Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts.
executing program
[   52.826315][ T3500] loop0: detected capacity change from 0 to 1024
[   52.906659][  T154] ==================================================================
[   52.915514][  T154] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8e3/0x1230
[   52.924255][  T154] Read of size 1024 at addr ffff888147a07c00 by task kworker/u4:2/154
[   52.932514][  T154] 
[   52.934843][  T154] CPU: 0 PID: 154 Comm: kworker/u4:2 Not tainted 5.15.113-syzkaller #0
[   52.943070][  T154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   52.953121][  T154] Workqueue: loop0 loop_rootcg_workfn
[   52.958521][  T154] Call Trace:
[   52.961799][  T154]  <TASK>
[   52.964726][  T154]  dump_stack_lvl+0x1e3/0x2cb
[   52.969399][  T154]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   52.975025][  T154]  ? _printk+0xd1/0x111
[   52.979180][  T154]  ? __wake_up_klogd+0xcc/0x100
[   52.984024][  T154]  ? panic+0x84d/0x84d
[   52.988086][  T154]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   52.993546][  T154]  print_address_description+0x63/0x3b0
[   52.999090][  T154]  ? copy_page_from_iter_atomic+0x8e3/0x1230
[   53.005065][  T154]  kasan_report+0x16b/0x1c0
[   53.009565][  T154]  ? copy_page_from_iter_atomic+0x8e3/0x1230
[   53.015898][  T154]  kasan_check_range+0x27e/0x290
[   53.020839][  T154]  ? copy_page_from_iter_atomic+0x8e3/0x1230
[   53.026854][  T154]  memcpy+0x25/0x60
[   53.030670][  T154]  copy_page_from_iter_atomic+0x8e3/0x1230
[   53.036484][  T154]  ? shmem_getpage+0xa0/0xa0
[   53.041076][  T154]  ? pipe_zero+0x4f0/0x4f0
[   53.045501][  T154]  generic_perform_write+0x33a/0x5b0
[   53.050795][  T154]  ? grab_cache_page_write_begin+0x90/0x90
[   53.056595][  T154]  ? file_remove_privs+0x610/0x610
[   53.061707][  T154]  ? down_write+0x10e/0x170
[   53.066207][  T154]  __generic_file_write_iter+0x243/0x4f0
[   53.071842][  T154]  generic_file_write_iter+0xa7/0x1b0
[   53.077218][  T154]  do_iter_readv_writev+0x594/0x7a0
[   53.082590][  T154]  ? generic_file_rw_checks+0x260/0x260
[   53.088134][  T154]  ? common_file_perm+0x17d/0x1d0
[   53.093155][  T154]  ? fsnotify_perm+0x67/0x5a0
[   53.097826][  T154]  ? bpf_lsm_file_permission+0x5/0x10
[   53.103194][  T154]  do_iter_write+0x1ea/0x760
[   53.107774][  T154]  ? rcu_read_lock_any_held+0xb3/0x160
[   53.113253][  T154]  ? vfs_iter_write+0x69/0xa0
[   53.117931][  T154]  lo_write_bvec+0x297/0x740
[   53.122543][  T154]  ? lo_rw_aio+0xd80/0xd80
[   53.127295][  T154]  ? do_raw_spin_unlock+0x137/0x8b0
[   53.132578][  T154]  ? kthread_associate_blkcg+0x2fd/0x590
[   53.138203][  T154]  ? _raw_spin_unlock_irq+0x1f/0x40
[   53.143397][  T154]  loop_process_work+0x2309/0x2af0
[   53.148538][  T154]  ? rcu_lock_release+0x20/0x20
[   53.153520][  T154]  ? read_lock_is_recursive+0x10/0x10
[   53.158977][  T154]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   53.164958][  T154]  ? print_irqtrace_events+0x210/0x210
[   53.170410][  T154]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   53.176297][  T154]  ? do_raw_spin_unlock+0x137/0x8b0
[   53.181495][  T154]  process_one_work+0x8a1/0x10c0
[   53.186438][  T154]  ? worker_detach_from_pool+0x260/0x260
[   53.192177][  T154]  ? _raw_spin_lock_irqsave+0x120/0x120
[   53.197752][  T154]  ? kthread_data+0x4e/0xc0
[   53.202298][  T154]  ? wq_worker_running+0x97/0x170
[   53.207327][  T154]  worker_thread+0xaca/0x1280
[   53.212032][  T154]  kthread+0x3f6/0x4f0
[   53.216099][  T154]  ? rcu_lock_release+0x20/0x20
[   53.220944][  T154]  ? kthread_blkcg+0xd0/0xd0
[   53.225529][  T154]  ret_from_fork+0x1f/0x30
[   53.229950][  T154]  </TASK>
[   53.233066][  T154] 
