Warning: Permanently added '10.128.0.72' (ED25519) to the list of known hosts.
2024/10/24 08:28:07 ignoring optional flag "sandboxArg"="0"
2024/10/24 08:28:07 ignoring optional flag "type"="gce"
2024/10/24 08:28:07 parsed 1 programs
2024/10/24 08:28:09 executed programs: 0
[ 101.065774][ T5536] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 101.319320][ T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 101.328350][ T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 101.337261][ T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 101.347754][ T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 101.369530][ T5560] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 101.372844][ T5561] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 101.377732][ T5560] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 101.391811][ T5562] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 101.392058][ T5560] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 101.400273][ T5562] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 101.406276][ T5560] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 101.421821][ T5562] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 101.429411][ T5562] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 101.433084][ T5560] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 101.436694][ T5562] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 101.444740][ T5560] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 101.457909][ T4617] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 101.457971][ T5565] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 101.466523][ T5560] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 101.473529][ T5565] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 101.479356][ T5560] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 101.486579][ T5565] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 101.493342][ T4617] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 101.504518][ T5561] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 101.507753][ T5560] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 101.514626][ T5561] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 101.521201][ T4617] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 101.528251][ T5561] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 101.534661][ T5560] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 101.550064][ T5561] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 101.558635][ T5560] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 101.570535][ T5245] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 101.582442][ T5561] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 101.589652][ T5245] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 101.596886][ T5245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 101.601317][ T5561] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 102.073917][ T5554] chnl_net:caif_netlink_parms(): no params data found
[ 102.166860][ T5551] chnl_net:caif_netlink_parms(): no params data found
[ 102.269611][ T5554] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.276766][ T5554] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.284069][ T5554] bridge_slave_0: entered allmulticast mode
[ 102.291092][ T5554] bridge_slave_0: entered promiscuous mode
[ 102.317943][ T5566] chnl_net:caif_netlink_parms(): no params data found
[ 102.333810][ T5553] chnl_net:caif_netlink_parms(): no params data found
[ 102.344168][ T5554] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.351498][ T5554] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.358641][ T5554] bridge_slave_1: entered allmulticast mode
[ 102.365502][ T5554] bridge_slave_1: entered promiscuous mode
[ 102.443300][ T5554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 102.463292][ T5551] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.470757][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.477905][ T5551] bridge_slave_0: entered allmulticast mode
[ 102.489126][ T5551] bridge_slave_0: entered promiscuous mode
[ 102.521816][ T5554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 102.531199][ T5551] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.538464][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.546460][ T5551] bridge_slave_1: entered allmulticast mode
[ 102.553280][ T5551] bridge_slave_1: entered promiscuous mode
[ 102.603963][ T5559] chnl_net:caif_netlink_parms(): no params data found
[ 102.685353][ T5554] team0: Port device team_slave_0 added
[ 102.694633][ T5551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 102.707183][ T5551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 102.740442][ T5566] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.747584][ T5566] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.755034][ T5566] bridge_slave_0: entered allmulticast mode
[ 102.762310][ T5566] bridge_slave_0: entered promiscuous mode
[ 102.782306][ T5554] team0: Port device team_slave_1 added
[ 102.830979][ T5566] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.838072][ T5566] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.845527][ T5566] bridge_slave_1: entered allmulticast mode
[ 102.853061][ T5566] bridge_slave_1: entered promiscuous mode
[ 102.883759][ T5554] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 102.890900][ T5554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 102.917510][ T5554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 102.961441][ T5555] chnl_net:caif_netlink_parms(): no params data found
[ 102.971646][ T5554] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 102.978605][ T5554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 103.008972][ T5554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.023316][ T5551] team0: Port device team_slave_0 added
[ 103.032104][ T5551] team0: Port device team_slave_1 added
[ 103.038016][ T5553] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.045215][ T5553] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.052608][ T5553] bridge_slave_0: entered allmulticast mode
[ 103.059737][ T5553] bridge_slave_0: entered promiscuous mode
[ 103.120018][ T5553] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.127119][ T5553] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.139062][ T5553] bridge_slave_1: entered allmulticast mode
[ 103.145849][ T5553] bridge_slave_1: entered promiscuous mode
[ 103.155879][ T5566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 103.171024][ T5566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 103.204991][ T5551] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 103.212107][ T5551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 103.239966][ T5551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 103.287014][ T5559] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.294357][ T5559] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.301886][ T5559] bridge_slave_0: entered allmulticast mode
[ 103.309340][ T5559] bridge_slave_0: entered promiscuous mode
[ 103.316868][ T5559] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.324477][ T5559] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.331797][ T5559] bridge_slave_1: entered allmulticast mode
[ 103.338587][ T5559] bridge_slave_1: entered promiscuous mode
[ 103.365782][ T5551] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 103.373057][ T5551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 103.399326][ T5551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.427918][ T5553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 103.439839][ T5566] team0: Port device team_slave_0 added
[ 103.489756][ T5561] Bluetooth: hci0: command tx timeout
[ 103.495454][ T5553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 103.506576][ T5566] team0: Port device team_slave_1 added
[ 103.521549][ T5559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 103.547486][ T5554] hsr_slave_0: entered promiscuous mode
[ 103.554109][ T5554] hsr_slave_1: entered promiscuous mode
[ 103.565001][ T5551] hsr_slave_0: entered promiscuous mode
[ 103.572622][ T5551] hsr_slave_1: entered promiscuous mode
[ 103.578989][ T5551] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 103.586706][ T5551] Cannot create hsr debugfs directory
[ 103.634319][ T5559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 103.643584][ T5561] Bluetooth: hci1: command tx timeout
[ 103.643606][ T5565] Bluetooth: hci2: command tx timeout
[ 103.648940][ T5565] Bluetooth: hci3: command tx timeout
[ 103.649336][ T5245] Bluetooth: hci4: command tx timeout
[ 103.699590][ T5553] team0: Port device team_slave_0 added
[ 103.718893][ T5245] Bluetooth: hci5: command tx timeout
[ 103.750373][ T5555] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.757560][ T5555] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.764824][ T5555] bridge_slave_0: entered allmulticast mode
[ 103.772190][ T5555] bridge_slave_0: entered promiscuous mode
[ 103.780539][ T5555] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.787648][ T5555] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.795219][ T5555] bridge_slave_1: entered allmulticast mode
[ 103.802450][ T5555] bridge_slave_1: entered promiscuous mode
[ 103.810660][ T5553] team0: Port device team_slave_1 added
[ 103.825836][ T5566] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 103.832844][ T5566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 103.859378][ T5566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 103.873921][ T5559] team0: Port device team_slave_0 added
[ 103.882456][ T5559] team0: Port device team_slave_1 added
[ 103.920257][ T5555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 103.941668][ T5566] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 103.948629][ T5566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 103.975685][ T5566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.023723][ T5555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 104.058207][ T5559] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.065398][ T5559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.091877][ T5559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.104419][ T5559] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.111934][ T5559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.138820][ T5559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.166376][ T5553] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.173787][ T5553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.200450][ T5553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.213640][ T5553] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.220743][ T5553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.246715][ T5553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.320181][ T5555] team0: Port device team_slave_0 added
[ 104.364519][ T5555] team0: Port device team_slave_1 added
[ 104.393103][ T5566] hsr_slave_0: entered promiscuous mode
[ 104.399687][ T5566] hsr_slave_1: entered promiscuous mode
[ 104.405847][ T5566] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 104.413944][ T5566] Cannot create hsr debugfs directory
[ 104.452310][ T5553] hsr_slave_0: entered promiscuous mode
[ 104.458962][ T5553] hsr_slave_1: entered promiscuous mode
[ 104.465524][ T5553] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 104.473304][ T5553] Cannot create hsr debugfs directory
[ 104.495409][ T5559] hsr_slave_0: entered promiscuous mode
[ 104.502717][ T5559] hsr_slave_1: entered promiscuous mode
[ 104.509529][ T5559] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 104.517101][ T5559] Cannot create hsr debugfs directory
[ 104.538450][ T5555] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.546112][ T5555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.572252][ T5555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.585456][ T5555] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.592785][ T5555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.619191][ T5555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.832148][ T5551] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 104.846680][ T5555] hsr_slave_0: entered promiscuous mode
[ 104.853454][ T5555] hsr_slave_1: entered promiscuous mode
[ 104.861417][ T5555] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 104.869641][ T5555] Cannot create hsr debugfs directory
[ 104.899915][ T5551] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 104.938790][ T5551] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 104.979551][ T5551] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 105.044183][ T5554] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 105.066569][ T5554] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 105.100322][ T5554] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 105.114441][ T5554] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 105.172018][ T5566] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 105.303677][ T5566] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 105.335834][ T5566] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 105.453375][ T5566] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 105.561038][ T5245] Bluetooth: hci0: command tx timeout
[ 105.719230][ T5561] Bluetooth: hci1: command tx timeout
[ 105.719583][ T5565] Bluetooth: hci3: command tx timeout
[ 105.724654][ T5561] Bluetooth: hci2: command tx timeout
[ 105.735936][ T5245] Bluetooth: hci4: command tx timeout
[ 105.757445][ T5551] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.797366][ T5551] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.808865][ T5561] Bluetooth: hci5: command tx timeout
[ 105.880569][ T2925] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.887687][ T2925] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.903809][ T2925] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.910984][ T2925] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 106.042943][ T5554] 8021q: adding VLAN 0 to HW filter on device bond0
[ 106.056496][ T5553] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 106.072115][ T5553] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 106.108427][ T5566] 8021q: adding VLAN 0 to HW filter on device bond0
[ 106.131253][ T5553] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 106.168844][ T5553] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 106.198469][ T5554] 8021q: adding VLAN 0 to HW filter on device team0
[ 106.281116][ T62] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.288235][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 106.330746][ T62] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.337858][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 106.381153][ T5566] 8021q: adding VLAN 0 to HW filter on device team0
[ 106.421115][ T5555] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 106.442673][ T5555] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 106.488154][ T5551] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 106.532906][ T5555] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 106.571484][ T62] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.578596][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 106.620053][ T5555] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 106.670511][ T62] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.677628][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 106.718359][ T5559] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 106.744777][ T5559] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 106.803896][ T5559] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 106.820728][ T5559] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 107.121043][ T5553] 8021q: adding VLAN 0 to HW filter on device bond0
[ 107.221981][ T5553] 8021q: adding VLAN 0 to HW filter on device team0
[ 107.317403][ T53] bridge0: port 1(bridge_slave_0) entered blocking state
[ 107.324759][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 107.374241][ T53] bridge0: port 2(bridge_slave_1) entered blocking state
[ 107.381613][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 107.444564][ T5555] 8021q: adding VLAN 0 to HW filter on device bond0
[ 107.464894][ T5554] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 107.517047][ T5551] veth0_vlan: entered promiscuous mode
[ 107.603167][ T5559] 8021q: adding VLAN 0 to HW filter on device bond0
[ 107.622706][ T5551] veth1_vlan: entered promiscuous mode
[ 107.639589][ T5561] Bluetooth: hci0: command tx timeout
[ 107.643471][ T5566] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 107.664540][ T5555] 8021q: adding VLAN 0 to HW filter on device team0
[ 107.737634][ T5554] veth0_vlan: entered promiscuous mode
[ 107.772033][ T5559] 8021q: adding VLAN 0 to HW filter on device team0
[ 107.798971][ T5561] Bluetooth: hci2: command tx timeout
[ 107.804413][ T5561] Bluetooth: hci4: command tx timeout
[ 107.811925][ T5245] Bluetooth: hci3: command tx timeout
[ 107.817359][ T5245] Bluetooth: hci1: command tx timeout
[ 107.824667][ T5551] veth0_macvtap: entered promiscuous mode
[ 107.872308][ T5554] veth1_vlan: entered promiscuous mode
[ 107.880987][ T5245] Bluetooth: hci5: command tx timeout
[ 107.910941][ T53] bridge0: port 1(bridge_slave_0) entered blocking state
[ 107.918057][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 107.950020][ T53] bridge0: port 1(bridge_slave_0) entered blocking state
[ 107.957129][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 107.984728][ T5551] veth1_macvtap: entered promiscuous mode
[ 108.028281][ T5551] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 108.060566][ T62] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.067677][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 108.142507][ T1809] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.149654][ T1809] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 108.201531][ T5551] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 108.250698][ T5551] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.269245][ T5551] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.278003][ T5551] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.289971][ T5551] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 108.426757][ T5553] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 108.531052][ T5554] veth0_macvtap: entered promiscuous mode
[ 108.594881][ T5554] veth1_macvtap: entered promiscuous mode
[ 108.793777][ T5553] veth0_vlan: entered promiscuous mode
[ 108.827618][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.858854][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.873567][ T5553] veth1_vlan: entered promiscuous mode
[ 108.920262][ T5554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 108.939099][ T5554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 108.960053][ T5554] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 109.025099][ T5554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 109.041765][ T5554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 109.063547][ T5554] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 109.123102][ T5554] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.139475][ T5554] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.148224][ T5554] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.157565][ T5554] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.187844][ T5566] veth0_vlan: entered promiscuous mode
[ 109.207826][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.228980][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.261187][ T5559] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 109.273513][ T5553] veth0_macvtap: entered promiscuous mode
[ 109.321774][ T5566] veth1_vlan: entered promiscuous mode
[ 109.342097][ T5555] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 109.359433][ T5553] veth1_macvtap: entered promiscuous mode
[ 109.452772][ T5723] loop4: detected capacity change from 0 to 1024
[ 109.488141][ T5723] =======================================================
[ 109.488141][ T5723] WARNING: The mand mount option has been deprecated and
[ 109.488141][ T5723] and is ignored by this kernel. Remove the mand
[ 109.488141][ T5723] option from the mount to silence this warning.
