Warning: Permanently added '10.128.1.126' (ED25519) to the list of known hosts.
executing program
[   50.733031][ T3500] loop0: detected capacity change from 0 to 1024
[   50.750355][ T3500] ==================================================================
[   50.758698][ T3500] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x576/0x11f0
[   50.766457][ T3500] Read of size 2 at addr ffff88814773640c by task syz-executor393/3500
[   50.774713][ T3500] 
[   50.777050][ T3500] CPU: 0 PID: 3500 Comm: syz-executor393 Not tainted 5.15.145-syzkaller #0
[   50.785653][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   50.795814][ T3500] Call Trace:
[   50.799098][ T3500]  <TASK>
[   50.802141][ T3500]  dump_stack_lvl+0x1e3/0x2cb
[   50.806831][ T3500]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   50.812467][ T3500]  ? _printk+0xd1/0x111
[   50.816627][ T3500]  ? __wake_up_klogd+0xcc/0x100
[   50.821474][ T3500]  ? panic+0x84d/0x84d
[   50.825536][ T3500]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   50.830993][ T3500]  print_address_description+0x63/0x3b0
[   50.836536][ T3500]  ? hfsplus_uni2asc+0x576/0x11f0
[   50.841552][ T3500]  kasan_report+0x16b/0x1c0
[   50.846053][ T3500]  ? hfsplus_uni2asc+0x576/0x11f0
[   50.851080][ T3500]  hfsplus_uni2asc+0x576/0x11f0
[   50.855943][ T3500]  hfsplus_readdir+0x90c/0x12f0
[   50.860801][ T3500]  ? hfsplus_rename+0x1b0/0x1b0
[   50.865698][ T3500]  ? __might_sleep+0xc0/0xc0
[   50.870285][ T3500]  ? __fdget_pos+0x2cb/0x380
[   50.874885][ T3500]  ? mutex_lock_io_nested+0x60/0x60
[   50.880088][ T3500]  ? iterate_dir+0x10a/0x570
[   50.884667][ T3500]  ? iterate_dir+0x10a/0x570
[   50.889247][ T3500]  ? fsnotify_perm+0x438/0x5a0
[   50.894018][ T3500]  iterate_dir+0x224/0x570
[   50.898425][ T3500]  ? hfsplus_rename+0x1b0/0x1b0
[   50.903270][ T3500]  __se_sys_getdents64+0x209/0x4f0
[   50.908374][ T3500]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   50.914352][ T3500]  ? __x64_sys_getdents64+0x80/0x80
[   50.919542][ T3500]  ? filldir+0x720/0x720
[   50.923778][ T3500]  ? syscall_enter_from_user_mode+0x2e/0x230
[   50.929751][ T3500]  ? lockdep_hardirqs_on+0x94/0x130
[   50.934941][ T3500]  ? syscall_enter_from_user_mode+0x2e/0x230
[   50.940912][ T3500]  do_syscall_64+0x3d/0xb0
[   50.945322][ T3500]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   50.951211][ T3500] RIP: 0033:0x7f0f40c81649
[   50.955633][ T3500] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   50.975338][ T3500] RSP: 002b:00007ffcf5bc3718 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   50.983743][ T3500] RAX: ffffffffffffffda RBX: 00007ffcf5bc38e8 RCX: 00007f0f40c81649
[   50.991703][ T3500] RDX: 0000000000000067 RSI: 0000000020000540 RDI: 0000000000000003
[   50.999667][ T3500] RBP: 00007f0f40cf4610 R08: 0000000000000651 R09: 00007ffcf5bc38e8
[   51.007644][ T3500] R10: 00007ffcf5bc35d0 R11: 0000000000000246 R12: 0000000000000001
[   51.015607][ T3500] R13: 00007ffcf5bc38d8 R14: 0000000000000001 R15: 0000000000000001
[   51.023582][ T3500]  </TASK>
[   51.026590][ T3500] 
[   51.028901][ T3500] Allocated by task 3500:
[   51.033210][ T3500]  ____kasan_kmalloc+0xba/0xf0
[   51.037976][ T3500]  __kmalloc+0x168/0x300
[   51.042208][ T3500]  hfsplus_find_init+0x81/0x1c0
[   51.047048][ T3500]  hfsplus_readdir+0x204/0x12f0
[   51.051891][ T3500]  iterate_dir+0x224/0x570
[   51.056296][ T3500]  __se_sys_getdents64+0x209/0x4f0
[   51.061396][ T3500]  do_syscall_64+0x3d/0xb0
[   51.065800][ T3500]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   51.071734][ T3500] 
[   51.074046][ T3500] The buggy address belongs to the object at ffff888147736000
[   51.074046][ T3500]  which belongs to the cache kmalloc-2k of size 2048
[   51.088089][ T3500] The buggy address is located 1036 bytes inside of
[   51.088089][ T3500]  2048-byte region [ffff888147736000, ffff888147736800)
[   51.101530][ T3500] The buggy address belongs to the page:
[   51.107146][ T3500] page:ffffea00051dcc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x147730
[   51.118244][ T3500] head:ffffea00051dcc00 order:3 compound_mapcount:0 compound_pincount:0
[   51.126562][ T3500] flags: 0x57ff00000010200(slab|head|node=1|zone=2|lastcpupid=0x7ff)
[   51.134629][ T3500] raw: 057ff00000010200 dead000000000100 dead000000000122 ffff888011c42000
[   51.143396][ T3500] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[   51.151982][ T3500] page dumped because: kasan: bad access detected
[   51.158379][ T3500] page_owner tracks the page as allocated
[   51.164088][ T3500] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 8731153668, free_ts 0
[   51.181972][ T3500]  get_page_from_freelist+0x322a/0x33c0
