program:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x696, &(0x7f0000000440)="$eJzs3c1vHHf9B/D3rNeOnZ+Uum2S9ocqYTVSQQQSO5YL5tLAAflQoSocKiQuVuI0VjZuZbvIrRCY5yuH/gHl4AMSF5C4RyoSBwTcKm4WB1QJiUtPvgXN7Ky9fux6/RTD62XN7nfm+zifmfnuk6wJ8D9r5nqaj1Nk5vrrK+X6+tpka31t8kKd3UpSphtJs/2UYiEpPkpup73k/8uNdfliv34+mJ++8/Gn65+015r1UpVvHFSvN6v1krEkA/XzboN9tXd33/YONruZKjb3sAzYtU7g4Kw92WX1MNWPeN0CT4Oi/bq5y2hyMclw/T4g9ezQON3RHb9DzXIAAABwTj2zkY2s5NJZjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOk/r+/0W9NDrpsRSd+/8P1dtSp+80znjMR/H4rAcAAAAAAAAAAMfg8xvZyEoupf5x/0n7l/2Xq8fL1eP/5d0sZS6LuZGVzGY5y1nMRJLRroaGVmaXlxcneqh5a8+at/ob/+/6qwYAAAAAAAAA/21+kpn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1XO6kR9NoJhlOMlSWW03+1kmfE8VeGx+f/jgAAADgSIb7qPPMRjaykkud9SdF9Zn/avV5eTjvZiHLmc9yWpnLvfozdPmpv7G+NtlaX5t8tL42WXX8vSdt7Xa+8e9DDaNqMe3vHvbu+cWqxEjuZ77aciN3q8HcS6OqWXqxHs/msr2TH5djGnmt1uPI7tXPZWe/2u9bhOPQOGyF0arS4GZExuuxlQ09e3AkOkdn2yHr1jywp4k0Nr/5uXxAT51dKg4Z84udekl+sSPmr/3zN9/tsZkTsBmJRqpI3Oo6+64eHPPkC3/47ZsPWgsPH9xfun5ip9Fp2XlOTHZF4oVzHYnmIcuPV5G4srk+k2/lO7mesbyRxczn+5nNcubSucxm6/O5fBztilKyK1K3t6298VkjGaqPS3sW7WVMY7lQpWbzclX3UuZT5O3cy1xerf5uZSJfzVSmMt11hK/se4Srfatm2sbhrvprX8zWpf7LcqburV7yp14LHl77JbWM67Ndce2ec0ervO4tW1F6rofXo0POjc3P1Ymyj5/287JxYnZGYqIrEs8fHIlfV9fGUmvh4eKD2Xf2aX91x/org1vpn/f1ynxSU095vjyX4Xom2X52lHnPb84y2+M1VP/i0s5r7Mq7UuUVRedK/fYeV2oZ8emq9NU9W7pV5b2wO2+gHvnf/9GVt+39Vt7+y44d/fIJBRCAo7n4pYtDI/8a+evIhyM/G3kw8vrwNy987cJLQxn84+DXm+MDrzReKn6fD/PDrc//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/5bee//hbKs1t7h3orF/1vEmivq2PN1Zw9kq08xITmEYp5koktVjbzlnv189JDo3ETxqO2/efip2Z6l4OobRV2IgSb3lR8nW+VMfon5uLgqcCzeXH71zc+m9978y/2j2rbm35hYGp6amx6enXp28eX++NTfefjzrUQInYev9QI8VBk94QAAAAAAAAAAAAMBn2usfA/58zP9p0NXd2BnuKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBOzVxPczBFJsZvjJfr62uTrXLppLdKNpM0Gknxg6T4KLmd9pLRruaK/fr5YH76zsefrn+y1VazU75xUL3erNZLxpIM1M+7DPXX3t392utZsbmHZcCudQIHZ+0/AQAA//+iQA0P")
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0x4000050a) (async)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x231, 0x0, 0x7b7b25b2}) (async)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') (async, rerun: 32)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (rerun: 32)

[   52.550805][ T4661] Bluetooth: hci0: command tx timeout
[   52.589586][ T5317] loop0: detected capacity change from 0 to 1024
[   52.621383][ T5317] hfsplus: request for non-existent node 134217728 in B*Tree
[   52.625043][ T5317] hfsplus: request for non-existent node 134217728 in B*Tree
[   52.653908][ T5317] ==================================================================
[   52.659725][ T5317] BUG: KASAN: wild-memory-access in hfsplus_bnode_dump+0x403/0xbb0
[   52.668765][ T5317] Read of size 2 at addr 000508800000103e by task syz.0.0/5317
[   52.671226][ T5317] 
[   52.672051][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[   52.677573][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   52.681367][ T5317] Call Trace:
[   52.682605][ T5317]  <TASK>
[   52.685581][ T5317]  dump_stack_lvl+0x241/0x360
[   52.689028][ T5317]  ? __pfx_dump_stack_lvl+0x10/0x10
[   52.693620][ T5317]  ? __pfx__printk+0x10/0x10
[   52.719880][ T5317]  ? _printk+0xd5/0x120
[   52.721421][ T5317]  print_report+0xe8/0x550
[   52.723070][ T5317]  ? __virt_addr_valid+0x58/0x530
[   52.740359][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   52.742458][ T5317]  kasan_report+0x143/0x180
[   52.746687][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   52.748495][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   52.750349][ T5317]  kasan_check_range+0x282/0x290
[   52.754092][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   52.759065][ T5317]  __asan_memcpy+0x29/0x70
[   52.765021][ T5317]  hfsplus_bnode_dump+0x403/0xbb0
[   52.776934][ T5317]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   52.780189][ T5317]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   52.782448][ T5317]  ? __pfx_hfsplus_bnode_write_u16+0x10/0x10
