./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1126351534
<...>
Warning: Permanently added '10.128.15.198' (ECDSA) to the list of known hosts.
execve("./syz-executor1126351534", ["./syz-executor1126351534"], 0x7ffde9cae580 /* 10 vars */) = 0
brk(NULL) = 0x555555d97000
brk(0x555555d97c40) = 0x555555d97c40
arch_prctl(ARCH_SET_FS, 0x555555d97300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1126351534", 4096) = 28
brk(0x555555db8c40) = 0x555555db8c40
brk(0x555555db9000) = 0x555555db9000
mprotect(0x7f8394e16000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3633 attached
, child_tidptr=0x555555d975d0) = 3633
[pid 3633] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid 3633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3633] setsid() = 1
[pid 3633] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid 3633] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid 3633] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid 3633] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid 3633] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid 3633] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid 3633] unshare(CLONE_NEWNS) = 0
[pid 3633] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid 3633] unshare(CLONE_NEWIPC) = 0
[pid 3633] unshare(CLONE_NEWCGROUP) = 0
[pid 3633] unshare(CLONE_NEWUTS) = 0
[pid 3633] unshare(CLONE_SYSVSEM) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "16777216", 8) = 8
[pid 3633] close(3) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "536870912", 9) = 9
[pid 3633] close(3) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "1024", 4) = 4
[pid 3633] close(3) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "8192", 4) = 4
[pid 3633] close(3) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "1024", 4) = 4
[pid 3633] close(3) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "1024", 4) = 4
[pid 3633] close(3) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "1024 1048576 500 1024", 21) = 21
[pid 3633] close(3) = 0
[pid 3633] getpid() = 1
[pid 3633] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 3633] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 3633] unshare(CLONE_NEWNET) = 0
[pid 3633] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid 3633] write(3, "0 65535", 7) = 7
[pid 3633] close(3) = 0
[pid 3633] mkdir("/dev/binderfs", 0777) = 0
[pid 3633] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid 3633] symlink("/dev/binderfs", "./binderfs") = 0
[pid 3633] memfd_create("syzkaller", 0) = 3
[pid 3633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f838c800000
[pid 3633] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid 3633] munmap(0x7f838c800000, 32768) = 0
[pid 3633] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 3633] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 3633] close(3) = 0
[pid 3633] mkdir("./bus", 0777) = 0
[pid 3633] mount("/dev/loop0", "./bus", "hfs", MS_DIRSYNC, "iocharset=cp1250,dir_umask=00000000000000000000006,") = 0
[pid 3633] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 3633] chdir("./bus") = 0
[pid 3633] ioctl(4, LOOP_CLR_FD) = 0
[pid 3633] close(4) = 0
[pid 3633] openat(AT_FDCWD, ".log", O_RDWR|O_CREAT|O_NOCTTY|O_LARGEFILE|O_NOATIME|O_CLOEXEC, 000) = 4
[pid 3633] openat(AT_FDCWD, "blkio.throttle.io_service_bytes_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5
[pid 3633] exit_group(1) = ?
