Warning: Permanently added '10.128.10.44' (ED25519) to the list of known hosts.
executing program
[   33.012690][ T6092] loop0: detected capacity change from 0 to 1024
[   33.016012][ T6092] =======================================================
[   33.016012][ T6092] WARNING: The mand mount option has been deprecated and
[   33.016012][ T6092]          and is ignored by this kernel. Remove the mand
[   33.016012][ T6092]          option from the mount to silence this warning.
[   33.016012][ T6092] =======================================================
[   33.032812][ T6092] ==================================================================
[   33.034882][ T6092] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x624/0x1018
[   33.036773][ T6092] Read of size 2 at addr ffff0000d3f2040c by task syz-executor328/6092
[   33.038946][ T6092] 
[   33.039511][ T6092] CPU: 0 PID: 6092 Comm: syz-executor328 Not tainted 6.7.0-rc4-syzkaller-gd46efae31672 #0
[   33.042036][ T6092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[   33.044575][ T6092] Call trace:
[   33.045371][ T6092]  dump_backtrace+0x1b8/0x1e4
[   33.046664][ T6092]  show_stack+0x2c/0x44
[   33.047803][ T6092]  dump_stack_lvl+0xd0/0x124
[   33.049093][ T6092]  print_report+0x174/0x514
[   33.050294][ T6092]  kasan_report+0xd8/0x138
[   33.051468][ T6092]  __asan_report_load2_noabort+0x20/0x2c
[   33.052958][ T6092]  hfsplus_uni2asc+0x624/0x1018
[   33.054270][ T6092]  hfsplus_readdir+0x7a0/0xf28
[   33.055594][ T6092]  iterate_dir+0x184/0x440
[   33.056793][ T6092]  __arm64_sys_getdents64+0x1c4/0x4a0
[   33.058311][ T6092]  invoke_syscall+0x98/0x2b8
[   33.059526][ T6092]  el0_svc_common+0x130/0x23c
[   33.060801][ T6092]  do_el0_svc+0x48/0x58
[   33.061958][ T6092]  el0_svc+0x54/0x158
[   33.063009][ T6092]  el0t_64_sync_handler+0x84/0xfc
[   33.064313][ T6092]  el0t_64_sync+0x190/0x194
[   33.065498][ T6092] 
[   33.066109][ T6092] Allocated by task 6092:
[   33.067239][ T6092]  kasan_set_track+0x4c/0x7c
[   33.068513][ T6092]  kasan_save_alloc_info+0x24/0x30
[   33.069829][ T6092]  __kasan_kmalloc+0xac/0xc4
[   33.071057][ T6092]  __kmalloc+0xcc/0x1b8
[   33.072147][ T6092]  hfsplus_find_init+0x84/0x1bc
[   33.073431][ T6092]  hfsplus_readdir+0x1c8/0xf28
[   33.074694][ T6092]  iterate_dir+0x184/0x440
[   33.075895][ T6092]  __arm64_sys_getdents64+0x1c4/0x4a0
[   33.077354][ T6092]  invoke_syscall+0x98/0x2b8
[   33.078576][ T6092]  el0_svc_common+0x130/0x23c
[   33.079800][ T6092]  do_el0_svc+0x48/0x58
[   33.080943][ T6092]  el0_svc+0x54/0x158
[   33.081958][ T6092]  el0t_64_sync_handler+0x84/0xfc
[   33.083307][ T6092]  el0t_64_sync+0x190/0x194
[   33.084477][ T6092] 
[   33.085072][ T6092] The buggy address belongs to the object at ffff0000d3f20000
[   33.085072][ T6092]  which belongs to the cache kmalloc-2k of size 2048
[   33.088778][ T6092] The buggy address is located 0 bytes to the right of
[   33.088778][ T6092]  allocated 1036-byte region [ffff0000d3f20000, ffff0000d3f2040c)
[   33.092596][ T6092] 
[   33.093216][ T6092] The buggy address belongs to the physical page:
[   33.094898][ T6092] page:00000000fbfc4a7c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113f20
[   33.097376][ T6092] head:00000000fbfc4a7c order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   33.098964][ T6092] flags: 0x5ffc00000000840(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   33.100387][ T6092] page_type: 0xffffffff()
[   33.101160][ T6092] raw: 05ffc00000000840 ffff0000c0002000 dead000000000122 0000000000000000
[   33.103097][ T6092] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[   33.105370][ T6092] page dumped because: kasan: bad access detected
[   33.107082][ T6092] 
[   33.107655][ T6092] Memory state around the buggy address:
[   33.109114][ T6092]  ffff0000d3f20300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.111248][ T6092]  ffff0000d3f20380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   33.113380][ T6092] >ffff0000d3f20400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.115489][ T6092]                       ^
[   33.116671][ T6092]  ffff0000d3f20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.118821][ T6092]  ffff0000d3f20500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.120969][ T6092] ==================================================================
[   33.123866][ T6092] Disabling lock debugging due to kernel taint