): checking transaction log (loop0) [ 38.043018][ T4217] REISERFS (device loop0): Using tea hash to sort names [ 38.045242][ T4217] ================================================================== [ 38.046838][ T4217] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x698/0xb10 [ 38.048396][ T4217] Read of size 18446744073709551584 at addr ffff0000e2908fa4 by task syz-executor270/4217 [ 38.050454][ T4217] [ 38.050934][ T4217] CPU: 1 PID: 4217 Comm: syz-executor270 Not tainted 6.1.27-syzkaller #0 [ 38.052765][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 38.054891][ T4217] Call trace: [ 38.055560][ T4217] dump_backtrace+0x1c8/0x1f4 [ 38.056485][ T4217] show_stack+0x2c/0x3c [ 38.057376][ T4217] dump_stack_lvl+0x108/0x170 [ 38.058355][ T4217] print_report+0x174/0x4c0 [ 38.059313][ T4217] kasan_report+0xd4/0x130 [ 38.060168][ T4217] kasan_check_range+0x264/0x2a4 [ 38.061208][ T4217] memmove+0x48/0x90 [ 38.062036][ T4217] leaf_paste_entries+0x698/0xb10 [ 38.063096][ T4217] balance_leaf+0xa0d4/0xe860 [ 38.064076][ T4217] do_balance+0x27c/0x788 [ 38.065004][ T4217] reiserfs_paste_into_item+0x630/0x744 [ 38.066171][ T4217] reiserfs_add_entry+0x8ec/0xcc4 [ 38.067238][ T4217] reiserfs_mkdir+0x588/0x77c [ 38.068224][ T4217] reiserfs_xattr_init+0x2b0/0x6bc [ 38.069343][ T4217] reiserfs_fill_super+0x1bfc/0x2028 [ 38.070475][ T4217] mount_bdev+0x26c/0x368 [ 38.071328][ T4217] get_super_block+0x44/0x58 [ 38.072345][ T4217] legacy_get_tree+0xd4/0x16c [ 38.073266][ T4217] vfs_get_tree+0x90/0x274 [ 38.074220][ T4217] do_new_mount+0x25c/0x8c8 [ 38.075195][ T4217] path_mount+0x590/0xe58 [ 38.076087][ T4217] __arm64_sys_mount+0x45c/0x594 [ 38.077161][ T4217] invoke_syscall+0x98/0x2c0 [ 38.078138][ T4217] el0_svc_common+0x138/0x258 [ 38.079073][ T4217] do_el0_svc+0x64/0x218 [ 38.079970][ T4217] el0_svc+0x58/0x168 [ 38.080814][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 38.081898][ T4217] el0t_64_sync+0x18c/0x190 [ 38.082804][ T4217] [ 38.083290][ T4217] The buggy address belongs to the physical page: [ 38.084588][ T4217] page:000000003979d625 refcount:3 mapcount:0 mapping:00000000ba10f4be index:0x213 pfn:0x122908 [ 38.086844][ T4217] memcg:ffff0000c0930000 [ 38.087740][ T4217] aops:def_blk_aops ino:700000 [ 38.088723][ T4217] flags: 0x5ffc60000002042(referenced|workingset|private|node=0|zone=2|lastcpupid=0x7ff) [ 38.090734][ T4217] raw: 05ffc60000002042 0000000000000000 dead000000000122 ffff0000c050bf10 [ 38.092468][ T4217] raw: 0000000000000213 ffff0000e20d9bc8 00000003ffffffff ffff0000c0930000 [ 38.094266][ T4217] page dumped because: kasan: bad access detected [ 38.095581][ T4217] [ 38.096091][ T4217] Memory state around the buggy address: [ 38.097294][ T4217] ffff0000e2908e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.098884][ T4217] ffff0000e2908f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.100505][ T4217] >ffff0000e2908f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.102161][ T4217] ^ [ 38.103172][ T4217] ffff0000e2909000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.104841][ T4217] ffff0000e2909080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.106386][ T4217] ================================================================== [ 38.108221][ T4217] Disabling lock debugging due to kernel taint [ 38.109521][ T4217] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 29662, item_location 2, free_space(entry_count) 37376 [ 38.113577][ T4217] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 38.115813][ T4217] REISERFS (device loop0): Remounting filesystem read-only [ 38.117297][ T4217] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [1 2 0x0 SD] stat data [ 38.120030][ T4217] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount. [ 38.122963][ T4217] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 29662, item_location 2, free_space(entry_count) 37376 [ 38.127133][ T4217] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 38.129279][ T4217] REISERFS error (device loop0): zam-7001 reiserfs_find_entry: io error