Warning: Permanently added '10.128.1.115' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   37.503560][ T4297] loop0: detected capacity change from 0 to 1024
[   37.520043][ T4297] hfsplus: request for non-existent node 134217728 in B*Tree
[   37.522013][ T4297] hfsplus: request for non-existent node 134217728 in B*Tree
[   37.524468][ T4297] ==================================================================
[   37.526642][ T4297] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x9c/0x248
[   37.528768][ T4297] Read of size 8 at addr ffff0000c31536e0 by task syz-executor129/4297
[   37.530920][ T4297] 
[   37.531502][ T4297] CPU: 1 PID: 4297 Comm: syz-executor129 Not tainted 6.1.138-syzkaller #0
[   37.533710][ T4297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   37.536369][ T4297] Call trace:
[   37.537285][ T4297]  dump_backtrace+0x1c8/0x1f4
[   37.538553][ T4297]  show_stack+0x2c/0x3c
[   37.539657][ T4297]  __dump_stack+0x30/0x40
[   37.540785][ T4297]  dump_stack_lvl+0xf8/0x160
[   37.542005][ T4297]  print_address_description+0x88/0x220
[   37.543408][ T4297]  print_report+0x50/0x68
[   37.544508][ T4297]  kasan_report+0xa8/0x100
[   37.545653][ T4297]  __asan_report_load8_noabort+0x2c/0x38
[   37.547136][ T4297]  hfsplus_bnode_read+0x9c/0x248
[   37.548466][ T4297]  hfsplus_bnode_dump+0x274/0x384
[   37.549768][ T4297]  hfsplus_brec_remove+0x3cc/0x4a0
[   37.551125][ T4297]  __hfsplus_delete_attr+0x198/0x33c
[   37.552546][ T4297]  hfsplus_delete_attr+0x2ac/0x3f0
[   37.553889][ T4297]  __hfsplus_setxattr+0x2e8/0x1a30
[   37.555242][ T4297]  hfsplus_setxattr+0xdc/0x12c
[   37.556585][ T4297]  hfsplus_security_setxattr+0x54/0x6c
[   37.558196][ T4297]  __vfs_setxattr+0x388/0x3a4
[   37.559551][ T4297]  __vfs_setxattr_noperm+0x120/0x564
[   37.560969][ T4297]  __vfs_setxattr_locked+0x1ec/0x218
[   37.562403][ T4297]  vfs_setxattr+0x158/0x2ac
[   37.563727][ T4297]  setxattr+0x228/0x28c
[   37.564802][ T4297]  path_setxattr+0x12c/0x25c
[   37.566029][ T4297]  __arm64_sys_setxattr+0xbc/0xd8
[   37.567372][ T4297]  invoke_syscall+0x98/0x2bc
[   37.568588][ T4297]  el0_svc_common+0x138/0x258
[   37.569847][ T4297]  do_el0_svc+0x58/0x13c
[   37.570978][ T4297]  el0_svc+0x58/0x138
[   37.572051][ T4297]  el0t_64_sync_handler+0x84/0xf0
[   37.573428][ T4297]  el0t_64_sync+0x18c/0x190
[   37.574647][ T4297] 
[   37.575280][ T4297] Allocated by task 4297:
[   37.576441][ T4297]  kasan_set_track+0x4c/0x80
[   37.577688][ T4297]  kasan_save_alloc_info+0x28/0x34
[   37.579090][ T4297]  __kasan_kmalloc+0xa0/0xb8
[   37.580355][ T4297]  __kmalloc+0xec/0x178
[   37.581430][ T4297]  __hfs_bnode_create+0xe4/0x6cc
[   37.582772][ T4297]  hfsplus_bnode_find+0x1f0/0xb78
[   37.584162][ T4297]  hfsplus_brec_find+0x128/0x448
[   37.585507][ T4297]  hfsplus_find_attr+0x1e0/0x32c
[   37.586868][ T4297]  hfsplus_attr_exists+0x150/0x1c4
[   37.588215][ T4297]  __hfsplus_setxattr+0x2b8/0x1a30
[   37.589535][ T4297]  hfsplus_setxattr+0xdc/0x12c
[   37.590728][ T4297]  hfsplus_security_setxattr+0x54/0x6c
[   37.592149][ T4297]  __vfs_setxattr+0x388/0x3a4