[   52.784850][ T5317]  ? rcu_is_watching+0x15/0xb0
[   52.786748][ T5317]  ? hfsplus_bnode_move+0x2da/0x910
[   52.799864][ T5317]  ? __mark_inode_dirty+0x3db/0xe90
[   52.802559][ T5317]  hfsplus_brec_remove+0x42c/0x4f0
[   52.805648][ T5317]  __hfsplus_delete_attr+0x275/0x450
[   52.808668][ T5317]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   52.819262][ T5317]  ? hfsplus_find_init+0x85/0x1c0
[   52.821306][ T5317]  hfsplus_delete_attr+0x353/0x4b0
[   52.823421][ T5317]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   52.828025][ T5317]  ? hfsplus_find_init+0x85/0x1c0
[   52.830748][ T5317]  ? hfsplus_find_init+0x14a/0x1c0
[   52.833418][ T5317]  __hfsplus_setxattr+0x801/0x22d0
[   52.836109][ T5317]  ? kernel_text_address+0xa7/0xe0
[   52.838865][ T5317]  ? arch_stack_walk+0xfd/0x150
[   52.841423][ T5317]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   52.845207][ T5317]  ? __pfx_stack_trace_save+0x10/0x10
[   52.848091][ T5317]  ? stack_depot_save_flags+0x37/0x940
[   52.850928][ T5317]  ? __kasan_kmalloc+0x98/0xb0
[   52.853511][ T5317]  ? __kmalloc_cache_noprof+0x243/0x390
[   52.856390][ T5317]  ? hfsplus_setxattr+0x68/0xe0
[   52.858963][ T5317]  hfsplus_setxattr+0xb0/0xe0
[   52.861489][ T5317]  hfsplus_user_setxattr+0x40/0x60
[   52.864134][ T5317]  ? __pfx_hfsplus_user_setxattr+0x10/0x10
[   52.880301][ T5317]  __vfs_removexattr+0x42a/0x460
[   52.882335][ T5317]  __vfs_removexattr_locked+0x206/0x450
[   52.884635][ T5317]  ? __pfx___might_resched+0x10/0x10
[   52.916106][ T5317]  vfs_removexattr+0x103/0x2b0
[   52.929704][ T5317]  ? __pfx_vfs_removexattr+0x10/0x10
[   52.931958][ T5317]  path_removexattrat+0x32e/0x670
[   52.934012][ T5317]  ? __pfx_path_removexattrat+0x10/0x10
[   52.936288][ T5317]  ? do_futex+0x33b/0x560
[   52.938090][ T5317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   52.940606][ T5317]  ? rcu_is_watching+0x15/0xb0
[   52.942419][ T5317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   52.944576][ T5317]  ? rcu_is_watching+0x15/0xb0
[   52.946230][ T5317]  __x64_sys_removexattr+0x62/0x70
[   52.960439][ T5317]  do_syscall_64+0xf3/0x230
[   52.962271][ T5317]  ? clear_bhb_loop+0x35/0x90
[   52.964184][ T5317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.968998][ T5317] RIP: 0033:0x7f5250985d19
[   52.970843][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.996954][ T5317] RSP: 002b:00007f525179a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[   53.000342][ T5317] RAX: ffffffffffffffda RBX: 00007f5250b75fa0 RCX: 00007f5250985d19
[   53.003535][ T5317] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040
[   53.006747][ T5317] RBP: 00007f5250a01a20 R08: 0000000000000000 R09: 0000000000000000
[   53.022333][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   53.025572][ T5317] R13: 0000000000000000 R14: 00007f5250b75fa0 R15: 00007fffe8ec6168
[   53.040896][ T5317]  </TASK>
[   53.042005][ T5317] ==================================================================
[   53.054126][ T5317] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   53.069725][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[   53.073712][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   53.092127][ T5317] Call Trace:
[   53.093468][ T5317]  <TASK>
[   53.094644][ T5317]  dump_stack_lvl+0x241/0x360
[   53.096536][ T5317]  ? __pfx_dump_stack_lvl+0x10/0x10
[   53.098636][ T5317]  ? __pfx__printk+0x10/0x10
[   53.100491][ T5317]  ? rcu_is_watching+0x15/0xb0
[   53.102659][ T5317]  ? preempt_schedule+0xe1/0xf0
[   53.104632][ T5317]  ? vscnprintf+0x5d/0x90
[   53.106378][ T5317]  panic+0x349/0x880
[   53.120262][ T5317]  ? check_panic_on_warn+0x21/0xb0
[   53.122373][ T5317]  ? __pfx_panic+0x10/0x10
