program:
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x224402a, &(0x7f0000000140)={[{@noadinicb}, {@lastblock={'lastblock', 0x3d, 0x9}}, {@uid_ignore}, {@anchor={'anchor', 0x3d, 0x6}}, {@gid}, {@partition={'partition', 0x3d, 0x9}}, {@adinicb}, {@shortad}]}, 0xfc, 0xc4b, &(0x7f0000000e80)="$eJzs3U9sHNd5APDvDZciaacVEyeq3cbFpi0SmbFcWVJMxSrcVU2zDSDLRCjmFoArcqUuTJEESTWymzZMLz30EKAoesiJQGsUSNHAaIqiR7Z1geTiQ+FTT0QLG0HRA1sEyClgMbNvydVfSyEpUvbvJy2/+fO9mfdmRjMUwTcvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICI33nl/Mnn00HXAgB4mC5OfvXkKc9/APhYueT//wAAAAAAAAAAAAAAcNilKOKJSLF4cTNNV/Mdgxfa89dvTI2N37nYUKpK9lX55Wfw+VOnz3zphdGz3Xjv8nvtqXht8tL5+ssL1xaXWsvLrdn61Hx7ZmG2dd9b2G35W41UB6B+7fXrs1euLNdPPXf6ptU3hj8YePzY8LnRZ0483c2dGhsfn+zJqfX/3Hu/zd16eByJIk5Eime//+PUjIgidn8sPuTa2W9DVSNGqkZMjY1XDZlrN+dXypUT3QNRRNR7CjW6x+ghnItdaUSsltUvKzxSNm9ysbnUvDzXqk80l1baK+2F+YnUqW3ZnnoUcTZFrEXExsDtm+uPImqR4rtHN9PliOjrHocvVh2D716PYh/beB/Ketb7I9aKR+CcHWIDUcSrkeIn7xQxUx6z/InPR7wan4j4x4i3yvmXIlJ5YZyJeL+6joYOuursgVoU8Wfl+T+3mWar+0H3vnLha/WvzF9Z6Mnt3lce+efDw3TPe9PB97scjCKaVT020wN+s3PwlQcAAAAAAAAAAAAAAAD4CBuKIp6KFK/8+x9U/Yqj6pd+9Nzo7w7/Qm8Hryc/ZDtl7nMRsVrcX5/cI7kL8USaSOmA+xJ/nA1GEX+U+/99+6ArAwAAAAAAAAAAAAAAAAAA8LFWxHuR4sV3j6e16B1TvD1/tX6peXmuMypsd+zf7pjpW1tbW/XUiY0cp3NczXEtx/UcN3KMIpfPsZHjdI6rOa7luJ7jRo7Rl8vn2MhxOsfVHNdyXM9xI8eo5fI5NnKs5bat5vm1HNdz3MgxjCsOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDniijiZ5HiO9/YTJEiohExHZ24PtDNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO0kAq4geRov57je1ltYhI1d+O4+WXM9E4UsZPRWO0jC9F43yOzSrWGt8+gPqzO/2piB9FioHBt7dPeD7//Z257csg3vrmztwv1zqxr7ty+IOBx48dPTc6/qtP3m063akCIxfa89dv1KfGxscnexbX8t4/1bNsOO+32JumExHLb7z5enNurrX0sZkYikNRjYOaqHUmarGnWx6K2NsN7t1ErTOR71dx4PW5y0TjcFRjZyKqe/8d79l8ZJTP//cjxW+++x/dB373+f+Jztz2Ez5++sc7z/8Xb93QPj3/n+hZ9mL+bqS/FjG4cm2x/1jE4PIbb55oX2tebV1tzZ85efLLo6NfPn2y/0jE4JX2XKtnateHCgAAAAAAAAAAAAAAAODhSkX8dqRo/mgz1SPiRtVfa/jc6DMnnu6Lvqq/1U39tl6bvHS+/vLCtcWl1vJya7Y+Nd+eWZht3e/uBqvuXlNj4/vSmA81tM/1Hxp8eWHxjaX21d9fueP6xwbPX15eWWrO3Hl1DEUR0ehdMlJVeGpsvKr0XLs5XxWd2KOOmf2piP+MFDNn6ulzeVnu/1eG9/p7cnv7/6/2LK+m96n/3ydv2U9KRfw0Unzhz5+Mz1X1fCxuO2Y5768jxcjZz+a8OFLmdevQea9Ap2dgmfu/keLvf3ZzbrftT+zkPv9gR/fwK8//0Ujxgz/9XvxaXnbz+x92+n/2nv/Hbt3QPp3/T/cse+ym9xXsuunk838iUrz0xNvx63nZvd7/UcTW1ta3Io7n5O33c+zT+f9Mz7Lh6Oz3N/au+QAAAAAAAAAAAI+s/lTE30SKp8dr6YW87H5+/2/21g3t0+9//VLPstmHNF5Rd3/GmQIAAADgUdefingvUlxdeXu7D3VP/++b+3/+1s7PxMbSLWurn/P9YvXegL38+V+v4bzf6d03GwAAAAAAAAAAAAAAAAAAAA6VlIp4IVJ8YevJql/9vcZTX48Ur/z3szkvHSvzuuPAD1dfBy8uzJ84Pze3MNNcaV6ea9UnF5szrbLspyPF5l99NpctqvHVu+PNd8Z4H9zqjsW+FCnG/7ab2xmLvTs2eWc88M5Y7GXuJyPFf/3dzbndcaw/s5N7qsz9y0jx9X+6c+6xndzTZe73IsUPv17v5j5W5nbfj9p5J+lgLeZaz80szN32KlQAAAAAAAAAAAAAAAAAAAB4UP2piD+JFP9zbS1Wc7f/PP5/dwT+Wjf3rW9uj/c/cOt2blTj/A9X4//fbfrnGf9/eE9bCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj4YURbwZKRYvbqb1gXK+Y/BCe/76jamx8TsXG0pVyb4qv/wMPn/q9JkvvTB6thvvXX6vPRWvTV46X3954driUmt5uTVbn5pvzyzMtu57C7stv3PoOkaqA1C/9vr12StXluunnjt90+obwx8MPH5s+NzoMyee7uZOjY2PT/bk1PofYO8PVLkdR6KIv4gUz37/x+mfByKK2P2x+JBrZ78NVY0YqRoxNTZeNWSu3ZxfKVdOdA9EEVHvKdToHqOHcC52pRGxWla/rPBI2bzJxeZS8/Jcqz7RXFppr7QX5idSp7Zle+pRxNkUsRYRGwO3b64/ing9Unz36Gb6l4GIvu5x+OLFya+ePHX3ehT72Mb7UNaz3h+xVjwC5+wQG4gi/iFS/OSd4/GvAxG16Hzi8xGv9ia+FJHKC+NMxPt3uI54NNWiiP8rz/+5zfTOQHk/6N5XLnyt/pX5KwvbmUeie185TM+HrQe/Fof2YLf375DfmwajiB9Wd/zN9G/+XQMAAAAAAAAAAAAAAAAcIkX8SqR48d3jqeofvN2nuD1/tX6peXmu062v2/evHvGHZdza2tqqp05s5Did42qOazmu57iRYxS5fI6NHKdzXM1xLcf1HDdyjL5cPsdGjtM5rua4luN6jhs5Rq0KW1tb3+qUr+XyOa7muFaLKMryeX4jxzgkffcAAAAAAAAAAAAAAAAAAICPlqL6k+I739hM1ViqjYjp6MR144F+5P1/AAAA//+4mfoW")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x8b, 0x2b9, &(0x7f0000000700)="$eJzs3T9v00AYx/Hf2WmS0lIMLUJCDKhQwYTasiCWSqjiNbCAgCZIFVErSpGAhYgZ8QLYWXgBvAgmhMQMExMvoJvROZfm3Nhxk6p2K74fKY1j35/nHMe+J1JqAfhv3Vv/9fn2H/swUqhQ0l0psJuuqibpoi41X23tbu522q1RDYVSU8nDSElNM1RmY6udVdXWS2o4kX1V06y/DscjjuP4d9VBoEpN9xxmbQykhvt0hn7h02TqwOtuKHUriuWkMHva02vNVR0HAKBapnd9D9x1ftbN34NAWnKXff/6//NsxfEezQ3tVR1Cxbzrf5Jlxca+v+eSTYN8L0nh7PagnyWO24+dPNbVO7JSE0yTziqHk8UklmD62WanfWtju9MK9F5rjldsQdKaWi5ndVLRDje9mLEura681sYyk4xhyo5hNSf++axOJ++xmPlmvptHJtIntfbnf7XY+GN279T9qUH8y3nNbb94aJ+jXqmcUZ5POrmc3rEjRxnmZSRyeyoOlf6CIErHWc+sVdeBWr3RreT15NqZz6y1WlBrwdb64tUaHM35NY+b+WgemEX91Vete/P/wO7tJQ1/MrMbSUq6I6M/nszcsJaUjPxV3SuZbQaTjQdjGOzjD3qqO5p7+ebt8yedTnun7AUbQ+mdstBb6B8EJyWeyRbsOdZfo6i9Uyun9/qRd11TRWUafuH0SA8u9D/Wh+i9f5IujLDkMxMqMXjT88u8KzMglM2ePEwv//PyleUkRbJ/ohHz9Lho2ua1uJKRGzT2C57xWjLu+/n8DGgmM4Praoyc69pN6bq3siDninRBmh451tPErOuHHvP9PwAAAAAAAAAAAAAAAAAAwGlTxq81vO74jz4AAAAAAAAAAAAAAAAAAAAAAEwg//6/TR3j/X9TvwM49P1/G0cYKIAh/wIAAP//7nlzRQ==")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000400)='./file0\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
perf_event_open(&(0x7f0000000800)={0x1, 0x80, 0x0, 0x0, 0xff, 0x0, 0x0, 0x2, 0x22, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x4bf, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8239, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[   78.680190][ T5091] Bluetooth: hci0: command tx timeout
[   78.796807][ T5105] loop0: detected capacity change from 0 to 2048
[   78.849297][ T5105] loop0: detected capacity change from 0 to 64
[   78.893257][ T5105] overlay: filesystem on ./bus not supported
[   78.926067][ T5105] ==================================================================
[   78.929104][ T5105] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read_key+0x314/0x450
[   78.932330][ T5105] Write of size 94 at addr ffff8880356a5d00 by task syz.0.0/5105
[   78.935737][ T5105] 
[   78.936911][ T5105] CPU: 0 UID: 0 PID: 5105 Comm: syz.0.0 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   78.941050][ T5105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.945685][ T5105] Call Trace:
[   78.947436][ T5105]  <TASK>
[   78.948699][ T5105]  dump_stack_lvl+0x241/0x360
[   78.950473][ T5105]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.952347][ T5105]  ? __pfx__printk+0x10/0x10
[   78.953994][ T5105]  ? _printk+0xd5/0x120
