program:
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f00000008c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2810880, &(0x7f0000000000)=ANY=[], 0x1, 0x2c6, &(0x7f0000000c80)="$eJzs3U1rE0Ecx/Hf7KZpamtdbaUgHqRa9CRtvYiXghRfgxdFbVIohha1gk9g8Sy+AO9F8AX4IjyJ4FlPnnwBva3MZpLMNrtJm5psgt8PRCfZefjPZrM7/0C6AvDfur3+c//Gb/swUqhQ0i0psJsuqSTpvBYqz7d3t3brtWq3jkKpouRhpKSl6aizsV3LamrbJS2cyD4racZ/DYMRx3H8q+ggUKSK+z/M2hhIk+7TGfqVx9leKO0VHUTBzIEO9EKzRccBACiWaVzfA3edn3Hr9yCQltxl37/+/zhdcLwnc1UHRYdQMO/6n2RZsbHv75lkUzvfS1I4uz1oZonHHccuHstqHFmpBaZJZ5WdyWISSzC1uVWvXd/YqVcDvdOa41Wbl7SmqstZnR7RLmYMl1bW0Xtr+vRmYfPQS9PJHCbsHFZz4p/LGrTfvX0U5qv5Zu6bSB9Vba3/SnF7j0Std+rORDv+5bzudp7cS1o1auXM8mwyyIX0ju06yzAvI5HbU3Go9BcEUTrOcmarsg61asxuJW8k189cZqvVHq3mbavPXqv20ZzfctDMB3PXLOqPvmjdW/8Hdm8vqfOTmd1JUtMdGc35ZOaGpaRm5L+0dzGzz6C/+SDNP05zP0DSez3STc0+e/nq8cN6vfa0s1DK3/QPCjaGwfQ8eoXX5ZEIo11oHgSjEk9/BXuOHe5B2yqUT7zrKjpW5c6Z+oXmqfMIHTZP0j0HHczZCaOl/abn13k7zIAwbPbkYRr5n5evLCcJgf0n6rJOj3st27weVzJyg8lWxVNeT8Z9P5+fAU3nZ3Ddcq59r97la9IV73mPnCvSOWmq61zHiVnXdz3g+38AAAAAAAAAAAAAAAAAAIBxM4xfa3jD8Rd9AAAAAAAAAAAAAAAAAAAAAADoQ/79fysa4P1/U78DOMH9f7vc4ARAL38DAAD//0EVdWo=")
syz_mount_image$udf(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3M9vHFcdAPDvG3vdtQvUbUNqSiWMfIhp6sg/mjhgVGGSmFaqQGrqHhAScmI7WPWPyHaqpuJHuXHjhMSJC6pUIagqJCTUAyeE+AOQQBSJcEGCA/IJjqAZ7+yu7SU2rNeO489HSnZ29juz7432O++98bwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDii9emR8fScZcCADhKX77+yui49h8ATpVXjf8BAOC0SJHFvUjx9z9upXPF+23Vl5dW77w5e3Wm9Wa9qdiyq4jP/1XHxieev3hp8nL5ev/tD9sn4ivXX50evLK2cnt9YWNjYX5wdnXp5tr8woH30O72uz1bHIDBldfvzC8ubgyOX5jY8fGb/X995NGz/VOXRybOl7GzV2dmrjfFdFf+72/fwwiPVnoii59Hih9+7r00HBFZtJ8L+5w7Oq03uvP8Kyoxe3WmqMjy0tzqZv5hKhOhe2dO9JQ5cgS52JbhiJG8rD0ymvZVIovpSPGp2EqfiYiuMg/OF38Y3H8H3UdQyBbyck5GxItxAnIWHlCPRBa/jBQrj1Xj2eNLZ+AYdEcW34sU517YSueL/kDenubd5pdfG3xpdXGtKTalWot60scHR0nfhAdYNbIYLnr8W+m54y4McKR6I4vFSJH94o3iulIU16Ufm7o888LF5itMT+2znzz2QkRMHHBMXimvNebbZodbJwAAAAAAAAAAAHjYVVMWP40U3/pktXj/Yv0G+Xv/Lhxz+YAOSln8IFK89NpWMTW++bkUXU3P96g76XN/Olv+3uqVtdt315dufWOz5ed91ekbG5vrczdbfxy9UW3cF13Y7zkG0IZKyuJKpPjLe+82bsPvT/lvsDYVuKse+87nG7/N6u7fX3He+Nj282zKOQTXvjrUvNzyJ/s/zI/LvzOlLH4bKb50Y6AoS4q+2JMzsR13LY/78JlaXNaT16ic39y/vcfFpeWF0Tz295HiT38oY6OILScKPtmIHctjs0jx6V/tjO2rxZ5pxI6XZbjzs9axH2/ETuSxP44UA/ODZWxfHnumFnu2EXvh5tryfKtDCQAHlbf/r0SKv00NprJt7N5uf/a2/99sjAXe3r2j/9Lmt9v+9zete7vWrk9HisUPBmrl7CtK2qr9fy5S3HjnmbI+RdtbdiseL/5vtP8jkeLpf+yMrdZin2jEjh34wMIJkOf/1yLFu/98v54btRyovW1kbXP+P107OzTGDJ3J/8eb1vXXvrfncKoOp97G3bden1teXli3YMGChfrCcZ+ZgE7L+/8/ihRD3/+wPt6t9f8/sv2uMf7/17cb/f+p3TvqUP//iaZ1U7XRSCUfm2+u3K48FVHduPvWyNLK3K2FWwurE8+PXhybvPTZS5OVnnJw31hq+1jBwybP/z9Hiq//+if1v3ftHP+3vv7Xt3tHHcr/J5vW9e0Yr7RddTj18vz/aKT43Rvv13P6ftf/yut9w0Pbr/WH6XYo/880reuvfe+jh1N1AAAAAAAAAAAAOLEqKYvfRIrvDnWn8l67g9z/u+cBNB26/+9s07r5I5qv2PZBBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI8ssliLFB98YSt9J18xEHGu+RV4aP0nAAD//5okKSs=")