[   53.124228][ T5317]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   53.126638][ T5317]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   53.141557][ T5317]  ? print_report+0xe8/0x550
[   53.143464][ T5317]  check_panic_on_warn+0x86/0xb0
[   53.145477][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   53.147625][ T5317]  end_report+0x77/0x160
[   53.149414][ T5317]  kasan_report+0x154/0x180
[   53.151259][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   53.153176][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   53.155363][ T5317]  kasan_check_range+0x282/0x290
[   53.171760][ T5317]  ? hfsplus_bnode_dump+0x403/0xbb0
[   53.173847][ T5317]  __asan_memcpy+0x29/0x70
[   53.175668][ T5317]  hfsplus_bnode_dump+0x403/0xbb0
[   53.187953][ T5317]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   53.190264][ T5317]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   53.192565][ T5317]  ? __pfx_hfsplus_bnode_write_u16+0x10/0x10
[   53.195760][ T5317]  ? rcu_is_watching+0x15/0xb0
[   53.197721][ T5317]  ? hfsplus_bnode_move+0x2da/0x910
[   53.199778][ T5317]  ? __mark_inode_dirty+0x3db/0xe90
[   53.201831][ T5317]  hfsplus_brec_remove+0x42c/0x4f0
[   53.203904][ T5317]  __hfsplus_delete_attr+0x275/0x450
[   53.205918][ T5317]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   53.220845][ T5317]  ? hfsplus_find_init+0x85/0x1c0
[   53.223488][ T5317]  hfsplus_delete_attr+0x353/0x4b0
[   53.226236][ T5317]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   53.241266][ T5317]  ? hfsplus_find_init+0x85/0x1c0
[   53.243359][ T5317]  ? hfsplus_find_init+0x14a/0x1c0
[   53.245755][ T5317]  __hfsplus_setxattr+0x801/0x22d0
[   53.248542][ T5317]  ? kernel_text_address+0xa7/0xe0
[   53.250970][ T5317]  ? arch_stack_walk+0xfd/0x150
[   53.253131][ T5317]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   53.267644][ T5317]  ? __pfx_stack_trace_save+0x10/0x10
[   53.269845][ T5317]  ? stack_depot_save_flags+0x37/0x940
[   53.272249][ T5317]  ? __kasan_kmalloc+0x98/0xb0
[   53.274659][ T5317]  ? __kmalloc_cache_noprof+0x243/0x390
[   53.276679][ T5317]  ? hfsplus_setxattr+0x68/0xe0
[   53.280465][ T5317]  hfsplus_setxattr+0xb0/0xe0
[   53.296567][ T5317]  hfsplus_user_setxattr+0x40/0x60
[   53.298502][ T5317]  ? __pfx_hfsplus_user_setxattr+0x10/0x10
[   53.300640][ T5317]  __vfs_removexattr+0x42a/0x460
[   53.302461][ T5317]  __vfs_removexattr_locked+0x206/0x450
[   53.304493][ T5317]  ? __pfx___might_resched+0x10/0x10
[   53.306380][ T5317]  vfs_removexattr+0x103/0x2b0
[   53.323866][ T5317]  ? __pfx_vfs_removexattr+0x10/0x10
[   53.325762][ T5317]  path_removexattrat+0x32e/0x670
[   53.327733][ T5317]  ? __pfx_path_removexattrat+0x10/0x10
[   53.330017][ T5317]  ? do_futex+0x33b/0x560
[   53.332094][ T5317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   53.335438][ T5317]  ? rcu_is_watching+0x15/0xb0
[   53.347616][ T5317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   53.350147][ T5317]  ? rcu_is_watching+0x15/0xb0
[   53.352265][ T5317]  __x64_sys_removexattr+0x62/0x70
[   53.355085][ T5317]  do_syscall_64+0xf3/0x230
[   53.357386][ T5317]  ? clear_bhb_loop+0x35/0x90
[   53.359513][ T5317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.361632][ T5317] RIP: 0033:0x7f5250985d19
[   53.363229][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.382657][ T5317] RSP: 002b:00007f525179a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[   53.386057][ T5317] RAX: ffffffffffffffda RBX: 00007f5250b75fa0 RCX: 00007f5250985d19
[   53.401890][ T5317] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040
[   53.405053][ T5317] RBP: 00007f5250a01a20 R08: 0000000000000000 R09: 0000000000000000
[   53.408309][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   53.411646][ T5317] R13: 0000000000000000 R14: 00007f5250b75fa0 R15: 00007fffe8ec6168
[   53.418938][ T5317]  </TASK>
[   53.420478][ T5317] Kernel Offset: disabled
[   53.422262][ T5317] Rebooting in 86400 seconds..