[   53.235389][  T154] Allocated by task 3500:
[   53.239793][  T154]  ____kasan_kmalloc+0xba/0xf0
[   53.244557][  T154]  __kmalloc+0x168/0x300
[   53.248788][  T154]  hfsplus_read_wrapper+0x4e3/0x13b0
[   53.254080][  T154]  hfsplus_fill_super+0x38a/0x1c90
[   53.259182][  T154]  mount_bdev+0x26d/0x3a0
[   53.263519][  T154]  legacy_get_tree+0xeb/0x180
[   53.268190][  T154]  vfs_get_tree+0x88/0x270
[   53.272684][  T154]  do_new_mount+0x28b/0xad0
[   53.277186][  T154]  __se_sys_mount+0x2d5/0x3c0
[   53.281864][  T154]  do_syscall_64+0x3d/0xb0
[   53.286271][  T154]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   53.292154][  T154] 
[   53.294471][  T154] Last potentially related work creation:
[   53.300172][  T154]  kasan_save_stack+0x36/0x60
[   53.304846][  T154]  kasan_record_aux_stack+0xba/0x100
[   53.310136][  T154]  call_rcu+0x1c4/0xa70
[   53.314298][  T154]  percpu_ref_put+0x207/0x210
[   53.318967][  T154]  rcu_core+0xa15/0x1650
[   53.323221][  T154]  __do_softirq+0x3b3/0x93a
[   53.327719][  T154] 
[   53.330035][  T154] The buggy address belongs to the object at ffff888147a07c00
[   53.330035][  T154]  which belongs to the cache kmalloc-512 of size 512
[   53.344253][  T154] The buggy address is located 0 bytes inside of
[   53.344253][  T154]  512-byte region [ffff888147a07c00, ffff888147a07e00)
[   53.357344][  T154] The buggy address belongs to the page:
[   53.362969][  T154] page:ffffea00051e8100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x147a04
[   53.373199][  T154] head:ffffea00051e8100 order:2 compound_mapcount:0 compound_pincount:0
[   53.381514][  T154] flags: 0x57ff00000010200(slab|head|node=1|zone=2|lastcpupid=0x7ff)
[   53.389577][  T154] raw: 057ff00000010200 0000000000000000 0000000f00000001 ffff888011c41c80
[   53.398248][  T154] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   53.406997][  T154] page dumped because: kasan: bad access detected
[   53.414090][  T154] page_owner tracks the page as allocated
[   53.419877][  T154] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 9033224033, free_ts 0
[   53.438108][  T154]  get_page_from_freelist+0x322a/0x33c0
[   53.443660][  T154]  __alloc_pages+0x272/0x700
[   53.448261][  T154]  alloc_page_interleave+0x22/0x1c0
[   53.453707][  T154]  new_slab+0xbb/0x4b0
[   53.457769][  T154]  ___slab_alloc+0x6f6/0xe10
[   53.462351][  T154]  kmem_cache_alloc_trace+0x1a0/0x290
[   53.467711][  T154]  device_add+0xb5/0xfd0
[   53.471968][  T154]  device_create+0x253/0x2e0
[   53.476552][  T154]  mon_bin_add+0xad/0x120
[   53.480869][  T154]  mon_init+0x141/0x28a
[   53.485220][  T154]  do_one_initcall+0x22b/0x7a0
[   53.489976][  T154]  do_initcall_level+0x157/0x207
[   53.494910][  T154]  do_initcalls+0x49/0x86
[   53.499228][  T154]  kernel_init_freeable+0x43c/0x5c5
[   53.504417][  T154]  kernel_init+0x19/0x290
[   53.508739][  T154]  ret_from_fork+0x1f/0x30
[   53.513146][  T154] page_owner free stack trace missing
[   53.518512][  T154] 
[   53.520940][  T154] Memory state around the buggy address:
[   53.526928][  T154]  ffff888147a07d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.535030][  T154]  ffff888147a07d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.543100][  T154] >ffff888147a07e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.551170][  T154]                    ^
[   53.555232][  T154]  ffff888147a07e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.563285][  T154]  ffff888147a07f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.571356][  T154] ==================================================================
[   53.579421][  T154] Disabling lock debugging due to kernel taint