mount(&(0x7f0000000500)=@loop={'/dev/loop', 0x0}, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='romfs\x00', 0xa00010, 0x0)
r0 = syz_clone(0xa000000, &(0x7f0000000200)="1b4591817a60d7d90c0ac33382cea410110c102930baa3c97ca661fbb23a0d538a251d5c685583f6c5257e69665749d42c14dc28e0a0c20f623d6cb9aef7609c3bbc6ccac37fb8245627b49dc9a459cec98f4b14d67542e39d6368a495517ff770150924dd0f1fd38d860a4d26c99288aa912246ec760439a4bb85aac72c89e26e11a910e797848063b209551568b2cc22414293bbc3b5e99829309952c5e1b461b2cfc78482d3114d6482d756cd0a08f848732ef0a266c1bc67a7c1142d1cf8", 0xc0, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000400)="df94cca5f12b3e19e65a1a75e426ce7947c0843ccd5edbb9a86c2ef3daaedf6877cdd347475144a346022595fcb70c65bd84476f80947a1879a24ebb8ef14a42365337d5a831dc93ae52d3da7278c36059571c3a0531c4413dadbb09d86616f0de635937fb00bbb3e61011bc516ba3e463cb6207e38adfd32bf1ac92a13791d184117d581e1e97474aa9b4c16fcddf3a2a7ca2571719ff8b5ee951f47054cbbdfdd89bdb1ebf510cd8ab663088a706fb7abaf61dcdbd1951bbaa4be1568a0ddc3b18a04e0135a9c813ea679b72bb3f04f80602f9abeca9c56111c19e63e8b8cace58f3bd6800f6da7aa6cc7cdc486a289729b5347a87c445bb67e1e3860e")
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000ac0)={0x22000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0xf}, &(0x7f0000000f80)=""/4096, 0x1000, &(0x7f0000000180)=""/112, &(0x7f0000000340)=[0xffffffffffffffff, r0], 0x2, {r1}}, 0x58)
shutdown(0xffffffffffffffff, 0x1)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = syz_open_dev$rtc(&(0x7f0000000000), 0x5, 0x10000)
ioctl$RTC_PLL_SET(r2, 0x40207012, &(0x7f0000000040)={0xfffffff8, 0x4, 0x6, 0x7fff, 0x3, 0x9, 0x8})
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f00000008c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2810880, &(0x7f0000000000)=ANY=[], 0x1, 0x2c6, &(0x7f0000000c80)="$eJzs3U1rE0Ecx/Hf7KZpamtdbaUgHqRa9CRtvYiXghRfgxdFbVIohha1gk9g8Sy+AO9F8AX4IjyJ4FlPnnwBva3MZpLMNrtJm5psgt8PRCfZefjPZrM7/0C6AvDfur3+c//Gb/swUqhQ0i0psJsuqSTpvBYqz7d3t3brtWq3jkKpouRhpKSl6aizsV3LamrbJS2cyD4racZ/DYMRx3H8q+ggUKSK+z/M2hhIk+7TGfqVx9leKO0VHUTBzIEO9EKzRccBACiWaVzfA3edn3Hr9yCQltxl37/+/zhdcLwnc1UHRYdQMO/6n2RZsbHv75lkUzvfS1I4uz1oZonHHccuHstqHFmpBaZJZ5WdyWISSzC1uVWvXd/YqVcDvdOa41Wbl7SmqstZnR7RLmYMl1bW0Xtr+vRmYfPQS9PJHCbsHFZz4p/LGrTfvX0U5qv5Zu6bSB9Vba3/SnF7j0Std+rORDv+5bzudp7cS1o1auXM8mwyyIX0ju06yzAvI5HbU3Go9BcEUTrOcmarsg61asxuJW8k189cZqvVHq3mbavPXqv20ZzfctDMB3PXLOqPvmjdW/8Hdm8vqfOTmd1JUtMdGc35ZOaGpaRm5L+0dzGzz6C/+SDNP05zP0DSez3STc0+e/nq8cN6vfa0s1DK3/QPCjaGwfQ8eoXX5ZEIo11oHgSjEk9/BXuOHe5B2yqUT7zrKjpW5c6Z+oXmqfMIHTZP0j0HHczZCaOl/abn13k7zIAwbPbkYRr5n5evLCcJgf0n6rJOj3st27weVzJyg8lWxVNeT8Z9P5+fAU3nZ3Ddcq59r97la9IV73mPnCvSOWmq61zHiVnXdz3g+38AAAAAAAAAAAAAAAAAAIBxM4xfa3jD8Rd9AAAAAAAAAAAAAAAAAAAAAADoQ/79fysa4P1/U78DOMH9f7vc4ARAL38DAAD//0EVdWo=") (async)