[   78.955476][ T5105]  ? __virt_addr_valid+0x183/0x530
[   78.957309][ T5105]  ? __virt_addr_valid+0x183/0x530
[   78.959407][ T5105]  print_report+0x169/0x550
[   78.961750][ T5105]  ? __virt_addr_valid+0x183/0x530
[   78.964442][ T5105]  ? __virt_addr_valid+0x183/0x530
[   78.966864][ T5105]  ? __virt_addr_valid+0x45f/0x530
[   78.968916][ T5105]  ? __phys_addr+0xba/0x170
[   78.970661][ T5105]  ? hfs_bnode_read_key+0x314/0x450
[   78.972659][ T5105]  kasan_report+0x143/0x180
[   78.974459][ T5105]  ? hfs_bnode_read_key+0x314/0x450
[   78.976516][ T5105]  kasan_check_range+0x282/0x290
[   78.978770][ T5105]  ? hfs_bnode_read_key+0x314/0x450
[   78.981110][ T5105]  __asan_memcpy+0x40/0x70
[   78.983283][ T5105]  hfs_bnode_read_key+0x314/0x450
[   78.985651][ T5105]  hfs_brec_insert+0x7f3/0xbd0
[   78.987452][ T5105]  ? __pfx_hfs_brec_insert+0x10/0x10
[   78.989412][ T5105]  hfs_cat_create+0x41d/0xa50
[   78.991268][ T5105]  ? __pfx_hfs_cat_create+0x10/0x10
[   78.993351][ T5105]  ? _raw_spin_unlock+0x28/0x50
[   78.995309][ T5105]  ? hfs_new_inode+0x86e/0xaf0
[   78.997447][ T5105]  hfs_create+0x66/0xe0
[   78.999301][ T5105]  vfs_create+0x23c/0x3d0
[   79.001071][ T5105]  do_mknodat+0x447/0x5b0
[   79.002789][ T5105]  ? __pfx_do_mknodat+0x10/0x10
[   79.004657][ T5105]  ? getname_flags+0x1e3/0x540
[   79.006700][ T5105]  __x64_sys_mknodat+0xa7/0xc0
[   79.008736][ T5105]  do_syscall_64+0xf3/0x230
[   79.010756][ T5105]  ? clear_bhb_loop+0x35/0x90
[   79.012529][ T5105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.014687][ T5105] RIP: 0033:0x7fbc0697dff9
[   79.016299][ T5105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.024426][ T5105] RSP: 002b:00007fbc0782b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   79.027663][ T5105] RAX: ffffffffffffffda RBX: 00007fbc06b35f80 RCX: 00007fbc0697dff9
[   79.030660][ T5105] RDX: 0000000000000000 RSI: 0000000020001600 RDI: 0000000000000005
[   79.033751][ T5105] RBP: 00007fbc069f0296 R08: 0000000000000000 R09: 0000000000000000
[   79.036956][ T5105] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000
[   79.040063][ T5105] R13: 0000000000000000 R14: 00007fbc06b35f80 R15: 00007fff19c8e8e8
[   79.042849][ T5105]  </TASK>
[   79.043883][ T5105] 
[   79.044748][ T5105] Allocated by task 5105:
[   79.046318][ T5105]  kasan_save_track+0x3f/0x80
[   79.048289][ T5105]  __kasan_kmalloc+0x98/0xb0
[   79.050152][ T5105]  __kmalloc_noprof+0x1fc/0x400
[   79.052228][ T5105]  hfs_find_init+0x90/0x1f0
[   79.053817][ T5105]  hfs_cat_create+0x182/0xa50
[   79.055961][ T5105]  hfs_create+0x66/0xe0
[   79.057576][ T5105]  vfs_create+0x23c/0x3d0
[   79.059426][ T5105]  do_mknodat+0x447/0x5b0
[   79.061582][ T5105]  __x64_sys_mknodat+0xa7/0xc0
[   79.064067][ T5105]  do_syscall_64+0xf3/0x230
[   79.066370][ T5105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.068896][ T5105] 
[   79.069843][ T5105] The buggy address belongs to the object at ffff8880356a5d00
