DUID 00:04:d5:34:fd:2d:90:3b:7d:1f:5f:ef:10:3f:c1:8d:8b:e5
forked to background, child pid 3217
[   28.236957][ T3218] 8021q: adding VLAN 0 to HW filter on device bond0
[   28.247508][ T3218] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.218' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   50.664630][ T3549] loop0: detected capacity change from 0 to 8192
[   50.674410][ T3549] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   50.687812][ T3549] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   50.697183][ T3549] REISERFS (device loop0): using ordered data mode
[   50.704369][ T3549] reiserfs: using flush barriers
[   50.710994][ T3549] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   50.727416][ T3549] REISERFS (device loop0): checking transaction log (loop0)
[   50.766447][ T3549] REISERFS (device loop0): Using r5 hash to sort names
[   50.773565][ T3549] REISERFS (device loop0): using 3.5.x disk format
[   50.780805][ T3549] ==================================================================
[   50.788866][ T3549] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x95f/0x13a0
[   50.796410][ T3549] Read of size 18446744073709551600 at addr ffff888070e55f94 by task syz-executor331/3549
[   50.806304][ T3549] 
[   50.808613][ T3549] CPU: 0 PID: 3549 Comm: syz-executor331 Not tainted 6.1.53-syzkaller #0
[   50.817016][ T3549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   50.827108][ T3549] Call Trace:
[   50.830376][ T3549]  <TASK>
[   50.833293][ T3549]  dump_stack_lvl+0x1e3/0x2cb
[   50.838062][ T3549]  ? irq_work_queue+0xc6/0x150
[   50.842843][ T3549]  ? nf_tcp_handle_invalid+0x642/0x642
[   50.848296][ T3549]  ? panic+0x75d/0x75d
[   50.852378][ T3549]  ? _printk+0xd1/0x111
[   50.856539][ T3549]  ? _raw_spin_lock_irqsave+0xac/0x120
[   50.862007][ T3549]  print_report+0x15f/0x4f0
[   50.866510][ T3549]  ? __lock_acquire+0x125b/0x1f80
[   50.871528][ T3549]  ? __virt_addr_valid+0x22b/0x2e0
[   50.876639][ T3549]  ? __phys_addr+0xb6/0x170
[   50.881150][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   50.886602][ T3549]  kasan_report+0x136/0x160
[   50.891102][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   50.896380][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   50.901653][ T3549]  kasan_check_range+0x27f/0x290
[   50.906582][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   50.911855][ T3549]  memmove+0x25/0x60
[   50.915745][ T3549]  leaf_paste_entries+0x95f/0x13a0
[   50.920850][ T3549]  balance_leaf+0xbd1e/0x12510
[   50.925643][ T3549]  ? print_irqtrace_events+0x210/0x210
[   50.931096][ T3549]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   50.936986][ T3549]  ? _raw_spin_unlock+0x40/0x40
[   50.941859][ T3549]  ? stack_trace_save+0x113/0x1c0
[   50.946872][ T3549]  ? stack_trace_snprint+0xe0/0xe0
[   50.951973][ T3549]  ? do_balance+0x8f0/0x8f0
[   50.956473][ T3549]  ? __stack_depot_save+0x3f5/0x470
[   50.961695][ T3549]  ? kasan_set_track+0x60/0x70
[   50.966449][ T3549]  ? kasan_set_track+0x4b/0x70
[   50.971197][ T3549]  ? __kasan_kmalloc+0x97/0xb0
[   50.975999][ T3549]  ? __kmalloc+0xb2/0x230
[   50.980317][ T3549]  ? fix_nodes+0x69aa/0x8c70
