Warning: Permanently added '10.128.1.135' (ED25519) to the list of known hosts.
2023/10/08 22:50:05 ignoring optional flag "sandboxArg"="0"
2023/10/08 22:50:05 parsed 1 programs
2023/10/08 22:50:05 executed programs: 0
[   47.093512][ T1857] loop0: detected capacity change from 0 to 1024
[   47.141529][   T60] ==================================================================
[   47.149936][   T60] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x9ed/0x1000
[   47.159965][   T60] Read of size 1024 at addr ffff88810beb8c00 by task kworker/u4:1/60
[   47.169949][   T60] 
[   47.173037][   T60] CPU: 1 PID: 60 Comm: kworker/u4:1 Not tainted 5.15.134-syzkaller #0
[   47.182216][   T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   47.192455][   T60] Workqueue: loop0 loop_rootcg_workfn
[   47.198041][   T60] Call Trace:
[   47.201521][   T60]  <TASK>
[   47.204532][   T60]  dump_stack_lvl+0x41/0x5e
[   47.209282][   T60]  print_address_description.constprop.0.cold+0x6c/0x309
[   47.217563][   T60]  ? copy_page_from_iter_atomic+0x9ed/0x1000
[   47.224034][   T60]  ? copy_page_from_iter_atomic+0x9ed/0x1000
[   47.230150][   T60]  kasan_report.cold+0x83/0xdf
[   47.235790][   T60]  ? copy_page_from_iter_atomic+0x9ed/0x1000
[   47.242245][   T60]  kasan_check_range+0x13d/0x180
[   47.247782][   T60]  memcpy+0x20/0x60
[   47.251937][   T60]  copy_page_from_iter_atomic+0x9ed/0x1000
[   47.258003][   T60]  ? copyin+0x60/0x60
[   47.262331][   T60]  ? shmem_getattr+0x1c0/0x1c0
[   47.267624][   T60]  ? is_dynamic_key+0x150/0x150
[   47.273080][   T60]  generic_perform_write+0x235/0x430
[   47.279039][   T60]  ? trace_event_raw_event_file_check_and_advance_wb_err+0x460/0x460
[   47.291258][   T60]  ? new_inode+0x2d0/0x2d0
[   47.296303][   T60]  ? generic_write_checks+0x1e7/0x310
[   47.301840][   T60]  __generic_file_write_iter+0x1fb/0x5d0
[   47.307897][   T60]  generic_file_write_iter+0xb9/0x1c0
[   47.313316][   T60]  ? register_lock_class+0xbb/0x1580
[   47.318853][   T60]  do_iter_readv_writev+0x333/0x6d0
[   47.324655][   T60]  ? new_sync_write+0x5f0/0x5f0
[   47.329768][   T60]  ? is_dynamic_key+0x150/0x150
[   47.334821][   T60]  ? apparmor_file_permission+0x11e/0x280
[   47.341076][   T60]  do_iter_write+0x12a/0x620
[   47.346181][   T60]  ? lock_acquire+0x11a/0x230
[   47.351317][   T60]  ? loop_process_work+0x9a6/0x2410
[   47.356704][   T60]  lo_write_bvec+0x11c/0x4f0
[   47.361699][   T60]  ? lo_fallocate.isra.0+0x130/0x130
[   47.367232][   T60]  ? lock_downgrade+0x4f0/0x4f0
[   47.372439][   T60]  ? rwlock_bug.part.0+0x90/0x90
[   47.377633][   T60]  ? lock_acquire+0x11a/0x230
[   47.382528][   T60]  loop_process_work+0x9a6/0x2410
[   47.388461][   T60]  ? is_dynamic_key+0x150/0x150
[   47.393879][   T60]  ? wb_workfn+0x7bd/0xc40
[   47.398716][   T60]  ? lo_rw_aio.isra.0+0xda0/0xda0
[   47.404012][   T60]  ? __lock_acquire.constprop.0+0x478/0xb30
[   47.410497][   T60]  ? lock_acquire+0x11a/0x230
[   47.415659][   T60]  ? process_one_work+0x75c/0x11a0
[   47.421002][   T60]  process_one_work+0x800/0x11a0
[   47.426376][   T60]  ? mod_delayed_work_on+0x280/0x280
[   47.432209][   T60]  ? rwlock_bug.part.0+0x90/0x90
[   47.437391][   T60]  ? lock_acquire+0x11a/0x230
[   47.442634][   T60]  worker_thread+0x4a0/0xdd0
[   47.447317][   T60]  ? __kthread_parkme+0x92/0x120
[   47.452450][   T60]  ? rescuer_thread+0xb30/0xb30
[   47.457545][   T60]  kthread+0x2f8/0x3b0
[   47.461968][   T60]  ? set_kthread_struct+0x100/0x100
[   47.468043][   T60]  ret_from_fork+0x1f/0x30
[   47.472884][   T60]  </TASK>
[   47.476922][   T60] 
[   47.479641][   T60] Allocated by task 1857:
[   47.484629][   T60]  kasan_save_stack+0x1b/0x40
[   47.490200][   T60]  __kasan_kmalloc+0x7c/0x90
[   47.495163][   T60]  hfsplus_read_wrapper+0x2f2/0xdf0