[   51.187552][ T3500]  __alloc_pages+0x272/0x700
[   51.192164][ T3500]  alloc_page_interleave+0x22/0x1c0
[   51.197358][ T3500]  new_slab+0xbb/0x4b0
[   51.201420][ T3500]  ___slab_alloc+0x6f6/0xe10
[   51.206000][ T3500]  __kmalloc_node_track_caller+0x1f6/0x390
[   51.211798][ T3500]  __alloc_skb+0x12c/0x590
[   51.216211][ T3500]  rtmsg_ifinfo_build_skb+0x81/0x180
[   51.221592][ T3500]  rtmsg_ifinfo+0x71/0x120
[   51.226038][ T3500]  register_netdevice+0x13d2/0x1720
[   51.231265][ T3500]  register_netdev+0x37/0x50
[   51.235858][ T3500]  eql_init_module+0x54/0x90
[   51.240449][ T3500]  do_one_initcall+0x22b/0x7a0
[   51.245211][ T3500]  do_initcall_level+0x157/0x207
[   51.250153][ T3500]  do_initcalls+0x49/0x86
[   51.254476][ T3500]  kernel_init_freeable+0x425/0x5b5
[   51.259669][ T3500] page_owner free stack trace missing
[   51.265027][ T3500] 
[   51.267351][ T3500] Memory state around the buggy address:
[   51.272967][ T3500]  ffff888147736300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.281036][ T3500]  ffff888147736380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.289086][ T3500] >ffff888147736400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.297129][ T3500]                       ^
[   51.301444][ T3500]  ffff888147736480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.309506][ T3500]  ffff888147736500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.317555][ T3500] ==================================================================
[   51.325598][ T3500] Disabling lock debugging due to kernel taint
[   51.335559][ T3500] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   51.342771][ T3500] CPU: 1 PID: 3500 Comm: syz-executor393 Tainted: G    B             5.15.145-syzkaller #0
[   51.352740][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   51.362782][ T3500] Call Trace:
[   51.366051][ T3500]  <TASK>
[   51.368971][ T3500]  dump_stack_lvl+0x1e3/0x2cb
[   51.373640][ T3500]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   51.379261][ T3500]  ? panic+0x84d/0x84d
[   51.383317][ T3500]  ? preempt_schedule_common+0xa6/0xd0
[   51.388763][ T3500]  ? preempt_schedule+0xd9/0xe0
[   51.393621][ T3500]  panic+0x318/0x84d
[   51.397508][ T3500]  ? check_panic_on_warn+0x1d/0xa0
[   51.402625][ T3500]  ? fb_is_primary_device+0xcc/0xcc
[   51.407823][ T3500]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   51.413801][ T3500]  ? _raw_spin_unlock+0x40/0x40
[   51.418640][ T3500]  ? print_memory_metadata+0xe2/0x140
[   51.424013][ T3500]  check_panic_on_warn+0x7e/0xa0
[   51.428974][ T3500]  ? hfsplus_uni2asc+0x576/0x11f0
[   51.433996][ T3500]  end_report+0x6d/0xf0
[   51.438145][ T3500]  kasan_report+0x18e/0x1c0
[   51.442827][ T3500]  ? hfsplus_uni2asc+0x576/0x11f0
[   51.447857][ T3500]  hfsplus_uni2asc+0x576/0x11f0
[   51.452717][ T3500]  hfsplus_readdir+0x90c/0x12f0
[   51.457564][ T3500]  ? hfsplus_rename+0x1b0/0x1b0
[   51.462422][ T3500]  ? __might_sleep+0xc0/0xc0
[   51.466999][ T3500]  ? __fdget_pos+0x2cb/0x380
[   51.471579][ T3500]  ? mutex_lock_io_nested+0x60/0x60
[   51.476768][ T3500]  ? iterate_dir+0x10a/0x570
[   51.481359][ T3500]  ? iterate_dir+0x10a/0x570
[   51.485947][ T3500]  ? fsnotify_perm+0x438/0x5a0
[   51.490696][ T3500]  iterate_dir+0x224/0x570
[   51.495098][ T3500]  ? hfsplus_rename+0x1b0/0x1b0
[   51.499941][ T3500]  __se_sys_getdents64+0x209/0x4f0
[   51.505112][ T3500]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   51.511106][ T3500]  ? __x64_sys_getdents64+0x80/0x80
[   51.516299][ T3500]  ? filldir+0x720/0x720
[   51.520545][ T3500]  ? syscall_enter_from_user_mode+0x2e/0x230
[   51.526515][ T3500]  ? lockdep_hardirqs_on+0x94/0x130
[   51.531719][ T3500]  ? syscall_enter_from_user_mode+0x2e/0x230
[   51.537686][ T3500]  do_syscall_64+0x3d/0xb0
[   51.542198][ T3500]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   51.548082][ T3500] RIP: 0033:0x7f0f40c81649
[   51.552486][ T3500] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   51.572092][ T3500] RSP: 002b:00007ffcf5bc3718 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   51.580491][ T3500] RAX: ffffffffffffffda RBX: 00007ffcf5bc38e8 RCX: 00007f0f40c81649
[   51.588473][ T3500] RDX: 0000000000000067 RSI: 0000000020000540 RDI: 0000000000000003
[   51.596551][ T3500] RBP: 00007f0f40cf4610 R08: 0000000000000651 R09: 00007ffcf5bc38e8
[   51.604513][ T3500] R10: 00007ffcf5bc35d0 R11: 0000000000000246 R12: 0000000000000001
[   51.612472][ T3500] R13: 00007ffcf5bc38d8 R14: 0000000000000001 R15: 0000000000000001
[   51.620434][ T3500]  </TASK>
[   51.623585][ T3500] Kernel Offset: disabled
[   51.627914][ T3500] Rebooting in 86400 seconds..