[   50.984898][ T3549]  ? reiserfs_paste_into_item+0x65d/0x880
[   50.990606][ T3549]  ? reiserfs_add_entry+0x9b8/0xd70
[   50.995795][ T3549]  ? reiserfs_mkdir+0x6bc/0x8f0
[   51.000638][ T3549]  ? reiserfs_xattr_init+0x348/0x730
[   51.005918][ T3549]  ? reiserfs_fill_super+0x2203/0x2620
[   51.011367][ T3549]  ? mount_bdev+0x2c9/0x3f0
[   51.015863][ T3549]  ? legacy_get_tree+0xeb/0x180
[   51.020701][ T3549]  ? vfs_get_tree+0x88/0x270
[   51.025370][ T3549]  ? do_new_mount+0x28b/0xae0
[   51.030219][ T3549]  ? __se_sys_mount+0x2d5/0x3c0
[   51.035064][ T3549]  ? do_syscall_64+0x3d/0xb0
[   51.039729][ T3549]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.045793][ T3549]  ? __wake_up+0x1c0/0x1c0
[   51.050205][ T3549]  ? get_parents+0x513/0xfa0
[   51.054792][ T3549]  ? set_parameters+0x8d0/0x8d0
[   51.059722][ T3549]  ? get_neighbors+0x631/0x1010
[   51.064661][ T3549]  ? reiserfs_prepare_for_journal+0x269/0x280
[   51.070719][ T3549]  ? fix_nodes+0x7abc/0x8c70
[   51.075391][ T3549]  ? __might_sleep+0xb0/0xb0
[   51.079984][ T3549]  do_balance+0x309/0x8f0
[   51.084404][ T3549]  ? get_right_neighbor_position+0x210/0x210
[   51.090476][ T3549]  ? reiserfs_paste_into_item+0x3ef/0x880
[   51.096189][ T3549]  reiserfs_paste_into_item+0x73b/0x880
[   51.101727][ T3549]  ? reiserfs_cut_from_item+0x2580/0x2580
[   51.107459][ T3549]  ? reiserfs_get_parent+0x2c0/0x2c0
[   51.112745][ T3549]  ? inode_get_bytes+0x72/0xa0
[   51.117501][ T3549]  ? _find_first_zero_bit+0x61/0x100
[   51.122781][ T3549]  reiserfs_add_entry+0x9b8/0xd70
[   51.127803][ T3549]  ? drop_new_inode+0x60/0x60
[   51.132560][ T3549]  ? do_journal_begin_r+0xdc9/0x1020
[   51.137851][ T3549]  ? journal_begin+0x1ef/0x350
[   51.142604][ T3549]  reiserfs_mkdir+0x6bc/0x8f0
[   51.147278][ T3549]  ? reiserfs_symlink+0x720/0x720
[   51.152296][ T3549]  ? rwsem_write_trylock+0x166/0x210
[   51.157670][ T3549]  ? __up_read+0x690/0x690
[   51.162086][ T3549]  reiserfs_xattr_init+0x348/0x730
[   51.167191][ T3549]  reiserfs_fill_super+0x2203/0x2620
[   51.172478][ T3549]  ? reiserfs_kill_sb+0x150/0x150
[   51.177498][ T3549]  ? snprintf+0xd6/0x120
[   51.181739][ T3549]  mount_bdev+0x2c9/0x3f0
[   51.186061][ T3549]  ? reiserfs_kill_sb+0x150/0x150
[   51.191082][ T3549]  legacy_get_tree+0xeb/0x180
[   51.195747][ T3549]  ? remove_save_link+0x540/0x540
[   51.200855][ T3549]  vfs_get_tree+0x88/0x270
[   51.205269][ T3549]  do_new_mount+0x28b/0xae0
[   51.209765][ T3549]  ? do_move_mount_old+0x160/0x160
[   51.214870][ T3549]  ? user_path_at_empty+0x12b/0x180
[   51.220062][ T3549]  __se_sys_mount+0x2d5/0x3c0
[   51.224734][ T3549]  ? __x64_sys_mount+0xc0/0xc0
[   51.229489][ T3549]  ? syscall_enter_from_user_mode+0x2e/0x220
[   51.235463][ T3549]  ? lockdep_hardirqs_on+0x94/0x130
[   51.240652][ T3549]  ? __x64_sys_mount+0x1c/0xc0
[   51.245496][ T3549]  do_syscall_64+0x3d/0xb0
[   51.249903][ T3549]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.255785][ T3549] RIP: 0033:0x7fb47e6e28ba
[   51.260204][ T3549] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   51.279800][ T3549] RSP: 002b:00007ffc2d608c08 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   51.288202][ T3549] RAX: ffffffffffffffda RBX: 00007ffc2d608c20 RCX: 00007fb47e6e28ba
