Warning: Permanently added '10.128.1.248' (ED25519) to the list of known hosts.
2024/10/20 18:41:53 ignoring optional flag "sandboxArg"="0"
2024/10/20 18:41:53 ignoring optional flag "type"="gce"
2024/10/20 18:41:53 parsed 1 programs
2024/10/20 18:41:54 executed programs: 0
2024/10/20 18:41:59 executed programs: 1
[   55.272583][ T1775] loop0: detected capacity change from 0 to 1024
[   55.324298][   T27] ==================================================================
[   55.332644][   T27] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x6f4/0xde0
[   55.341320][   T27] Read of size 1024 at addr ffff888101ec7c00 by task kworker/u4:2/27
[   55.349538][   T27] 
[   55.351944][   T27] CPU: 0 PID: 27 Comm: kworker/u4:2 Not tainted 6.1.113-syzkaller #0
[   55.360520][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   55.370843][   T27] Workqueue: loop0 loop_workfn
[   55.375712][   T27] Call Trace:
[   55.379060][   T27]  <TASK>
[   55.382072][   T27]  dump_stack_lvl+0xf4/0x251
[   55.386815][   T27]  ? nf_tcp_handle_invalid+0x2f3/0x2f3
[   55.392710][   T27]  ? panic+0x3fe/0x3fe
[   55.396765][   T27]  ? _printk+0xca/0x10a
[   55.400923][   T27]  ? __virt_addr_valid+0x139/0x270
[   55.406364][   T27]  ? __virt_addr_valid+0x221/0x270
[   55.411983][   T27]  print_report+0x15f/0x4f0
[   55.416758][   T27]  ? __virt_addr_valid+0x139/0x270
[   55.422749][   T27]  ? __virt_addr_valid+0x221/0x270
[   55.427945][   T27]  ? copy_page_from_iter_atomic+0x6f4/0xde0
[   55.434180][   T27]  kasan_report+0x136/0x160
[   55.439048][   T27]  ? copy_page_from_iter_atomic+0x6f4/0xde0
[   55.445570][   T27]  kasan_check_range+0x27f/0x290
[   55.450514][   T27]  ? copy_page_from_iter_atomic+0x6f4/0xde0
[   55.456650][   T27]  memcpy+0x25/0x60
[   55.460633][   T27]  copy_page_from_iter_atomic+0x6f4/0xde0
[   55.466953][   T27]  ? pipe_zero+0x1e0/0x1e0
[   55.471810][   T27]  ? shmem_write_begin+0x1dd/0x400
[   55.477029][   T27]  ? shmem_writepage+0x1410/0x1410
[   55.482315][   T27]  ? rcu_is_watching+0x1b/0x90
[   55.487248][   T27]  generic_perform_write+0x352/0x530
[   55.492714][   T27]  ? generic_file_direct_write+0x360/0x360
[   55.498625][   T27]  ? generic_write_checks+0xc9/0x170
[   55.504822][   T27]  __generic_file_write_iter+0x13f/0x340
[   55.510619][   T27]  ? common_file_perm+0x130/0x1e0
[   55.515709][   T27]  generic_file_write_iter+0x99/0x230
[   55.521628][   T27]  do_iter_write+0x664/0xad0
[   55.526729][   T27]  ? vfs_iter_write+0x90/0x90
[   55.532000][   T27]  ? kthread_associate_blkcg+0x1e7/0x330
[   55.537879][   T27]  loop_process_work+0x1420/0x1e40
[   55.543103][   T27]  ? loop_workfn+0x50/0x50
[   55.547889][   T27]  ? read_lock_is_recursive+0x10/0x10
[   55.553254][   T27]  ? _raw_spin_unlock_irqrestore+0xcb/0x130
[   55.559562][   T27]  ? read_word_at_a_time+0xe/0x20
[   55.564656][   T27]  ? process_one_work+0x6af/0xe90
[   55.570021][   T27]  ? process_one_work+0x6af/0xe90
[   55.575031][   T27]  process_one_work+0x745/0xe90
[   55.580467][   T27]  ? worker_detach_from_pool+0x240/0x240
[   55.586598][   T27]  ? __rwlock_init+0x140/0x140
[   55.591332][   T27]  ? wq_worker_sleeping+0x19/0x1f0
[   55.596674][   T27]  worker_thread+0x806/0xe60
[   55.601759][   T27]  kthread+0x1e8/0x240
[   55.605806][   T27]  ? process_one_work+0xe90/0xe90
[   55.611072][   T27]  ? kthread_blkcg+0xa0/0xa0
[   55.616090][   T27]  ret_from_fork+0x1f/0x30
[   55.620677][   T27]  </TASK>
[   55.623674][   T27] 
