Warning: Permanently added '[localhost]:31601' (ED25519) to the list of known hosts.
[ 67.614330][ T5303] loop0: detected capacity change from 0 to 1024
executing program
[ 67.641230][ T5302] ==================================================================
[ 67.644387][ T5302] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x57f/0x1200
[ 67.647409][ T5302] Read of size 2 at addr ffff8880002d840c by task syz-executor615/5302
[ 67.651428][ T5302]
[ 67.652441][ T5302] CPU: 0 UID: 0 PID: 5302 Comm: syz-executor615 Not tainted 6.14.0-rc5-syzkaller-00039-g848e07631744 #0
[ 67.652455][ T5302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 67.652463][ T5302] Call Trace:
[ 67.652470][ T5302]
[ 67.652476][ T5302] dump_stack_lvl+0x241/0x360
[ 67.652494][ T5302] ? __pfx_dump_stack_lvl+0x10/0x10
[ 67.652505][ T5302] ? __pfx__printk+0x10/0x10
[ 67.652515][ T5302] ? _printk+0xd5/0x120
[ 67.652525][ T5302] ? __virt_addr_valid+0x183/0x530
[ 67.652535][ T5302] ? __virt_addr_valid+0x183/0x530
[ 67.652545][ T5302] print_report+0x16e/0x5b0
[ 67.652559][ T5302] ? __virt_addr_valid+0x183/0x530
[ 67.652568][ T5302] ? __virt_addr_valid+0x183/0x530
[ 67.652577][ T5302] ? __virt_addr_valid+0x45f/0x530
[ 67.652586][ T5302] ? __phys_addr+0xba/0x170
[ 67.652595][ T5302] ? hfsplus_uni2asc+0x57f/0x1200
[ 67.652612][ T5302] kasan_report+0x143/0x180
[ 67.652625][ T5302] ? hfsplus_uni2asc+0x57f/0x1200
[ 67.652642][ T5302] hfsplus_uni2asc+0x57f/0x1200
[ 67.652658][ T5302] ? __asan_memcpy+0x40/0x70
[ 67.652669][ T5302] hfsplus_readdir+0x938/0x1320
[ 67.652686][ T5302] ? __pfx_hfsplus_readdir+0x10/0x10
[ 67.652712][ T5302] ? reacquire_held_locks+0x3eb/0x690
[ 67.652724][ T5302] ? iterate_dir+0x4a6/0x760
[ 67.652736][ T5302] ? __pfx_down_read_killable+0x10/0x10
[ 67.652799][ T5302] ? __pfx___mutex_lock+0x10/0x10
[ 67.652815][ T5302] ? common_file_perm+0x1a6/0x210
[ 67.652833][ T5302] iterate_dir+0x5a9/0x760
[ 67.652845][ T5302] __se_sys_getdents64+0x1e2/0x4b0
[ 67.652860][ T5302] ? __pfx___se_sys_getdents64+0x10/0x10
[ 67.652871][ T5302] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 67.652886][ T5302] ? __pfx_filldir64+0x10/0x10
[ 67.652897][ T5302] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 67.652913][ T5302] ? exc_page_fault+0x590/0x8b0
[ 67.652926][ T5302] ? do_syscall_64+0xb6/0x230
[ 67.652940][ T5302] do_syscall_64+0xf3/0x230
[ 67.652952][ T5302] ? clear_bhb_loop+0x35/0x90
[ 67.652967][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.652981][ T5302] RIP: 0033:0x7fe5f0c48ea3
[ 67.652992][ T5302] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 92 48 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[ 67.653001][ T5302] RSP: 002b:00007ffd55f52848 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 67.653014][ T5302] RAX: ffffffffffffffda RBX: 000055555b2c4730 RCX: 00007fe5f0c48ea3
[ 67.653022][ T5302] RDX: 0000000000008000 RSI: 000055555b2c4730 RDI: 0000000000000004
[ 67.653029][ T5302] RBP: 000055555b2c4704 R08: 0000000000000000 R09: 0000000000000000
[ 67.653035][ T5302] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[ 67.653043][ T5302] R13: 0000000000000010 R14: 000055555b2c4700 R15: 431bde82d7b634db
[ 67.653054][ T5302]
[ 67.653058][ T5302]
[ 67.757563][ T5302] Allocated by task 5302:
[ 67.759254][ T5302] kasan_save_track+0x3f/0x80
[ 67.761156][ T5302] __kasan_kmalloc+0x98/0xb0
[ 67.763056][ T5302] __kmalloc_noprof+0x285/0x4c0
[ 67.765006][ T5302] hfsplus_find_init+0x85/0x1c0
[ 67.766950][ T5302] hfsplus_readdir+0x20b/0x1320
[ 67.768923][ T5302] iterate_dir+0x5a9/0x760
[ 67.770543][ T5302] __se_sys_getdents64+0x1e2/0x4b0
[ 67.772501][ T5302] do_syscall_64+0xf3/0x230
[ 67.774299][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.776670][ T5302]