[   51.296252][ T3549] RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007ffc2d608c20
[   51.304214][ T3549] RBP: 0000000000000004 R08: 00007ffc2d608c60 R09: 00000000000010fb
[   51.312352][ T3549] R10: 0000000000000080 R11: 0000000000000286 R12: 0000000000000080
[   51.320396][ T3549] R13: 00007ffc2d608c60 R14: 0000000000000003 R15: 0000000000400000
[   51.328361][ T3549]  </TASK>
[   51.331365][ T3549] 
[   51.333677][ T3549] The buggy address belongs to the physical page:
[   51.340071][ T3549] page:ffffea0001c39540 refcount:3 mapcount:0 mapping:ffff888148d749f8 index:0x213 pfn:0x70e55
[   51.350382][ T3549] memcg:ffff888140058000
[   51.354605][ T3549] aops:def_blk_aops ino:700000
[   51.359362][ T3549] flags: 0xfff18000002042(referenced|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[   51.369069][ T3549] raw: 00fff18000002042 0000000000000000 dead000000000122 ffff888148d749f8
[   51.377636][ T3549] raw: 0000000000000213 ffff888073759910 00000003ffffffff ffff888140058000
[   51.386201][ T3549] page dumped because: kasan: bad access detected
[   51.392622][ T3549] page_owner tracks the page as allocated
[   51.398318][ T3549] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 3549, tgid 3549 (syz-executor331), ts 50766181967, free_ts 44951001277
[   51.418882][ T3549]  post_alloc_hook+0x18d/0x1b0
[   51.423726][ T3549]  get_page_from_freelist+0x32ed/0x3480
[   51.429348][ T3549]  __alloc_pages+0x28d/0x770
[   51.433926][ T3549]  folio_alloc+0x1a/0x50
[   51.438182][ T3549]  filemap_alloc_folio+0xda/0x4f0
[   51.443201][ T3549]  __filemap_get_folio+0x711/0xe30
[   51.448303][ T3549]  pagecache_get_page+0x28/0x250
[   51.453230][ T3549]  __getblk_gfp+0x211/0xa20
[   51.457722][ T3549]  search_by_key+0x460/0x4b60
[   51.462383][ T3549]  reiserfs_read_locked_inode+0x23c/0x2950
[   51.468179][ T3549]  reiserfs_fill_super+0x135f/0x2620
[   51.473458][ T3549]  mount_bdev+0x2c9/0x3f0
[   51.477780][ T3549]  legacy_get_tree+0xeb/0x180
[   51.482442][ T3549]  vfs_get_tree+0x88/0x270
[   51.486852][ T3549]  do_new_mount+0x28b/0xae0
[   51.491347][ T3549]  __se_sys_mount+0x2d5/0x3c0
[   51.496018][ T3549] page last free stack trace:
[   51.500673][ T3549]  free_unref_page_prepare+0xf63/0x1120
[   51.506207][ T3549]  free_unref_page_list+0x107/0x810
[   51.511402][ T3549]  release_pages+0x2836/0x2b40
[   51.516168][ T3549]  tlb_flush_mmu+0xfc/0x210
[   51.520662][ T3549]  tlb_finish_mmu+0xce/0x1f0
[   51.525250][ T3549]  unmap_region+0x29f/0x2f0
[   51.529749][ T3549]  do_mas_align_munmap+0xe93/0x15c0
[   51.535027][ T3549]  do_mas_munmap+0x246/0x2b0
[   51.539609][ T3549]  __vm_munmap+0x268/0x370
[   51.544027][ T3549]  __x64_sys_munmap+0x5c/0x70
[   51.548873][ T3549]  do_syscall_64+0x3d/0xb0
[   51.553280][ T3549]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.559167][ T3549] 
[   51.561476][ T3549] Memory state around the buggy address:
[   51.567091][ T3549]  ffff888070e55e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.575253][ T3549]  ffff888070e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.583316][ T3549] >ffff888070e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.591376][ T3549]                          ^
