Warning: Permanently added '10.128.0.219' (ECDSA) to the list of known hosts.
executing program
[ 51.361608][ T3538] loop0: detected capacity change from 0 to 1024
[ 51.420363][ T9] ==================================================================
[ 51.428637][ T9] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x872/0x1100
[ 51.437335][ T9] Read of size 2048 at addr ffff888020c01800 by task kworker/u4:0/9
[ 51.445468][ T9]
[ 51.447778][ T9] CPU: 0 PID: 9 Comm: kworker/u4:0 Not tainted 6.1.31-syzkaller #0
[ 51.455645][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 51.465682][ T9] Workqueue: loop0 loop_rootcg_workfn
[ 51.471074][ T9] Call Trace:
[ 51.474345][ T9]
[ 51.477272][ T9] dump_stack_lvl+0x1e3/0x2cb
[ 51.481942][ T9] ? nf_tcp_handle_invalid+0x642/0x642
[ 51.487439][ T9] ? panic+0x75d/0x75d
[ 51.491489][ T9] ? _printk+0xd1/0x111
[ 51.495625][ T9] ? _raw_spin_lock_irqsave+0xac/0x120
[ 51.501062][ T9] print_report+0x15f/0x4f0
[ 51.505552][ T9] ? __virt_addr_valid+0x22b/0x2e0
[ 51.510644][ T9] ? __phys_addr+0xb6/0x170
[ 51.515127][ T9] ? copy_page_from_iter_atomic+0x872/0x1100
[ 51.521087][ T9] kasan_report+0x136/0x160
[ 51.525661][ T9] ? copy_page_from_iter_atomic+0x872/0x1100
[ 51.531708][ T9] kasan_check_range+0x27f/0x290
[ 51.536629][ T9] ? copy_page_from_iter_atomic+0x872/0x1100
[ 51.542585][ T9] memcpy+0x25/0x60
[ 51.546373][ T9] copy_page_from_iter_atomic+0x872/0x1100
[ 51.552157][ T9] ? shmem_get_folio+0xa0/0xa0
[ 51.556907][ T9] ? pipe_zero+0x220/0x220
[ 51.561297][ T9] ? shmem_write_begin+0x261/0x4e0
[ 51.566391][ T9] ? shmem_writepage+0x1c90/0x1c90
[ 51.571485][ T9] ? fault_in_iov_iter_readable+0x22e/0x270
[ 51.577355][ T9] generic_perform_write+0x36c/0x5e0
[ 51.582631][ T9] ? generic_file_direct_write+0x460/0x460
[ 51.588427][ T9] ? __file_remove_privs+0x640/0x640
[ 51.593693][ T9] ? generic_write_checks+0x15c/0x1c0
[ 51.599044][ T9] ? clear_nonspinnable+0x60/0x60
[ 51.604050][ T9] __generic_file_write_iter+0x176/0x400
[ 51.609666][ T9] generic_file_write_iter+0xab/0x310
[ 51.615020][ T9] do_iter_write+0x6e6/0xc50
[ 51.619589][ T9] ? vfs_iter_write+0xa0/0xa0
[ 51.624253][ T9] ? rcu_read_lock_bh_held+0x110/0x110
[ 51.629707][ T9] ? do_raw_spin_unlock+0x137/0x8a0
[ 51.634888][ T9] ? _raw_spin_unlock_irq+0x1f/0x40
[ 51.640065][ T9] ? vfs_iter_write+0x69/0xa0
[ 51.644731][ T9] loop_process_work+0x13ff/0x2200
[ 51.649830][ T9] ? loop_workfn+0x50/0x50
[ 51.654233][ T9] ? read_lock_is_recursive+0x10/0x10
[ 51.659684][ T9] ? print_irqtrace_events+0x210/0x210
[ 51.665135][ T9] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 51.671011][ T9] process_one_work+0x8aa/0x11f0
[ 51.675933][ T9] ? worker_detach_from_pool+0x260/0x260
[ 51.681544][ T9] ? _raw_spin_lock_irqsave+0x120/0x120
[ 51.687066][ T9] ? kthread_data+0x4e/0xc0
[ 51.691549][ T9] ? wq_worker_running+0x97/0x190
[ 51.696648][ T9] worker_thread+0xa5f/0x1210
[ 51.701316][ T9] kthread+0x26e/0x300
[ 51.705365][ T9] ? rcu_lock_release+0x20/0x20
[ 51.710196][ T9] ? kthread_blkcg+0xd0/0xd0