[   79.069843][ T5105]  which belongs to the cache kmalloc-96 of size 96
[   79.074930][ T5105] The buggy address is located 0 bytes inside of
[   79.074930][ T5105]  allocated 78-byte region [ffff8880356a5d00, ffff8880356a5d4e)
[   79.080401][ T5105] 
[   79.081556][ T5105] The buggy address belongs to the physical page:
[   79.084166][ T5105] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x356a5
[   79.087620][ T5105] anon flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   79.090887][ T5105] page_type: f5(slab)
[   79.092884][ T5105] raw: 04fff00000000000 ffff88801ac41280 0000000000000000 dead000000000001
[   79.097760][ T5105] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000
[   79.100751][ T5105] page dumped because: kasan: bad access detected
[   79.103182][ T5105] page_owner tracks the page as allocated
[   79.105280][ T5105] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4597, tgid 4597 (udevd), ts 34323450684, free_ts 32723978772
[   79.112221][ T5105]  post_alloc_hook+0x1f3/0x230
[   79.114445][ T5105]  get_page_from_freelist+0x3045/0x3190
[   79.116588][ T5105]  __alloc_pages_noprof+0x256/0x6c0
[   79.118525][ T5105]  alloc_pages_mpol_noprof+0x3e8/0x680
[   79.120577][ T5105]  alloc_slab_page+0x6a/0x120
[   79.122221][ T5105]  allocate_slab+0x5a/0x2f0
[   79.123930][ T5105]  ___slab_alloc+0xcd1/0x14b0
[   79.126051][ T5105]  __slab_alloc+0x58/0xa0
[   79.128099][ T5105]  __kmalloc_noprof+0x25a/0x400
[   79.130191][ T5105]  tomoyo_encode+0x26f/0x540
[   79.132119][ T5105]  tomoyo_realpath_from_path+0x59e/0x5e0
[   79.134271][ T5105]  tomoyo_path_perm+0x2b7/0x740
[   79.135795][ T5105]  security_inode_getattr+0x130/0x330
[   79.137473][ T5105]  vfs_getattr+0x45/0x430
[   79.139553][ T5105]  vfs_statx+0x199/0x490
[   79.141635][ T5105]  vfs_fstatat+0x145/0x190
[   79.143963][ T5105] page last free pid 16 tgid 16 stack trace:
[   79.146470][ T5105]  free_unref_page+0xcfb/0xf20
[   79.148463][ T5105]  rcu_core+0xaaa/0x17a0
[   79.150077][ T5105]  handle_softirqs+0x2c5/0x980
[   79.151936][ T5105]  run_ksoftirqd+0xca/0x130
[   79.153703][ T5105]  smpboot_thread_fn+0x544/0xa30
[   79.155695][ T5105]  kthread+0x2f0/0x390
[   79.157377][ T5105]  ret_from_fork+0x4b/0x80
[   79.159268][ T5105]  ret_from_fork_asm+0x1a/0x30
[   79.161348][ T5105] 
[   79.162372][ T5105] Memory state around the buggy address:
[   79.164738][ T5105]  ffff8880356a5c00: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   79.167868][ T5105]  ffff8880356a5c80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   79.170876][ T5105] >ffff8880356a5d00: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc
[   79.174589][ T5105]                                               ^
[   79.177380][ T5105]  ffff8880356a5d80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   79.180449][ T5105]  ffff8880356a5e00: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[   79.183495][ T5105] ==================================================================