syzkaller login: [ 50.705348][ T3633] loop0: detected capacity change from 0 to 64
[ 50.755371][ T33] ==================================================================
[ 50.763494][ T33] BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190
[ 50.770689][ T33] Read of size 1 at addr ffff88801e101dce by task kworker/u4:2/33
[ 50.778564][ T33]
[ 50.780874][ T33] CPU: 1 PID: 33 Comm: kworker/u4:2 Not tainted 6.1.0-rc7-syzkaller-00102-g04aa64375f48 #0
[ 50.790924][ T33] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 50.800958][ T33] Workqueue: writeback wb_workfn (flush-7:0)
[ 50.806928][ T33] Call Trace:
[ 50.810189][ T33] <TASK>
[ 50.813210][ T33] dump_stack_lvl+0x1b1/0x28e
[ 50.817889][ T33] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 50.823332][ T33] ? __wake_up_klogd+0xcd/0x100
[ 50.828184][ T33] ? panic+0x710/0x710
[ 50.832233][ T33] ? _printk+0xc0/0x100
[ 50.836370][ T33] ? _raw_spin_lock_irqsave+0x8e/0x100
[ 50.841818][ T33] print_address_description+0x74/0x340
[ 50.847347][ T33] print_report+0x107/0x1f0
[ 50.851829][ T33] ? __virt_addr_valid+0x21b/0x2d0
[ 50.856922][ T33] ? __phys_addr+0xb5/0x160
[ 50.861404][ T33] ? hfs_strcmp+0x117/0x190
[ 50.865905][ T33] kasan_report+0xcd/0x100
[ 50.870302][ T33] ? hfs_strcmp+0x117/0x190
[ 50.874787][ T33] hfs_strcmp+0x117/0x190
[ 50.879098][ T33] ? hfs_cat_build_record+0x7c0/0x7c0
[ 50.884485][ T33] __hfs_brec_find+0x213/0x5c0
[ 50.889235][ T33] ? hfs_find_exit+0xa0/0xa0
[ 50.893807][ T33] ? hfsplus_uni2asc+0x6e8/0x1290
[ 50.898817][ T33] ? mutex_lock_io_nested+0x60/0x60
[ 50.903997][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.909717][ T33] hfs_brec_find+0x276/0x520
[ 50.914292][ T33] ? __hfs_brec_find+0x5c0/0x5c0
[ 50.919214][ T33] ? mutex_lock_nested+0x17/0x20
[ 50.924132][ T33] ? hfs_write_inode+0x344/0xb40
[ 50.929051][ T33] hfs_write_inode+0x34c/0xb40
[ 50.933796][ T33] ? trace_lock_release+0x95/0x220
[ 50.938891][ T33] ? hfs_inode_write_fork+0x1b0/0x1b0
[ 50.944243][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 50.949856][ T33] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 50.955817][ T33] ? do_raw_spin_unlock+0x134/0x8a0
[ 50.960999][ T33] __writeback_single_inode+0x4d6/0x670
[ 50.966532][ T33] writeback_sb_inodes+0xb3b/0x18f0
[ 50.971723][ T33] ? queue_io+0x400/0x400
[ 50.976041][ T33] ? queue_io+0x382/0x400
[ 50.980353][ T33] ? trace_writeback_queue_io+0xe8/0x2d0
[ 50.985969][ T33] wb_writeback+0x41f/0x7b0
[ 50.990463][ T33] ? trace_writeback_exec+0x2c0/0x2c0
[ 50.995957][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.001608][ T33] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.006796][ T33] wb_workfn+0x3cb/0xef0
[ 51.011045][ T33] ? inode_wait_for_writeback+0x2c0/0x2c0
[ 51.016880][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.022511][ T33] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.028475][ T33] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 51.034362][ T33] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.039549][ T33] process_one_work+0x877/0xdb0
[ 51.044408][ T33] ? worker_detach_from_pool+0x260/0x260
[ 51.050031][ T33] ? _raw_spin_lock_irq+0xba/0xf0
[ 51.055127][ T33] ? _raw_spin_lock_irqsave+0x100/0x100
[ 51.060658][ T33] worker_thread+0xb14/0x1330
[ 51.065325][ T33] kthread+0x266/0x300
[ 51.069377][ T33] ? rcu_lock_release+0x20/0x20
[ 51.074225][ T33] ? kthread_blkcg+0xd0/0xd0
[ 51.078796][ T33] ret_from_fork+0x1f/0x30
[ 51.083200][ T33] </TASK>
[ 51.086201][ T33]
[ 51.088503][ T33] Allocated by task 33:
[ 51.092648][ T33] kasan_set_track+0x3d/0x60
[ 51.097228][ T33] __kasan_kmalloc+0x97/0xb0