[   51.596042][ T3549]  ffff888070e56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.604130][ T3549]  ffff888070e56080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.612207][ T3549] ==================================================================
[   51.620707][ T3549] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   51.627914][ T3549] CPU: 0 PID: 3549 Comm: syz-executor331 Not tainted 6.1.53-syzkaller #0
[   51.636345][ T3549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   51.646390][ T3549] Call Trace:
[   51.649662][ T3549]  <TASK>
[   51.652583][ T3549]  dump_stack_lvl+0x1e3/0x2cb
[   51.657363][ T3549]  ? nf_tcp_handle_invalid+0x642/0x642
[   51.662814][ T3549]  ? panic+0x75d/0x75d
[   51.666876][ T3549]  ? preempt_schedule_common+0xa6/0xd0
[   51.672330][ T3549]  ? vscnprintf+0x59/0x80
[   51.676656][ T3549]  panic+0x318/0x75d
[   51.680544][ T3549]  ? check_panic_on_warn+0x1d/0xa0
[   51.685648][ T3549]  ? memcpy_page_flushcache+0xfc/0xfc
[   51.691014][ T3549]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   51.697000][ T3549]  ? _raw_spin_unlock+0x40/0x40
[   51.701844][ T3549]  ? print_report+0x4a3/0x4f0
[   51.706511][ T3549]  check_panic_on_warn+0x7e/0xa0
[   51.711440][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   51.716715][ T3549]  end_report+0x66/0x110
[   51.720947][ T3549]  kasan_report+0x143/0x160
[   51.725439][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   51.730716][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   51.735999][ T3549]  kasan_check_range+0x27f/0x290
[   51.740929][ T3549]  ? leaf_paste_entries+0x95f/0x13a0
[   51.746200][ T3549]  memmove+0x25/0x60
[   51.750086][ T3549]  leaf_paste_entries+0x95f/0x13a0
[   51.755193][ T3549]  balance_leaf+0xbd1e/0x12510
[   51.759955][ T3549]  ? print_irqtrace_events+0x210/0x210
[   51.765406][ T3549]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   51.771295][ T3549]  ? _raw_spin_unlock+0x40/0x40
[   51.776140][ T3549]  ? stack_trace_save+0x113/0x1c0
[   51.781169][ T3549]  ? stack_trace_snprint+0xe0/0xe0
[   51.786282][ T3549]  ? do_balance+0x8f0/0x8f0
[   51.790784][ T3549]  ? __stack_depot_save+0x3f5/0x470
[   51.795988][ T3549]  ? kasan_set_track+0x60/0x70
[   51.800752][ T3549]  ? kasan_set_track+0x4b/0x70
[   51.805509][ T3549]  ? __kasan_kmalloc+0x97/0xb0
[   51.810264][ T3549]  ? __kmalloc+0xb2/0x230
[   51.814586][ T3549]  ? fix_nodes+0x69aa/0x8c70
[   51.819168][ T3549]  ? reiserfs_paste_into_item+0x65d/0x880
[   51.824877][ T3549]  ? reiserfs_add_entry+0x9b8/0xd70
[   51.830070][ T3549]  ? reiserfs_mkdir+0x6bc/0x8f0
[   51.834913][ T3549]  ? reiserfs_xattr_init+0x348/0x730
[   51.840190][ T3549]  ? reiserfs_fill_super+0x2203/0x2620
[   51.845657][ T3549]  ? mount_bdev+0x2c9/0x3f0
[   51.850178][ T3549]  ? legacy_get_tree+0xeb/0x180
[   51.855024][ T3549]  ? vfs_get_tree+0x88/0x270
[   51.859610][ T3549]  ? do_new_mount+0x28b/0xae0
[   51.864283][ T3549]  ? __se_sys_mount+0x2d5/0x3c0
[   51.869134][ T3549]  ? do_syscall_64+0x3d/0xb0
