Extracting prog: 2m30.465544732s
Minimizing prog: 11m26.795877746s
Simplifying prog options: 0s
Extracting C: 37.685287879s
Simplifying C: 8m11.743968664s


1 programs, timeouts [30s 6m0s]
extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-sendfile-ioctl$LOOP_SET_BLOCK_SIZE-fallocate-ioctl$LOOP_SET_STATUS-syz_mount_image$hfsplus-openat
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
fallocate(0xffffffffffffffff, 0x30, 0x4, 0x1000)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, 0x0)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)

program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
single: successfully extracted reproducer
found reproducer with 7 syscalls
minimizing guilty program
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-sendfile-ioctl$LOOP_SET_BLOCK_SIZE-fallocate-ioctl$LOOP_SET_STATUS-syz_mount_image$hfsplus
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
fallocate(0xffffffffffffffff, 0x30, 0x4, 0x1000)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, 0x0)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-sendfile-ioctl$LOOP_SET_BLOCK_SIZE-fallocate-ioctl$LOOP_SET_STATUS
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
fallocate(0xffffffffffffffff, 0x30, 0x4, 0x1000)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, 0x0)

program did not crash
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-sendfile-ioctl$LOOP_SET_BLOCK_SIZE-fallocate-syz_mount_image$hfsplus
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
fallocate(0xffffffffffffffff, 0x30, 0x4, 0x1000)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-sendfile-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-sendfile-syz_mount_image$hfsplus
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program did not crash
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
detailed listing:
executing program 0:
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x800)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program did not crash
testing program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000840)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1010004, &(0x7f0000000100)={[{@part={'part', 0x3d, 0x4}}, {@umask={'umask', 0x3d, 0xbf6}}, {@nls={'nls', 0x3d, 'cp737'}}, {@umask={'umask', 0x3d, 0xad9b}}]}, 0x6, 0x6ad, &(0x7f00000009c0)="$eJzs3U9sHFcdB/DvbDZrb5BSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmFyAYoSJw4oR44FKFw6AkhhFROiHJGQuLCKfdI3DjkABjN7Ox6bW8cO3+8bvv5SLPzZt+8937zy/zZmY21AT6zzr2e/b0UOXf8/M1y+e6dTvfunc61QTnJVJJG0uzPUrST4uPkbPpTPl++WXdXPGicV+99VDTf/7DTX2rWU7V+Y6t2m4xds5dMDxf2JZntF/+z7W439VdNVT8X1/p7RMUw7jJhxwaJg0lb3aS3Vtl4aPPtH7fAnnWrf93cZCY5kP7VtfwckPrs8PAzw+RteW7q7V4cAAAA8LSsu5cvxtzsPnM/93MzB3cxJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjEK/q/GVjUU2NQnk0x+P3/1shv6rcmHO5jeu9yNfvuM5MOBAAAAAAAAAAey9H7uZ+bOThYXi2q7/xfqhYOVa+fy9u5kcUs50RuZiErWcly5pPMjHTUurmwsrI8v7nlL1O2XF1dvVW3PDW25an1cfU2BjrufxpsWgkAAAAAAAAAPrN+lHNr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+rNqOjQoz6TRTDKdpFXMDldvTTTYJ+DPkw4AAAAAnr52PT9Y/K9fWC2qe/7D1X3/dN7O9axkKSvpZjGXqmcB/bv+xt97ne7dO51r5bS542/8a0dxVD2m/+xh/Mhz1RovDFucy7fzvRzPbC5kOUv5fhayksXM5ltVaSFFZuqnFzN377QziHVzvGfXLV0YKU+XL0dH3ijjO1JF0s7lLFWxncjF1iD0Rr3ekZHR/thKNox4u8xO8Vptmzm6VM/LLfpFPd8bZqot3z/MyFyd+zIbz47mfXPud7ifbBxpPo3hM6hDa6OUixtHeqScH6jnZa5/+nRzvsNHaesz0ft5uTTY+w5vnfPky//4y4UrjetXr1y+cXzv7EaPaOM+0RnJxIvbykS3zETvMTIx/TjxPzmtOhv9s+jOzpYvVW0PZinfyZu5lMWczlzmcyZz+VpOpZNTI3l9Yeu8VsdaY2fH2rEv1YXymvSzkWvTrpl6UEWZ12dH8jp6ppup6kbfWcvSc9vIUtHK+Cz9c2wozS/UhXKMH49ccSZvYybmRzLx/NaZ+PV/V5Pc6F6/unxl4a1tjvdyPS8P2/fWn5t/80Q2aOfqzS33l+fKf6z0Lxuje0dZ9/ygbkO+WvU3Ls26s3V1rVTHc7/uYUdq2dPh2+N66te9OHaUTlV3ZKRu3aecvJnu8FMIAHvYgVcOtNr32n9rf9D+SftK+/z0N6fOTH2xlf1/bf5p3+8av218vXglH+SHOTjpSAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NPgxjvvXl3odheX92AhjSfc4e2xVYNU9N9pPfHNObonkrlLhamt9qjfJ9mieWsSMbeT7InUpbkLY01lTNX54TvtpDGMJ8nVPfIDd8DTcHLl2lsnb7zz7leWri28sfjG4vVTZ06/drrz1flbJy8vdRfn+q+TjhJ4GtY+Bkw6EgAAAAAAAAAAAGC7duPPG8YMW/QmsK0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ9O517O/lyLzcyfmyuW7dzrdchqU19ZsJmkkKX6QFB8nZ9OfMjPSXfGgcV6999GvXn7/w85aX83B+o0N7f7w79XVHW5Fr54ym2RfPX+4qW31d3Gkv94OA+srhltYJuzYIHEwaf8PAAD//8JZCBU=")