[   47.501263][   T60]  hfsplus_fill_super+0x2ee/0x16f0
[   47.506652][   T60]  mount_bdev+0x2c3/0x3a0
[   47.511914][   T60]  legacy_get_tree+0xfa/0x1f0
[   47.516926][   T60]  vfs_get_tree+0x83/0x1b0
[   47.521763][   T60]  path_mount+0x41e/0x19f0
[   47.526256][   T60]  __x64_sys_mount+0x1f5/0x260
[   47.531011][   T60]  do_syscall_64+0x35/0x80
[   47.535851][   T60]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   47.543123][   T60] 
[   47.545527][   T60] The buggy address belongs to the object at ffff88810beb8c00
[   47.545527][   T60]  which belongs to the cache kmalloc-512 of size 512
[   47.560129][   T60] The buggy address is located 0 bytes inside of
[   47.560129][   T60]  512-byte region [ffff88810beb8c00, ffff88810beb8e00)
[   47.573719][   T60] The buggy address belongs to the page:
[   47.579422][   T60] page:ffffea00042fae00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10beb8
[   47.590028][   T60] head:ffffea00042fae00 order:2 compound_mapcount:0 compound_pincount:0
[   47.599030][   T60] flags: 0x100000000010200(slab|head|node=0|zone=2)
[   47.605841][   T60] raw: 0100000000010200 ffffea000429cc00 0000000300000003 ffff888100041c80
[   47.615875][   T60] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   47.624947][   T60] page dumped because: kasan: bad access detected
[   47.633152][   T60] page_owner tracks the page as allocated
[   47.639266][   T60] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 270, ts 3193529161, free_ts 3192398608
[   47.661603][   T60]  get_page_from_freelist+0x13ed/0x3430
[   47.667267][   T60]  __alloc_pages+0x1b2/0x420
[   47.672231][   T60]  allocate_slab+0x2eb/0x430
[   47.677089][   T60]  ___slab_alloc+0xb1c/0xf80
[   47.681965][   T60]  kmem_cache_alloc_trace+0x2db/0x310
[   47.687418][   T60]  alloc_bprm+0x4c/0x850
[   47.691737][   T60]  kernel_execve+0x38/0x400
[   47.696208][   T60]  call_usermodehelper_exec_async+0x2c1/0x500
[   47.702348][   T60]  ret_from_fork+0x1f/0x30
[   47.707224][   T60] page last free stack trace:
[   47.712044][   T60]  free_pcp_prepare+0x34e/0x820
[   47.717060][   T60]  free_unref_page+0x19/0x4b0
[   47.721918][   T60]  stack_depot_save+0x160/0x3f0
[   47.727202][   T60]  kasan_save_stack+0x32/0x40
[   47.732063][   T60]  kasan_record_aux_stack+0xc5/0xf0
[   47.737252][   T60]  insert_work+0x45/0x380
[   47.741758][   T60]  __queue_work+0x520/0xbd0
[   47.746617][   T60]  queue_work_on+0x52/0x70
[   47.751191][   T60]  call_usermodehelper_exec+0x1b8/0x430
[   47.756739][   T60]  kobject_uevent_env+0xa89/0x10d0
[   47.761917][   T60]  device_add+0x9ae/0x1b30
[   47.766416][   T60]  netdev_register_kobject+0x10f/0x2f0
[   47.771969][   T60]  register_netdevice+0xae5/0x1320
[   47.777421][   T60]  ifb_init_module+0xae/0x102
[   47.782244][   T60]  do_one_initcall+0xb4/0x2e0
[   47.787015][   T60]  kernel_init_freeable+0x519/0x571
[   47.792424][   T60] 
[   47.794743][   T60] Memory state around the buggy address:
[   47.800357][   T60]  ffff88810beb8d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.808606][   T60]  ffff88810beb8d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.816859][   T60] >ffff88810beb8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.825252][   T60]                    ^
[   47.829495][   T60]  ffff88810beb8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.838546][   T60]  ffff88810beb8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.846853][   T60] ==================================================================
[   47.855499][   T60] Disabling lock debugging due to kernel taint
[   47.864174][   T60] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   47.871946][   T60] Kernel Offset: disabled
[   47.876572][   T60] Rebooting in 86400 seconds..