Warning: Permanently added '10.128.0.192' (ED25519) to the list of known hosts.
executing program
[   35.234528][ T4223] loop0: detected capacity change from 0 to 1024
[   35.237285][ T4223] =======================================================
[   35.237285][ T4223] WARNING: The mand mount option has been deprecated and
[   35.237285][ T4223]          and is ignored by this kernel. Remove the mand
[   35.237285][ T4223]          option from the mount to silence this warning.
[   35.237285][ T4223] =======================================================
[   35.289178][  T188] ==================================================================
[   35.291074][  T188] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x9a4/0x1104
[   35.293124][  T188] Read of size 2048 at addr ffff0000cbcb6800 by task kworker/u4:3/188
[   35.295124][  T188] 
[   35.295691][  T188] CPU: 1 PID: 188 Comm: kworker/u4:3 Not tainted 6.1.70-syzkaller #0
[   35.297598][  T188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   35.299979][  T188] Workqueue: loop0 loop_rootcg_workfn
[   35.301219][  T188] Call trace:
[   35.301951][  T188]  dump_backtrace+0x1c8/0x1f4
[   35.303056][  T188]  show_stack+0x2c/0x3c
[   35.304051][  T188]  dump_stack_lvl+0x108/0x170
[   35.305166][  T188]  print_report+0x174/0x4c0
[   35.306239][  T188]  kasan_report+0xd4/0x130
[   35.307253][  T188]  kasan_check_range+0x264/0x2a4
[   35.308496][  T188]  memcpy+0x48/0x90
[   35.309298][  T188]  copy_page_from_iter_atomic+0x9a4/0x1104
[   35.310720][  T188]  generic_perform_write+0x2fc/0x55c
[   35.311898][  T188]  __generic_file_write_iter+0x168/0x388
[   35.313235][  T188]  generic_file_write_iter+0xb8/0x2b4
[   35.314518][  T188]  do_iter_write+0x534/0x964
[   35.315671][  T188]  vfs_iter_write+0x88/0xac
[   35.316815][  T188]  loop_process_work+0x15b4/0x24a4
[   35.318051][  T188]  loop_rootcg_workfn+0x28/0x38
[   35.319215][  T188]  process_one_work+0x7ac/0x1404
[   35.320374][  T188]  worker_thread+0x8e4/0xfec
[   35.321525][  T188]  kthread+0x250/0x2d8
[   35.322528][  T188]  ret_from_fork+0x10/0x20
[   35.323546][  T188] 
[   35.324094][  T188] Allocated by task 4223:
[   35.325124][  T188]  kasan_set_track+0x4c/0x80
[   35.326258][  T188]  kasan_save_alloc_info+0x24/0x30
[   35.327546][  T188]  __kasan_kmalloc+0xac/0xc4
[   35.328680][  T188]  __kmalloc+0xd8/0x1c4
[   35.329677][  T188]  hfsplus_read_wrapper+0x3ac/0xfcc
[   35.330911][  T188]  hfsplus_fill_super+0x2f0/0x166c
[   35.332194][  T188]  mount_bdev+0x274/0x370
[   35.333296][  T188]  hfsplus_mount+0x44/0x58
[   35.334345][  T188]  legacy_get_tree+0xd4/0x16c
[   35.335497][  T188]  vfs_get_tree+0x90/0x274
[   35.336509][  T188]  do_new_mount+0x25c/0x8c4
[   35.337582][  T188]  path_mount+0x590/0xe5c
[   35.338519][  T188]  __arm64_sys_mount+0x45c/0x594
[   35.339803][  T188]  invoke_syscall+0x98/0x2c0
[   35.340829][  T188]  el0_svc_common+0x138/0x258
[   35.341983][  T188]  do_el0_svc+0x64/0x218
[   35.342974][  T188]  el0_svc+0x58/0x168
[   35.343883][  T188]  el0t_64_sync_handler+0x84/0xf0
[   35.345052][  T188]  el0t_64_sync+0x18c/0x190
[   35.346161][  T188] 
[   35.346733][  T188] The buggy address belongs to the object at ffff0000cbcb6800
[   35.346733][  T188]  which belongs to the cache kmalloc-512 of size 512
[   35.350160][  T188] The buggy address is located 0 bytes inside of
[   35.350160][  T188]  512-byte region [ffff0000cbcb6800, ffff0000cbcb6a00)
[   35.353287][  T188] 
[   35.353858][  T188] The buggy address belongs to the physical page:
[   35.355440][  T188] page:000000005d2e6f38 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10bcb4
[   35.357886][  T188] head:000000005d2e6f38 order:2 compound_mapcount:0 compound_pincount:0
[   35.359863][  T188] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   35.361833][  T188] raw: 05ffc00000010200 fffffc00030c1b00 dead000000000002 ffff0000c0002600
[   35.363893][  T188] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   35.365994][  T188] page dumped because: kasan: bad access detected
[   35.367518][  T188] 
[   35.368017][  T188] Memory state around the buggy address:
[   35.369340][  T188]  ffff0000cbcb6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.371417][  T188]  ffff0000cbcb6980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.373398][  T188] >ffff0000cbcb6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.375406][  T188]                    ^
[   35.376475][  T188]  ffff0000cbcb6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.378500][  T188]  ffff0000cbcb6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.380450][  T188] ==================================================================
[   35.382587][  T188] Disabling lock debugging due to kernel taint