[ 51.714777][ T9] ret_from_fork+0x1f/0x30
[ 51.719180][ T9]
[ 51.722212][ T9]
[ 51.724540][ T9] Allocated by task 3538:
[ 51.728853][ T9] kasan_set_track+0x4b/0x70
[ 51.733425][ T9] __kasan_kmalloc+0x97/0xb0
[ 51.738002][ T9] __kmalloc+0xb2/0x230
[ 51.742221][ T9] hfsplus_read_wrapper+0x52c/0x1330
[ 51.747484][ T9] hfsplus_fill_super+0x38a/0x1c90
[ 51.752576][ T9] mount_bdev+0x2c9/0x3f0
[ 51.756884][ T9] legacy_get_tree+0xeb/0x180
[ 51.761541][ T9] vfs_get_tree+0x88/0x270
[ 51.765937][ T9] do_new_mount+0x28b/0xae0
[ 51.770421][ T9] __se_sys_mount+0x2d5/0x3c0
[ 51.775081][ T9] do_syscall_64+0x3d/0xb0
[ 51.779476][ T9] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.785354][ T9]
[ 51.787656][ T9] The buggy address belongs to the object at ffff888020c01800
[ 51.787656][ T9] which belongs to the cache kmalloc-512 of size 512
[ 51.801685][ T9] The buggy address is located 0 bytes inside of
[ 51.801685][ T9] 512-byte region [ffff888020c01800, ffff888020c01a00)
[ 51.815111][ T9]
[ 51.817438][ T9] The buggy address belongs to the physical page:
[ 51.823823][ T9] page:ffffea0000830000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20c00
[ 51.833950][ T9] head:ffffea0000830000 order:2 compound_mapcount:0 compound_pincount:0
[ 51.842265][ T9] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 51.850227][ T9] raw: 00fff00000010200 ffffea000089d900 dead000000000002 ffff888012441c80
[ 51.858900][ T9] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 51.867458][ T9] page dumped because: kasan: bad access detected
[ 51.873844][ T9] page_owner tracks the page as allocated
[ 51.879538][ T9] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 6504986201, free_ts 0
[ 51.899134][ T9] post_alloc_hook+0x18d/0x1b0
[ 51.903890][ T9] get_page_from_freelist+0x32ed/0x3480
[ 51.909419][ T9] __alloc_pages+0x28d/0x770
[ 51.913987][ T9] alloc_page_interleave+0x22/0x1c0
[ 51.919178][ T9] alloc_slab_page+0x6a/0x150
[ 51.923832][ T9] new_slab+0x84/0x2d0
[ 51.927906][ T9] ___slab_alloc+0xa71/0x1080
[ 51.932559][ T9] __kmem_cache_alloc_node+0x19f/0x260
[ 51.937996][ T9] __kmalloc+0xa1/0x230
[ 51.942126][ T9] alloc_workqueue+0x18e/0x1440
[ 51.946963][ T9] nvmet_init+0x4b/0x13e
[ 51.951192][ T9] do_one_initcall+0x265/0x8f0
[ 51.955939][ T9] do_initcall_level+0x157/0x207
[ 51.960860][ T9] do_initcalls+0x49/0x86
[ 51.965169][ T9] kernel_init_freeable+0x473/0x61f
[ 51.970357][ T9] kernel_init+0x19/0x290
[ 51.974672][ T9] page_owner free stack trace missing
[ 51.980012][ T9]
[ 51.982311][ T9] Memory state around the buggy address:
[ 51.987920][ T9] ffff888020c01900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 51.995957][ T9] ffff888020c01980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 52.003998][ T9] >ffff888020c01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 52.012033][ T9] ^
[ 52.016074][ T9] ffff888020c01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 52.024106][ T9] ffff888020c01b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 52.032137][ T9] ==================================================================