[   37.593426][ T4297]  __vfs_setxattr_noperm+0x120/0x564
[   37.594916][ T4297]  __vfs_setxattr_locked+0x1ec/0x218
[   37.596347][ T4297]  vfs_setxattr+0x158/0x2ac
[   37.597533][ T4297]  setxattr+0x228/0x28c
[   37.598670][ T4297]  path_setxattr+0x12c/0x25c
[   37.599910][ T4297]  __arm64_sys_setxattr+0xbc/0xd8
[   37.601212][ T4297]  invoke_syscall+0x98/0x2bc
[   37.602457][ T4297]  el0_svc_common+0x138/0x258
[   37.603661][ T4297]  do_el0_svc+0x58/0x13c
[   37.604829][ T4297]  el0_svc+0x58/0x138
[   37.605888][ T4297]  el0t_64_sync_handler+0x84/0xf0
[   37.607258][ T4297]  el0t_64_sync+0x18c/0x190
[   37.608499][ T4297] 
[   37.609116][ T4297] The buggy address belongs to the object at ffff0000c3153600
[   37.609116][ T4297]  which belongs to the cache kmalloc-256 of size 256
[   37.612792][ T4297] The buggy address is located 224 bytes inside of
[   37.612792][ T4297]  256-byte region [ffff0000c3153600, ffff0000c3153700)
[   37.616324][ T4297] 
[   37.616909][ T4297] The buggy address belongs to the physical page:
[   37.618592][ T4297] page:00000000420ac3b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103152
[   37.621324][ T4297] head:00000000420ac3b9 order:1 compound_mapcount:0 compound_pincount:0
[   37.623543][ T4297] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   37.625659][ T4297] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0002480
[   37.627938][ T4297] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   37.630256][ T4297] page dumped because: kasan: bad access detected
[   37.631969][ T4297] 
[   37.632591][ T4297] Memory state around the buggy address:
[   37.634075][ T4297]  ffff0000c3153580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.636247][ T4297]  ffff0000c3153600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   37.638312][ T4297] >ffff0000c3153680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.640467][ T4297]                                                        ^
[   37.642331][ T4297]  ffff0000c3153700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.644444][ T4297]  ffff0000c3153780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.646525][ T4297] ==================================================================
[   37.649626][ T4297] Disabling lock debugging due to kernel taint
[   37.651271][ T4297] Unable to handle kernel paging request at virtual address ffff7520000087a7
[   37.653517][ T4297] KASAN: maybe wild-memory-access in range [0xffffa90000043d38-0xffffa90000043d3f]
[   37.664211][ T4297] Mem abort info:
[   37.665258][ T4297]   ESR = 0x0000000096000004
[   37.666450][ T4297]   EC = 0x25: DABT (current EL), IL = 32 bits
[   37.668059][ T4297]   SET = 0, FnV = 0
[   37.669051][ T4297]   EA = 0, S1PTW = 0
[   37.670054][ T4297]   FSC = 0x04: level 0 translation fault
[   37.671544][ T4297] Data abort info:
[   37.672519][ T4297]   ISV = 0, ISS = 0x00000004
[   37.673708][ T4297]   CM = 0, WnR = 0
[   37.675167][ T4297] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000000020e418000
[   37.677078][ T4297] [ffff7520000087a7] pgd=0000000000000000, p4d=0000000000000000
