loop0: detected capacity change from 0 to 32768
UFO tlock:0x00000000677a99a3
ea_get: invalid extended attribute
==================================================================
BUG: KASAN: slab-out-of-bounds in UniStrncpy_to_le fs/jfs/jfs_unicode.h:80 [inline]
BUG: KASAN: slab-out-of-bounds in dtInsertEntry+0x6d8/0xf60 fs/jfs/jfs_dtree.c:3712
Write of size 2 at addr ffff0000d7e82e04 by task syz.0.150/5144

CPU: 1 PID: 5144 Comm: syz.0.150 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
Call trace:
 dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 print_address_description+0x88/0x218 mm/kasan/report.c:316
 print_report+0x50/0x68 mm/kasan/report.c:420
 kasan_report+0xa8/0x100 mm/kasan/report.c:524
 __asan_report_store2_noabort+0x2c/0x38 mm/kasan/report_generic.c:354
 UniStrncpy_to_le fs/jfs/jfs_unicode.h:80 [inline]
 dtInsertEntry+0x6d8/0xf60 fs/jfs/jfs_dtree.c:3712
 dtInsert+0x6ec/0x55ac fs/jfs/jfs_dtree.c:894
 jfs_mkdir+0x5a4/0x8b4 fs/jfs/namei.c:270
 vfs_mkdir+0x314/0x4d4 fs/namei.c:4114
 do_mkdirat+0x1b4/0x3e0 fs/namei.c:4139
 __do_sys_mkdirat fs/namei.c:4154 [inline]
 __se_sys_mkdirat fs/namei.c:4152 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4152
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585

Allocated by task 4818:
 kasan_save_stack mm/kasan/common.c:45 [inline]
 kasan_set_track+0x4c/0x80 mm/kasan/common.c:52
 kasan_save_alloc_info+0x28/0x34 mm/kasan/generic.c:505
 ____kasan_kmalloc mm/kasan/common.c:374 [inline]
 __kasan_kmalloc+0xa0/0xb8 mm/kasan/common.c:383
 kasan_kmalloc include/linux/kasan.h:211 [inline]
 __do_kmalloc_node mm/slab_common.c:936 [inline]
 __kmalloc_node_track_caller+0xe0/0x16c mm/slab_common.c:956
 kstrdup mm/util.c:61 [inline]
 kstrdup_const+0x90/0xdc mm/util.c:84
 __kernfs_new_node+0xa8/0x5d8 fs/kernfs/dir.c:610
 kernfs_new_node+0x11c/0x230 fs/kernfs/dir.c:690
 __kernfs_create_file+0x60/0x2d4 fs/kernfs/file.c:1068
 sysfs_add_file_mode_ns+0x1d8/0x294 fs/sysfs/file.c:294
 create_files fs/sysfs/group.c:64 [inline]
 internal_create_group+0x3d4/0xac8 fs/sysfs/group.c:148
 internal_create_groups fs/sysfs/group.c:188 [inline]
 sysfs_create_groups+0x60/0x134 fs/sysfs/group.c:214
 setup_gid_attrs drivers/infiniband/core/sysfs.c:1170 [inline]
 ib_setup_port_attrs+0x1048/0x198c drivers/infiniband/core/sysfs.c:1447
 add_one_compat_dev+0x338/0x4e8 drivers/infiniband/core/device.c:978
 add_compat_devs drivers/infiniband/core/device.c:1036 [inline]
 enable_device_and_get+0x27c/0x398 drivers/infiniband/core/device.c:1347
 ib_register_device+0xda0/0xfd0 drivers/infiniband/core/device.c:1429
 rxe_register_device+0x20c/0x33c drivers/infiniband/sw/rxe/rxe_verbs.c:1101
 rxe_add+0x90c/0xe00 drivers/infiniband/sw/rxe/rxe.c:175
 rxe_net_add+0x7c/0xf0 drivers/infiniband/sw/rxe/rxe_net.c:522
 rxe_newlink+0x70/0xfc drivers/infiniband/sw/rxe/rxe.c:197
 nldev_newlink+0x3f0/0x4b4 drivers/infiniband/core/nldev.c:1720
 rdma_nl_rcv_msg drivers/infiniband/core/netlink.c:-1 [inline]
 rdma_nl_rcv_skb drivers/infiniband/core/netlink.c:239 [inline]
 rdma_nl_rcv+0x558/0x7ec drivers/infiniband/core/netlink.c:259
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x60c/0x824 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x6e8/0x9b0 net/netlink/af_netlink.c:1872
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg net/socket.c:730 [inline]
 ____sys_sendmsg+0x5b8/0x918 net/socket.c:2519
 ___sys_sendmsg net/socket.c:2573 [inline]
 __sys_sendmsg+0x25c/0x320 net/socket.c:2602
 __do_sys_sendmsg net/socket.c:2611 [inline]
 __se_sys_sendmsg net/socket.c:2609 [inline]
 __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2609
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585

The buggy address belongs to the object at ffff0000d7e82e00
 which belongs to the cache kmalloc-128 of size 128
The buggy address is located 4 bytes inside of
 128-byte region [ffff0000d7e82e00, ffff0000d7e82e80)

The buggy address belongs to the physical page:
page:0000000045da2414 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117e82
flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff)
raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c0002300
raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff0000d7e82d00: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff0000d7e82d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff0000d7e82e00: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
                   ^
 ffff0000d7e82e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff0000d7e82f00: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================