[ 52.040324][ T9] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 52.047504][ T9] CPU: 0 PID: 9 Comm: kworker/u4:0 Not tainted 6.1.31-syzkaller #0
[ 52.055381][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 52.065416][ T9] Workqueue: loop0 loop_rootcg_workfn
[ 52.070787][ T9] Call Trace:
[ 52.074049][ T9]
[ 52.076966][ T9] dump_stack_lvl+0x1e3/0x2cb
[ 52.081632][ T9] ? nf_tcp_handle_invalid+0x642/0x642
[ 52.087173][ T9] ? panic+0x75d/0x75d
[ 52.091233][ T9] ? vscnprintf+0x59/0x80
[ 52.095559][ T9] panic+0x318/0x75d
[ 52.099448][ T9] ? check_panic_on_warn+0x1d/0xa0
[ 52.104551][ T9] ? memcpy_page_flushcache+0xfc/0xfc
[ 52.109910][ T9] ? _raw_spin_unlock_irqrestore+0xd4/0x130
[ 52.115877][ T9] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 52.121754][ T9] ? _raw_spin_unlock+0x40/0x40
[ 52.126590][ T9] check_panic_on_warn+0x7e/0xa0
[ 52.131514][ T9] ? copy_page_from_iter_atomic+0x872/0x1100
[ 52.137480][ T9] end_report+0x66/0x110
[ 52.141710][ T9] kasan_report+0x143/0x160
[ 52.146208][ T9] ? copy_page_from_iter_atomic+0x872/0x1100
[ 52.152172][ T9] kasan_check_range+0x27f/0x290
[ 52.157097][ T9] ? copy_page_from_iter_atomic+0x872/0x1100
[ 52.163064][ T9] memcpy+0x25/0x60
[ 52.166858][ T9] copy_page_from_iter_atomic+0x872/0x1100
[ 52.172736][ T9] ? shmem_get_folio+0xa0/0xa0
[ 52.177489][ T9] ? pipe_zero+0x220/0x220
[ 52.181888][ T9] ? shmem_write_begin+0x261/0x4e0
[ 52.186995][ T9] ? shmem_writepage+0x1c90/0x1c90
[ 52.192101][ T9] ? fault_in_iov_iter_readable+0x22e/0x270
[ 52.197986][ T9] generic_perform_write+0x36c/0x5e0
[ 52.203359][ T9] ? generic_file_direct_write+0x460/0x460
[ 52.209157][ T9] ? __file_remove_privs+0x640/0x640
[ 52.214432][ T9] ? generic_write_checks+0x15c/0x1c0
[ 52.219793][ T9] ? clear_nonspinnable+0x60/0x60
[ 52.224811][ T9] __generic_file_write_iter+0x176/0x400
[ 52.230438][ T9] generic_file_write_iter+0xab/0x310
[ 52.235891][ T9] do_iter_write+0x6e6/0xc50
[ 52.241254][ T9] ? vfs_iter_write+0xa0/0xa0
[ 52.245923][ T9] ? rcu_read_lock_bh_held+0x110/0x110
[ 52.251378][ T9] ? do_raw_spin_unlock+0x137/0x8a0
[ 52.256739][ T9] ? _raw_spin_unlock_irq+0x1f/0x40
[ 52.261920][ T9] ? vfs_iter_write+0x69/0xa0
[ 52.266598][ T9] loop_process_work+0x13ff/0x2200
[ 52.272579][ T9] ? loop_workfn+0x50/0x50
[ 52.276988][ T9] ? read_lock_is_recursive+0x10/0x10
[ 52.282345][ T9] ? print_irqtrace_events+0x210/0x210
[ 52.287789][ T9] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 52.293680][ T9] process_one_work+0x8aa/0x11f0
[ 52.298616][ T9] ? worker_detach_from_pool+0x260/0x260
[ 52.304250][ T9] ? _raw_spin_lock_irqsave+0x120/0x120
[ 52.309782][ T9] ? kthread_data+0x4e/0xc0
[ 52.314276][ T9] ? wq_worker_running+0x97/0x190
[ 52.319289][ T9] worker_thread+0xa5f/0x1210
[ 52.323964][ T9] kthread+0x26e/0x300
[ 52.328018][ T9] ? rcu_lock_release+0x20/0x20
[ 52.332863][ T9] ? kthread_blkcg+0xd0/0xd0
[ 52.337441][ T9] ret_from_fork+0x1f/0x30
[ 52.341853][ T9]
[ 52.345054][ T9] Kernel Offset: disabled
[ 52.349367][ T9] Rebooting in 86400 seconds..