[   37.679021][ T4297] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[   37.680819][ T4297] Modules linked in:
[   37.681804][ T4297] CPU: 1 PID: 4297 Comm: syz-executor129 Tainted: G    B              6.1.138-syzkaller #0
[   37.684426][ T4297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   37.687083][ T4297] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   37.689121][ T4297] pc : kasan_check_range+0x64/0x2a0
[   37.690468][ T4297] lr : memcpy+0x48/0x90
[   37.691586][ T4297] sp : ffff800020746e50
[   37.692686][ T4297] x29: ffff800020746e50 x28: 0000000000000002 x27: 0000000040000000
[   37.694806][ T4297] x26: 1ffff00002951d14 x25: dfff800000000000 x24: 0000000000000d3c
[   37.696933][ T4297] x23: 0000000000000002 x22: ffff800008f68468 x21: ffff800020746f40
[   37.699050][ T4297] x20: ffffa90000043d3a x19: 0000000000000002 x18: ffff800011a7bd00
[   37.701126][ T4297] x17: 0000000000000000 x16: ffff800008042940 x15: 0000000000000000
[   37.703351][ T4297] x14: 00000000000000ff x13: 0000000000ff0100 x12: 0000000000000001
[   37.705425][ T4297] x11: 1ffff520000087a7 x10: 1ffff520000087a7 x9 : ffffffffffffffff
[   37.707523][ T4297] x8 : ffff7520000087a7 x7 : 0000000000000001 x6 : 00000000000000fd
[   37.709670][ T4297] x5 : ffff800020746f62 x4 : ffff0000e39eb690 x3 : ffff800008f68468
[   37.711859][ T4297] x2 : 0000000000000000 x1 : 0000000000000002 x0 : ffffa90000043d3a
[   37.713969][ T4297] Call trace:
[   37.714847][ T4297]  kasan_check_range+0x64/0x2a0
[   37.716150][ T4297]  memcpy+0x48/0x90
[   37.717157][ T4297]  hfsplus_bnode_read+0x124/0x248
[   37.718459][ T4297]  hfsplus_bnode_dump+0x274/0x384
[   37.719756][ T4297]  hfsplus_brec_remove+0x3cc/0x4a0
[   37.721080][ T4297]  __hfsplus_delete_attr+0x198/0x33c
[   37.722436][ T4297]  hfsplus_delete_attr+0x2ac/0x3f0
[   37.723736][ T4297]  __hfsplus_setxattr+0x2e8/0x1a30
[   37.725080][ T4297]  hfsplus_setxattr+0xdc/0x12c
[   37.726344][ T4297]  hfsplus_security_setxattr+0x54/0x6c
[   37.727776][ T4297]  __vfs_setxattr+0x388/0x3a4
[   37.728972][ T4297]  __vfs_setxattr_noperm+0x120/0x564
[   37.730322][ T4297]  __vfs_setxattr_locked+0x1ec/0x218
[   37.731650][ T4297]  vfs_setxattr+0x158/0x2ac
[   37.732826][ T4297]  setxattr+0x228/0x28c
[   37.733873][ T4297]  path_setxattr+0x12c/0x25c
[   37.735114][ T4297]  __arm64_sys_setxattr+0xbc/0xd8
[   37.736469][ T4297]  invoke_syscall+0x98/0x2bc
[   37.737673][ T4297]  el0_svc_common+0x138/0x258
[   37.738899][ T4297]  do_el0_svc+0x58/0x13c
[   37.740002][ T4297]  el0_svc+0x58/0x138
[   37.741067][ T4297]  el0t_64_sync_handler+0x84/0xf0
[   37.742404][ T4297]  el0t_64_sync+0x18c/0x190
[   37.743567][ T4297] Code: 5400014c b4000b8c aa2a03e9 8b0b0129 (3940010a) 
[   37.745457][ T4297] ---[ end trace 0000000000000000 ]---
[   38.035596][ T4297] Kernel panic - not syncing: Oops: Fatal exception
[   38.037423][ T4297] SMP: stopping secondary CPUs
[   38.038717][ T4297] Kernel Offset: disabled
[   38.039823][ T4297] CPU features: 0x080000,02070084,26017203
[   38.041341][ T4297] Memory Limit: none
[   38.341687][ T4297] Rebooting in 86400 seconds..