[ 67.777606][ T5302] The buggy address belongs to the object at ffff8880002d8000
[ 67.777606][ T5302] which belongs to the cache kmalloc-2k of size 2048
[ 67.782777][ T5302] The buggy address is located 0 bytes to the right of
[ 67.782777][ T5302] allocated 1036-byte region [ffff8880002d8000, ffff8880002d840c)
[ 67.788043][ T5302]
[ 67.788995][ T5302] The buggy address belongs to the physical page:
[ 67.791458][ T5302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d8
[ 67.794592][ T5302] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 67.797809][ T5302] flags: 0x7ff00000000040(head|node=0|zone=0|lastcpupid=0x7ff)
[ 67.800508][ T5302] page_type: f5(slab)
[ 67.802116][ T5302] raw: 007ff00000000040 ffff88801b042000 dead000000000100 dead000000000122
[ 67.805430][ T5302] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 67.808656][ T5302] head: 007ff00000000040 ffff88801b042000 dead000000000100 dead000000000122
[ 67.811768][ T5302] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 67.815082][ T5302] head: 007ff00000000003 ffffea000000b601 ffffffffffffffff 0000000000000000
[ 67.818288][ T5302] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 67.821726][ T5302] page dumped because: kasan: bad access detected
[ 67.824166][ T5302] page_owner tracks the page as allocated
[ 67.826313][ T5302] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4715, tgid 4715 (klogd), ts 24211151640, free_ts 23505581685
[ 67.834868][ T5302] post_alloc_hook+0x1f4/0x240
[ 67.836719][ T5302] get_page_from_freelist+0x365c/0x37a0
[ 67.838862][ T5302] __alloc_frozen_pages_noprof+0x292/0x710
[ 67.841068][ T5302] alloc_pages_mpol+0x311/0x660
[ 67.842987][ T5302] allocate_slab+0x8f/0x3a0
[ 67.844780][ T5302] ___slab_alloc+0xc27/0x14a0
[ 67.846629][ T5302] __slab_alloc+0x58/0xa0
[ 67.848347][ T5302] __kmalloc_cache_noprof+0x27b/0x390
[ 67.850841][ T5302] syslog_print+0x110/0x630
[ 67.852906][ T5302] do_syslog+0x3c2/0x820
[ 67.854546][ T5302] __x64_sys_syslog+0x7c/0x90
[ 67.856251][ T5302] do_syscall_64+0xf3/0x230
[ 67.857986][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.860204][ T5302] page last free pid 4693 tgid 4693 stack trace:
[ 67.862760][ T5302] free_frozen_pages+0xe0d/0x10e0
[ 67.864846][ T5302] __put_partials+0x160/0x1c0
[ 67.866714][ T5302] put_cpu_partial+0x17c/0x250
[ 67.868662][ T5302] __slab_free+0x290/0x380
[ 67.870459][ T5302] qlist_free_all+0x9a/0x140
[ 67.872302][ T5302] kasan_quarantine_reduce+0x14f/0x170
[ 67.874392][ T5302] __kasan_slab_alloc+0x23/0x80
[ 67.876314][ T5302] kmem_cache_alloc_noprof+0x1d9/0x380
[ 67.878392][ T5302] getname_flags+0xb7/0x540
[ 67.880234][ T5302] do_sys_openat2+0xd2/0x1d0
[ 67.882196][ T5302] __x64_sys_openat+0x247/0x2a0
[ 67.883992][ T5302] do_syscall_64+0xf3/0x230
[ 67.885641][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.887833][ T5302]
[ 67.888741][ T5302] Memory state around the buggy address:
[ 67.890834][ T5302] ffff8880002d8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 67.893873][ T5302] ffff8880002d8380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 67.896856][ T5302] >ffff8880002d8400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 67.899832][ T5302] ^
[ 67.901569][ T5302] ffff8880002d8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 67.904769][ T5302] ffff8880002d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 67.907683][ T5302] ==================================================================
[ 67.931335][ T5302] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 67.934173][ T5302] CPU: 0 UID: 0 PID: 5302 Comm: syz-executor615 Not tainted 6.14.0-rc5-syzkaller-00039-g848e07631744 #0