[ 51.101801][ T33] __kmalloc+0xaf/0x1a0
[ 51.105948][ T33] hfs_find_init+0x8b/0x1e0
[ 51.110439][ T33] hfs_write_inode+0x2e6/0xb40
[ 51.115187][ T33] __writeback_single_inode+0x4d6/0x670
[ 51.120728][ T33] writeback_sb_inodes+0xb3b/0x18f0
[ 51.125940][ T33] wb_writeback+0x41f/0x7b0
[ 51.130426][ T33] wb_workfn+0x3cb/0xef0
[ 51.134649][ T33] process_one_work+0x877/0xdb0
[ 51.139484][ T33] worker_thread+0xb14/0x1330
[ 51.144140][ T33] kthread+0x266/0x300
[ 51.148189][ T33] ret_from_fork+0x1f/0x30
[ 51.152586][ T33]
[ 51.154891][ T33] The buggy address belongs to the object at ffff88801e101d80
[ 51.154891][ T33] which belongs to the cache kmalloc-96 of size 96
[ 51.168756][ T33] The buggy address is located 78 bytes inside of
[ 51.168756][ T33] 96-byte region [ffff88801e101d80, ffff88801e101de0)
[ 51.181835][ T33]
[ 51.184139][ T33] The buggy address belongs to the physical page:
[ 51.190531][ T33] page:ffffea0000784040 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88801e101100 pfn:0x1e101
[ 51.201981][ T33] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 51.209506][ T33] raw: 00fff00000000200 ffffea0000765400 dead000000000006 ffff888012841780
[ 51.218070][ T33] raw: ffff88801e101100 000000008020001e 00000001ffffffff 0000000000000000
[ 51.226628][ T33] page dumped because: kasan: bad access detected
[ 51.233018][ T33] page_owner tracks the page as allocated
[ 51.238708][ T33] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY), pid 3007, tgid 3007 (udevd), ts 24956538100, free_ts 24951907466
[ 51.256221][ T33] get_page_from_freelist+0x742/0x7c0
[ 51.261578][ T33] __alloc_pages+0x259/0x560
[ 51.266152][ T33] alloc_slab_page+0x70/0xf0
[ 51.270724][ T33] allocate_slab+0x5e/0x4b0
[ 51.275208][ T33] ___slab_alloc+0x782/0xe20
[ 51.279776][ T33] __kmem_cache_alloc_node+0x252/0x310
[ 51.285213][ T33] __kmalloc+0x9e/0x1a0
[ 51.289370][ T33] tomoyo_encode+0x26f/0x540
[ 51.293952][ T33] tomoyo_realpath_from_path+0x5ae/0x5f0
[ 51.299585][ T33] tomoyo_check_open_permission+0x1f0/0x460
[ 51.305459][ T33] security_file_open+0x50/0x560
[ 51.310395][ T33] do_dentry_open+0x306/0x11b0
[ 51.315171][ T33] path_openat+0x25fc/0x2df0
[ 51.319740][ T33] do_filp_open+0x264/0x4f0
[ 51.324220][ T33] do_sys_openat2+0x124/0x4e0
[ 51.328875][ T33] __x64_sys_openat+0x243/0x290
[ 51.333706][ T33] page last free stack trace:
[ 51.338354][ T33] free_pcp_prepare+0x80c/0x8f0
[ 51.343201][ T33] free_unref_page+0x7d/0x5f0
[ 51.347859][ T33] free_pipe_info+0x302/0x380
[ 51.352533][ T33] pipe_release+0x232/0x310
[ 51.357035][ T33] __fput+0x3ba/0x880
[ 51.360996][ T33] task_work_run+0x243/0x300
[ 51.365570][ T33] exit_to_user_mode_loop+0x124/0x150
[ 51.370934][ T33] exit_to_user_mode_prepare+0xb2/0x140
[ 51.376461][ T33] syscall_exit_to_user_mode+0x26/0x60
[ 51.381905][ T33] do_syscall_64+0x49/0xb0
[ 51.386303][ T33] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.392174][ T33]
[ 51.394477][ T33] Memory state around the buggy address:
[ 51.400084][ T33] ffff88801e101c80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 51.408122][ T33] ffff88801e101d00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 51.416159][ T33] >ffff88801e101d80: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc
[ 51.424194][ T33] ^
[ 51.430581][ T33] ffff88801e101e00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 51.438617][ T33] ffff88801e101e80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 51.446650][ T33] ==================================================================
[ 51.455191][ T33] Kernel panic - not syncing: panic_on_warn set ...
