Warning: Permanently added '10.128.1.148' (ED25519) to the list of known hosts.
executing program
[   51.208737][ T3499] loop0: detected capacity change from 0 to 1024
[   51.335008][ T3499] hfsplus: request for non-existent node 768 in B*Tree
[   51.342147][ T3499] hfsplus: request for non-existent node 768 in B*Tree
[   51.351460][ T3499] ==================================================================
[   51.359607][ T3499] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x85/0x1c0
[   51.367428][ T3499] Read of size 8 at addr ffff88814a83efc0 by task syz-executor554/3499
[   51.375658][ T3499] 
[   51.377976][ T3499] CPU: 1 PID: 3499 Comm: syz-executor554 Not tainted 5.15.152-syzkaller #0
[   51.386548][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[   51.396611][ T3499] Call Trace:
[   51.399886][ T3499]  <TASK>
[   51.402811][ T3499]  dump_stack_lvl+0x1e3/0x2cb
[   51.407490][ T3499]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   51.413123][ T3499]  ? _printk+0xd1/0x111
[   51.417272][ T3499]  ? __wake_up_klogd+0xcc/0x100
[   51.422114][ T3499]  ? panic+0x84d/0x84d
[   51.426173][ T3499]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   51.431630][ T3499]  print_address_description+0x63/0x3b0
[   51.437170][ T3499]  ? hfsplus_bnode_read+0x85/0x1c0
[   51.442275][ T3499]  kasan_report+0x16b/0x1c0
[   51.446787][ T3499]  ? hfsplus_bnode_read+0x85/0x1c0
[   51.451911][ T3499]  hfsplus_bnode_read+0x85/0x1c0
[   51.456852][ T3499]  hfsplus_bnode_dump+0x3f7/0x7c0
[   51.461880][ T3499]  ? hfsplus_bnode_move+0xa80/0xa80
[   51.467071][ T3499]  ? hfsplus_bnode_write_u16+0x97/0xf0
[   51.472524][ T3499]  ? rcu_is_watching+0x11/0xa0
[   51.477281][ T3499]  ? hfsplus_bnode_move+0x355/0xa80
[   51.482470][ T3499]  ? __mark_inode_dirty+0x3dd/0xd60
[   51.487670][ T3499]  hfsplus_brec_remove+0x428/0x4e0
[   51.492785][ T3499]  __hfsplus_delete_attr+0x271/0x450
[   51.498066][ T3499]  ? hfsplus_delete_attr+0x4a0/0x4a0
[   51.503355][ T3499]  ? mutex_lock_nested+0x17/0x20
[   51.508286][ T3499]  hfsplus_delete_all_attrs+0x267/0x3c0
[   51.513828][ T3499]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   51.519722][ T3499]  ? __hfsplus_delete_attr+0x450/0x450
[   51.525172][ T3499]  ? current_time+0x1d1/0x2f0
[   51.529842][ T3499]  ? rcu_is_watching+0x11/0xa0
[   51.534600][ T3499]  ? __mark_inode_dirty+0x3dd/0xd60
[   51.539794][ T3499]  hfsplus_delete_cat+0xb83/0xfb0
[   51.544825][ T3499]  ? hfsplus_mark_inode_dirty+0x30/0x30
[   51.550430][ T3499]  ? mutex_lock_io_nested+0x60/0x60
[   51.555720][ T3499]  hfsplus_unlink+0x35f/0x7f0
[   51.560479][ T3499]  ? __might_sleep+0xc0/0xc0
[   51.565066][ T3499]  ? hfsplus_link+0x840/0x840
[   51.569736][ T3499]  ? do_raw_spin_lock+0x14a/0x370
[   51.574775][ T3499]  ? down_write_nested+0x117/0x180
[   51.579881][ T3499]  ? down_read_non_owner+0x310/0x310
[   51.585159][ T3499]  ? do_raw_spin_unlock+0x137/0x8b0
[   51.590351][ T3499]  hfsplus_rename+0xc4/0x1b0
[   51.594938][ T3499]  vfs_rename+0xd32/0x10f0
[   51.599356][ T3499]  ? tomoyo_path_link+0x80/0x170
[   51.604291][ T3499]  ? __ia32_sys_link+0x90/0x90
[   51.609061][ T3499]  ? security_path_rename+0x207/0x2a0
[   51.614426][ T3499]  do_renameat2+0xe0f/0x1700
[   51.619033][ T3499]  ? fsnotify_move+0x470/0x470