[ 67.938395][ T5302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 67.942427][ T5302] Call Trace:
[ 67.943770][ T5302]
[ 67.944990][ T5302] dump_stack_lvl+0x241/0x360
[ 67.946849][ T5302] ? __pfx_dump_stack_lvl+0x10/0x10
[ 67.948757][ T5302] ? __pfx__printk+0x10/0x10
[ 67.950481][ T5302] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 67.952852][ T5302] ? vscnprintf+0x5d/0x90
[ 67.954476][ T5302] panic+0x349/0x880
[ 67.956020][ T5302] ? check_panic_on_warn+0x21/0xb0
[ 67.957943][ T5302] ? __pfx_panic+0x10/0x10
[ 67.959715][ T5302] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 67.962825][ T5302] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 67.965735][ T5302] check_panic_on_warn+0x86/0xb0
[ 67.967997][ T5302] ? hfsplus_uni2asc+0x57f/0x1200
[ 67.970291][ T5302] end_report+0x77/0x160
[ 67.972358][ T5302] kasan_report+0x154/0x180
[ 67.974410][ T5302] ? hfsplus_uni2asc+0x57f/0x1200
[ 67.976426][ T5302] hfsplus_uni2asc+0x57f/0x1200
[ 67.978228][ T5302] ? __asan_memcpy+0x40/0x70
[ 67.979894][ T5302] hfsplus_readdir+0x938/0x1320
[ 67.981733][ T5302] ? __pfx_hfsplus_readdir+0x10/0x10
[ 67.983780][ T5302] ? reacquire_held_locks+0x3eb/0x690
[ 67.985801][ T5302] ? iterate_dir+0x4a6/0x760
[ 67.987470][ T5302] ? __pfx_down_read_killable+0x10/0x10
[ 67.989526][ T5302] ? __pfx___mutex_lock+0x10/0x10
[ 67.991385][ T5302] ? common_file_perm+0x1a6/0x210
[ 67.993420][ T5302] iterate_dir+0x5a9/0x760
[ 67.995254][ T5302] __se_sys_getdents64+0x1e2/0x4b0
[ 67.997258][ T5302] ? __pfx___se_sys_getdents64+0x10/0x10
[ 67.999341][ T5302] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 68.001722][ T5302] ? __pfx_filldir64+0x10/0x10
[ 68.003635][ T5302] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 68.006156][ T5302] ? exc_page_fault+0x590/0x8b0
[ 68.008030][ T5302] ? do_syscall_64+0xb6/0x230
[ 68.009770][ T5302] do_syscall_64+0xf3/0x230
[ 68.011524][ T5302] ? clear_bhb_loop+0x35/0x90
[ 68.013290][ T5302] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.015548][ T5302] RIP: 0033:0x7fe5f0c48ea3
[ 68.017195][ T5302] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 92 48 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[ 68.024384][ T5302] RSP: 002b:00007ffd55f52848 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 68.027457][ T5302] RAX: ffffffffffffffda RBX: 000055555b2c4730 RCX: 00007fe5f0c48ea3
[ 68.030347][ T5302] RDX: 0000000000008000 RSI: 000055555b2c4730 RDI: 0000000000000004
[ 68.033339][ T5302] RBP: 000055555b2c4704 R08: 0000000000000000 R09: 0000000000000000
[ 68.036305][ T5302] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[ 68.039321][ T5302] R13: 0000000000000010 R14: 000055555b2c4700 R15: 431bde82d7b634db
[ 68.042279][ T5302]
[ 68.043777][ T5302] Kernel Offset: disabled
[ 68.045441][ T5302] Rebooting in 86400 seconds..
VM DIAGNOSIS:
11:21:52 Registers:
info registers vcpu 0
CPU#0
RAX=000000000000007a RBX=ffffffff9a9960a0 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000d05f070
R8 =ffffffff8584000b R9 =1ffff11003e56046 R10=dffffc0000000000 R11=ffffffff8583ffc0
R12=dffffc0000000000 R13=000000000000007a R14=000000000000007a R15=00000000000003f8
RIP=ffffffff8584003e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555b2bb380 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055555b2cc738 CR3=0000000040308000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000021 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd55f53980 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e006a64615f6572 6f63735f6d6f6f2f 666c65732f636f72 702f003030303100
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0b004f41445f4057 4a46565f484a4a0a 434940560a464a57 550a001515151400
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000