[   79.247611][ T5105] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   79.250328][ T5105] CPU: 0 UID: 0 PID: 5105 Comm: syz.0.0 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   79.254579][ T5105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.259666][ T5105] Call Trace:
[   79.261116][ T5105]  <TASK>
[   79.262268][ T5105]  dump_stack_lvl+0x241/0x360
[   79.264322][ T5105]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.266491][ T5105]  ? __pfx__printk+0x10/0x10
[   79.268813][ T5105]  ? preempt_schedule+0xe1/0xf0
[   79.271291][ T5105]  ? vscnprintf+0x5d/0x90
[   79.273407][ T5105]  panic+0x349/0x880
[   79.275263][ T5105]  ? check_panic_on_warn+0x21/0xb0
[   79.277176][ T5105]  ? __pfx_panic+0x10/0x10
[   79.278719][ T5105]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   79.281050][ T5105]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   79.283702][ T5105]  ? print_report+0x502/0x550
[   79.285783][ T5105]  check_panic_on_warn+0x86/0xb0
[   79.288283][ T5105]  ? hfs_bnode_read_key+0x314/0x450
[   79.290510][ T5105]  end_report+0x77/0x160
[   79.292332][ T5105]  kasan_report+0x154/0x180
[   79.294128][ T5105]  ? hfs_bnode_read_key+0x314/0x450
[   79.296214][ T5105]  kasan_check_range+0x282/0x290
[   79.298570][ T5105]  ? hfs_bnode_read_key+0x314/0x450
[   79.301021][ T5105]  __asan_memcpy+0x40/0x70
[   79.303343][ T5105]  hfs_bnode_read_key+0x314/0x450
[   79.305757][ T5105]  hfs_brec_insert+0x7f3/0xbd0
[   79.307627][ T5105]  ? __pfx_hfs_brec_insert+0x10/0x10
[   79.309727][ T5105]  hfs_cat_create+0x41d/0xa50
[   79.311556][ T5105]  ? __pfx_hfs_cat_create+0x10/0x10
[   79.313515][ T5105]  ? _raw_spin_unlock+0x28/0x50
[   79.315636][ T5105]  ? hfs_new_inode+0x86e/0xaf0
[   79.317870][ T5105]  hfs_create+0x66/0xe0
[   79.319885][ T5105]  vfs_create+0x23c/0x3d0
[   79.321886][ T5105]  do_mknodat+0x447/0x5b0
[   79.323516][ T5105]  ? __pfx_do_mknodat+0x10/0x10
[   79.325319][ T5105]  ? getname_flags+0x1e3/0x540
[   79.327080][ T5105]  __x64_sys_mknodat+0xa7/0xc0
[   79.328885][ T5105]  do_syscall_64+0xf3/0x230
[   79.330840][ T5105]  ? clear_bhb_loop+0x35/0x90
[   79.333137][ T5105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.336255][ T5105] RIP: 0033:0x7fbc0697dff9
[   79.338172][ T5105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.345432][ T5105] RSP: 002b:00007fbc0782b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   79.348782][ T5105] RAX: ffffffffffffffda RBX: 00007fbc06b35f80 RCX: 00007fbc0697dff9
[   79.352345][ T5105] RDX: 0000000000000000 RSI: 0000000020001600 RDI: 0000000000000005
[   79.355892][ T5105] RBP: 00007fbc069f0296 R08: 0000000000000000 R09: 0000000000000000
[   79.359107][ T5105] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000
[   79.362253][ T5105] R13: 0000000000000000 R14: 00007fbc06b35f80 R15: 00007fff19c8e8e8
[   79.365185][ T5105]  </TASK>
[   79.366791][ T5105] Kernel Offset: disabled
[   79.368509][ T5105] Rebooting in 86400 seconds..