[ 109.488141][ T5723] =======================================================
[ 109.555103][ T5553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 109.579500][ T5553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 109.589989][ T5553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
2024/10/24 08:28:18 executed programs: 6
[ 109.600478][ T5553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 109.611804][ T5553] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 109.646797][ T5566] veth0_macvtap: entered promiscuous mode
[ 109.657047][ T1809] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.662233][ T5553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 109.677721][ T1809] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.717788][ T5553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 109.719289][ T5245] Bluetooth: hci0: command tx timeout
[ 109.748725][ T5553] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 109.766245][ T5730] loop4: detected capacity change from 0 to 1024
[ 109.775471][ T5553] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 109.810920][ T5553] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 109.822462][ T5553] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.848886][ T5553] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.857634][ T5553] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.879051][ T5245] Bluetooth: hci3: command tx timeout
[ 109.884514][ T5245] Bluetooth: hci1: command tx timeout
[ 109.890390][ T5561] Bluetooth: hci4: command tx timeout
[ 109.890616][ T5565] Bluetooth: hci2: command tx timeout
[ 109.908734][ T5553] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.987702][ T5565] Bluetooth: hci5: command tx timeout
[ 110.065454][ T5738] loop4: detected capacity change from 0 to 1024
[ 110.071539][ T5566] veth1_macvtap: entered promiscuous mode
[ 110.104225][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 110.115445][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 110.129765][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 110.152545][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 110.168142][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 110.187122][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 110.202299][ T5566] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 110.221624][ T5559] veth0_vlan: entered promiscuous mode
[ 110.299385][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 110.318178][ T5744] loop4: detected capacity change from 0 to 1024
[ 110.318957][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 110.357656][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 110.372769][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 110.382730][ T5566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 110.393311][ T5566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 110.404763][ T5566] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 110.475584][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.487336][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.502740][ T5555] veth0_vlan: entered promiscuous mode
[ 110.515776][ T5749] loop4: detected capacity change from 0 to 1024
[ 110.541672][ T5566] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.564840][ T5566] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.575354][ T5566] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.584194][ T5566] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.620184][ T5559] veth1_vlan: entered promiscuous mode
[ 110.699557][ T5555] veth1_vlan: entered promiscuous mode
[ 110.726609][ T5753] loop4: detected capacity change from 0 to 1024
[ 110.904968][ T2960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.924867][ T5757] loop3: detected capacity change from 0 to 1024
[ 110.926282][ T2960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.016496][ T5555] veth0_macvtap: entered promiscuous mode
[ 111.066488][ T5559] veth0_macvtap: entered promiscuous mode
[ 111.112533][ T5555] veth1_macvtap: entered promiscuous mode
[ 111.130481][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.142658][ T5559] veth1_macvtap: entered promiscuous mode
[ 111.165638][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.251638][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.264577][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 111.275451][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.287164][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.299317][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 111.306811][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.317892][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.339436][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.357935][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.380969][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.400165][ T5555] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.414206][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.429438][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.439973][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.451032][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.461142][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.472479][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.483580][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.501311][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.516752][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 111.536959][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.548445][ T5559] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 111.581134][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.628405][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.666089][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.687791][ T5772] loop0: detected capacity change from 0 to 1024
[ 111.694333][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.728789][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.739774][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.749729][ T5559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.760259][ T5559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.772773][ T5559] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.787655][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.798240][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.809116][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.819932][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.830047][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.840728][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.850802][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.861349][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.871684][ T5555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 111.882683][ T5555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 111.893985][ T5555] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 111.904902][ T62] ==================================================================
[ 111.912989][ T62] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 111.921716][ T62] Read of size 2048 at addr ffff888068ce7800 by task kworker/u8:4/62
[ 111.929795][ T62]
[ 111.932127][ T62] CPU: 0 UID: 0 PID: 62 Comm: kworker/u8:4 Not tainted 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 111.942309][ T62] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 111.952379][ T62] Workqueue: loop0 loop_workfn
[ 111.957179][ T62] Call Trace:
[ 111.960465][ T62]
[ 111.963406][ T62] dump_stack_lvl+0x116/0x1f0
[ 111.968111][ T62] print_report+0xc3/0x620
[ 111.972555][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 111.978213][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 111.983872][ T62] ? __phys_addr+0xc6/0x150
[ 111.988414][ T62] kasan_report+0xd9/0x110
[ 111.992853][ T62] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 111.998868][ T62] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 112.004884][ T62] kasan_check_range+0xef/0x1a0
[ 112.009766][ T62] __asan_memcpy+0x23/0x60
[ 112.014223][ T62] copy_page_from_iter_atomic+0x8d3/0x1560
[ 112.020067][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.025722][ T62] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 112.031996][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.037650][ T62] ? shmem_write_begin+0x177/0x300
[ 112.042809][ T62] ? __pfx_shmem_write_begin+0x10/0x10
[ 112.048307][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.053966][ T62] ? lockdep_hardirqs_on+0x7c/0x110
[ 112.059209][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.064868][ T62] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 112.071756][ T62] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 112.077687][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.083349][ T62] generic_perform_write+0x4a1/0x920
[ 112.088688][ T62] ? __pfx_generic_perform_write+0x10/0x10
[ 112.094543][ T62] ? __mark_inode_dirty+0x2ae/0xe60
[ 112.099783][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.105438][ T62] ? preempt_count_add+0x76/0x150
[ 112.110509][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.116170][ T62] ? mnt_put_write_access_file+0xc1/0xf0
[ 112.121841][ T62] shmem_file_write_iter+0x10e/0x140
[ 112.127159][ T62] do_iter_readv_writev+0x535/0x7f0
[ 112.132396][ T62] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 112.138147][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.143803][ T62] ? rcu_is_watching+0x12/0xc0
[ 112.148603][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.154264][ T62] vfs_iter_write+0x1df/0x9c0
[ 112.158980][ T62] loop_process_work+0x14dd/0x2000
[ 112.164128][ T62] ? __pfx_loop_process_work+0x10/0x10
[ 112.169615][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.175278][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.180942][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.186599][ T62] ? rcu_is_watching+0x12/0xc0
[ 112.191405][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.197059][ T62] ? lock_acquire+0x2f/0xb0
[ 112.201585][ T62] ? process_one_work+0x921/0x1ba0
[ 112.206725][ T62] process_one_work+0x9c8/0x1ba0
[ 112.211694][ T62] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 112.217351][ T62] ? __pfx_process_one_work+0x10/0x10
[ 112.222752][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.228416][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.234072][ T62] ? assign_work+0x1a0/0x250
[ 112.238727][ T62] worker_thread+0x6c8/0xf00
[ 112.243347][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.249003][ T62] ? __kthread_parkme+0x148/0x220
[ 112.254063][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.259731][ T62] ? __pfx_worker_thread+0x10/0x10
[ 112.264866][ T62] kthread+0x2c4/0x3a0
[ 112.268966][ T62] ? _raw_spin_unlock_irq+0x23/0x50
[ 112.274201][ T62] ? __pfx_kthread+0x10/0x10
