Warning: Permanently added '10.128.0.200' (ED25519) to the list of known hosts.
executing program
[   33.340834][ T6099] loop0: detected capacity change from 0 to 1024
[   33.344241][ T6099] =======================================================
[   33.344241][ T6099] WARNING: The mand mount option has been deprecated and
[   33.344241][ T6099]          and is ignored by this kernel. Remove the mand
[   33.344241][ T6099]          option from the mount to silence this warning.
[   33.344241][ T6099] =======================================================
[   33.411876][   T41] ==================================================================
[   33.413943][   T41] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0xa60/0x17b4
[   33.416347][   T41] Read of size 2048 at addr ffff0000c91e9000 by task kworker/u4:3/41
[   33.418505][   T41] 
[   33.419130][   T41] CPU: 0 PID: 41 Comm: kworker/u4:3 Not tainted 6.7.0-rc3-syzkaller-g2cc14f52aeb7 #0
[   33.421628][   T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   33.424298][   T41] Workqueue: loop0 loop_rootcg_workfn
[   33.425676][   T41] Call trace:
[   33.426533][   T41]  dump_backtrace+0x1b8/0x1e4
[   33.427778][   T41]  show_stack+0x2c/0x44
[   33.428906][   T41]  dump_stack_lvl+0xd0/0x124
[   33.430132][   T41]  print_report+0x174/0x514
[   33.431313][   T41]  kasan_report+0xd8/0x138
[   33.432443][   T41]  kasan_check_range+0x254/0x294
[   33.433782][   T41]  __asan_memcpy+0x3c/0x84
[   33.434990][   T41]  copy_page_from_iter_atomic+0xa60/0x17b4
[   33.436548][   T41]  generic_perform_write+0x310/0x588
[   33.437984][   T41]  shmem_file_write_iter+0x110/0x138
[   33.439393][   T41]  do_iter_write+0x654/0xa78
[   33.440552][   T41]  vfs_iter_write+0x88/0xac
[   33.441676][   T41]  loop_process_work+0x15c8/0x2498
[   33.443038][   T41]  loop_rootcg_workfn+0x28/0x38
[   33.444295][   T41]  process_one_work+0x694/0x1204
[   33.445590][   T41]  worker_thread+0x938/0xef4
[   33.446795][   T41]  kthread+0x288/0x310
[   33.447878][   T41]  ret_from_fork+0x10/0x20
[   33.449025][   T41] 
[   33.449605][   T41] Allocated by task 6099:
[   33.450690][   T41]  kasan_set_track+0x4c/0x7c
[   33.451819][   T41]  kasan_save_alloc_info+0x24/0x30
[   33.453129][   T41]  __kasan_kmalloc+0xac/0xc4
[   33.454473][   T41]  __kmalloc+0xcc/0x1b8
[   33.455558][   T41]  hfsplus_read_wrapper+0x3ac/0xfcc
[   33.456907][   T41]  hfsplus_fill_super+0x2f0/0x166c
[   33.458283][   T41]  mount_bdev+0x1e8/0x2b4
[   33.459367][   T41]  hfsplus_mount+0x44/0x58
[   33.460566][   T41]  legacy_get_tree+0xd4/0x16c
[   33.461859][   T41]  vfs_get_tree+0x90/0x288
[   33.463017][   T41]  do_new_mount+0x25c/0x8c8
[   33.464133][   T41]  path_mount+0x590/0xe04
[   33.465313][   T41]  __arm64_sys_mount+0x45c/0x594
[   33.466613][   T41]  invoke_syscall+0x98/0x2b8
[   33.467782][   T41]  el0_svc_common+0x130/0x23c
[   33.468955][   T41]  do_el0_svc+0x48/0x58
[   33.470026][   T41]  el0_svc+0x54/0x158
[   33.471053][   T41]  el0t_64_sync_handler+0x84/0xfc
[   33.472388][   T41]  el0t_64_sync+0x190/0x194
[   33.473589][   T41] 
[   33.474176][   T41] The buggy address belongs to the object at ffff0000c91e9000
[   33.474176][   T41]  which belongs to the cache kmalloc-512 of size 512
[   33.477806][   T41] The buggy address is located 0 bytes inside of
[   33.477806][   T41]  allocated 512-byte region [ffff0000c91e9000, ffff0000c91e9200)
[   33.481549][   T41] 
[   33.482154][   T41] The buggy address belongs to the physical page:
[   33.483805][   T41] page:000000008a23800f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091e8
[   33.486441][   T41] head:000000008a23800f order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   33.488796][   T41] flags: 0x5ffc00000000840(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   33.490921][   T41] page_type: 0xffffffff()
[   33.492083][   T41] raw: 05ffc00000000840 ffff0000c0001c80 dead000000000100 dead000000000122
[   33.494308][   T41] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   33.496564][   T41] page dumped because: kasan: bad access detected
[   33.498324][   T41] 
[   33.498956][   T41] Memory state around the buggy address:
[   33.500437][   T41]  ffff0000c91e9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.502596][   T41]  ffff0000c91e9180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.504699][   T41] >ffff0000c91e9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.506796][   T41]                    ^
[   33.507813][   T41]  ffff0000c91e9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.509857][   T41]  ffff0000c91e9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.511953][   T41] ==================================================================
[   33.514198][   T41] Disabling lock debugging due to kernel taint