[ 51.461794][ T33] CPU: 0 PID: 33 Comm: kworker/u4:2 Not tainted 6.1.0-rc7-syzkaller-00102-g04aa64375f48 #0
[ 51.471769][ T33] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 51.481807][ T33] Workqueue: writeback wb_workfn (flush-7:0)
[ 51.487792][ T33] Call Trace:
[ 51.491061][ T33] <TASK>
[ 51.493988][ T33] dump_stack_lvl+0x1b1/0x28e
[ 51.498660][ T33] ? nf_tcp_handle_invalid+0x62e/0x62e
[ 51.504109][ T33] ? panic+0x710/0x710
[ 51.508168][ T33] ? preempt_schedule_common+0xb7/0xe0
[ 51.513621][ T33] ? vscnprintf+0x59/0x80
[ 51.517944][ T33] panic+0x2d6/0x710
[ 51.521837][ T33] ? memcpy_page_flushcache+0xfc/0xfc
[ 51.527201][ T33] ? _raw_spin_unlock_irqrestore+0x110/0x120
[ 51.533176][ T33] ? print_report+0x1b4/0x1f0
[ 51.537843][ T33] ? hfs_strcmp+0x117/0x190
[ 51.542335][ T33] end_report+0x91/0xa0
[ 51.546484][ T33] kasan_report+0xda/0x100
[ 51.550894][ T33] ? hfs_strcmp+0x117/0x190
[ 51.555393][ T33] hfs_strcmp+0x117/0x190
[ 51.559717][ T33] ? hfs_cat_build_record+0x7c0/0x7c0
[ 51.565081][ T33] __hfs_brec_find+0x213/0x5c0
[ 51.569846][ T33] ? hfs_find_exit+0xa0/0xa0
[ 51.574432][ T33] ? hfsplus_uni2asc+0x6e8/0x1290
[ 51.579452][ T33] ? mutex_lock_io_nested+0x60/0x60
[ 51.584640][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.590265][ T33] hfs_brec_find+0x276/0x520
[ 51.594853][ T33] ? __hfs_brec_find+0x5c0/0x5c0
[ 51.599784][ T33] ? mutex_lock_nested+0x17/0x20
[ 51.604712][ T33] ? hfs_write_inode+0x344/0xb40
[ 51.609640][ T33] hfs_write_inode+0x34c/0xb40
[ 51.614399][ T33] ? trace_lock_release+0x95/0x220
[ 51.619503][ T33] ? hfs_inode_write_fork+0x1b0/0x1b0
[ 51.624897][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.630522][ T33] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.636550][ T33] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.641765][ T33] __writeback_single_inode+0x4d6/0x670
[ 51.647308][ T33] writeback_sb_inodes+0xb3b/0x18f0
[ 51.652510][ T33] ? queue_io+0x400/0x400
[ 51.656837][ T33] ? queue_io+0x382/0x400
[ 51.661160][ T33] ? trace_writeback_queue_io+0xe8/0x2d0
[ 51.666787][ T33] wb_writeback+0x41f/0x7b0
[ 51.671308][ T33] ? trace_writeback_exec+0x2c0/0x2c0
[ 51.676672][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.682297][ T33] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.687492][ T33] wb_workfn+0x3cb/0xef0
[ 51.691753][ T33] ? inode_wait_for_writeback+0x2c0/0x2c0
[ 51.697474][ T33] ? rcu_read_lock_sched_held+0x87/0x110
[ 51.703098][ T33] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 51.709067][ T33] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 51.714955][ T33] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.720153][ T33] process_one_work+0x877/0xdb0
[ 51.725006][ T33] ? worker_detach_from_pool+0x260/0x260
[ 51.730633][ T33] ? _raw_spin_lock_irq+0xba/0xf0
[ 51.735650][ T33] ? _raw_spin_lock_irqsave+0x100/0x100
[ 51.741194][ T33] worker_thread+0xb14/0x1330
[ 51.745876][ T33] kthread+0x266/0x300
[ 51.749940][ T33] ? rcu_lock_release+0x20/0x20
[ 51.754898][ T33] ? kthread_blkcg+0xd0/0xd0
[ 51.759486][ T33] ret_from_fork+0x1f/0x30
[ 51.763937][ T33] </TASK>
[ 51.767170][ T33] Kernel Offset: disabled
[ 51.771490][ T33] Rebooting in 86400 seconds..