program did not crash
extracting C reproducer
testing compiled C program (duration=1m9.92924961s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
simplifying C reproducer
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program did not crash
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
testing compiled C program (duration=1m9.92924961s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$LOOP_SET_BLOCK_SIZE-syz_mount_image$hfsplus
program crashed: KASAN: slab-out-of-bounds Read in generic_perform_write
reproducing took 22m46.69070351s
repro crashed as (corrupted=false):
==================================================================
BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x834/0xffc lib/iov_iter.c:978
Read of size 2048 at addr ffff0000c7b24000 by task kworker/u4:4/365

CPU: 0 PID: 365 Comm: kworker/u4:4 Not tainted 5.15.168-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: loop0 loop_rootcg_workfn
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 print_address_description+0x7c/0x3f0 mm/kasan/report.c:248
 __kasan_report mm/kasan/report.c:434 [inline]
 kasan_report+0x174/0x1e4 mm/kasan/report.c:451
 kasan_check_range+0x274/0x2b4 mm/kasan/generic.c:189
 memcpy+0x90/0xe8 mm/kasan/shadow.c:65
 copy_page_from_iter_atomic+0x834/0xffc lib/iov_iter.c:978
 generic_perform_write+0x2d0/0x520 mm/filemap.c:3793
 __generic_file_write_iter+0x230/0x454 mm/filemap.c:3912
 generic_file_write_iter+0xb4/0x1b8 mm/filemap.c:3944
 do_iter_readv_writev+0x420/0x5f8
 do_iter_write+0x1b8/0x66c fs/read_write.c:855
 vfs_iter_write+0x88/0xac fs/read_write.c:896
 lo_write_bvec+0x394/0xb4c drivers/block/loop.c:316
 lo_write_simple drivers/block/loop.c:338 [inline]
 do_req_filebacked drivers/block/loop.c:656 [inline]
 loop_handle_cmd drivers/block/loop.c:2234 [inline]
 loop_process_work+0x1f24/0x2798 drivers/block/loop.c:2274
 loop_rootcg_workfn+0x28/0x38 drivers/block/loop.c:2305
 process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
 worker_thread+0x910/0x1034 kernel/workqueue.c:2457
 kthread+0x37c/0x45c kernel/kthread.c:334
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870

Allocated by task 4032:
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 ____kasan_kmalloc+0xbc/0xfc mm/kasan/common.c:513
 __kasan_kmalloc+0x10/0x1c mm/kasan/common.c:522
 kasan_kmalloc include/linux/kasan.h:264 [inline]
 __kmalloc+0x29c/0x4c8 mm/slub.c:4407
 kmalloc include/linux/slab.h:596 [inline]
 hfsplus_read_wrapper+0x3b8/0xfc8 fs/hfsplus/wrapper.c:180
 hfsplus_fill_super+0x2f0/0x167c fs/hfsplus/super.c:413
 mount_bdev+0x274/0x370 fs/super.c:1400
 hfsplus_mount+0x44/0x58 fs/hfsplus/super.c:641
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:611
 vfs_get_tree+0x90/0x274 fs/super.c:1530
 do_new_mount+0x278/0x8fc fs/namespace.c:3012
 path_mount+0x594/0x101c fs/namespace.c:3342
 do_mount fs/namespace.c:3355 [inline]
 __do_sys_mount fs/namespace.c:3563 [inline]
 __se_sys_mount fs/namespace.c:3540 [inline]
 __arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3540
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584

