Warning: Permanently added '10.128.1.140' (ED25519) to the list of known hosts.
executing program
[   35.948412][ T6095] loop0: detected capacity change from 0 to 1024
[   35.957279][ T6095] hfsplus: request for non-existent node 3 in B*Tree
[   35.958911][ T6095] hfsplus: request for non-existent node 3 in B*Tree
[   36.011542][   T11] ==================================================================
[   36.013468][   T11] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0xa60/0x17b4
[   36.015517][   T11] Read of size 2048 at addr ffff0000c332e800 by task kworker/u4:0/11
[   36.017438][   T11] 
[   36.018055][   T11] CPU: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.7.0-rc4-syzkaller-gd46efae31672 #0
[   36.020291][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   36.022572][   T11] Workqueue: loop0 loop_rootcg_workfn
[   36.023827][   T11] Call trace:
[   36.024553][   T11]  dump_backtrace+0x1b8/0x1e4
[   36.025705][   T11]  show_stack+0x2c/0x44
[   36.026614][   T11]  dump_stack_lvl+0xd0/0x124
[   36.027738][   T11]  print_report+0x174/0x514
[   36.028856][   T11]  kasan_report+0xd8/0x138
[   36.029881][   T11]  kasan_check_range+0x254/0x294
[   36.031033][   T11]  __asan_memcpy+0x3c/0x84
[   36.032082][   T11]  copy_page_from_iter_atomic+0xa60/0x17b4
[   36.033415][   T11]  generic_perform_write+0x310/0x588
[   36.034648][   T11]  shmem_file_write_iter+0x110/0x138
[   36.035930][   T11]  do_iter_write+0x654/0xa78
[   36.037057][   T11]  vfs_iter_write+0x88/0xac
[   36.038115][   T11]  loop_process_work+0x15c8/0x2498
[   36.039336][   T11]  loop_rootcg_workfn+0x28/0x38
[   36.040502][   T11]  process_one_work+0x694/0x1204
[   36.041638][   T11]  worker_thread+0x938/0xef4
[   36.042663][   T11]  kthread+0x288/0x310
[   36.043578][   T11]  ret_from_fork+0x10/0x20
[   36.044559][   T11] 
[   36.045093][   T11] Allocated by task 6095:
[   36.046081][   T11]  kasan_set_track+0x4c/0x7c
[   36.047188][   T11]  kasan_save_alloc_info+0x24/0x30
[   36.048330][   T11]  __kasan_kmalloc+0xac/0xc4
[   36.049438][   T11]  __kmalloc+0xcc/0x1b8
[   36.050385][   T11]  hfsplus_read_wrapper+0x3ac/0xfcc
[   36.051597][   T11]  hfsplus_fill_super+0x2f0/0x166c
[   36.052849][   T11]  mount_bdev+0x1e8/0x2b4
[   36.053863][   T11]  hfsplus_mount+0x44/0x58
[   36.054927][   T11]  legacy_get_tree+0xd4/0x16c
[   36.056049][   T11]  vfs_get_tree+0x90/0x288
[   36.057091][   T11]  do_new_mount+0x25c/0x8c8
[   36.058145][   T11]  path_mount+0x590/0xe04
[   36.059166][   T11]  __arm64_sys_mount+0x45c/0x594
[   36.060361][   T11]  invoke_syscall+0x98/0x2b8
[   36.061458][   T11]  el0_svc_common+0x130/0x23c
[   36.062529][   T11]  do_el0_svc+0x48/0x58
[   36.063470][   T11]  el0_svc+0x54/0x158
[   36.064444][   T11]  el0t_64_sync_handler+0x84/0xfc
[   36.065669][   T11]  el0t_64_sync+0x190/0x194
[   36.066747][   T11] 
[   36.067343][   T11] The buggy address belongs to the object at ffff0000c332e800
[   36.067343][   T11]  which belongs to the cache kmalloc-512 of size 512
[   36.070632][   T11] The buggy address is located 0 bytes inside of
[   36.070632][   T11]  allocated 512-byte region [ffff0000c332e800, ffff0000c332ea00)
[   36.074011][   T11] 
[   36.074567][   T11] The buggy address belongs to the physical page:
[   36.076084][   T11] page:0000000027c9ecaf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10332c
[   36.078498][   T11] head:0000000027c9ecaf order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.080607][   T11] flags: 0x5ffc00000000840(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   36.082516][   T11] page_type: 0xffffffff()
[   36.083473][   T11] raw: 05ffc00000000840 ffff0000c0001c80 fffffc0003471900 dead000000000002
[   36.085465][   T11] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   36.087476][   T11] page dumped because: kasan: bad access detected
[   36.088992][   T11] 
[   36.089566][   T11] Memory state around the buggy address:
[   36.090966][   T11]  ffff0000c332e900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.092762][   T11]  ffff0000c332e980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.094676][   T11] >ffff0000c332ea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.096460][   T11]                    ^
[   36.097330][   T11]  ffff0000c332ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.099189][   T11]  ffff0000c332eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.101031][   T11] ==================================================================
[   36.103046][   T11] Disabling lock debugging due to kernel taint