[ 112.278825][ T62] ret_from_fork+0x48/0x80
[ 112.283265][ T62] ? __pfx_kthread+0x10/0x10
[ 112.287887][ T62] ret_from_fork_asm+0x1a/0x30
[ 112.292704][ T62]
[ 112.295732][ T62]
[ 112.298058][ T62] Allocated by task 5772:
[ 112.302395][ T62] kasan_save_stack+0x33/0x60
[ 112.307116][ T62] kasan_save_track+0x14/0x30
[ 112.311838][ T62] __kasan_kmalloc+0xaa/0xb0
[ 112.316467][ T62] __kmalloc_noprof+0x1e8/0x400
[ 112.321342][ T62] hfsplus_read_wrapper+0x34c/0xff0
[ 112.326588][ T62] hfsplus_fill_super+0x352/0x1bc0
[ 112.331717][ T62] mount_bdev+0x1e6/0x2d0
[ 112.336078][ T62] legacy_get_tree+0x10c/0x220
[ 112.340872][ T62] vfs_get_tree+0x92/0x380
[ 112.345320][ T62] path_mount+0x14e6/0x1f20
[ 112.349857][ T62] __x64_sys_mount+0x294/0x320
[ 112.354653][ T62] do_syscall_64+0xcd/0x250
[ 112.359177][ T62] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.365113][ T62]
[ 112.367439][ T62] The buggy address belongs to the object at ffff888068ce7800
[ 112.367439][ T62] which belongs to the cache kmalloc-512 of size 512
[ 112.381507][ T62] The buggy address is located 0 bytes inside of
[ 112.381507][ T62] allocated 512-byte region [ffff888068ce7800, ffff888068ce7a00)
[ 112.395500][ T62]
[ 112.397826][ T62] The buggy address belongs to the physical page:
[ 112.404239][ T62] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888068ce5800 pfn:0x68ce4
[ 112.414319][ T62] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 112.422832][ T62] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 112.431347][ T62] page_type: f5(slab)
[ 112.435349][ T62] raw: 00fff00000000240 ffff88801b041c80 ffff88801b0407c8 ffffea0000c07510
[ 112.443955][ T62] raw: ffff888068ce5800 000000000010000f 00000001f5000000 0000000000000000
[ 112.452562][ T62] head: 00fff00000000240 ffff88801b041c80 ffff88801b0407c8 ffffea0000c07510
[ 112.461257][ T62] head: ffff888068ce5800 000000000010000f 00000001f5000000 0000000000000000
[ 112.469949][ T62] head: 00fff00000000002 ffffea0001a33901 ffffffffffffffff 0000000000000000
[ 112.478641][ T62] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 112.487323][ T62] page dumped because: kasan: bad access detected
[ 112.493740][ T62] page_owner tracks the page as allocated
[ 112.499456][ T62] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5559, tgid 5559 (syz-executor.1), ts 103196463301, free_ts 28010145987
[ 112.521115][ T62] post_alloc_hook+0x2d1/0x350
[ 112.525923][ T62] get_page_from_freelist+0x101e/0x3070
[ 112.531492][ T62] __alloc_pages_noprof+0x223/0x25a0
[ 112.536800][ T62] alloc_pages_mpol_noprof+0x2c9/0x610
[ 112.542291][ T62] new_slab+0x2ba/0x3f0
[ 112.546484][ T62] ___slab_alloc+0xdac/0x1880
[ 112.551198][ T62] __slab_alloc.constprop.0+0x56/0xb0
[ 112.556610][ T62] __kmalloc_cache_noprof+0x2b4/0x300
[ 112.562026][ T62] __ipv6_dev_mc_inc+0x2b7/0xc10
[ 112.567003][ T62] ipv6_add_dev+0xaf5/0x13f0
[ 112.571615][ T62] addrconf_notify+0x53e/0x19c0
[ 112.576494][ T62] notifier_call_chain+0xbc/0x410
[ 112.581550][ T62] call_netdevice_notifiers_info+0xbe/0x140
[ 112.587475][ T62] register_netdevice+0x17a0/0x1e90
[ 112.592703][ T62] veth_newlink+0x4fb/0x9e0
[ 112.597229][ T62] __rtnl_newlink+0x119a/0x1920
[ 112.602106][ T62] page last free pid 1 tgid 1 stack trace:
[ 112.607916][ T62] free_unref_page+0x5f4/0xdc0
[ 112.612699][ T62] free_contig_range+0x135/0x3f0
[ 112.617656][ T62] destroy_args+0xa27/0xe00
[ 112.622202][ T62] debug_vm_pgtable+0x168e/0x31a0
[ 112.627271][ T62] do_one_initcall+0x12b/0x700
[ 112.632073][ T62] kernel_init_freeable+0x5c7/0x900
[ 112.637312][ T62] kernel_init+0x1c/0x2b0
[ 112.641664][ T62] ret_from_fork+0x48/0x80
[ 112.646098][ T62] ret_from_fork_asm+0x1a/0x30
[ 112.650900][ T62]
[ 112.653228][ T62] Memory state around the buggy address:
[ 112.658863][ T62] ffff888068ce7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 112.666937][ T62] ffff888068ce7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 112.675012][ T62] >ffff888068ce7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 112.683084][ T62] ^
[ 112.687158][ T62] ffff888068ce7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 112.695235][ T62] ffff888068ce7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 112.703307][ T62] ==================================================================
[ 112.714681][ T62] Disabling lock debugging due to kernel taint
[ 112.745463][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.747289][ T5559] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.753333][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.754731][ T62] ==================================================================
[ 112.770548][ T5559] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.777323][ T62] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 112.794695][ T62] Read of size 2048 at addr ffff888068ce7800 by task kworker/u8:4/62
[ 112.798206][ T5559] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.802764][ T62]
[ 112.802781][ T62] CPU: 0 UID: 0 PID: 62 Comm: kworker/u8:4 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 112.802841][ T62] Tainted: [B]=BAD_PAGE
[ 112.814004][ T5559] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.825382][ T62] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 112.825415][ T62] Workqueue: loop0 loop_workfn
[ 112.825457][ T62] Call Trace:
[ 112.825469][ T62]
[ 112.825484][ T62] dump_stack_lvl+0x116/0x1f0
[ 112.825526][ T62] print_report+0xc3/0x620
[ 112.868446][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.874119][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.879779][ T62] ? __phys_addr+0xc6/0x150
[ 112.884318][ T62] kasan_report+0xd9/0x110
[ 112.888760][ T62] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 112.894774][ T62] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 112.900793][ T62] kasan_check_range+0xef/0x1a0
[ 112.905677][ T62] __asan_memcpy+0x23/0x60
[ 112.910136][ T62] copy_page_from_iter_atomic+0x8d3/0x1560
[ 112.915979][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.921638][ T62] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 112.927912][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.933567][ T62] ? shmem_write_begin+0x177/0x300
[ 112.938727][ T62] ? __pfx_shmem_write_begin+0x10/0x10
[ 112.944235][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.949891][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.955544][ T62] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 112.962435][ T62] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 112.968369][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.974030][ T62] generic_perform_write+0x4a1/0x920
[ 112.979376][ T62] ? __pfx_generic_perform_write+0x10/0x10
[ 112.985230][ T62] ? __mark_inode_dirty+0x2ae/0xe60
[ 112.990469][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 112.996124][ T62] ? preempt_count_add+0x76/0x150
[ 113.001196][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.006850][ T62] ? mnt_put_write_access_file+0xc1/0xf0
[ 113.012518][ T62] shmem_file_write_iter+0x10e/0x140
[ 113.017831][ T62] do_iter_readv_writev+0x535/0x7f0
[ 113.023062][ T62] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 113.028813][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.034468][ T62] ? rcu_is_watching+0x12/0xc0
[ 113.039269][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.044925][ T62] ? lock_acquire+0x2f/0xb0
[ 113.049448][ T62] ? loop_process_work+0x14dd/0x2000
[ 113.054763][ T62] vfs_iter_write+0x1df/0x9c0
[ 113.059479][ T62] loop_process_work+0x14dd/0x2000
[ 113.064628][ T62] ? __pfx_loop_process_work+0x10/0x10
[ 113.070115][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.075774][ T62] ? rcu_is_watching+0x12/0xc0
[ 113.080579][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.086236][ T62] ? rcu_is_watching+0x12/0xc0
[ 113.091036][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.096691][ T62] ? lock_acquire+0x2f/0xb0
[ 113.101218][ T62] ? process_one_work+0x921/0x1ba0
[ 113.106356][ T62] process_one_work+0x9c8/0x1ba0
[ 113.111330][ T62] ? __pfx_process_one_work+0x10/0x10
[ 113.116725][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.122387][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.128043][ T62] ? assign_work+0x1a0/0x250
[ 113.132682][ T62] worker_thread+0x6c8/0xf00
[ 113.137299][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.142954][ T62] ? __kthread_parkme+0x148/0x220
[ 113.148012][ T62] ? srso_alias_return_thunk+0x5/0xfbef5
[ 113.153668][ T62] ? __pfx_worker_thread+0x10/0x10
[ 113.158808][ T62] kthread+0x2c4/0x3a0
[ 113.162918][ T62] ? _raw_spin_unlock_irq+0x23/0x50
[ 113.168155][ T62] ? __pfx_kthread+0x10/0x10
[ 113.172780][ T62] ret_from_fork+0x48/0x80
[ 113.177223][ T62] ? __pfx_kthread+0x10/0x10
[ 113.181847][ T62] ret_from_fork_asm+0x1a/0x30
[ 113.186661][ T62]
[ 113.189688][ T62]
[ 113.192017][ T62] Allocated by task 5772:
[ 113.196434][ T62] kasan_save_stack+0x33/0x60
[ 113.201165][ T62] kasan_save_track+0x14/0x30
[ 113.205889][ T62] __kasan_kmalloc+0xaa/0xb0
[ 113.210521][ T62] __kmalloc_noprof+0x1e8/0x400
[ 113.215393][ T62] hfsplus_read_wrapper+0x34c/0xff0
[ 113.220635][ T62] hfsplus_fill_super+0x352/0x1bc0
[ 113.225764][ T62] mount_bdev+0x1e6/0x2d0
[ 113.230128][ T62] legacy_get_tree+0x10c/0x220
[ 113.234926][ T62] vfs_get_tree+0x92/0x380
[ 113.239374][ T62] path_mount+0x14e6/0x1f20
[ 113.243911][ T62] __x64_sys_mount+0x294/0x320
[ 113.248711][ T62] do_syscall_64+0xcd/0x250
[ 113.253233][ T62] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.259171][ T62]
[ 113.261499][ T62] The buggy address belongs to the object at ffff888068ce7800
[ 113.261499][ T62] which belongs to the cache kmalloc-512 of size 512
[ 113.275564][ T62] The buggy address is located 0 bytes inside of
[ 113.275564][ T62] allocated 512-byte region [ffff888068ce7800, ffff888068ce7a00)
[ 113.289552][ T62]
[ 113.291876][ T62] The buggy address belongs to the physical page:
[ 113.298287][ T62] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x68ce4
[ 113.307066][ T62] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 113.315583][ T62] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 113.323141][ T62] page_type: f5(slab)
[ 113.327159][ T62] raw: 00fff00000000040 ffff88801b041c80 ffffea0000c07500 dead000000000002
[ 113.335793][ T62] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 113.344410][ T62] head: 00fff00000000040 ffff88801b041c80 ffffea0000c07500 dead000000000002
[ 113.353103][ T62] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 113.361800][ T62] head: 00fff00000000002 ffffea0001a33901 ffffffffffffffff 0000000000000000
[ 113.370492][ T62] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 113.379173][ T62] page dumped because: kasan: bad access detected
[ 113.385591][ T62] page_owner tracks the page as allocated
[ 113.391306][ T62] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5559, tgid 5559 (syz-executor.1), ts 103196463301, free_ts 28010145987