The buggy address belongs to the object at ffff0000c7b24000
 which belongs to the cache kmalloc-512 of size 512
The buggy address is located 0 bytes inside of
 512-byte region [ffff0000c7b24000, ffff0000c7b24200)
The buggy address belongs to the page:
page:0000000067032d61 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000c7b25c00 pfn:0x107b24
head:0000000067032d61 order:2 compound_mapcount:0 compound_pincount:0
flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
raw: 05ffc00000010200 0000000000000000 0000000100000001 ffff0000c0002600
raw: ffff0000c7b25c00 0000000080100008 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff0000c7b24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff0000c7b24180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff0000c7b24200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
                   ^
 ffff0000c7b24280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff0000c7b24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================

final repro crashed as (corrupted=false):
==================================================================
BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x834/0xffc lib/iov_iter.c:978
Read of size 2048 at addr ffff0000c7b24000 by task kworker/u4:4/365

CPU: 0 PID: 365 Comm: kworker/u4:4 Not tainted 5.15.168-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: loop0 loop_rootcg_workfn
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 print_address_description+0x7c/0x3f0 mm/kasan/report.c:248
 __kasan_report mm/kasan/report.c:434 [inline]
 kasan_report+0x174/0x1e4 mm/kasan/report.c:451
 kasan_check_range+0x274/0x2b4 mm/kasan/generic.c:189
 memcpy+0x90/0xe8 mm/kasan/shadow.c:65
 copy_page_from_iter_atomic+0x834/0xffc lib/iov_iter.c:978
 generic_perform_write+0x2d0/0x520 mm/filemap.c:3793
 __generic_file_write_iter+0x230/0x454 mm/filemap.c:3912
 generic_file_write_iter+0xb4/0x1b8 mm/filemap.c:3944
 do_iter_readv_writev+0x420/0x5f8
 do_iter_write+0x1b8/0x66c fs/read_write.c:855
 vfs_iter_write+0x88/0xac fs/read_write.c:896
 lo_write_bvec+0x394/0xb4c drivers/block/loop.c:316
 lo_write_simple drivers/block/loop.c:338 [inline]
 do_req_filebacked drivers/block/loop.c:656 [inline]
 loop_handle_cmd drivers/block/loop.c:2234 [inline]
 loop_process_work+0x1f24/0x2798 drivers/block/loop.c:2274
 loop_rootcg_workfn+0x28/0x38 drivers/block/loop.c:2305
 process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
 worker_thread+0x910/0x1034 kernel/workqueue.c:2457
 kthread+0x37c/0x45c kernel/kthread.c:334
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870

Allocated by task 4032:
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 ____kasan_kmalloc+0xbc/0xfc mm/kasan/common.c:513
 __kasan_kmalloc+0x10/0x1c mm/kasan/common.c:522
 kasan_kmalloc include/linux/kasan.h:264 [inline]
 __kmalloc+0x29c/0x4c8 mm/slub.c:4407
 kmalloc include/linux/slab.h:596 [inline]
 hfsplus_read_wrapper+0x3b8/0xfc8 fs/hfsplus/wrapper.c:180
 hfsplus_fill_super+0x2f0/0x167c fs/hfsplus/super.c:413
 mount_bdev+0x274/0x370 fs/super.c:1400
 hfsplus_mount+0x44/0x58 fs/hfsplus/super.c:641
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:611
 vfs_get_tree+0x90/0x274 fs/super.c:1530
 do_new_mount+0x278/0x8fc fs/namespace.c:3012
 path_mount+0x594/0x101c fs/namespace.c:3342
 do_mount fs/namespace.c:3355 [inline]
 __do_sys_mount fs/namespace.c:3563 [inline]
 __se_sys_mount fs/namespace.c:3540 [inline]
 __arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3540
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584

The buggy address belongs to the object at ffff0000c7b24000
 which belongs to the cache kmalloc-512 of size 512
The buggy address is located 0 bytes inside of
 512-byte region [ffff0000c7b24000, ffff0000c7b24200)
The buggy address belongs to the page:
page:0000000067032d61 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000c7b25c00 pfn:0x107b24
head:0000000067032d61 order:2 compound_mapcount:0 compound_pincount:0
flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
raw: 05ffc00000010200 0000000000000000 0000000100000001 ffff0000c0002600
raw: ffff0000c7b25c00 0000000080100008 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff0000c7b24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff0000c7b24180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff0000c7b24200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
                   ^
 ffff0000c7b24280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff0000c7b24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================