Warning: Permanently added '10.128.10.20' (ECDSA) to the list of known hosts. executing program [ 68.096194][ T3544] loop0: detected capacity change from 0 to 8192 [ 68.106840][ T3544] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 68.119932][ T3544] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 68.129373][ T3544] REISERFS (device loop0): using ordered data mode [ 68.135877][ T3544] reiserfs: using flush barriers [ 68.142440][ T3544] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 68.159616][ T3544] REISERFS (device loop0): checking transaction log (loop0) [ 68.210883][ T3544] REISERFS (device loop0): Using r5 hash to sort names [ 68.217978][ T3544] REISERFS (device loop0): using 3.5.x disk format [ 68.225544][ T3544] ================================================================== [ 68.233622][ T3544] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x95f/0x13a0 [ 68.241184][ T3544] Read of size 18446744073709551584 at addr ffff88806fa1dfa4 by task syz-executor225/3544 [ 68.251065][ T3544] [ 68.253381][ T3544] CPU: 1 PID: 3544 Comm: syz-executor225 Not tainted 6.1.37-syzkaller #0 [ 68.261781][ T3544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 68.271915][ T3544] Call Trace: [ 68.275188][ T3544] <TASK> [ 68.278115][ T3544] dump_stack_lvl+0x1e3/0x2cb [ 68.282847][ T3544] ? irq_work_queue+0xcd/0x150 [ 68.287630][ T3544] ? nf_tcp_handle_invalid+0x642/0x642 [ 68.293107][ T3544] ? panic+0x75d/0x75d [ 68.297188][ T3544] ? _printk+0xd1/0x111 [ 68.301350][ T3544] ? _raw_spin_lock_irqsave+0xac/0x120 [ 68.306822][ T3544] print_report+0x15f/0x4f0 [ 68.311335][ T3544] ? __lock_acquire+0x125b/0x1f80 [ 68.316358][ T3544] ? __virt_addr_valid+0x22b/0x2e0 [ 68.321475][ T3544] ? __phys_addr+0xb6/0x170 [ 68.325983][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 68.331278][ T3544] kasan_report+0x136/0x160 [ 68.335780][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 68.341085][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 68.346386][ T3544] kasan_check_range+0x27f/0x290 [ 68.351342][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 68.356650][ T3544] memmove+0x25/0x60 [ 68.360556][ T3544] leaf_paste_entries+0x95f/0x13a0 [ 68.365704][ T3544] balance_leaf+0xbd1e/0x12510 [ 68.370494][ T3544] ? print_irqtrace_events+0x210/0x210 [ 68.375972][ T3544] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 68.381885][ T3544] ? _raw_spin_unlock+0x40/0x40 [ 68.386762][ T3544] ? stack_trace_save+0x113/0x1c0 [ 68.391803][ T3544] ? stack_trace_snprint+0xe0/0xe0 [ 68.396926][ T3544] ? do_balance+0x8f0/0x8f0 [ 68.401643][ T3544] ? __stack_depot_save+0x3f5/0x470 [ 68.406876][ T3544] ? kasan_set_track+0x60/0x70 [ 68.411664][ T3544] ? kasan_set_track+0x4b/0x70 [ 68.416439][ T3544] ? __kasan_kmalloc+0x97/0xb0 [ 68.421219][ T3544] ? __kmalloc+0xb2/0x230 [ 68.425586][ T3544] ? fix_nodes+0x69aa/0x8c70 [ 68.430193][ T3544] ? reiserfs_paste_into_item+0x65d/0x880 [ 68.435920][ T3544] ? reiserfs_add_entry+0x9b8/0xd70 [ 68.441122][ T3544] ? reiserfs_mkdir+0x6bc/0x8f0 [ 68.445976][ T3544] ? reiserfs_xattr_init+0x348/0x730 [ 68.451268][ T3544] ? reiserfs_fill_super+0x2203/0x2620 [ 68.456734][ T3544] ? mount_bdev+0x2c9/0x3f0 [ 68.461242][ T3544] ? legacy_get_tree+0xeb/0x180 [ 68.466189][ T3544] ? vfs_get_tree+0x88/0x270 [ 68.470789][ T3544] ? do_new_mount+0x28b/0xae0 [ 68.475477][ T3544] ? __se_sys_mount+0x2d5/0x3c0 [ 68.480350][ T3544] ? do_syscall_64+0x3d/0xb0 [ 68.484963][ T3544] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 68.491055][ T3544] ? __wake_up+0x1c0/0x1c0 [ 68.495482][ T3544] ? get_parents+0x513/0xfa0 [ 68.500089][ T3544] ? set_parameters+0x8d0/0x8d0 [ 68.505075][ T3544] ? get_neighbors+0x631/0x1010 [ 68.509939][ T3544] ? reiserfs_prepare_for_journal+0x269/0x280 [ 68.516022][ T3544] ? fix_nodes+0x7abc/0x8c70 [ 68.520616][ T3544] ? __might_sleep+0xb0/0xb0 [ 68.525222][ T3544] do_balance+0x309/0x8f0 [ 68.529574][ T3544] ? get_right_neighbor_position+0x210/0x210 [ 68.535584][ T3544] ? reiserfs_paste_into_item+0x3ef/0x880 [ 68.541315][ T3544] reiserfs_paste_into_item+0x73b/0x880 [ 68.546880][ T3544] ? reiserfs_cut_from_item+0x2580/0x2580 [ 68.552645][ T3544] ? reiserfs_get_parent+0x2c0/0x2c0 [ 68.557942][ T3544] ? inode_get_bytes+0x72/0xa0 [ 68.562714][ T3544] ? _find_first_zero_bit+0x61/0x100 [ 68.568011][ T3544] reiserfs_add_entry+0x9b8/0xd70 [ 68.573051][ T3544] ? drop_new_inode+0x60/0x60 [ 68.577741][ T3544] ? do_journal_begin_r+0xdc9/0x1020 [ 68.583048][ T3544] ? journal_begin+0x1ef/0x350 [ 68.587817][ T3544] reiserfs_mkdir+0x6bc/0x8f0 [ 68.592503][ T3544] ? reiserfs_symlink+0x720/0x720 [ 68.597536][ T3544] ? rwsem_write_trylock+0x166/0x210 [ 68.602839][ T3544] ? __up_read+0x690/0x690 [ 68.607267][ T3544] reiserfs_xattr_init+0x348/0x730 [ 68.612388][ T3544] reiserfs_fill_super+0x2203/0x2620 [ 68.617687][ T3544] ? reiserfs_kill_sb+0x150/0x150 [ 68.622732][ T3544] ? snprintf+0xd6/0x120 [ 68.626992][ T3544] mount_bdev+0x2c9/0x3f0 [ 68.631329][ T3544] ? reiserfs_kill_sb+0x150/0x150 [ 68.636365][ T3544] legacy_get_tree+0xeb/0x180 [ 68.641051][ T3544] ? remove_save_link+0x540/0x540 [ 68.646086][ T3544] vfs_get_tree+0x88/0x270 [ 68.650515][ T3544] do_new_mount+0x28b/0xae0 [ 68.655028][ T3544] ? do_move_mount_old+0x160/0x160 [ 68.660148][ T3544] ? user_path_at_empty+0x12b/0x180 [ 68.665351][ T3544] __se_sys_mount+0x2d5/0x3c0 [ 68.670126][ T3544] ? __x64_sys_mount+0xc0/0xc0 [ 68.674916][ T3544] ? syscall_enter_from_user_mode+0x2e/0x220 [ 68.680909][ T3544] ? lockdep_hardirqs_on+0x94/0x130 [ 68.686130][ T3544] ? __x64_sys_mount+0x1c/0xc0 [ 68.690917][ T3544] do_syscall_64+0x3d/0xb0 [ 68.695348][ T3544] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 68.701254][ T3544] RIP: 0033:0x7f8bba95fb1a [ 68.705676][ T3544] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 68.725284][ T3544] RSP: 002b:00007ffff5366518 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 68.733701][ T3544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8bba95fb1a [ 68.741671][ T3544] RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007ffff5366530 [ 68.749644][ T3544] RBP: 00007ffff5366530 R08: 00007ffff5366570 R09: 00000000000010f0 [ 68.757617][ T3544] R10: 0000000000000080 R11: 0000000000000286 R12: 0000000000000004 [ 68.765586][ T3544] R13: 0000555555bdd2c0 R14: 0000000000000080 R15: 00007ffff5366570 [ 68.773565][ T3544] </TASK> [ 68.776580][ T3544] [ 68.778905][ T3544] The buggy address belongs to the physical page: [ 68.785308][ T3544] page:ffffea0001be8740 refcount:3 mapcount:0 mapping:ffff888140cfc9f8 index:0x213 pfn:0x6fa1d [ 68.795638][ T3544] memcg:ffff888140148000 [ 68.799876][ T3544] aops:def_blk_aops ino:700000 [ 68.804646][ T3544] flags: 0xfff18000002042(referenced|workingset|private|node=0|zone=1|lastcpupid=0x7ff) [ 68.814366][ T3544] raw: 00fff18000002042 0000000000000000 dead000000000122 ffff888140cfc9f8 [ 68.822950][ T3544] raw: 0000000000000213 ffff88807003a3a0 00000003ffffffff ffff888140148000 [ 68.831526][ T3544] page dumped because: kasan: bad access detected [ 68.837930][ T3544] page_owner tracks the page as allocated [ 68.843638][ T3544] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 3544, tgid 3544 (syz-executor225), ts 68210484133, free_ts 18152878966 [ 68.864215][ T3544] post_alloc_hook+0x18d/0x1b0 [ 68.868991][ T3544] get_page_from_freelist+0x32ed/0x3480 [ 68.874540][ T3544] __alloc_pages+0x28d/0x770 [ 68.879130][ T3544] folio_alloc+0x1a/0x50 [ 68.883378][ T3544] filemap_alloc_folio+0xda/0x4f0 [ 68.888431][ T3544] __filemap_get_folio+0x711/0xe30 [ 68.893553][ T3544] pagecache_get_page+0x28/0x250 [ 68.898497][ T3544] __getblk_gfp+0x211/0xa20 [ 68.903010][ T3544] search_by_key+0x460/0x4b60 [ 68.907699][ T3544] reiserfs_read_locked_inode+0x23c/0x2950 [ 68.913512][ T3544] reiserfs_fill_super+0x135f/0x2620 [ 68.918816][ T3544] mount_bdev+0x2c9/0x3f0 [ 68.923161][ T3544] legacy_get_tree+0xeb/0x180 [ 68.927862][ T3544] vfs_get_tree+0x88/0x270 [ 68.932297][ T3544] do_new_mount+0x28b/0xae0 [ 68.936812][ T3544] __se_sys_mount+0x2d5/0x3c0 [ 68.941508][ T3544] page last free stack trace: [ 68.946176][ T3544] free_unref_page_prepare+0xf63/0x1120 [ 68.951737][ T3544] free_unref_page+0x98/0x570 [ 68.956519][ T3544] free_contig_range+0x9a/0x150 [ 68.961367][ T3544] destroy_args+0xfe/0x997 [ 68.965784][ T3544] debug_vm_pgtable+0x416/0x46b [ 68.970643][ T3544] do_one_initcall+0x265/0x8f0 [ 68.975420][ T3544] do_initcall_level+0x157/0x207 [ 68.980362][ T3544] do_initcalls+0x49/0x86 [ 68.984696][ T3544] kernel_init_freeable+0x473/0x61f [ 68.989900][ T3544] kernel_init+0x19/0x290 [ 68.994228][ T3544] ret_from_fork+0x1f/0x30 [ 68.998666][ T3544] [ 69.000994][ T3544] Memory state around the buggy address: [ 69.006625][ T3544] ffff88806fa1de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.014690][ T3544] ffff88806fa1df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.022752][ T3544] >ffff88806fa1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.030811][ T3544] ^ [ 69.035913][ T3544] ffff88806fa1e000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 69.043969][ T3544] ffff88806fa1e080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 69.052040][ T3544] ================================================================== [ 69.064478][ T3544] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 69.071711][ T3544] CPU: 0 PID: 3544 Comm: syz-executor225 Not tainted 6.1.37-syzkaller #0 [ 69.080224][ T3544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 69.090365][ T3544] Call Trace: [ 69.093642][ T3544] <TASK> [ 69.096572][ T3544] dump_stack_lvl+0x1e3/0x2cb [ 69.101283][ T3544] ? nf_tcp_handle_invalid+0x642/0x642 [ 69.106748][ T3544] ? panic+0x75d/0x75d [ 69.110811][ T3544] ? preempt_schedule_common+0xa6/0xd0 [ 69.116277][ T3544] ? vscnprintf+0x59/0x80 [ 69.120607][ T3544] panic+0x318/0x75d [ 69.124525][ T3544] ? check_panic_on_warn+0x1d/0xa0 [ 69.129641][ T3544] ? memcpy_page_flushcache+0xfc/0xfc [ 69.135009][ T3544] ? _raw_spin_unlock_irqrestore+0x128/0x130 [ 69.140985][ T3544] ? _raw_spin_unlock+0x40/0x40 [ 69.145830][ T3544] ? print_report+0x4a3/0x4f0 [ 69.150526][ T3544] check_panic_on_warn+0x7e/0xa0 [ 69.155488][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 69.160782][ T3544] end_report+0x66/0x110 [ 69.165015][ T3544] kasan_report+0x143/0x160 [ 69.169515][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 69.174805][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 69.180092][ T3544] kasan_check_range+0x27f/0x290 [ 69.185020][ T3544] ? leaf_paste_entries+0x95f/0x13a0 [ 69.190314][ T3544] memmove+0x25/0x60 [ 69.194219][ T3544] leaf_paste_entries+0x95f/0x13a0 [ 69.199344][ T3544] balance_leaf+0xbd1e/0x12510 [ 69.204117][ T3544] ? print_irqtrace_events+0x210/0x210 [ 69.209584][ T3544] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 69.215480][ T3544] ? _raw_spin_unlock+0x40/0x40 [ 69.220329][ T3544] ? stack_trace_save+0x113/0x1c0 [ 69.225357][ T3544] ? stack_trace_snprint+0xe0/0xe0 [ 69.230511][ T3544] ? do_balance+0x8f0/0x8f0 [ 69.235099][ T3544] ? __stack_depot_save+0x3f5/0x470 [ 69.240295][ T3544] ? kasan_set_track+0x60/0x70 [ 69.245057][ T3544] ? kasan_set_track+0x4b/0x70 [ 69.249818][ T3544] ? __kasan_kmalloc+0x97/0xb0 [ 69.254583][ T3544] ? __kmalloc+0xb2/0x230 [ 69.258903][ T3544] ? fix_nodes+0x69aa/0x8c70 [ 69.263501][ T3544] ? reiserfs_paste_into_item+0x65d/0x880 [ 69.269216][ T3544] ? reiserfs_add_entry+0x9b8/0xd70 [ 69.274410][ T3544] ? reiserfs_mkdir+0x6bc/0x8f0 [ 69.279256][ T3544] ? reiserfs_xattr_init+0x348/0x730 [ 69.284543][ T3544] ? reiserfs_fill_super+0x2203/0x2620 [ 69.290006][ T3544] ? mount_bdev+0x2c9/0x3f0 [ 69.294514][ T3544] ? legacy_get_tree+0xeb/0x180 [ 69.299369][ T3544] ? vfs_get_tree+0x88/0x270 [ 69.303966][ T3544] ? do_new_mount+0x28b/0xae0 [ 69.308649][ T3544] ? __se_sys_mount+0x2d5/0x3c0 [ 69.313505][ T3544] ? do_syscall_64+0x3d/0xb0 [ 69.318098][ T3544] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 