syz_mount_image$udf(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3M9vHFcdAPDvG3vdtQvUbUNqSiWMfIhp6sg/mjhgVGGSmFaqQGrqHhAScmI7WPWPyHaqpuJHuXHjhMSJC6pUIagqJCTUAyeE+AOQQBSJcEGCA/IJjqAZ7+yu7SU2rNeO489HSnZ29juz7432O++98bwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDii9emR8fScZcCADhKX77+yui49h8ATpVXjf8BAOC0SJHFvUjx9z9upXPF+23Vl5dW77w5e3Wm9Wa9qdiyq4jP/1XHxieev3hp8nL5ev/tD9sn4ivXX50evLK2cnt9YWNjYX5wdnXp5tr8woH30O72uz1bHIDBldfvzC8ubgyOX5jY8fGb/X995NGz/VOXRybOl7GzV2dmrjfFdFf+72/fwwiPVnoii59Hih9+7r00HBFZtJ8L+5w7Oq03uvP8Kyoxe3WmqMjy0tzqZv5hKhOhe2dO9JQ5cgS52JbhiJG8rD0ymvZVIovpSPGp2EqfiYiuMg/OF38Y3H8H3UdQyBbyck5GxItxAnIWHlCPRBa/jBQrj1Xj2eNLZ+AYdEcW34sU517YSueL/kDenubd5pdfG3xpdXGtKTalWot60scHR0nfhAdYNbIYLnr8W+m54y4McKR6I4vFSJH94o3iulIU16Ufm7o888LF5itMT+2znzz2QkRMHHBMXimvNebbZodbJwAAAAAAAAAAAHjYVVMWP40U3/pktXj/Yv0G+Xv/Lhxz+YAOSln8IFK89NpWMTW++bkUXU3P96g76XN/Olv+3uqVtdt315dufWOz5ed91ekbG5vrczdbfxy9UW3cF13Y7zkG0IZKyuJKpPjLe+82bsPvT/lvsDYVuKse+87nG7/N6u7fX3He+Nj282zKOQTXvjrUvNzyJ/s/zI/LvzOlLH4bKb50Y6AoS4q+2JMzsR13LY/78JlaXNaT16ic39y/vcfFpeWF0Tz295HiT38oY6OILScKPtmIHctjs0jx6V/tjO2rxZ5pxI6XZbjzs9axH2/ETuSxP44UA/ODZWxfHnumFnu2EXvh5tryfKtDCQAHlbf/r0SKv00NprJt7N5uf/a2/99sjAXe3r2j/9Lmt9v+9zete7vWrk9HisUPBmrl7CtK2qr9fy5S3HjnmbI+RdtbdiseL/5vtP8jkeLpf+yMrdZin2jEjh34wMIJkOf/1yLFu/98v54btRyovW1kbXP+P107OzTGDJ3J/8eb1vXXvrfncKoOp97G3bden1teXli3YMGChfrCcZ+ZgE7L+/8/ihRD3/+wPt6t9f8/sv2uMf7/17cb/f+p3TvqUP//iaZ1U7XRSCUfm2+u3K48FVHduPvWyNLK3K2FWwurE8+PXhybvPTZS5OVnnJw31hq+1jBwybP/z9Hiq//+if1v3ftHP+3vv7Xt3tHHcr/J5vW9e0Yr7RddTj18vz/aKT43Rvv13P6ftf/yut9w0Pbr/WH6XYo/880reuvfe+jh1N1AAAAAAAAAAAAOLEqKYvfRIrvDnWn8l67g9z/u+cBNB26/+9s07r5I5qv2PZBBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI8ssliLFB98YSt9J18xEHGu+RV4aP0nAAD//5okKSs=") (async)
mount(&(0x7f0000000500)=@loop={'/dev/loop', 0x0}, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='romfs\x00', 0xa00010, 0x0) (async)
syz_clone(0xa000000, &(0x7f0000000200)="1b4591817a60d7d90c0ac33382cea410110c102930baa3c97ca661fbb23a0d538a251d5c685583f6c5257e69665749d42c14dc28e0a0c20f623d6cb9aef7609c3bbc6ccac37fb8245627b49dc9a459cec98f4b14d67542e39d6368a495517ff770150924dd0f1fd38d860a4d26c99288aa912246ec760439a4bb85aac72c89e26e11a910e797848063b209551568b2cc22414293bbc3b5e99829309952c5e1b461b2cfc78482d3114d6482d756cd0a08f848732ef0a266c1bc67a7c1142d1cf8", 