[   55.625974][   T27] Allocated by task 1775:
[   55.630277][   T27]  kasan_set_track+0x4b/0x70
[   55.635019][   T27]  __kasan_kmalloc+0x97/0xb0
[   55.639698][   T27]  __kmalloc+0xa6/0x1c0
[   55.644266][   T27]  hfsplus_read_wrapper+0x3fc/0x1110
[   55.649722][   T27]  hfsplus_fill_super+0x36e/0x1970
[   55.655076][   T27]  mount_bdev+0x26b/0x340
[   55.659464][   T27]  legacy_get_tree+0xe5/0x170
[   55.664198][   T27]  vfs_get_tree+0x7a/0x170
[   55.668584][   T27]  do_new_mount+0x21a/0x910
[   55.673161][   T27]  __se_sys_mount+0x23e/0x2d0
[   55.677809][   T27]  do_syscall_64+0x3b/0x80
[   55.682376][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.688498][   T27] 
[   55.690807][   T27] The buggy address belongs to the object at ffff888101ec7c00
[   55.690807][   T27]  which belongs to the cache kmalloc-512 of size 512
[   55.705618][   T27] The buggy address is located 0 bytes inside of
[   55.705618][   T27]  512-byte region [ffff888101ec7c00, ffff888101ec7e00)
[   55.718879][   T27] 
[   55.721279][   T27] The buggy address belongs to the physical page:
[   55.728194][   T27] page:ffffea000407b100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ec4
[   55.738582][   T27] head:ffffea000407b100 order:2 compound_mapcount:0 compound_pincount:0
[   55.747143][   T27] flags: 0x100000000010200(slab|head|node=0|zone=2)
[   55.754227][   T27] raw: 0100000000010200 ffffea000404f300 dead000000000002 ffff888100041c80
[   55.763093][   T27] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   55.772343][   T27] page dumped because: kasan: bad access detected
[   55.779297][   T27] page_owner tracks the page as allocated
[   55.785481][   T27] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 2845801070, free_ts 0
[   55.805521][   T27]  post_alloc_hook+0x286/0x2b0
[   55.810530][   T27]  get_page_from_freelist+0x3994/0x3b70
[   55.816132][   T27]  __alloc_pages+0x251/0x640
[   55.820953][   T27]  alloc_page_interleave+0xf/0x120
[   55.826428][   T27]  alloc_slab_page+0x6a/0x150
[   55.831253][   T27]  new_slab+0x70/0x250
[   55.835296][   T27]  ___slab_alloc+0x9df/0xe70
[   55.839862][   T27]  __kmem_cache_alloc_node+0x195/0x250
[   55.845468][   T27]  kmalloc_trace+0x26/0xc0
[   55.849858][   T27]  device_add+0x90/0xd90
[   55.854077][   T27]  tty_register_device_attr+0x3cf/0x8b0
[   55.859595][   T27]  tty_register_driver+0x39d/0xc10
[   55.864673][   T27]  vty_init+0x1e3/0x2b7
[   55.868818][   T27]  tty_init+0xfa/0x120
[   55.872995][   T27]  do_one_initcall+0x19f/0x4c0
[   55.877740][   T27]  do_initcall_level+0x11e/0x1cd
[   55.882735][   T27] page_owner free stack trace missing
[   55.888287][   T27] 
[   55.891070][   T27] Memory state around the buggy address:
[   55.897207][   T27]  ffff888101ec7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.905248][   T27]  ffff888101ec7d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.914361][   T27] >ffff888101ec7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   55.922861][   T27]                    ^
[   55.927014][   T27]  ffff888101ec7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   55.935322][   T27]  ffff888101ec7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   55.943961][   T27] ==================================================================
[   55.952546][   T27] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   55.960262][   T27] Kernel Offset: disabled
[   55.965179][   T27] Rebooting in 86400 seconds..