[   51.623795][ T3499]  ? __virt_addr_valid+0x39e/0x450
[   51.628909][ T3499]  ? 0xffffffff81000000
[   51.633052][ T3499]  ? __check_object_size+0x300/0x410
[   51.638339][ T3499]  ? getname_flags+0x1ec/0x4e0
[   51.643094][ T3499]  ? lockdep_hardirqs_on+0x94/0x130
[   51.648374][ T3499]  __x64_sys_rename+0x82/0x90
[   51.653042][ T3499]  do_syscall_64+0x3d/0xb0
[   51.657454][ T3499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   51.663342][ T3499] RIP: 0033:0x7f085f6125f9
[   51.667748][ T3499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   51.687357][ T3499] RSP: 002b:00007ffe6635a4d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   51.695768][ T3499] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f085f6125f9
[   51.703741][ T3499] RDX: 00007f085f6118f0 RSI: 00000000200000c0 RDI: 0000000020000080
[   51.711721][ T3499] RBP: 00007f085f685610 R08: 0000000000000692 R09: 0000000000000000
[   51.719694][ T3499] R10: 00007ffe6635a3a0 R11: 0000000000000246 R12: 0000000000000001
[   51.727673][ T3499] R13: 00007ffe6635a6a8 R14: 0000000000000001 R15: 0000000000000001
[   51.735654][ T3499]  </TASK>
[   51.738662][ T3499] 
[   51.740977][ T3499] Allocated by task 3499:
[   51.745287][ T3499]  ____kasan_kmalloc+0xba/0xf0
[   51.750047][ T3499]  __kmalloc+0x168/0x300
[   51.754366][ T3499]  __hfs_bnode_create+0xf9/0xbb0
[   51.759295][ T3499]  hfsplus_bnode_find+0x22e/0xe80
[   51.764311][ T3499]  hfsplus_brec_find+0x17f/0x570
[   51.769245][ T3499]  hfsplus_delete_all_attrs+0x23e/0x3c0
[   51.774778][ T3499]  hfsplus_delete_cat+0xb83/0xfb0
[   51.779792][ T3499]  hfsplus_unlink+0x35f/0x7f0
[   51.784465][ T3499]  hfsplus_rename+0xc4/0x1b0
[   51.789052][ T3499]  vfs_rename+0xd32/0x10f0
[   51.793458][ T3499]  do_renameat2+0xe0f/0x1700
[   51.798049][ T3499]  __x64_sys_rename+0x82/0x90
[   51.802714][ T3499]  do_syscall_64+0x3d/0xb0
[   51.807134][ T3499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   51.813037][ T3499] 
[   51.815359][ T3499] Last potentially related work creation:
[   51.821071][ T3499]  kasan_save_stack+0x36/0x60
[   51.825756][ T3499]  kasan_record_aux_stack+0xba/0x100
[   51.831049][ T3499]  insert_work+0x54/0x3e0
[   51.835471][ T3499]  __queue_work+0x963/0xd00
[   51.839964][ T3499]  queue_work_on+0x14b/0x250
[   51.844553][ T3499]  call_usermodehelper_exec+0x269/0x450
[   51.850089][ T3499]  kobject_uevent_env+0x69e/0x8d0
[   51.855106][ T3499]  driver_register+0x35b/0x3a0
[   51.859861][ T3499]  __hid_register_driver+0x126/0x170
[   51.865233][ T3499]  ryos_init+0x76/0xa4
[   51.869308][ T3499]  do_one_initcall+0x22b/0x7a0
[   51.874068][ T3499]  do_initcall_level+0x157/0x207
[   51.879001][ T3499]  do_initcalls+0x49/0x86
[   51.883367][ T3499]  kernel_init_freeable+0x425/0x5b5
[   51.888571][ T3499]  kernel_init+0x19/0x290
[   51.892913][ T3499]  ret_from_fork+0x1f/0x30
[   51.897337][ T3499] 
[   51.899659][ T3499] The buggy address belongs to the object at ffff88814a83ef00
[   51.899659][ T3499]  which belongs to the cache kmalloc-192 of size 192
[   51.913705][ T3499] The buggy address is located 0 bytes to the right of
[   51.913705][ T3499]  192-byte region [ffff88814a83ef00, ffff88814a83efc0)
[   51.927321][ T3499] The buggy address belongs to the page:
[   51.932950][ T3499] page:ffffea00052a0f80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14a83e
[   51.943263][ T3499] flags: 0x57ff00000000200(slab|node=1|zone=2|lastcpupid=0x7ff)
[   51.950899][ T3499] raw: 057ff00000000200 ffffea000529f180 0000000600000006 ffff888011c41a00
[   51.959473][ T3499] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   51.968042][ T3499] page dumped because: kasan: bad access detected
[   51.974548][ T3499] page_owner tracks the page as allocated
[   51.980248][ T3499] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 12847449764, free_ts 0
[   51.995288][ T3499]  get_page_from_freelist+0x322a/0x33c0
[   52.000842][ T3499]  __alloc_pages+0x272/0x700
[   52.005424][ T3499]  alloc_page_interleave+0x22/0x1c0
[   52.010616][ T3499]  new_slab+0xbb/0x4b0
[   52.014677][ T3499]  ___slab_alloc+0x6f6/0xe10
[   52.019263][ T3499]  kmem_cache_alloc_trace+0x1a0/0x290
[   52.024635][ T3499]  call_usermodehelper_setup+0x8a/0x260
[   52.030172][ T3499]  kobject_uevent_env+0x681/0x8d0
[   52.035191][ T3499]  driver_register+0x35b/0x3a0
[   52.039951][ T3499]  __hid_register_driver+0x126/0x170
[   52.045252][ T3499]  arvo_init+0x76/0xa4
[   52.049442][ T3499]  do_one_initcall+0x22b/0x7a0
[   52.054209][ T3499]  do_initcall_level+0x157/0x207
[   52.059144][ T3499]  do_initcalls+0x49/0x86
[   52.063485][ T3499]  kernel_init_freeable+0x425/0x5b5
[   52.068700][ T3499]  kernel_init+0x19/0x290
[   52.073024][ T3499] page_owner free stack trace missing
[   52.078385][ T3499] 
[   52.080695][ T3499] Memory state around the buggy address:
[   52.086316][ T3499]  ffff88814a83ee80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   52.094364][ T3499]  ffff88814a83ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.102413][ T3499] >ffff88814a83ef80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.110474][ T3499]                                            ^
[   52.116615][ T3499]  ffff88814a83f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.124675][ T3499]  ffff88814a83f080: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.132721][ T3499] ==================================================================
[   52.140776][ T3499] Disabling lock debugging due to kernel taint
[   52.147064][ T3499] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   52.154273][ T3499] CPU: 1 PID: 3499 Comm: syz-executor554 Tainted: G    B             5.15.152-syzkaller #0
[   52.164352][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[   52.174519][ T3499] Call Trace:
[   52.177792][ T3499]  <TASK>
[   52.180714][ T3499]  dump_stack_lvl+0x1e3/0x2cb
[   52.185400][ T3499]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   52.191026][ T3499]  ? panic+0x84d/0x84d
[   52.195096][ T3499]  ? rcu_is_watching+0x11/0xa0
[   52.199852][ T3499]  ? preempt_schedule_common+0xa6/0xd0
[   52.205337][ T3499]  panic+0x318/0x84d
[   52.209312][ T3499]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   52.215467][ T3499]  ? check_panic_on_warn+0x1d/0xa0
[   52.220600][ T3499]  ? fb_is_primary_device+0xcc/0xcc
[   52.225809][ T3499]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   52.231789][ T3499]  ? _raw_spin_unlock+0x40/0x40
[   52.237518][ T3499]  check_panic_on_warn+0x7e/0xa0
[   52.242449][ T3499]  ? hfsplus_bnode_read+0x85/0x1c0