69.324176][ T3544] ? __wake_up+0x1c0/0x1c0 [ 69.328591][ T3544] ? get_parents+0x513/0xfa0 [ 69.333185][ T3544] ? set_parameters+0x8d0/0x8d0 [ 69.338035][ T3544] ? get_neighbors+0x631/0x1010 [ 69.342887][ T3544] ? reiserfs_prepare_for_journal+0x269/0x280 [ 69.348954][ T3544] ? fix_nodes+0x7abc/0x8c70 [ 69.353555][ T3544] ? __might_sleep+0xb0/0xb0 [ 69.358147][ T3544] do_balance+0x309/0x8f0 [ 69.362477][ T3544] ? get_right_neighbor_position+0x210/0x210 [ 69.368461][ T3544] ? reiserfs_paste_into_item+0x3ef/0x880 [ 69.374180][ T3544] reiserfs_paste_into_item+0x73b/0x880 [ 69.379723][ T3544] ? reiserfs_cut_from_item+0x2580/0x2580 [ 69.385462][ T3544] ? reiserfs_get_parent+0x2c0/0x2c0 [ 69.390742][ T3544] ? inode_get_bytes+0x72/0xa0 [ 69.395501][ T3544] ? _find_first_zero_bit+0x61/0x100 [ 69.400783][ T3544] reiserfs_add_entry+0x9b8/0xd70 [ 69.405806][ T3544] ? drop_new_inode+0x60/0x60 [ 69.410484][ T3544] ? do_journal_begin_r+0xdc9/0x1020 [ 69.415776][ T3544] ? journal_begin+0x1ef/0x350 [ 69.420534][ T3544] reiserfs_mkdir+0x6bc/0x8f0 [ 69.425205][ T3544] ? reiserfs_symlink+0x720/0x720 [ 69.430230][ T3544] ? rwsem_write_trylock+0x166/0x210 [ 69.435531][ T3544] ? __up_read+0x690/0x690 [ 69.439949][ T3544] reiserfs_xattr_init+0x348/0x730 [ 69.445061][ T3544] reiserfs_fill_super+0x2203/0x2620 [ 69.450353][ T3544] ? reiserfs_kill_sb+0x150/0x150 [ 69.455385][ T3544] ? snprintf+0xd6/0x120 [ 69.459636][ T3544] mount_bdev+0x2c9/0x3f0 [ 69.463968][ T3544] ? reiserfs_kill_sb+0x150/0x150 [ 69.468996][ T3544] legacy_get_tree+0xeb/0x180 [ 69.473677][ T3544] ? remove_save_link+0x540/0x540 [ 69.478702][ T3544] vfs_get_tree+0x88/0x270 [ 69.483118][ T3544] do_new_mount+0x28b/0xae0 [ 69.487622][ T3544] ? do_move_mount_old+0x160/0x160 [ 69.492741][ T3544] ? user_path_at_empty+0x12b/0x180 [ 69.497937][ T3544] __se_sys_mount+0x2d5/0x3c0 [ 69.502616][ T3544] ? __x64_sys_mount+0xc0/0xc0 [ 69.507383][ T3544] ? syscall_enter_from_user_mode+0x2e/0x220 [ 69.513357][ T3544] ? lockdep_hardirqs_on+0x94/0x130 [ 69.518551][ T3544] ? __x64_sys_mount+0x1c/0xc0 [ 69.523401][ T3544] do_syscall_64+0x3d/0xb0 [ 69.527814][ T3544] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 69.533703][ T3544] RIP: 0033:0x7f8bba95fb1a [ 69.538118][ T3544] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 69.558067][ T3544] RSP: 002b:00007ffff5366518 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 69.566496][ T3544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8bba95fb1a [ 69.574464][ T3544] RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007ffff5366530 [ 69.582431][ T3544] RBP: 00007ffff5366530 R08: 00007ffff5366570 R09: 00000000000010f0 [ 69.590392][ T3544] R10: 0000000000000080 R11: 0000000000000286 R12: 0000000000000004 [ 69.598375][ T3544] R13: 0000555555bdd2c0 R14: 0000000000000080 R15: 00007ffff5366570 [ 69.606355][ T3544] </TASK> [ 69.609745][ T3544] Kernel Offset: disabled [ 69.614068][ T3544] Rebooting in 86400 seconds..