==================================================================
BUG: KASAN: use-after-free in copy_page_from_iter_atomic+0x834/0xffc lib/iov_iter.c:978
Read of size 4096 at addr ffff0000caac3000 by task kworker/u4:2/148

CPU: 1 PID: 148 Comm: kworker/u4:2 Not tainted 5.15.145-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Workqueue: loop4 loop_workfn
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 print_address_description+0x7c/0x3f0 mm/kasan/report.c:248
 __kasan_report mm/kasan/report.c:434 [inline]
 kasan_report+0x174/0x1e4 mm/kasan/report.c:451
 kasan_check_range+0x274/0x2b4 mm/kasan/generic.c:189
 memcpy+0x90/0xe8 mm/kasan/shadow.c:65
 copy_page_from_iter_atomic+0x834/0xffc lib/iov_iter.c:978
 generic_perform_write+0x2d0/0x520 mm/filemap.c:3784
 __generic_file_write_iter+0x230/0x454 mm/filemap.c:3903
 generic_file_write_iter+0xb4/0x1b8 mm/filemap.c:3935
 do_iter_readv_writev+0x420/0x5f8
 do_iter_write+0x1b8/0x664 fs/read_write.c:855
 vfs_iter_write+0x88/0xac fs/read_write.c:896
 lo_write_bvec+0x394/0xb4c drivers/block/loop.c:316
 lo_write_simple drivers/block/loop.c:338 [inline]
 do_req_filebacked drivers/block/loop.c:656 [inline]
 loop_handle_cmd drivers/block/loop.c:2234 [inline]
 loop_process_work+0x1f24/0x2798 drivers/block/loop.c:2274
 loop_workfn+0x54/0x68 drivers/block/loop.c:2298
 process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
 worker_thread+0x910/0x1034 kernel/workqueue.c:2457
 kthread+0x37c/0x45c kernel/kthread.c:319
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870

The buggy address belongs to the page:
page:0000000067f652e8 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10aac3
flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff)
raw: 05ffc00000000000 fffffc0003676988 fffffc00053d3348 0000000000000000
raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff0000caac2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff0000caac2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff0000caac3000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                   ^
 ffff0000caac3080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff0000caac3100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================