[   15.081178][ T3896] 8021q: adding VLAN 0 to HW filter on device bond0
[   15.084491][ T3896] eql: remember to turn off Van-Jacobson compression on your slave devices
[   15.130854][ T1636] gvnic 0000:00:00.0 enp0s0: Device link is up.
[   15.133725][ T3805] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   34.334984][ T4221] loop0: detected capacity change from 0 to 1024
[   34.355418][ T4221] hfsplus: request for non-existent node 3 in B*Tree
[   34.357120][ T4221] hfsplus: request for non-existent node 3 in B*Tree
[   34.413782][ T1636] ==================================================================
[   34.415381][ T1636] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x9a4/0x1104
[   34.417322][ T1636] Read of size 1024 at addr ffff0000d1e70c00 by task kworker/u4:4/1636
[   34.419069][ T1636] 
[   34.419557][ T1636] CPU: 0 PID: 1636 Comm: kworker/u4:4 Not tainted 6.1.83-syzkaller #0
[   34.421309][ T1636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   34.423594][ T1636] Workqueue: loop0 loop_rootcg_workfn
[   34.424711][ T1636] Call trace:
[   34.425394][ T1636]  dump_backtrace+0x1c8/0x1f4
[   34.426407][ T1636]  show_stack+0x2c/0x3c
[   34.427320][ T1636]  dump_stack_lvl+0x108/0x170
[   34.428287][ T1636]  print_report+0x174/0x4c0
[   34.429288][ T1636]  kasan_report+0xd4/0x130
[   34.430270][ T1636]  kasan_check_range+0x264/0x2a4
[   34.431349][ T1636]  memcpy+0x48/0x90
[   34.432219][ T1636]  copy_page_from_iter_atomic+0x9a4/0x1104
[   34.433609][ T1636]  generic_perform_write+0x2fc/0x55c
[   34.434801][ T1636]  __generic_file_write_iter+0x168/0x388
[   34.435976][ T1636]  generic_file_write_iter+0xb8/0x2b4
[   34.437128][ T1636]  do_iter_write+0x534/0x964
[   34.438214][ T1636]  vfs_iter_write+0x88/0xac
[   34.439248][ T1636]  loop_process_work+0x15b4/0x24a4
[   34.440370][ T1636]  loop_rootcg_workfn+0x28/0x38
[   34.441401][ T1636]  process_one_work+0x7ac/0x1404
[   34.442458][ T1636]  worker_thread+0x8e4/0xfec
[   34.443453][ T1636]  kthread+0x250/0x2d8
[   34.444343][ T1636]  ret_from_fork+0x10/0x20
[   34.445261][ T1636] 
[   34.445796][ T1636] Allocated by task 4221:
[   34.446767][ T1636]  kasan_set_track+0x4c/0x80
[   34.447807][ T1636]  kasan_save_alloc_info+0x24/0x30
[   34.448907][ T1636]  __kasan_kmalloc+0xac/0xc4
[   34.449904][ T1636]  __kmalloc+0xd8/0x1c4
[   34.450804][ T1636]  hfsplus_read_wrapper+0x3ac/0xfcc
[   34.451993][ T1636]  hfsplus_fill_super+0x2f0/0x166c
[   34.453140][ T1636]  mount_bdev+0x274/0x370
[   34.454099][ T1636]  hfsplus_mount+0x44/0x58
[   34.455102][ T1636]  legacy_get_tree+0xd4/0x16c
[   34.456128][ T1636]  vfs_get_tree+0x90/0x274
[   34.457068][ T1636]  do_new_mount+0x278/0x8fc
[   34.458034][ T1636]  path_mount+0x590/0xe5c
[   34.458989][ T1636]  __arm64_sys_mount+0x45c/0x594
[   34.460048][ T1636]  invoke_syscall+0x98/0x2c0
[   34.461087][ T1636]  el0_svc_common+0x138/0x258
[   34.462094][ T1636]  do_el0_svc+0x64/0x218
[   34.463046][ T1636]  el0_svc+0x58/0x168
[   34.463935][ T1636]  el0t_64_sync_handler+0x84/0xf0
[   34.465008][ T1636]  el0t_64_sync+0x18c/0x190
[   34.466017][ T1636] 
[   34.466565][ T1636] The buggy address belongs to the object at ffff0000d1e70c00
[   34.466565][ T1636]  which belongs to the cache kmalloc-512 of size 512
[   34.469781][ T1636] The buggy address is located 0 bytes inside of
[   34.469781][ T1636]  512-byte region [ffff0000d1e70c00, ffff0000d1e70e00)
[   34.472569][ T1636] 
[   34.473072][ T1636] The buggy address belongs to the physical page:
[   34.474433][ T1636] page:000000004db81790 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111e70
[   34.476707][ T1636] head:000000004db81790 order:2 compound_mapcount:0 compound_pincount:0
[   34.478533][ T1636] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   34.480265][ T1636] raw: 05ffc00000010200 0000000000000000 dead000000000001 ffff0000c0002600
[   34.482128][ T1636] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   34.483926][ T1636] page dumped because: kasan: bad access detected
[   34.485343][ T1636] 
[   34.485858][ T1636] Memory state around the buggy address:
[   34.487080][ T1636]  ffff0000d1e70d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.488819][ T1636]  ffff0000d1e70d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.490596][ T1636] >ffff0000d1e70e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.492377][ T1636]                    ^
[   34.493338][ T1636]  ffff0000d1e70e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.495051][ T1636]  ffff0000d1e70f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.496810][ T1636] ==================================================================
[   34.498747][ T1636] Disabling lock debugging due to kernel taint