[ 113.412974][ T62] post_alloc_hook+0x2d1/0x350
[ 113.417785][ T62] get_page_from_freelist+0x101e/0x3070
[ 113.423361][ T62] __alloc_pages_noprof+0x223/0x25a0
[ 113.428669][ T62] alloc_pages_mpol_noprof+0x2c9/0x610
[ 113.434162][ T62] new_slab+0x2ba/0x3f0
[ 113.438359][ T62] ___slab_alloc+0xdac/0x1880
[ 113.443074][ T62] __slab_alloc.constprop.0+0x56/0xb0
[ 113.448487][ T62] __kmalloc_cache_noprof+0x2b4/0x300
[ 113.453904][ T62] __ipv6_dev_mc_inc+0x2b7/0xc10
[ 113.458882][ T62] ipv6_add_dev+0xaf5/0x13f0
[ 113.463496][ T62] addrconf_notify+0x53e/0x19c0
[ 113.468397][ T62] notifier_call_chain+0xbc/0x410
[ 113.473456][ T62] call_netdevice_notifiers_info+0xbe/0x140
[ 113.479393][ T62] register_netdevice+0x17a0/0x1e90
[ 113.484622][ T62] veth_newlink+0x4fb/0x9e0
[ 113.489147][ T62] __rtnl_newlink+0x119a/0x1920
[ 113.494028][ T62] page last free pid 1 tgid 1 stack trace:
[ 113.499839][ T62] free_unref_page+0x5f4/0xdc0
[ 113.504621][ T62] free_contig_range+0x135/0x3f0
[ 113.509584][ T62] destroy_args+0xa27/0xe00
[ 113.514138][ T62] debug_vm_pgtable+0x168e/0x31a0
[ 113.519207][ T62] do_one_initcall+0x12b/0x700
[ 113.524009][ T62] kernel_init_freeable+0x5c7/0x900
[ 113.529249][ T62] kernel_init+0x1c/0x2b0
[ 113.533603][ T62] ret_from_fork+0x48/0x80
[ 113.538037][ T62] ret_from_fork_asm+0x1a/0x30
[ 113.542841][ T62]
[ 113.545166][ T62] Memory state around the buggy address:
[ 113.550801][ T62] ffff888068ce7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 113.558876][ T62] ffff888068ce7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 113.566972][ T62] >ffff888068ce7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 113.575039][ T62] ^
[ 113.579111][ T62] ffff888068ce7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 113.587184][ T62] ffff888068ce7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 113.595252][ T62] ==================================================================
[ 113.712362][ T5555] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.738899][ T5555] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.749619][ T5777] loop5: detected capacity change from 0 to 1024
[ 113.758801][ T5555] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.789349][ T5555] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.901638][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.923917][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.936131][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.951424][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.034229][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.043833][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.060976][ T5790] loop1: detected capacity change from 0 to 1024
[ 114.095493][ T2925] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.108704][ T2925] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.155116][ T5793] loop1: detected capacity change from 0 to 1024
[ 114.192835][ T5795] loop2: detected capacity change from 0 to 1024
[ 114.287241][ T5806] loop3: detected capacity change from 0 to 1024
[ 114.301809][ T5803] loop0: detected capacity change from 0 to 1024
[ 114.306808][ T5805] loop5: detected capacity change from 0 to 1024
[ 114.354973][ T5808] loop4: detected capacity change from 0 to 1024
[ 114.396967][ T53] ==================================================================
[ 114.405056][ T53] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 114.413785][ T53] Read of size 2048 at addr ffff888078e13000 by task kworker/u8:3/53
[ 114.421882][ T53]
[ 114.424230][ T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/u8:3 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 114.435909][ T53] Tainted: [B]=BAD_PAGE
[ 114.440073][ T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 114.450163][ T53] Workqueue: loop0 loop_workfn
[ 114.454967][ T53] Call Trace:
[ 114.458252][ T53]
[ 114.461192][ T53] dump_stack_lvl+0x116/0x1f0
[ 114.465893][ T53] print_report+0xc3/0x620
[ 114.470334][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.475990][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.481644][ T53] ? __phys_addr+0xc6/0x150
[ 114.486186][ T53] kasan_report+0xd9/0x110
[ 114.490625][ T53] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 114.496641][ T53] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 114.502658][ T53] kasan_check_range+0xef/0x1a0
[ 114.507540][ T53] __asan_memcpy+0x23/0x60
[ 114.511996][ T53] copy_page_from_iter_atomic+0x8d3/0x1560
[ 114.517836][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.523491][ T53] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 114.529766][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.535423][ T53] ? shmem_write_begin+0x177/0x300
[ 114.540582][ T53] ? __pfx_shmem_write_begin+0x10/0x10
[ 114.546085][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.551742][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.557400][ T53] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 114.564287][ T53] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 114.570218][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.575875][ T53] generic_perform_write+0x4a1/0x920
[ 114.581210][ T53] ? __pfx_generic_perform_write+0x10/0x10
[ 114.587058][ T53] ? __mark_inode_dirty+0x2ae/0xe60
[ 114.592296][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.597951][ T53] ? preempt_count_add+0x76/0x150
[ 114.603018][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.608673][ T53] ? mnt_put_write_access_file+0xc1/0xf0
[ 114.614343][ T53] shmem_file_write_iter+0x10e/0x140
[ 114.619657][ T53] do_iter_readv_writev+0x535/0x7f0
[ 114.624889][ T53] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 114.630639][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.636297][ T53] ? rcu_is_watching+0x12/0xc0
[ 114.641098][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.646754][ T53] ? lock_acquire+0x2f/0xb0
[ 114.651280][ T53] ? loop_process_work+0x14dd/0x2000
[ 114.656592][ T53] vfs_iter_write+0x1df/0x9c0
[ 114.661307][ T53] loop_process_work+0x14dd/0x2000
[ 114.666453][ T53] ? __pfx_loop_process_work+0x10/0x10
[ 114.671937][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.677615][ T53] ? rcu_is_watching+0x12/0xc0
[ 114.682412][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.688066][ T53] ? rcu_is_watching+0x12/0xc0
[ 114.692864][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.698518][ T53] ? lock_acquire+0x2f/0xb0
[ 114.703042][ T53] ? process_one_work+0x921/0x1ba0
[ 114.708182][ T53] process_one_work+0x9c8/0x1ba0
[ 114.713149][ T53] ? __pfx_process_one_work+0x10/0x10
[ 114.718548][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.724208][ T53] ? srso_alias_return_thunk+0x5/0xfbef5
[ 114.729863][ T53] ? assign_work+0x1a0/0x250
[ 114.734499][ T53] worker_thread+0x6c8/0xf00
[ 114.739122][ T53] ? __pfx_worker_thread+0x10/0x10
[ 114.744261][ T53] kthread+0x2c4/0x3a0
[ 114.748358][ T53] ? _raw_spin_unlock_irq+0x23/0x50
[ 114.753594][ T53] ? __pfx_kthread+0x10/0x10
[ 114.758220][ T53] ret_from_fork+0x48/0x80
[ 114.762660][ T53] ? __pfx_kthread+0x10/0x10
[ 114.767282][ T53] ret_from_fork_asm+0x1a/0x30
[ 114.772096][ T53]
[ 114.775121][ T53]
[ 114.777450][ T53] Allocated by task 5803:
[ 114.781781][ T53] kasan_save_stack+0x33/0x60
[ 114.786497][ T53] kasan_save_track+0x14/0x30
[ 114.791213][ T53] __kasan_kmalloc+0xaa/0xb0
[ 114.795849][ T53] __kmalloc_noprof+0x1e8/0x400
[ 114.800723][ T53] hfsplus_read_wrapper+0x34c/0xff0
[ 114.805961][ T53] hfsplus_fill_super+0x352/0x1bc0
[ 114.811092][ T53] mount_bdev+0x1e6/0x2d0
[ 114.815455][ T53] legacy_get_tree+0x10c/0x220
[ 114.820248][ T53] vfs_get_tree+0x92/0x380
[ 114.824693][ T53] path_mount+0x14e6/0x1f20
[ 114.829228][ T53] __x64_sys_mount+0x294/0x320
[ 114.834025][ T53] do_syscall_64+0xcd/0x250
[ 114.838543][ T53] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 114.844473][ T53]
[ 114.846800][ T53] The buggy address belongs to the object at ffff888078e13000
[ 114.846800][ T53] which belongs to the cache kmalloc-512 of size 512
[ 114.860889][ T53] The buggy address is located 0 bytes inside of
[ 114.860889][ T53] allocated 512-byte region [ffff888078e13000, ffff888078e13200)
[ 114.874880][ T53]
[ 114.877206][ T53] The buggy address belongs to the physical page:
[ 114.883615][ T53] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78e10
[ 114.892389][ T53] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 114.900902][ T53] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 114.908806][ T53] page_type: f5(slab)
[ 114.912804][ T53] raw: 00fff00000000040 ffff88801b041c80 ffffea000097a000 dead000000000003
[ 114.921407][ T53] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 114.930010][ T53] head: 00fff00000000040 ffff88801b041c80 ffffea000097a000 dead000000000003
[ 114.938702][ T53] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 114.947396][ T53] head: 00fff00000000002 ffffea0001e38401 ffffffffffffffff 0000000000000000
[ 114.956087][ T53] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 114.964764][ T53] page dumped because: kasan: bad access detected
[ 114.971182][ T53] page_owner tracks the page as allocated
[ 114.976897][ T53] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4689, tgid 4689 (udevd), ts 37541281187, free_ts 37532602047
[ 114.997681][ T53] post_alloc_hook+0x2d1/0x350
[ 115.002489][ T53] get_page_from_freelist+0x101e/0x3070
[ 115.008057][ T53] __alloc_pages_noprof+0x223/0x25a0
[ 115.013364][ T53] alloc_pages_mpol_noprof+0x2c9/0x610
[ 115.018852][ T53] new_slab+0x2ba/0x3f0
[ 115.023043][ T53] ___slab_alloc+0xdac/0x1880
[ 115.027756][ T53] __slab_alloc.constprop.0+0x56/0xb0
[ 115.033171][ T53] __kmalloc_cache_noprof+0x2b4/0x300
[ 115.038607][ T53] kernfs_fop_open+0x28b/0xdb0
[ 115.043410][ T53] do_dentry_open+0x6cd/0x1530
[ 115.048211][ T53] vfs_open+0x82/0x3f0
[ 115.052302][ T53] path_openat+0x1e6a/0x2d60
[ 115.056926][ T53] do_filp_open+0x1dc/0x430
[ 115.061464][ T53] do_sys_openat2+0x17a/0x1e0
[ 115.066165][ T53] __x64_sys_openat+0x175/0x210
[ 115.071037][ T53] do_syscall_64+0xcd/0x250
[ 115.075558][ T53] page last free pid 4737 tgid 4737 stack trace:
[ 115.081888][ T53] free_unref_page+0x5f4/0xdc0
[ 115.086667][ T53] __put_partials+0x14c/0x170
[ 115.091382][ T53] qlist_free_all+0x4e/0x120
[ 115.096011][ T53] kasan_quarantine_reduce+0x192/0x1e0
[ 115.101511][ T53] __kasan_slab_alloc+0x69/0x90
[ 115.106379][ T53] __kmalloc_noprof+0x199/0x400
[ 115.111256][ T53] tomoyo_realpath_from_path+0xb9/0x720
[ 115.116824][ T53] tomoyo_path_perm+0x273/0x450
[ 115.121707][ T53] security_inode_getattr+0x116/0x290
[ 115.127117][ T53] vfs_fstat+0x53/0xd0
[ 115.131208][ T53] vfs_fstatat+0x146/0x160
[ 115.135642][ T53] __do_sys_newfstatat+0xa2/0x130
[ 115.140686][ T53] do_syscall_64+0xcd/0x250
[ 115.145208][ T53] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.151138][ T53]
[ 115.153469][ T53] Memory state around the buggy address:
