program:
r0 = syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08802, &(0x7f0000000140)=ANY=[], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ")
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1d}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}, @NFT_MSG_NEWSETELEM={0x44, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_USERDATA={0x4}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xd0}}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180), &(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYRES8=r0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRES16=r0, @ANYRES32=r0, @ANYRESOCT=r1], 0xb2, 0x0) (async)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180), &(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYRES8=r0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRESDEC=r1, @ANYRES16=r0, @ANYRES32=r0, @ANYRESOCT=r1], 0xb2, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)

[   72.410982][ T4664] Bluetooth: hci0: command tx timeout
[   72.510205][ T5318] loop0: detected capacity change from 0 to 1024
[   72.573792][ T5319] hfsplus: request for non-existent node 211 in B*Tree
[   72.576714][ T5319] hfsplus: request for non-existent node 211 in B*Tree
[   72.581930][ T5318] ==================================================================
[   72.584800][ T5318] BUG: KASAN: wild-memory-access in hfsplus_bnode_dump+0x403/0xbb0
[   72.587698][ T5318] Read of size 2 at addr 000508800000103e by task syz.0.0/5318
[   72.590484][ T5318] 
[   72.591434][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0
[   72.595275][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.599252][ T5318] Call Trace:
[   72.600423][ T5318]  <TASK>
[   72.601515][ T5318]  dump_stack_lvl+0x241/0x360
[   72.603215][ T5318]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.604996][ T5318]  ? __pfx__printk+0x10/0x10
[   72.606564][ T5318]  ? _printk+0xd5/0x120
[   72.607902][ T5318]  print_report+0xe8/0x550
[   72.609408][ T5318]  ? __virt_addr_valid+0x58/0x530
[   72.611444][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.613491][ T5318]  kasan_report+0x143/0x180
[   72.615672][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.618147][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.620483][ T5318]  kasan_check_range+0x282/0x290
[   72.622648][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.624694][ T5318]  __asan_memcpy+0x29/0x70
[   72.626520][ T5318]  hfsplus_bnode_dump+0x403/0xbb0
[   72.628478][ T5318]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   72.630748][ T5318]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   72.632833][ T5318]  ? __pfx_hfsplus_bnode_write_u16+0x10/0x10
[   72.635075][ T5318]  ? rcu_is_watching+0x15/0xb0
[   72.636972][ T5318]  ? hfsplus_bnode_move+0x2da/0x910
[   72.639034][ T5318]  ? __mark_inode_dirty+0x3db/0xe90
[   72.641034][ T5318]  hfsplus_brec_remove+0x42c/0x4f0
[   72.643251][ T5318]  __hfsplus_delete_attr+0x275/0x450
[   72.645260][ T5318]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   72.647484][ T5318]  ? hfsplus_find_init+0x85/0x1c0
[   72.649274][ T5318]  hfsplus_delete_attr+0x353/0x4b0
[   72.651252][ T5318]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   72.653335][ T5318]  ? hfsplus_find_init+0x85/0x1c0
[   72.655300][ T5318]  ? hfsplus_find_init+0x14a/0x1c0
[   72.657314][ T5318]  __hfsplus_setxattr+0x4ad/0x22d0
[   72.659290][ T5318]  ? kernel_text_address+0xa7/0xe0
[   72.661368][ T5318]  ? arch_stack_walk+0xfd/0x150
[   72.663190][ T5318]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   72.665344][ T5318]  ? stack_trace_save+0x118/0x1d0
[   72.667216][ T5318]  ? __pfx_stack_trace_save+0x10/0x10
[   72.669311][ T5318]  ? stack_depot_save_flags+0x29/0x830
[   72.671479][ T5318]  ? __kasan_kmalloc+0x98/0xb0
[   72.673269][ T5318]  ? __kmalloc_cache_noprof+0x243/0x390
[   72.675410][ T5318]  ? hfsplus_setxattr+0x68/0xe0
[   72.677276][ T5318]  hfsplus_setxattr+0xb0/0xe0
[   72.679028][ T5318]  hfsplus_trusted_setxattr+0x40/0x60
[   72.680973][ T5318]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   72.683356][ T5318]  __vfs_setxattr+0x468/0x4a0
[   72.685061][ T5318]  __vfs_setxattr_noperm+0x12e/0x660
[   72.687076][ T5318]  vfs_setxattr+0x221/0x430
[   72.688868][ T5318]  ? __pfx_vfs_setxattr+0x10/0x10
[   72.690937][ T5318]  filename_setxattr+0x2af/0x430
[   72.692671][ T5318]  ? __pfx_filename_setxattr+0x10/0x10
[   72.694478][ T5318]  ? getname_flags+0x1e3/0x540
[   72.696107][ T5318]  path_setxattrat+0x440/0x510
[   72.697702][ T5318]  ? __pfx_path_setxattrat+0x10/0x10
[   72.699460][ T5318]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   72.701537][ T5318]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   72.703643][ T5318]  __x64_sys_lsetxattr+0xbf/0xe0
[   72.705307][ T5318]  do_syscall_64+0xf3/0x230
[   72.706941][ T5318]  ? clear_bhb_loop+0x35/0x90
[   72.708589][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.710853][ T5318] RIP: 0033:0x7f555157ff19
[   72.712509][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.719492][ T5318] RSP: 002b:00007f55522bc058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   72.722624][ T5318] RAX: ffffffffffffffda RBX: 00007f5551745fa0 RCX: 00007f555157ff19