0xc0, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000400)="df94cca5f12b3e19e65a1a75e426ce7947c0843ccd5edbb9a86c2ef3daaedf6877cdd347475144a346022595fcb70c65bd84476f80947a1879a24ebb8ef14a42365337d5a831dc93ae52d3da7278c36059571c3a0531c4413dadbb09d86616f0de635937fb00bbb3e61011bc516ba3e463cb6207e38adfd32bf1ac92a13791d184117d581e1e97474aa9b4c16fcddf3a2a7ca2571719ff8b5ee951f47054cbbdfdd89bdb1ebf510cd8ab663088a706fb7abaf61dcdbd1951bbaa4be1568a0ddc3b18a04e0135a9c813ea679b72bb3f04f80602f9abeca9c56111c19e63e8b8cace58f3bd6800f6da7aa6cc7cdc486a289729b5347a87c445bb67e1e3860e") (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) (async)
syz_clone3(&(0x7f0000000ac0)={0x22000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0xf}, &(0x7f0000000f80)=""/4096, 0x1000, &(0x7f0000000180)=""/112, &(0x7f0000000340)=[0xffffffffffffffff, r0], 0x2, {r1}}, 0x58) (async)
shutdown(0xffffffffffffffff, 0x1) (async)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
syz_open_dev$rtc(&(0x7f0000000000), 0x5, 0x10000) (async)
ioctl$RTC_PLL_SET(r2, 0x40207012, &(0x7f0000000040)={0xfffffff8, 0x4, 0x6, 0x7fff, 0x3, 0x9, 0x8}) (async)

[   57.311034][ T5322] loop0: detected capacity change from 0 to 64
[   57.372956][ T5322] MTD: Attempt to mount non-MTD device "/dev/loop0"
[   57.377484][ T5322] /dev/loop0: Can't open blockdev
[   57.397094][ T5324] ==================================================================
[   57.400128][ T5324] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read+0x16a/0x200
[   57.403168][ T5324] Write of size 94 at addr ffff888011d34c80 by task syz.0.0/5324
[   57.406210][ T5324] 
[   57.407386][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) 
[   57.407401][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.407408][ T5324] Call Trace:
[   57.407415][ T5324]  <TASK>
[   57.407421][ T5324]  dump_stack_lvl+0x241/0x360
[   57.407442][ T5324]  ? __pfx_dump_stack_lvl+0x10/0x10
[   57.407455][ T5324]  ? rcu_is_watching+0x15/0xb0
[   57.407467][ T5324]  ? __virt_addr_valid+0x183/0x530
[   57.407480][ T5324]  ? lock_release+0x4e/0x3e0
[   57.407497][ T5324]  ? __virt_addr_valid+0x183/0x530
[   57.407509][ T5324]  ? __virt_addr_valid+0x183/0x530
[   57.407521][ T5324]  print_report+0x16e/0x5b0
[   57.407534][ T5324]  ? __virt_addr_valid+0x183/0x530
[   57.407546][ T5324]  ? __virt_addr_valid+0x183/0x530
[   57.407557][ T5324]  ? __virt_addr_valid+0x45f/0x530
[   57.407568][ T5324]  ? __phys_addr+0xba/0x170
[   57.407580][ T5324]  ? hfs_bnode_read+0x16a/0x200
[   57.407595][ T5324]  kasan_report+0x143/0x180
[   57.407609][ T5324]  ? hfs_bnode_read+0x16a/0x200
[   57.407624][ T5324]  kasan_check_range+0x28f/0x2a0
[   57.407637][ T5324]  ? hfs_bnode_read+0x16a/0x200
[   57.407651][ T5324]  __asan_memcpy+0x40/0x70
[   57.407662][ T5324]  hfs_bnode_read+0x16a/0x200
[   57.407679][ T5324]  hfs_bnode_read_key+0x174/0x240