[ 115.159103][ T53] ffff888078e13100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 115.167180][ T53] ffff888078e13180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 115.175259][ T53] >ffff888078e13200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 115.183332][ T53] ^
[ 115.187408][ T53] ffff888078e13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 115.195485][ T53] ffff888078e13300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 115.203555][ T53] ==================================================================
[ 115.213195][ T5809] loop1: detected capacity change from 0 to 1024
[ 115.306944][ T5816] loop2: detected capacity change from 0 to 1024
2024/10/24 08:28:24 executed programs: 21
[ 115.381481][ T2925] ==================================================================
[ 115.389574][ T2925] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 115.398306][ T2925] Read of size 2048 at addr ffff888078e13000 by task kworker/u8:7/2925
[ 115.406573][ T2925]
[ 115.408923][ T2925] CPU: 0 UID: 0 PID: 2925 Comm: kworker/u8:7 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 115.420775][ T2925] Tainted: [B]=BAD_PAGE
[ 115.424930][ T2925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 115.435000][ T2925] Workqueue: loop0 loop_workfn
[ 115.439794][ T2925] Call Trace:
[ 115.443080][ T2925]
[ 115.446017][ T2925] dump_stack_lvl+0x116/0x1f0
[ 115.450717][ T2925] print_report+0xc3/0x620
[ 115.455161][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.460833][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.466490][ T2925] ? __phys_addr+0xc6/0x150
[ 115.471041][ T2925] kasan_report+0xd9/0x110
[ 115.475484][ T2925] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 115.481503][ T2925] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 115.487522][ T2925] kasan_check_range+0xef/0x1a0
[ 115.492409][ T2925] __asan_memcpy+0x23/0x60
[ 115.496868][ T2925] copy_page_from_iter_atomic+0x8d3/0x1560
[ 115.502712][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.508369][ T2925] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 115.514646][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.520302][ T2925] ? shmem_write_begin+0x177/0x300
[ 115.525456][ T2925] ? __pfx_shmem_write_begin+0x10/0x10
[ 115.530959][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.536618][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.542277][ T2925] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 115.549170][ T2925] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 115.555104][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.560767][ T2925] generic_perform_write+0x4a1/0x920
[ 115.566109][ T2925] ? __pfx_generic_perform_write+0x10/0x10
[ 115.571965][ T2925] ? __mark_inode_dirty+0x2ae/0xe60
[ 115.577207][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.582864][ T2925] ? preempt_count_add+0x76/0x150
[ 115.587931][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.593585][ T2925] ? mnt_put_write_access_file+0xc1/0xf0
[ 115.599255][ T2925] shmem_file_write_iter+0x10e/0x140
[ 115.604568][ T2925] do_iter_readv_writev+0x535/0x7f0
[ 115.609803][ T2925] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 115.615556][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.621212][ T2925] ? rcu_is_watching+0x12/0xc0
[ 115.626015][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.631670][ T2925] ? lock_acquire+0x2f/0xb0
[ 115.636197][ T2925] ? loop_process_work+0x14dd/0x2000
[ 115.641510][ T2925] vfs_iter_write+0x1df/0x9c0
[ 115.646224][ T2925] loop_process_work+0x14dd/0x2000
[ 115.651371][ T2925] ? __pfx_loop_process_work+0x10/0x10
[ 115.656860][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.662523][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.668179][ T2925] ? rcu_is_watching+0x12/0xc0
[ 115.672980][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.678635][ T2925] ? rcu_is_watching+0x12/0xc0
[ 115.683443][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.689101][ T2925] ? lock_acquire+0x2f/0xb0
[ 115.693629][ T2925] ? process_one_work+0x921/0x1ba0
[ 115.698768][ T2925] process_one_work+0x9c8/0x1ba0
[ 115.703734][ T2925] ? __pfx_batadv_nc_worker+0x10/0x10
[ 115.709148][ T2925] ? __pfx_process_one_work+0x10/0x10
[ 115.714544][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.720208][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 115.725862][ T2925] ? assign_work+0x1a0/0x250
[ 115.730500][ T2925] worker_thread+0x6c8/0xf00
[ 115.735121][ T2925] ? __pfx_worker_thread+0x10/0x10
[ 115.740258][ T2925] kthread+0x2c4/0x3a0
[ 115.744360][ T2925] ? _raw_spin_unlock_irq+0x23/0x50
[ 115.749600][ T2925] ? __pfx_kthread+0x10/0x10
[ 115.754225][ T2925] ret_from_fork+0x48/0x80
[ 115.758662][ T2925] ? __pfx_kthread+0x10/0x10
[ 115.763296][ T2925] ret_from_fork_asm+0x1a/0x30
[ 115.768109][ T2925]
[ 115.771138][ T2925]
[ 115.773464][ T2925] Allocated by task 5803:
[ 115.777795][ T2925] kasan_save_stack+0x33/0x60
[ 115.782517][ T2925] kasan_save_track+0x14/0x30
[ 115.787234][ T2925] __kasan_kmalloc+0xaa/0xb0
[ 115.791863][ T2925] __kmalloc_noprof+0x1e8/0x400
[ 115.796735][ T2925] hfsplus_read_wrapper+0x34c/0xff0
[ 115.801977][ T2925] hfsplus_fill_super+0x352/0x1bc0
[ 115.807105][ T2925] mount_bdev+0x1e6/0x2d0
[ 115.811465][ T2925] legacy_get_tree+0x10c/0x220
[ 115.816260][ T2925] vfs_get_tree+0x92/0x380
[ 115.820710][ T2925] path_mount+0x14e6/0x1f20
[ 115.825246][ T2925] __x64_sys_mount+0x294/0x320
[ 115.830046][ T2925] do_syscall_64+0xcd/0x250
[ 115.834568][ T2925] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.840498][ T2925]
[ 115.842825][ T2925] The buggy address belongs to the object at ffff888078e13000
[ 115.842825][ T2925] which belongs to the cache kmalloc-512 of size 512
[ 115.856894][ T2925] The buggy address is located 0 bytes inside of
[ 115.856894][ T2925] allocated 512-byte region [ffff888078e13000, ffff888078e13200)
[ 115.870886][ T2925]
[ 115.873212][ T2925] The buggy address belongs to the physical page:
[ 115.879625][ T2925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78e10
[ 115.888408][ T2925] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 115.896930][ T2925] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 115.904836][ T2925] page_type: f5(slab)
[ 115.908836][ T2925] raw: 00fff00000000040 ffff88801b041c80 ffffea000097a000 dead000000000003
[ 115.917450][ T2925] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 115.926055][ T2925] head: 00fff00000000040 ffff88801b041c80 ffffea000097a000 dead000000000003
[ 115.934747][ T2925] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 115.943438][ T2925] head: 00fff00000000002 ffffea0001e38401 ffffffffffffffff 0000000000000000
[ 115.952128][ T2925] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 115.960812][ T2925] page dumped because: kasan: bad access detected
[ 115.967234][ T2925] page_owner tracks the page as allocated
[ 115.972956][ T2925] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4689, tgid 4689 (udevd), ts 37541281187, free_ts 37532602047
[ 115.993744][ T2925] post_alloc_hook+0x2d1/0x350
[ 115.998551][ T2925] get_page_from_freelist+0x101e/0x3070
[ 116.004119][ T2925] __alloc_pages_noprof+0x223/0x25a0
[ 116.009431][ T2925] alloc_pages_mpol_noprof+0x2c9/0x610
[ 116.014916][ T2925] new_slab+0x2ba/0x3f0
[ 116.019111][ T2925] ___slab_alloc+0xdac/0x1880
[ 116.023829][ T2925] __slab_alloc.constprop.0+0x56/0xb0
[ 116.029240][ T2925] __kmalloc_cache_noprof+0x2b4/0x300
[ 116.034651][ T2925] kernfs_fop_open+0x28b/0xdb0
[ 116.039449][ T2925] do_dentry_open+0x6cd/0x1530
[ 116.044250][ T2925] vfs_open+0x82/0x3f0
[ 116.048337][ T2925] path_openat+0x1e6a/0x2d60
[ 116.052963][ T2925] do_filp_open+0x1dc/0x430
[ 116.057498][ T2925] do_sys_openat2+0x17a/0x1e0
[ 116.062200][ T2925] __x64_sys_openat+0x175/0x210
[ 116.067073][ T2925] do_syscall_64+0xcd/0x250
[ 116.071596][ T2925] page last free pid 4737 tgid 4737 stack trace:
[ 116.077934][ T2925] free_unref_page+0x5f4/0xdc0
[ 116.082720][ T2925] __put_partials+0x14c/0x170
[ 116.087437][ T2925] qlist_free_all+0x4e/0x120
[ 116.092063][ T2925] kasan_quarantine_reduce+0x192/0x1e0
[ 116.097561][ T2925] __kasan_slab_alloc+0x69/0x90
[ 116.102435][ T2925] __kmalloc_noprof+0x199/0x400
[ 116.107306][ T2925] tomoyo_realpath_from_path+0xb9/0x720
[ 116.112871][ T2925] tomoyo_path_perm+0x273/0x450
[ 116.117758][ T2925] security_inode_getattr+0x116/0x290
[ 116.123172][ T2925] vfs_fstat+0x53/0xd0
[ 116.127258][ T2925] vfs_fstatat+0x146/0x160
[ 116.131693][ T2925] __do_sys_newfstatat+0xa2/0x130
[ 116.136738][ T2925] do_syscall_64+0xcd/0x250
[ 116.141257][ T2925] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.147190][ T2925]
[ 116.149516][ T2925] Memory state around the buggy address:
[ 116.155149][ T2925] ffff888078e13100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 116.163227][ T2925] ffff888078e13180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 116.171304][ T2925] >ffff888078e13200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 116.179377][ T2925] ^
[ 116.183453][ T2925] ffff888078e13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 116.191526][ T2925] ffff888078e13300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 116.199594][ T2925] ==================================================================
[ 116.297668][ T5823] loop3: detected capacity change from 0 to 1024
[ 116.358196][ T5825] loop0: detected capacity change from 0 to 1024
[ 116.366427][ T5828] loop5: detected capacity change from 0 to 1024
[ 116.540898][ T5837] loop4: detected capacity change from 0 to 1024
[ 116.547494][ T5825] hfsplus: unable to set blocksize to 1024!
[ 116.574190][ T5825] hfsplus: unable to find HFS+ superblock
[ 116.654000][ T5843] loop0: detected capacity change from 0 to 1024
[ 116.670439][ T5844] loop1: detected capacity change from 0 to 1024
[ 116.687461][ T5846] loop5: detected capacity change from 0 to 1024
[ 116.727598][ T5849] loop4: detected capacity change from 0 to 1024
[ 116.739778][ T5843] Buffer I/O error on dev loop0, logical block 3, async page read
[ 116.751452][ T5842] loop2: detected capacity change from 0 to 1024
[ 116.753630][ T5843] Buffer I/O error on dev loop0, logical block 4, async page read
[ 116.788903][ T5843] Buffer I/O error on dev loop0, logical block 5, async page read
[ 116.796826][ T5843] Buffer I/O error on dev loop0, logical block 6, async page read
[ 116.815700][ T5843] hfsplus: failed to load extents file
[ 116.943941][ T5851] loop3: detected capacity change from 0 to 1024
[ 116.967330][ T5858] loop4: detected capacity change from 0 to 1024
[ 117.031804][ T5856] loop1: detected capacity change from 0 to 1024
[ 117.086388][ T5860] loop5: detected capacity change from 0 to 1024
[ 117.126041][ T5862] loop0: detected capacity change from 0 to 1024
[ 117.210371][ T5872] loop3: detected capacity change from 0 to 1024
[ 117.267601][ T5862] hfsplus: unable to set blocksize to 1024!