[   72.725551][ T5318] RDX: 0000000020000200 RSI: 0000000020000180 RDI: 0000000020000100
[   72.728488][ T5318] RBP: 00007f55515f3986 R08: 0000000000000000 R09: 0000000000000000
[   72.731444][ T5318] R10: 00000000000000b2 R11: 0000000000000246 R12: 0000000000000000
[   72.734283][ T5318] R13: 0000000000000000 R14: 00007f5551745fa0 R15: 00007fff1624e898
[   72.737082][ T5318]  </TASK>
[   72.738247][ T5318] ==================================================================
[   72.749538][ T5318] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   72.752124][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0
[   72.756111][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.759912][ T5318] Call Trace:
[   72.761210][ T5318]  <TASK>
[   72.762237][ T5318]  dump_stack_lvl+0x241/0x360
[   72.763963][ T5318]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.765944][ T5318]  ? __pfx__printk+0x10/0x10
[   72.767364][ T5318]  ? preempt_schedule+0xe1/0xf0
[   72.768866][ T5318]  ? vscnprintf+0x5d/0x90
[   72.770383][ T5318]  panic+0x349/0x880
[   72.771835][ T5318]  ? check_panic_on_warn+0x21/0xb0
[   72.773621][ T5318]  ? __pfx_panic+0x10/0x10
[   72.775264][ T5318]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   72.777349][ T5318]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   72.779552][ T5318]  ? print_report+0xe8/0x550
[   72.781410][ T5318]  check_panic_on_warn+0x86/0xb0
[   72.783300][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.785287][ T5318]  end_report+0x77/0x160
[   72.786946][ T5318]  kasan_report+0x154/0x180
[   72.788608][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.790625][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.792558][ T5318]  kasan_check_range+0x282/0x290
[   72.794520][ T5318]  ? hfsplus_bnode_dump+0x403/0xbb0
[   72.796660][ T5318]  __asan_memcpy+0x29/0x70
[   72.798396][ T5318]  hfsplus_bnode_dump+0x403/0xbb0
[   72.800249][ T5318]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   72.802148][ T5318]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   72.804041][ T5318]  ? __pfx_hfsplus_bnode_write_u16+0x10/0x10
[   72.806086][ T5318]  ? rcu_is_watching+0x15/0xb0
[   72.807759][ T5318]  ? hfsplus_bnode_move+0x2da/0x910
[   72.809578][ T5318]  ? __mark_inode_dirty+0x3db/0xe90
[   72.811437][ T5318]  hfsplus_brec_remove+0x42c/0x4f0
[   72.813287][ T5318]  __hfsplus_delete_attr+0x275/0x450
[   72.815114][ T5318]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   72.817159][ T5318]  ? hfsplus_find_init+0x85/0x1c0
[   72.819013][ T5318]  hfsplus_delete_attr+0x353/0x4b0
[   72.820739][ T5318]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   72.822575][ T5318]  ? hfsplus_find_init+0x85/0x1c0
[   72.824458][ T5318]  ? hfsplus_find_init+0x14a/0x1c0
[   72.826402][ T5318]  __hfsplus_setxattr+0x4ad/0x22d0
[   72.828309][ T5318]  ? kernel_text_address+0xa7/0xe0
[   72.830445][ T5318]  ? arch_stack_walk+0xfd/0x150
[   72.832360][ T5318]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   72.834447][ T5318]  ? stack_trace_save+0x118/0x1d0
[   72.836322][ T5318]  ? __pfx_stack_trace_save+0x10/0x10
[   72.838441][ T5318]  ? stack_depot_save_flags+0x29/0x830
[   72.840627][ T5318]  ? __kasan_kmalloc+0x98/0xb0
[   72.842554][ T5318]  ? __kmalloc_cache_noprof+0x243/0x390
[   72.844713][ T5318]  ? hfsplus_setxattr+0x68/0xe0
[   72.846654][ T5318]  hfsplus_setxattr+0xb0/0xe0
[   72.848605][ T5318]  hfsplus_trusted_setxattr+0x40/0x60
[   72.850844][ T5318]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   72.853134][ T5318]  __vfs_setxattr+0x468/0x4a0
[   72.854931][ T5318]  __vfs_setxattr_noperm+0x12e/0x660
[   72.856962][ T5318]  vfs_setxattr+0x221/0x430
[   72.858724][ T5318]  ? __pfx_vfs_setxattr+0x10/0x10
[   72.860618][ T5318]  filename_setxattr+0x2af/0x430
[   72.862529][ T5318]  ? __pfx_filename_setxattr+0x10/0x10
[   72.864592][ T5318]  ? getname_flags+0x1e3/0x540
[   72.866506][ T5318]  path_setxattrat+0x440/0x510
[   72.868319][ T5318]  ? __pfx_path_setxattrat+0x10/0x10
[   72.870345][ T5318]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   72.872740][ T5318]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   72.875153][ T5318]  __x64_sys_lsetxattr+0xbf/0xe0
[   72.876998][ T5318]  do_syscall_64+0xf3/0x230
[   72.878655][ T5318]  ? clear_bhb_loop+0x35/0x90
[   72.880387][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.882570][ T5318] RIP: 0033:0x7f555157ff19
[   72.884201][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.891172][ T5318] RSP: 002b:00007f55522bc058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   72.894186][ T5318] RAX: ffffffffffffffda RBX: 00007f5551745fa0 RCX: 00007f555157ff19
[   72.897034][ T5318] RDX: 0000000020000200 RSI: 0000000020000180 RDI: 0000000020000100
[   72.899834][ T5318] RBP: 00007f55515f3986 R08: 0000000000000000 R09: 0000000000000000
[   72.902698][ T5318] R10: 00000000000000b2 R11: 0000000000000246 R12: 0000000000000000
[   72.905548][ T5318] R13: 0000000000000000 R14: 00007f5551745fa0 R15: 00007fff1624e898
[   72.908349][ T5318]  </TASK>
[   72.909744][ T5318] Kernel Offset: disabled
[   72.911287][ T5318] Rebooting in 86400 seconds..