[ 15.498369][ T3892] 8021q: adding VLAN 0 to HW filter on device bond0 [ 15.501532][ T3892] eql: remember to turn off Van-Jacobson compression on your slave devices [ 15.546965][ T149] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 15.549987][ T1510] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.69' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 35.968250][ T4223] loop0: detected capacity change from 0 to 8192 [ 35.973443][ T4223] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 35.976307][ T4223] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 35.978304][ T4223] REISERFS (device loop0): using ordered data mode [ 35.979668][ T4223] reiserfs: using flush barriers [ 35.981794][ T4223] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 35.985409][ T4223] REISERFS (device loop0): checking transaction log (loop0) [ 36.023822][ T4223] REISERFS (device loop0): Using r5 hash to sort names [ 36.025461][ T4223] REISERFS (device loop0): using 3.5.x disk format [ 36.027315][ T4223] ================================================================== [ 36.028950][ T4223] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x698/0xb10 [ 36.030437][ T4223] Read of size 18446744073709551584 at addr ffff0001882defa4 by task syz-executor363/4223 [ 36.032509][ T4223] [ 36.032973][ T4223] CPU: 0 PID: 4223 Comm: syz-executor363 Not tainted 6.1.37-syzkaller #0 [ 36.034678][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 36.036754][ T4223] Call trace: [ 36.037407][ T4223] dump_backtrace+0x1c8/0x1f4 [ 36.038382][ T4223] show_stack+0x2c/0x3c [ 36.039301][ T4223] dump_stack_lvl+0x108/0x170 [ 36.040289][ T4223] print_report+0x174/0x4c0 [ 36.041241][ T4223] kasan_report+0xd4/0x130 [ 36.042160][ T4223] kasan_check_range+0x264/0x2a4 [ 36.043183][ T4223] memmove+0x48/0x90 [ 36.044017][ T4223] leaf_paste_entries+0x698/0xb10 [ 36.045035][ T4223] balance_leaf+0xa0d4/0xe860 [ 36.046008][ T4223] do_balance+0x27c/0x788 [ 36.046892][ T4223] reiserfs_paste_into_item+0x630/0x744 [ 36.048050][ T4223] reiserfs_add_entry+0x8ec/0xcc4 [ 36.049127][ T4223] reiserfs_mkdir+0x588/0x77c [ 36.050110][ T4223] reiserfs_xattr_init+0x2b0/0x6bc [ 36.051201][ T4223] reiserfs_fill_super+0x1bfc/0x2028 [ 36.052315][ T4223] mount_bdev+0x274/0x370 [ 36.053184][ T4223] get_super_block+0x44/0x58 [ 36.054127][ T4223] legacy_get_tree+0xd4/0x16c [ 36.055077][ T4223] vfs_get_tree+0x90/0x274 [ 36.056000][ T4223] do_new_mount+0x25c/0x8c4 [ 36.056942][ T4223] path_mount+0x590/0xe58 [ 36.057856][ T4223] __arm64_sys_mount+0x45c/0x594 [ 36.058874][ T4223] invoke_syscall+0x98/0x2c0 [ 36.059807][ T4223] el0_svc_common+0x138/0x258 [ 36.060751][ T4223] do_el0_svc+0x64/0x218 [ 36.061647][ T4223] el0_svc+0x58/0x168 [ 36.062450][ T4223] el0t_64_sync_handler+0x84/0xf0 [ 36.063457][ T4223] el0t_64_sync+0x18c/0x190 [ 36.064398][ T4223] [ 36.064864][ T4223] The buggy address belongs to the physical page: [ 36.066223][ T4223] page:00000000ebf9b8c3 refcount:3 mapcount:0 mapping:00000000d39dccee index:0x213 pfn:0x1c82de [ 36.068335][ T4223] memcg:ffff0000c0930000 [ 36.069201][ T4223] aops:def_blk_aops ino:700000 [ 36.070200][ T4223] flags: 0x5ffc60000002042(referenced|workingset|private|node=0|zone=2|lastcpupid=0x7ff) [ 36.072210][ T4223] raw: 05ffc60000002042 0000000000000000 dead000000000122 ffff0000c049a910 [ 36.073962][ T4223] raw: 0000000000000213 ffff0000dfbb7ae0 00000003ffffffff ffff0000c0930000 [ 36.075776][ T4223] page dumped because: kasan: bad access detected [ 36.077110][ T4223] [ 36.077588][ T4223] Memory state around the buggy address: [ 36.078767][ T4223] ffff0001882dee80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.080437][ T4223] ffff0001882def00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.082076][ T4223] >ffff0001882def80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.083699][ T4223] ^ [ 36.084714][ T4223] ffff0001882df000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.086387][ T4223] ffff0001882df080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.087974][ T4223] ================================================================== [ 36.089714][ T4223] Disabling lock debugging due to kernel taint [ 36.091047][ T4223] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376 [ 36.095082][ T4223] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 36.097194][ T4223] REISERFS (device loop0): Remounting filesystem read-only [ 36.098659][ T4223] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [1 2 0x0 SD] stat data [ 36.101444][ T4223] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount. [ 36.104292][ T4223] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376 [ 36.108313][ T4223] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 36.110519][ T4223] REISERFS error (device loop0): zam-7001 reiserfs_find_entry: io error