[ 117.273625][ T5862] hfsplus: unable to find HFS+ superblock
[ 117.292074][ T5876] loop2: detected capacity change from 0 to 1024
[ 117.401831][ T5884] loop3: detected capacity change from 0 to 1024
[ 117.417176][ T5883] loop0: detected capacity change from 0 to 1024
[ 117.426964][ T5885] loop1: detected capacity change from 0 to 1024
[ 117.448370][ T5882] loop5: detected capacity change from 0 to 1024
[ 117.616908][ T2925] ==================================================================
[ 117.623665][ T5888] loop4: detected capacity change from 0 to 1024
[ 117.625077][ T2925] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 117.640074][ T2925] Read of size 2048 at addr ffff8880776e1000 by task kworker/u8:7/2925
[ 117.648341][ T2925]
[ 117.650686][ T2925] CPU: 0 UID: 0 PID: 2925 Comm: kworker/u8:7 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 117.662536][ T2925] Tainted: [B]=BAD_PAGE
[ 117.666700][ T2925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 117.676783][ T2925] Workqueue: loop0 loop_workfn
[ 117.681600][ T2925] Call Trace:
[ 117.684898][ T2925]
[ 117.687850][ T2925] dump_stack_lvl+0x116/0x1f0
[ 117.692568][ T2925] print_report+0xc3/0x620
[ 117.697024][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.702694][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.708358][ T2925] ? __phys_addr+0xc6/0x150
[ 117.712915][ T2925] kasan_report+0xd9/0x110
[ 117.717357][ T2925] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 117.723383][ T2925] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 117.729414][ T2925] kasan_check_range+0xef/0x1a0
[ 117.734300][ T2925] __asan_memcpy+0x23/0x60
[ 117.738757][ T2925] copy_page_from_iter_atomic+0x8d3/0x1560
[ 117.744599][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.750257][ T2925] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 117.756530][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.762187][ T2925] ? shmem_write_begin+0x177/0x300
[ 117.767346][ T2925] ? __pfx_shmem_write_begin+0x10/0x10
[ 117.772852][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.778507][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.784166][ T2925] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 117.791057][ T2925] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 117.796987][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.802646][ T2925] generic_perform_write+0x4a1/0x920
[ 117.807980][ T2925] ? __pfx_generic_perform_write+0x10/0x10
[ 117.813830][ T2925] ? __mark_inode_dirty+0x2ae/0xe60
[ 117.819078][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.824744][ T2925] ? preempt_count_add+0x76/0x150
[ 117.829814][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.835468][ T2925] ? mnt_put_write_access_file+0xc1/0xf0
[ 117.841139][ T2925] shmem_file_write_iter+0x10e/0x140
[ 117.846452][ T2925] do_iter_readv_writev+0x535/0x7f0
[ 117.851684][ T2925] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 117.857442][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.863098][ T2925] ? rcu_is_watching+0x12/0xc0
[ 117.867898][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.873554][ T2925] ? lock_acquire+0x2f/0xb0
[ 117.878079][ T2925] ? loop_process_work+0x14dd/0x2000
[ 117.883394][ T2925] vfs_iter_write+0x1df/0x9c0
[ 117.888111][ T2925] loop_process_work+0x14dd/0x2000
[ 117.893259][ T2925] ? __pfx_loop_process_work+0x10/0x10
[ 117.898744][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.904401][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.910059][ T2925] ? rcu_is_watching+0x12/0xc0
[ 117.914861][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.920519][ T2925] ? rcu_is_watching+0x12/0xc0
[ 117.925320][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.930976][ T2925] ? lock_acquire+0x2f/0xb0
[ 117.935499][ T2925] ? process_one_work+0x921/0x1ba0
[ 117.940635][ T2925] process_one_work+0x9c8/0x1ba0
[ 117.945602][ T2925] ? __pfx_process_one_work+0x10/0x10
[ 117.950996][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.956657][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 117.962314][ T2925] ? assign_work+0x1a0/0x250
[ 117.966953][ T2925] worker_thread+0x6c8/0xf00
[ 117.971575][ T2925] ? __pfx_worker_thread+0x10/0x10
[ 117.976709][ T2925] kthread+0x2c4/0x3a0
[ 117.980809][ T2925] ? _raw_spin_unlock_irq+0x23/0x50
[ 117.986045][ T2925] ? __pfx_kthread+0x10/0x10
[ 117.990671][ T2925] ret_from_fork+0x48/0x80
[ 117.995110][ T2925] ? __pfx_kthread+0x10/0x10
[ 117.999734][ T2925] ret_from_fork_asm+0x1a/0x30
[ 118.004549][ T2925]
[ 118.007576][ T2925]
[ 118.009900][ T2925] Allocated by task 5883:
[ 118.014232][ T2925] kasan_save_stack+0x33/0x60
[ 118.018958][ T2925] kasan_save_track+0x14/0x30
[ 118.023689][ T2925] __kasan_kmalloc+0xaa/0xb0
[ 118.028320][ T2925] __kmalloc_noprof+0x1e8/0x400
[ 118.033195][ T2925] hfsplus_read_wrapper+0x34c/0xff0
[ 118.038437][ T2925] hfsplus_fill_super+0x352/0x1bc0
[ 118.043565][ T2925] mount_bdev+0x1e6/0x2d0
[ 118.047925][ T2925] legacy_get_tree+0x10c/0x220
[ 118.052717][ T2925] vfs_get_tree+0x92/0x380
[ 118.057167][ T2925] path_mount+0x14e6/0x1f20
[ 118.061708][ T2925] __x64_sys_mount+0x294/0x320
[ 118.066507][ T2925] do_syscall_64+0xcd/0x250
[ 118.071028][ T2925] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.076960][ T2925]
[ 118.079287][ T2925] The buggy address belongs to the object at ffff8880776e1000
[ 118.079287][ T2925] which belongs to the cache kmalloc-512 of size 512
[ 118.093355][ T2925] The buggy address is located 0 bytes inside of
[ 118.093355][ T2925] allocated 512-byte region [ffff8880776e1000, ffff8880776e1200)
[ 118.107348][ T2925]
[ 118.109676][ T2925] The buggy address belongs to the physical page:
[ 118.116089][ T2925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x776e0
[ 118.124868][ T2925] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 118.133383][ T2925] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 118.140948][ T2925] page_type: f5(slab)
[ 118.144947][ T2925] raw: 00fff00000000040 ffff88801b041c80 ffffea00019c6100 dead000000000002
[ 118.153553][ T2925] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 118.162158][ T2925] head: 00fff00000000040 ffff88801b041c80 ffffea00019c6100 dead000000000002
[ 118.170850][ T2925] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 118.179542][ T2925] head: 00fff00000000002 ffffea0001ddb801 ffffffffffffffff 0000000000000000
[ 118.188234][ T2925] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 118.196914][ T2925] page dumped because: kasan: bad access detected
[ 118.203335][ T2925] page_owner tracks the page as allocated
[ 118.209053][ T2925] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5555, tgid 5555 (syz-executor.2), ts 106903641141, free_ts 106792231484
[ 118.230800][ T2925] post_alloc_hook+0x2d1/0x350
[ 118.235606][ T2925] get_page_from_freelist+0x101e/0x3070
[ 118.241174][ T2925] __alloc_pages_noprof+0x223/0x25a0
[ 118.246483][ T2925] alloc_pages_mpol_noprof+0x2c9/0x610
[ 118.251970][ T2925] new_slab+0x2ba/0x3f0
[ 118.256164][ T2925] ___slab_alloc+0xdac/0x1880
[ 118.260880][ T2925] __slab_alloc.constprop.0+0x56/0xb0
[ 118.266293][ T2925] __kmalloc_noprof+0x367/0x400
[ 118.271165][ T2925] fib6_info_alloc+0x40/0x160
[ 118.275861][ T2925] ip6_route_info_create+0x337/0x1910
[ 118.281271][ T2925] ip6_route_add+0x26/0x1c0
[ 118.285806][ T2925] addrconf_prefix_route+0x2fe/0x510
[ 118.291137][ T2925] add_v4_addrs+0x6ce/0x9f0
[ 118.295662][ T2925] addrconf_init_auto_addrs+0x4df/0x820
[ 118.301233][ T2925] addrconf_notify+0xe91/0x19c0
[ 118.306111][ T2925] notifier_call_chain+0xbc/0x410
[ 118.311166][ T2925] page last free pid 5650 tgid 5650 stack trace:
[ 118.317500][ T2925] free_unref_page+0x5f4/0xdc0
[ 118.322286][ T2925] __put_partials+0x14c/0x170
[ 118.327013][ T2925] qlist_free_all+0x4e/0x120
[ 118.331644][ T2925] kasan_quarantine_reduce+0x192/0x1e0
[ 118.337143][ T2925] __kasan_slab_alloc+0x69/0x90
[ 118.342014][ T2925] kmem_cache_alloc_noprof+0x121/0x2f0
[ 118.347495][ T2925] getname_flags.part.0+0x4c/0x550
[ 118.352632][ T2925] getname_flags+0x93/0xf0
[ 118.357080][ T2925] vfs_fstatat+0x86/0x160
[ 118.361431][ T2925] __do_sys_newfstatat+0xa2/0x130
[ 118.366477][ T2925] do_syscall_64+0xcd/0x250
[ 118.370996][ T2925] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.376928][ T2925]
[ 118.379256][ T2925] Memory state around the buggy address:
[ 118.384893][ T2925] ffff8880776e1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 118.392967][ T2925] ffff8880776e1180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 118.401042][ T2925] >ffff8880776e1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 118.409111][ T2925] ^
[ 118.413184][ T2925] ffff8880776e1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 118.421261][ T2925] ffff8880776e1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 118.429335][ T2925] ==================================================================
[ 118.454527][ T5892] loop2: detected capacity change from 0 to 1024
[ 118.476817][ T5896] loop1: detected capacity change from 0 to 1024
[ 118.481422][ T5898] loop5: detected capacity change from 0 to 1024
[ 118.513572][ T5900] loop3: detected capacity change from 0 to 1024
[ 118.545240][ T2925] ==================================================================