[   57.407693][ T5324]  ? do_raw_spin_unlock+0x58/0x8b0
[   57.407706][ T5324]  ? __pfx_hfs_bnode_read_key+0x10/0x10
[   57.407722][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   57.407794][ T5324]  ? block_dirty_folio+0x167/0x1e0
[   57.407804][ T5324]  hfs_brec_insert+0x6a5/0xbe0
[   57.407827][ T5324]  ? __pfx_hfs_brec_insert+0x10/0x10
[   57.407838][ T5324]  hfs_cat_create+0x3de/0x760
[   57.407850][ T5324]  ? __pfx_hfs_cat_create+0x10/0x10
[   57.407863][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   57.407874][ T5324]  ? hfs_new_inode+0x8df/0xba0
[   57.407887][ T5324]  hfs_create+0x66/0xe0
[   57.407898][ T5324]  ? __pfx_hfs_create+0x10/0x10
[   57.407909][ T5324]  path_openat+0x194b/0x35d0
[   57.407927][ T5324]  ? __pfx_path_openat+0x10/0x10
[   57.407937][ T5324]  ? do_coredump+0x20e2/0x3260
[   57.407956][ T5324]  do_filp_open+0x284/0x4e0
[   57.407967][ T5324]  ? __pfx_do_filp_open+0x10/0x10
[   57.407983][ T5324]  ? trace_kmem_cache_alloc+0x1f/0xc0
[   57.407997][ T5324]  ? kmem_cache_alloc_noprof+0x237/0x390
[   57.408010][ T5324]  ? getname_kernel+0x140/0x2f0
[   57.408020][ T5324]  ? build_open_flags+0x448/0x5b0
[   57.408035][ T5324]  filp_open+0x263/0x2d0
[   57.408050][ T5324]  ? __pfx_filp_open+0x10/0x10
[   57.408063][ T5324]  ? getname_kernel+0x140/0x2f0
[   57.408073][ T5324]  do_coredump+0x20e2/0x3260
[   57.408090][ T5324]  ? __pfx_do_coredump+0x10/0x10
[   57.408110][ T5324]  ? proc_coredump_connector+0x1fe/0x6a0
[   57.408124][ T5324]  ? __pfx_proc_coredump_connector+0x10/0x10
[   57.408137][ T5324]  ? _raw_spin_unlock_irq+0x23/0x50
[   57.408148][ T5324]  ? lockdep_hardirqs_on+0x9d/0x150
[   57.408162][ T5324]  get_signal+0x13ed/0x1730
[   57.408179][ T5324]  ? __pfx_get_signal+0x10/0x10
[   57.408192][ T5324]  ? __pfx_force_sig_fault+0x10/0x10
[   57.408206][ T5324]  arch_do_signal_or_restart+0x98/0x840
[   57.408222][ T5324]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   57.408240][ T5324]  ? irqentry_exit_to_user_mode+0x53/0x250
[   57.408253][ T5324]  irqentry_exit_to_user_mode+0x7e/0x250
[   57.408267][ T5324]  exc_page_fault+0x599/0x8b0
[   57.408281][ T5324]  asm_exc_page_fault+0x26/0x30
[   57.408291][ T5324] RIP: 0033:0x0
[   57.408300][ T5324] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   57.408306][ T5324] RSP: 002b:00002000000002c8 EFLAGS: 00010217
[   57.408318][ T5324] RAX: 0000000000000000 RBX: 00007fe8ddfa5fa0 RCX: 00007fe8ddd8d169
[   57.408325][ T5324] RDX: 00002000000002c0 RSI: 00002000000002c0 RDI: 000000000a000000
[   57.408332][ T5324] RBP: 00007fe8dde0e2a0 R08: 0000200000000400 R09: 0000200000000400
[   57.408338][ T5324] R10: 0000200000000300 R11: 0000000000000206 R12: 0000000000000000