[   52.247667][ T3499]  end_report+0x6d/0xf0
[   52.251821][ T3499]  kasan_report+0x18e/0x1c0
[   52.256315][ T3499]  ? hfsplus_bnode_read+0x85/0x1c0
[   52.261461][ T3499]  hfsplus_bnode_read+0x85/0x1c0
[   52.266409][ T3499]  hfsplus_bnode_dump+0x3f7/0x7c0
[   52.271440][ T3499]  ? hfsplus_bnode_move+0xa80/0xa80
[   52.276631][ T3499]  ? hfsplus_bnode_write_u16+0x97/0xf0
[   52.282115][ T3499]  ? rcu_is_watching+0x11/0xa0
[   52.286879][ T3499]  ? hfsplus_bnode_move+0x355/0xa80
[   52.292179][ T3499]  ? __mark_inode_dirty+0x3dd/0xd60
[   52.297382][ T3499]  hfsplus_brec_remove+0x428/0x4e0
[   52.302628][ T3499]  __hfsplus_delete_attr+0x271/0x450
[   52.307939][ T3499]  ? hfsplus_delete_attr+0x4a0/0x4a0
[   52.313345][ T3499]  ? mutex_lock_nested+0x17/0x20
[   52.318289][ T3499]  hfsplus_delete_all_attrs+0x267/0x3c0
[   52.323836][ T3499]  ? ktime_get_coarse_real_ts64+0x107/0x120
[   52.329728][ T3499]  ? __hfsplus_delete_attr+0x450/0x450
[   52.335177][ T3499]  ? current_time+0x1d1/0x2f0
[   52.339931][ T3499]  ? rcu_is_watching+0x11/0xa0
[   52.344686][ T3499]  ? __mark_inode_dirty+0x3dd/0xd60
[   52.349877][ T3499]  hfsplus_delete_cat+0xb83/0xfb0
[   52.354989][ T3499]  ? hfsplus_mark_inode_dirty+0x30/0x30
[   52.360529][ T3499]  ? mutex_lock_io_nested+0x60/0x60
[   52.365723][ T3499]  hfsplus_unlink+0x35f/0x7f0
[   52.370393][ T3499]  ? __might_sleep+0xc0/0xc0
[   52.374974][ T3499]  ? hfsplus_link+0x840/0x840
[   52.379654][ T3499]  ? do_raw_spin_lock+0x14a/0x370
[   52.384672][ T3499]  ? down_write_nested+0x117/0x180
[   52.389777][ T3499]  ? down_read_non_owner+0x310/0x310
[   52.395056][ T3499]  ? do_raw_spin_unlock+0x137/0x8b0
[   52.400255][ T3499]  hfsplus_rename+0xc4/0x1b0
[   52.404834][ T3499]  vfs_rename+0xd32/0x10f0
[   52.409242][ T3499]  ? tomoyo_path_link+0x80/0x170
[   52.414193][ T3499]  ? __ia32_sys_link+0x90/0x90
[   52.418954][ T3499]  ? security_path_rename+0x207/0x2a0
[   52.424318][ T3499]  do_renameat2+0xe0f/0x1700
[   52.428923][ T3499]  ? fsnotify_move+0x470/0x470
[   52.433676][ T3499]  ? __virt_addr_valid+0x39e/0x450
[   52.438777][ T3499]  ? 0xffffffff81000000
[   52.442930][ T3499]  ? __check_object_size+0x300/0x410
[   52.448211][ T3499]  ? getname_flags+0x1ec/0x4e0
[   52.452971][ T3499]  ? lockdep_hardirqs_on+0x94/0x130
[   52.458161][ T3499]  __x64_sys_rename+0x82/0x90
[   52.462828][ T3499]  do_syscall_64+0x3d/0xb0
[   52.467254][ T3499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.473139][ T3499] RIP: 0033:0x7f085f6125f9
[   52.477544][ T3499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   52.497136][ T3499] RSP: 002b:00007ffe6635a4d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   52.505539][ T3499] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f085f6125f9
[   52.513500][ T3499] RDX: 00007f085f6118f0 RSI: 00000000200000c0 RDI: 0000000020000080
[   52.521469][ T3499] RBP: 00007f085f685610 R08: 0000000000000692 R09: 0000000000000000
[   52.529437][ T3499] R10: 00007ffe6635a3a0 R11: 0000000000000246 R12: 0000000000000001
[   52.537403][ T3499] R13: 00007ffe6635a6a8 R14: 0000000000000001 R15: 0000000000000001
[   52.545546][ T3499]  </TASK>
[   52.548811][ T3499] Kernel Offset: disabled
[   52.553140][ T3499] Rebooting in 86400 seconds..