[ 118.553932][ T2925] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 118.562656][ T2925] Read of size 2048 at addr ffff8880776e1000 by task kworker/u8:7/2925
[ 118.570925][ T2925]
[ 118.573278][ T2925] CPU: 0 UID: 0 PID: 2925 Comm: kworker/u8:7 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 118.585125][ T2925] Tainted: [B]=BAD_PAGE
[ 118.589300][ T2925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 118.599387][ T2925] Workqueue: loop0 loop_workfn
[ 118.604204][ T2925] Call Trace:
[ 118.607499][ T2925]
[ 118.610448][ T2925] dump_stack_lvl+0x116/0x1f0
[ 118.615167][ T2925] print_report+0xc3/0x620
[ 118.619625][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.625304][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.630974][ T2925] ? __phys_addr+0xc6/0x150
[ 118.635528][ T2925] kasan_report+0xd9/0x110
[ 118.639985][ T2925] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 118.646021][ T2925] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 118.652058][ T2925] kasan_check_range+0xef/0x1a0
[ 118.656961][ T2925] __asan_memcpy+0x23/0x60
[ 118.661437][ T2925] copy_page_from_iter_atomic+0x8d3/0x1560
[ 118.667293][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.672969][ T2925] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 118.679263][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.684932][ T2925] ? shmem_write_begin+0x177/0x300
[ 118.690106][ T2925] ? __pfx_shmem_write_begin+0x10/0x10
[ 118.695626][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.701300][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.706973][ T2925] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 118.713879][ T2925] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 118.719812][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.725470][ T2925] generic_perform_write+0x4a1/0x920
[ 118.730805][ T2925] ? __pfx_generic_perform_write+0x10/0x10
[ 118.736658][ T2925] ? __mark_inode_dirty+0x2ae/0xe60
[ 118.741902][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.747556][ T2925] ? preempt_count_add+0x76/0x150
[ 118.752624][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.758282][ T2925] ? mnt_put_write_access_file+0xc1/0xf0
[ 118.763950][ T2925] shmem_file_write_iter+0x10e/0x140
[ 118.769265][ T2925] do_iter_readv_writev+0x535/0x7f0
[ 118.774497][ T2925] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 118.780248][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.785903][ T2925] ? rcu_is_watching+0x12/0xc0
[ 118.790702][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.796355][ T2925] ? lock_acquire+0x2f/0xb0
[ 118.800880][ T2925] ? loop_process_work+0x14dd/0x2000
[ 118.806194][ T2925] vfs_iter_write+0x1df/0x9c0
[ 118.810907][ T2925] loop_process_work+0x14dd/0x2000
[ 118.816055][ T2925] ? __pfx_loop_process_work+0x10/0x10
[ 118.821545][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.827210][ T2925] ? rcu_is_watching+0x12/0xc0
[ 118.832011][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.837666][ T2925] ? rcu_is_watching+0x12/0xc0
[ 118.842471][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.848129][ T2925] ? lock_acquire+0x2f/0xb0
[ 118.852655][ T2925] ? process_one_work+0x921/0x1ba0
[ 118.857790][ T2925] process_one_work+0x9c8/0x1ba0
[ 118.862759][ T2925] ? __pfx_process_one_work+0x10/0x10
[ 118.868154][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.873817][ T2925] ? srso_alias_return_thunk+0x5/0xfbef5
[ 118.879475][ T2925] ? assign_work+0x1a0/0x250
[ 118.884110][ T2925] worker_thread+0x6c8/0xf00
[ 118.888737][ T2925] ? __pfx_worker_thread+0x10/0x10
[ 118.893869][ T2925] kthread+0x2c4/0x3a0
[ 118.897968][ T2925] ? _raw_spin_unlock_irq+0x23/0x50
[ 118.903204][ T2925] ? __pfx_kthread+0x10/0x10
[ 118.907829][ T2925] ret_from_fork+0x48/0x80
[ 118.912276][ T2925] ? __pfx_kthread+0x10/0x10
[ 118.916898][ T2925] ret_from_fork_asm+0x1a/0x30
[ 118.921715][ T2925]
[ 118.924744][ T2925]
[ 118.927073][ T2925] Allocated by task 5883:
[ 118.931405][ T2925] kasan_save_stack+0x33/0x60
[ 118.936125][ T2925] kasan_save_track+0x14/0x30
[ 118.940845][ T2925] __kasan_kmalloc+0xaa/0xb0
[ 118.945473][ T2925] __kmalloc_noprof+0x1e8/0x400
[ 118.950343][ T2925] hfsplus_read_wrapper+0x34c/0xff0
[ 118.955583][ T2925] hfsplus_fill_super+0x352/0x1bc0
[ 118.960712][ T2925] mount_bdev+0x1e6/0x2d0
[ 118.965071][ T2925] legacy_get_tree+0x10c/0x220
[ 118.969863][ T2925] vfs_get_tree+0x92/0x380
[ 118.974313][ T2925] path_mount+0x14e6/0x1f20
[ 118.978849][ T2925] __x64_sys_mount+0x294/0x320
[ 118.983645][ T2925] do_syscall_64+0xcd/0x250
[ 118.988168][ T2925] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.994110][ T2925]
[ 118.996435][ T2925] The buggy address belongs to the object at ffff8880776e1000
[ 118.996435][ T2925] which belongs to the cache kmalloc-512 of size 512
[ 119.010503][ T2925] The buggy address is located 0 bytes inside of
[ 119.010503][ T2925] allocated 512-byte region [ffff8880776e1000, ffff8880776e1200)
[ 119.024494][ T2925]
[ 119.026819][ T2925] The buggy address belongs to the physical page:
[ 119.033230][ T2925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x776e0
[ 119.042009][ T2925] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 119.050526][ T2925] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 119.058084][ T2925] page_type: f5(slab)
[ 119.062086][ T2925] raw: 00fff00000000040 ffff88801b041c80 ffffea00019c6100 dead000000000002
[ 119.070689][ T2925] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 119.079300][ T2925] head: 00fff00000000040 ffff88801b041c80 ffffea00019c6100 dead000000000002
[ 119.087994][ T2925] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 119.096689][ T2925] head: 00fff00000000002 ffffea0001ddb801 ffffffffffffffff 0000000000000000
[ 119.105379][ T2925] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 119.114057][ T2925] page dumped because: kasan: bad access detected
[ 119.120482][ T2925] page_owner tracks the page as allocated
[ 119.126197][ T2925] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5555, tgid 5555 (syz-executor.2), ts 106903641141, free_ts 106792231484
[ 119.147941][ T2925] post_alloc_hook+0x2d1/0x350
[ 119.152751][ T2925] get_page_from_freelist+0x101e/0x3070
[ 119.158323][ T2925] __alloc_pages_noprof+0x223/0x25a0
[ 119.163634][ T2925] alloc_pages_mpol_noprof+0x2c9/0x610
[ 119.169138][ T2925] new_slab+0x2ba/0x3f0
[ 119.173352][ T2925] ___slab_alloc+0xdac/0x1880
[ 119.178065][ T2925] __slab_alloc.constprop.0+0x56/0xb0
[ 119.183477][ T2925] __kmalloc_noprof+0x367/0x400
[ 119.188346][ T2925] fib6_info_alloc+0x40/0x160
[ 119.193044][ T2925] ip6_route_info_create+0x337/0x1910
[ 119.198453][ T2925] ip6_route_add+0x26/0x1c0
[ 119.202991][ T2925] addrconf_prefix_route+0x2fe/0x510
[ 119.208319][ T2925] add_v4_addrs+0x6ce/0x9f0
[ 119.212844][ T2925] addrconf_init_auto_addrs+0x4df/0x820
[ 119.218418][ T2925] addrconf_notify+0xe91/0x19c0
[ 119.223301][ T2925] notifier_call_chain+0xbc/0x410
[ 119.228359][ T2925] page last free pid 5650 tgid 5650 stack trace:
[ 119.234691][ T2925] free_unref_page+0x5f4/0xdc0
[ 119.239480][ T2925] __put_partials+0x14c/0x170
[ 119.244216][ T2925] qlist_free_all+0x4e/0x120
[ 119.248862][ T2925] kasan_quarantine_reduce+0x192/0x1e0
[ 119.254374][ T2925] __kasan_slab_alloc+0x69/0x90
[ 119.259245][ T2925] kmem_cache_alloc_noprof+0x121/0x2f0
[ 119.264726][ T2925] getname_flags.part.0+0x4c/0x550
[ 119.269861][ T2925] getname_flags+0x93/0xf0
[ 119.274308][ T2925] vfs_fstatat+0x86/0x160
[ 119.278653][ T2925] __do_sys_newfstatat+0xa2/0x130
[ 119.283703][ T2925] do_syscall_64+0xcd/0x250
[ 119.288223][ T2925] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 119.294156][ T2925]
[ 119.296486][ T2925] Memory state around the buggy address:
[ 119.302119][ T2925] ffff8880776e1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 119.310201][ T2925] ffff8880776e1180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 119.318278][ T2925] >ffff8880776e1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 119.326348][ T2925] ^
[ 119.330422][ T2925] ffff8880776e1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 119.338496][ T2925] ffff8880776e1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 119.346568][ T2925] ==================================================================
[ 119.540022][ T5909] loop1: detected capacity change from 0 to 1024
[ 119.625555][ T5913] loop0: detected capacity change from 0 to 1024
[ 119.633900][ T5915] loop3: detected capacity change from 0 to 1024
[ 119.687215][ T5919] loop5: detected capacity change from 0 to 1024
[ 119.712766][ T5921] loop2: detected capacity change from 0 to 1024
[ 119.731069][ T5922] loop4: detected capacity change from 0 to 1024
[ 119.831038][ T5913] hfsplus: unable to set blocksize to 1024!
[ 119.836992][ T5913] hfsplus: unable to find HFS+ superblock
[ 119.947832][ T5930] loop1: detected capacity change from 0 to 1024
[ 120.001641][ T5932] loop3: detected capacity change from 0 to 1024
[ 120.008158][ T5939] loop4: detected capacity change from 0 to 1024
[ 120.026921][ T5940] loop5: detected capacity change from 0 to 1024
[ 120.040471][ T5937] loop2: detected capacity change from 0 to 1024
[ 120.046055][ T5938] loop0: detected capacity change from 0 to 1024
[ 120.174042][ T5938] hfsplus: unable to set blocksize to 1024!