[   53.585781][  T154] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   53.592997][  T154] CPU: 0 PID: 154 Comm: kworker/u4:2 Tainted: G    B             5.15.113-syzkaller #0
[   53.602660][  T154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   53.612714][  T154] Workqueue: loop0 loop_rootcg_workfn
[   53.618092][  T154] Call Trace:
[   53.621363][  T154]  <TASK>
[   53.624294][  T154]  dump_stack_lvl+0x1e3/0x2cb
[   53.628966][  T154]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   53.634762][  T154]  ? panic+0x84d/0x84d
[   53.638823][  T154]  ? lock_release+0xb9/0x9a0
[   53.643406][  T154]  ? rcu_is_watching+0x11/0xa0
[   53.648236][  T154]  panic+0x318/0x84d
[   53.652152][  T154]  ? check_panic_on_warn+0x1d/0xa0
[   53.657258][  T154]  ? fb_is_primary_device+0xcc/0xcc
[   53.662457][  T154]  ? _raw_spin_unlock_irqrestore+0xd4/0x130
[   53.668341][  T154]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   53.674223][  T154]  ? _raw_spin_unlock+0x40/0x40
[   53.679068][  T154]  ? print_memory_metadata+0xe2/0x140
[   53.684434][  T154]  check_panic_on_warn+0x7e/0xa0
[   53.689361][  T154]  ? copy_page_from_iter_atomic+0x8e3/0x1230
[   53.695334][  T154]  end_report+0x6d/0xf0
[   53.699479][  T154]  kasan_report+0x18e/0x1c0
[   53.703977][  T154]  ? copy_page_from_iter_atomic+0x8e3/0x1230
[   53.709951][  T154]  kasan_check_range+0x27e/0x290
[   53.714884][  T154]  ? copy_page_from_iter_atomic+0x8e3/0x1230
[   53.720854][  T154]  memcpy+0x25/0x60
[   53.724738][  T154]  copy_page_from_iter_atomic+0x8e3/0x1230
[   53.730628][  T154]  ? shmem_getpage+0xa0/0xa0
[   53.735220][  T154]  ? pipe_zero+0x4f0/0x4f0
[   53.739631][  T154]  generic_perform_write+0x33a/0x5b0
[   53.744921][  T154]  ? grab_cache_page_write_begin+0x90/0x90
[   53.750845][  T154]  ? file_remove_privs+0x610/0x610
[   53.755965][  T154]  ? down_write+0x10e/0x170
[   53.760468][  T154]  __generic_file_write_iter+0x243/0x4f0
[   53.766098][  T154]  generic_file_write_iter+0xa7/0x1b0
[   53.771473][  T154]  do_iter_readv_writev+0x594/0x7a0
[   53.776666][  T154]  ? generic_file_rw_checks+0x260/0x260
[   53.782208][  T154]  ? common_file_perm+0x17d/0x1d0
[   53.787226][  T154]  ? fsnotify_perm+0x67/0x5a0
[   53.792416][  T154]  ? bpf_lsm_file_permission+0x5/0x10
[   53.797894][  T154]  do_iter_write+0x1ea/0x760
[   53.802473][  T154]  ? rcu_read_lock_any_held+0xb3/0x160
[   53.807927][  T154]  ? vfs_iter_write+0x69/0xa0
[   53.812593][  T154]  lo_write_bvec+0x297/0x740
[   53.817172][  T154]  ? lo_rw_aio+0xd80/0xd80
[   53.821583][  T154]  ? do_raw_spin_unlock+0x137/0x8b0
[   53.826774][  T154]  ? kthread_associate_blkcg+0x2fd/0x590
[   53.832479][  T154]  ? _raw_spin_unlock_irq+0x1f/0x40
[   53.837666][  T154]  loop_process_work+0x2309/0x2af0
[   53.842780][  T154]  ? rcu_lock_release+0x20/0x20
[   53.847626][  T154]  ? read_lock_is_recursive+0x10/0x10
[   53.852989][  T154]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   53.858959][  T154]  ? print_irqtrace_events+0x210/0x210
[   53.864406][  T154]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   53.870288][  T154]  ? do_raw_spin_unlock+0x137/0x8b0
[   53.875476][  T154]  process_one_work+0x8a1/0x10c0
[   53.880427][  T154]  ? worker_detach_from_pool+0x260/0x260
[   53.886052][  T154]  ? _raw_spin_lock_irqsave+0x120/0x120
[   53.891690][  T154]  ? kthread_data+0x4e/0xc0
[   53.896187][  T154]  ? wq_worker_running+0x97/0x170
[   53.901199][  T154]  worker_thread+0xaca/0x1280
[   53.905872][  T154]  kthread+0x3f6/0x4f0
[   53.909937][  T154]  ? rcu_lock_release+0x20/0x20
[   53.914777][  T154]  ? kthread_blkcg+0xd0/0xd0
[   53.919352][  T154]  ret_from_fork+0x1f/0x30
[   53.923858][  T154]  </TASK>
[   53.927111][  T154] Kernel Offset: disabled
[   53.931440][  T154] Rebooting in 86400 seconds..