[   51.873737][ T3549]  ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.879905][ T3549]  ? __wake_up+0x1c0/0x1c0
[   51.884313][ T3549]  ? get_parents+0x513/0xfa0
[   51.888902][ T3549]  ? set_parameters+0x8d0/0x8d0
[   51.893747][ T3549]  ? get_neighbors+0x631/0x1010
[   51.898597][ T3549]  ? reiserfs_prepare_for_journal+0x269/0x280
[   51.904661][ T3549]  ? fix_nodes+0x7abc/0x8c70
[   51.909251][ T3549]  ? __might_sleep+0xb0/0xb0
[   51.913851][ T3549]  do_balance+0x309/0x8f0
[   51.918186][ T3549]  ? get_right_neighbor_position+0x210/0x210
[   51.924162][ T3549]  ? reiserfs_paste_into_item+0x3ef/0x880
[   51.929872][ T3549]  reiserfs_paste_into_item+0x73b/0x880
[   51.935412][ T3549]  ? reiserfs_cut_from_item+0x2580/0x2580
[   51.941163][ T3549]  ? reiserfs_get_parent+0x2c0/0x2c0
[   51.946451][ T3549]  ? inode_get_bytes+0x72/0xa0
[   51.951218][ T3549]  ? _find_first_zero_bit+0x61/0x100
[   51.956508][ T3549]  reiserfs_add_entry+0x9b8/0xd70
[   51.961538][ T3549]  ? drop_new_inode+0x60/0x60
[   51.966218][ T3549]  ? do_journal_begin_r+0xdc9/0x1020
[   51.971517][ T3549]  ? journal_begin+0x1ef/0x350
[   51.976301][ T3549]  reiserfs_mkdir+0x6bc/0x8f0
[   51.981001][ T3549]  ? reiserfs_symlink+0x720/0x720
[   51.986029][ T3549]  ? rwsem_write_trylock+0x166/0x210
[   51.991340][ T3549]  ? __up_read+0x690/0x690
[   51.995762][ T3549]  reiserfs_xattr_init+0x348/0x730
[   52.000874][ T3549]  reiserfs_fill_super+0x2203/0x2620
[   52.006187][ T3549]  ? reiserfs_kill_sb+0x150/0x150
[   52.011217][ T3549]  ? snprintf+0xd6/0x120
[   52.015476][ T3549]  mount_bdev+0x2c9/0x3f0
[   52.019807][ T3549]  ? reiserfs_kill_sb+0x150/0x150
[   52.024843][ T3549]  legacy_get_tree+0xeb/0x180
[   52.029520][ T3549]  ? remove_save_link+0x540/0x540
[   52.034550][ T3549]  vfs_get_tree+0x88/0x270
[   52.038972][ T3549]  do_new_mount+0x28b/0xae0
[   52.043567][ T3549]  ? do_move_mount_old+0x160/0x160
[   52.048675][ T3549]  ? user_path_at_empty+0x12b/0x180
[   52.053949][ T3549]  __se_sys_mount+0x2d5/0x3c0
[   52.058623][ T3549]  ? __x64_sys_mount+0xc0/0xc0
[   52.063383][ T3549]  ? syscall_enter_from_user_mode+0x2e/0x220
[   52.069355][ T3549]  ? lockdep_hardirqs_on+0x94/0x130
[   52.074550][ T3549]  ? __x64_sys_mount+0x1c/0xc0
[   52.079309][ T3549]  do_syscall_64+0x3d/0xb0
[   52.083716][ T3549]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.089598][ T3549] RIP: 0033:0x7fb47e6e28ba
[   52.094004][ T3549] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   52.113607][ T3549] RSP: 002b:00007ffc2d608c08 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[   52.122012][ T3549] RAX: ffffffffffffffda RBX: 00007ffc2d608c20 RCX: 00007fb47e6e28ba
[   52.130062][ T3549] RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007ffc2d608c20
[   52.138024][ T3549] RBP: 0000000000000004 R08: 00007ffc2d608c60 R09: 00000000000010fb
[   52.146145][ T3549] R10: 0000000000000080 R11: 0000000000000286 R12: 0000000000000080
[   52.154110][ T3549] R13: 00007ffc2d608c60 R14: 0000000000000003 R15: 0000000000400000
[   52.162075][ T3549]  </TASK>
[   52.165308][ T3549] Kernel Offset: disabled
[   52.169620][ T3549] Rebooting in 86400 seconds..