[ 120.212932][ T5938] hfsplus: unable to find HFS+ superblock
[ 120.222829][ T5945] loop1: detected capacity change from 0 to 1024
[ 120.304242][ T5947] loop2: detected capacity change from 0 to 1024
2024/10/24 08:28:29 executed programs: 67
[ 120.364181][ T5951] loop5: detected capacity change from 0 to 1024
[ 120.383938][ T5952] loop4: detected capacity change from 0 to 1024
[ 120.428767][ T5954] loop3: detected capacity change from 0 to 1024
[ 120.477051][ T5957] loop0: detected capacity change from 0 to 1024
[ 120.483792][ T5959] loop1: detected capacity change from 0 to 1024
[ 120.604954][ T5964] loop2: detected capacity change from 0 to 1024
[ 120.623805][ T35] ==================================================================
[ 120.631891][ T35] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 120.640621][ T35] Read of size 2048 at addr ffff88807d8bf800 by task kworker/u8:2/35
[ 120.648714][ T35]
[ 120.651063][ T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 120.662750][ T35] Tainted: [B]=BAD_PAGE
[ 120.666919][ T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 120.677004][ T35] Workqueue: loop0 loop_workfn
[ 120.681811][ T35] Call Trace:
[ 120.685107][ T35]
[ 120.688061][ T35] dump_stack_lvl+0x116/0x1f0
[ 120.692775][ T35] print_report+0xc3/0x620
[ 120.697232][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.697990][ T5973] loop3: detected capacity change from 0 to 1024
[ 120.702884][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.702929][ T35] ? __phys_addr+0xc6/0x150
[ 120.719390][ T35] kasan_report+0xd9/0x110
[ 120.723852][ T35] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 120.729886][ T35] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 120.735927][ T35] kasan_check_range+0xef/0x1a0
[ 120.740833][ T35] __asan_memcpy+0x23/0x60
[ 120.745310][ T35] copy_page_from_iter_atomic+0x8d3/0x1560
[ 120.751177][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.756852][ T35] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 120.763147][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.768818][ T35] ? shmem_write_begin+0x177/0x300
[ 120.773998][ T35] ? __pfx_shmem_write_begin+0x10/0x10
[ 120.779519][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.783667][ T5976] loop5: detected capacity change from 0 to 1024
[ 120.785171][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.785215][ T35] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 120.803998][ T35] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 120.809945][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.815631][ T35] generic_perform_write+0x4a1/0x920
[ 120.820984][ T35] ? __pfx_generic_perform_write+0x10/0x10
[ 120.826940][ T35] ? __mark_inode_dirty+0x2ae/0xe60
[ 120.832202][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.837872][ T35] ? preempt_count_add+0x76/0x150
[ 120.842967][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.848637][ T35] ? mnt_put_write_access_file+0xc1/0xf0
[ 120.854327][ T35] shmem_file_write_iter+0x10e/0x140
[ 120.859659][ T35] do_iter_readv_writev+0x535/0x7f0
[ 120.864910][ T35] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 120.870680][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.876357][ T35] ? rcu_is_watching+0x12/0xc0
[ 120.881180][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.886839][ T35] ? lock_acquire+0x2f/0xb0
[ 120.891368][ T35] ? loop_process_work+0x14dd/0x2000
[ 120.896685][ T35] vfs_iter_write+0x1df/0x9c0
[ 120.901399][ T35] loop_process_work+0x14dd/0x2000
[ 120.906550][ T35] ? __pfx_loop_process_work+0x10/0x10
[ 120.912033][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.917689][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.923349][ T35] ? rcu_is_watching+0x12/0xc0
[ 120.928150][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.933809][ T35] ? rcu_is_watching+0x12/0xc0
[ 120.938611][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.944269][ T35] ? lock_acquire+0x2f/0xb0
[ 120.948792][ T35] ? process_one_work+0x921/0x1ba0
[ 120.953927][ T35] process_one_work+0x9c8/0x1ba0
[ 120.958892][ T35] ? __pfx_batadv_nc_worker+0x10/0x10
[ 120.964305][ T35] ? __pfx_process_one_work+0x10/0x10
[ 120.969701][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.975360][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.981016][ T35] ? assign_work+0x1a0/0x250
[ 120.985657][ T35] worker_thread+0x6c8/0xf00
[ 120.990281][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 120.995937][ T35] ? __kthread_parkme+0x148/0x220
[ 121.000993][ T35] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.006648][ T35] ? __pfx_worker_thread+0x10/0x10
[ 121.011780][ T35] kthread+0x2c4/0x3a0
[ 121.015882][ T35] ? _raw_spin_unlock_irq+0x23/0x50
[ 121.021119][ T35] ? __pfx_kthread+0x10/0x10
[ 121.025740][ T35] ret_from_fork+0x48/0x80
[ 121.030180][ T35] ? __pfx_kthread+0x10/0x10
[ 121.034806][ T35] ret_from_fork_asm+0x1a/0x30
[ 121.039621][ T35]
[ 121.042647][ T35]
[ 121.044972][ T35] Allocated by task 5957:
[ 121.049302][ T35] kasan_save_stack+0x33/0x60
[ 121.054021][ T35] kasan_save_track+0x14/0x30
[ 121.058750][ T35] __kasan_kmalloc+0xaa/0xb0
[ 121.063380][ T35] __kmalloc_noprof+0x1e8/0x400
[ 121.068255][ T35] hfsplus_read_wrapper+0x34c/0xff0
[ 121.073496][ T35] hfsplus_fill_super+0x352/0x1bc0
[ 121.078625][ T35] mount_bdev+0x1e6/0x2d0
[ 121.082989][ T35] legacy_get_tree+0x10c/0x220
[ 121.087785][ T35] vfs_get_tree+0x92/0x380
[ 121.092235][ T35] path_mount+0x14e6/0x1f20
[ 121.096773][ T35] __x64_sys_mount+0x294/0x320
[ 121.101571][ T35] do_syscall_64+0xcd/0x250
[ 121.106090][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 121.112021][ T35]
[ 121.114347][ T35] The buggy address belongs to the object at ffff88807d8bf800
[ 121.114347][ T35] which belongs to the cache kmalloc-512 of size 512
[ 121.128415][ T35] The buggy address is located 0 bytes inside of
[ 121.128415][ T35] allocated 512-byte region [ffff88807d8bf800, ffff88807d8bfa00)
[ 121.142405][ T35]
[ 121.144734][ T35] The buggy address belongs to the physical page:
[ 121.151166][ T35] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d8bc
[ 121.159946][ T35] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 121.168458][ T35] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 121.176014][ T35] page_type: f5(slab)
[ 121.180017][ T35] raw: 00fff00000000040 ffff88801b041c80 ffffea000081c600 dead000000000002
[ 121.188618][ T35] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 121.197226][ T35] head: 00fff00000000040 ffff88801b041c80 ffffea000081c600 dead000000000002
[ 121.205922][ T35] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 121.214614][ T35] head: 00fff00000000002 ffffea0001f62f01 ffffffffffffffff 0000000000000000
[ 121.223308][ T35] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 121.231986][ T35] page dumped because: kasan: bad access detected
[ 121.238401][ T35] page_owner tracks the page as allocated
[ 121.244120][ T35] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4680, tgid 4680 (udevd), ts 109353705480, free_ts 108916356075
[ 121.265087][ T35] post_alloc_hook+0x2d1/0x350
[ 121.269894][ T35] get_page_from_freelist+0x101e/0x3070
[ 121.275466][ T35] __alloc_pages_noprof+0x223/0x25a0
[ 121.280774][ T35] alloc_pages_mpol_noprof+0x2c9/0x610
[ 121.286329][ T35] new_slab+0x2ba/0x3f0
[ 121.290523][ T35] ___slab_alloc+0xdac/0x1880
[ 121.295242][ T35] __slab_alloc.constprop.0+0x56/0xb0
[ 121.300656][ T35] __kmalloc_cache_noprof+0x2b4/0x300
[ 121.306068][ T35] kernfs_fop_open+0x28b/0xdb0
[ 121.310869][ T35] do_dentry_open+0x6cd/0x1530
[ 121.315668][ T35] vfs_open+0x82/0x3f0
[ 121.319754][ T35] path_openat+0x1e6a/0x2d60
[ 121.324379][ T35] do_filp_open+0x1dc/0x430
[ 121.328920][ T35] do_sys_openat2+0x17a/0x1e0
[ 121.333617][ T35] __x64_sys_openat+0x175/0x210
[ 121.338488][ T35] do_syscall_64+0xcd/0x250
[ 121.343007][ T35] page last free pid 5713 tgid 5713 stack trace:
[ 121.349341][ T35] free_unref_page+0x5f4/0xdc0
[ 121.354132][ T35] qlist_free_all+0x4e/0x120
[ 121.358762][ T35] kasan_quarantine_reduce+0x192/0x1e0
[ 121.364264][ T35] __kasan_slab_alloc+0x69/0x90
[ 121.369137][ T35] kmem_cache_alloc_noprof+0x121/0x2f0
[ 121.374616][ T35] getname_flags.part.0+0x4c/0x550
[ 121.379753][ T35] getname_flags+0x93/0xf0
[ 121.384202][ T35] vfs_fstatat+0x86/0x160
[ 121.388550][ T35] __do_sys_newfstatat+0xa2/0x130
[ 121.393595][ T35] do_syscall_64+0xcd/0x250
[ 121.398118][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 121.404054][ T35]
[ 121.406383][ T35] Memory state around the buggy address:
[ 121.412019][ T35] ffff88807d8bf900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 121.420094][ T35] ffff88807d8bf980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 121.428170][ T35] >ffff88807d8bfa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 121.436243][ T35] ^
[ 121.440320][ T35] ffff88807d8bfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 121.448398][ T35] ffff88807d8bfb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 121.456468][ T35] ==================================================================
[ 121.527537][ T5979] loop4: detected capacity change from 0 to 1024
[ 121.535479][ T11] ==================================================================
[ 121.543562][ T11] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1560
[ 121.552288][ T11] Read of size 2048 at addr ffff88807d8bf800 by task kworker/u8:0/11
[ 121.560378][ T11]
[ 121.562727][ T11] CPU: 1 UID: 0 PID: 11 Comm: kworker/u8:0 Tainted: G B 6.12.0-rc4-syzkaller-gc2ee9f594da8 #0
[ 121.574406][ T11] Tainted: [B]=BAD_PAGE
[ 121.578580][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 121.588669][ T11] Workqueue: loop0 loop_workfn
[ 121.593481][ T11] Call Trace:
[ 121.596780][ T11]
[ 121.599734][ T11] dump_stack_lvl+0x116/0x1f0
[ 121.604452][ T11] print_report+0xc3/0x620
[ 121.608909][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.614581][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.620254][ T11] ? __phys_addr+0xc6/0x150
[ 121.624814][ T11] kasan_report+0xd9/0x110
[ 121.629269][ T11] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 121.635303][ T11] ? copy_page_from_iter_atomic+0x8d3/0x1560
[ 121.641343][ T11] kasan_check_range+0xef/0x1a0
[ 121.646252][ T11] __asan_memcpy+0x23/0x60
[ 121.650723][ T11] copy_page_from_iter_atomic+0x8d3/0x1560
[ 121.656579][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.662250][ T11] ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[ 121.668542][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.674217][ T11] ? shmem_write_begin+0x177/0x300
[ 121.679393][ T11] ? __pfx_shmem_write_begin+0x10/0x10
[ 121.684918][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.690591][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.696269][ T11] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[ 121.703176][ T11] ? ktime_get_coarse_real_ts64+0x147/0x200
[ 121.709125][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.714797][ T11] generic_perform_write+0x4a1/0x920
[ 121.720157][ T11] ? __pfx_generic_perform_write+0x10/0x10
[ 121.726026][ T11] ? __mark_inode_dirty+0x2ae/0xe60
[ 121.731283][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.736959][ T11] ? preempt_count_add+0x76/0x150
[ 121.742045][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.747714][ T11] ? mnt_put_write_access_file+0xc1/0xf0
[ 121.753416][ T11] shmem_file_write_iter+0x10e/0x140
[ 121.758751][ T11] do_iter_readv_writev+0x535/0x7f0
[ 121.764000][ T11] ? __pfx_do_iter_readv_writev+0x10/0x10
[ 121.769769][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.775444][ T11] ? rcu_is_watching+0x12/0xc0
[ 121.780264][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.785927][ T11] ? lock_acquire+0x2f/0xb0
[ 121.790461][ T11] ? loop_process_work+0x14dd/0x2000
[ 121.795790][ T11] vfs_iter_write+0x1df/0x9c0
[ 121.800520][ T11] loop_process_work+0x14dd/0x2000
[ 121.805682][ T11] ? __pfx_loop_process_work+0x10/0x10
[ 121.811183][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.816853][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.822525][ T11] ? rcu_is_watching+0x12/0xc0
[ 121.827343][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.833018][ T11] ? rcu_is_watching+0x12/0xc0
[ 121.837831][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.843506][ T11] ? lock_acquire+0x2f/0xb0
[ 121.848045][ T11] ? process_one_work+0x921/0x1ba0
[ 121.853203][ T11] process_one_work+0x9c8/0x1ba0
[ 121.858188][ T11] ? __pfx_batadv_nc_worker+0x10/0x10
[ 121.863616][ T11] ? __pfx_process_one_work+0x10/0x10
[ 121.869028][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.874705][ T11] ? srso_alias_return_thunk+0x5/0xfbef5
[ 121.880377][ T11] ? assign_work+0x1a0/0x250
[ 121.885039][ T11] worker_thread+0x6c8/0xf00
[ 121.889677][ T11] ? __pfx_worker_thread+0x10/0x10
[ 121.894824][ T11] kthread+0x2c4/0x3a0
[ 121.898944][ T11] ? _raw_spin_unlock_irq+0x23/0x50
[ 121.904202][ T11] ? __pfx_kthread+0x10/0x10
[ 121.908844][ T11] ret_from_fork+0x48/0x80
[ 121.913303][ T11] ? __pfx_kthread+0x10/0x10
[ 121.917948][ T11] ret_from_fork_asm+0x1a/0x30
[ 121.922785][ T11]
[ 121.925826][ T11]