[   57.408345][ T5324] R13: 0000000000000000 R14: 00007fe8ddfa5fa0 R15: 00007ffd6e9af678
[   57.408354][ T5324]  </TASK>
[   57.408358][ T5324] 
[   57.555649][ T5324] Allocated by task 5324:
[   57.557298][ T5324]  kasan_save_track+0x3f/0x80
[   57.559050][ T5324]  __kasan_kmalloc+0x9d/0xb0
[   57.560884][ T5324]  __kmalloc_noprof+0x28e/0x4d0
[   57.562788][ T5324]  hfs_find_init+0x92/0x1f0
[   57.564593][ T5324]  hfs_cat_create+0x181/0x760
[   57.566424][ T5324]  hfs_create+0x66/0xe0
[   57.567989][ T5324]  path_openat+0x194b/0x35d0
[   57.569831][ T5324]  do_filp_open+0x284/0x4e0
[   57.571743][ T5324]  filp_open+0x263/0x2d0
[   57.573463][ T5324]  do_coredump+0x20e2/0x3260
[   57.575347][ T5324]  get_signal+0x13ed/0x1730
[   57.577210][ T5324]  arch_do_signal_or_restart+0x98/0x840
[   57.579393][ T5324]  irqentry_exit_to_user_mode+0x7e/0x250
[   57.581679][ T5324]  exc_page_fault+0x599/0x8b0
[   57.583602][ T5324]  asm_exc_page_fault+0x26/0x30
[   57.585386][ T5324] 
[   57.586327][ T5324] The buggy address belongs to the object at ffff888011d34c80
[   57.586327][ T5324]  which belongs to the cache kmalloc-96 of size 96
[   57.591294][ T5324] The buggy address is located 0 bytes inside of
[   57.591294][ T5324]  allocated 78-byte region [ffff888011d34c80, ffff888011d34cce)
[   57.596485][ T5324] 
[   57.597488][ T5324] The buggy address belongs to the physical page:
[   57.599921][ T5324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11d34
[   57.603281][ T5324] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   57.605870][ T5324] page_type: f5(slab)
[   57.607386][ T5324] raw: 00fff00000000000 ffff88801b041280 dead000000000100 dead000000000122
[   57.610506][ T5324] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   57.613699][ T5324] page dumped because: kasan: bad access detected
[   57.616217][ T5324] page_owner tracks the page as allocated
[   57.618297][ T5324] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5322, tgid 5321 (syz.0.0), ts 57364535733, free_ts 56000132483
[   57.625427][ T5324]  post_alloc_hook+0x1f4/0x240
[   57.627175][ T5324]  get_page_from_freelist+0x3695/0x37e0
[   57.629233][ T5324]  __alloc_pages_slowpath+0x436/0x10b0
[   57.631454][ T5324]  __alloc_frozen_pages_noprof+0x4d1/0x7b0
[   57.633794][ T5324]  allocate_slab+0x66/0x3a0
[   57.635688][ T5324]  ___slab_alloc+0xc3b/0x1500
[   57.637585][ T5324]  __slab_alloc+0x58/0xa0
[   57.639199][ T5324]  __kmalloc_node_noprof+0x2f4/0x4d0
[   57.641226][ T5324]  alloc_slab_obj_exts+0x3a/0xa0
[   57.643121][ T5324]  __memcg_slab_post_alloc_hook+0x31c/0x7e0
[   57.645444][ T5324]  kmem_cache_alloc_noprof+0x28f/0x390
[   57.647589][ T5324]  alloc_empty_file+0x56/0x1d0
[   57.649488][ T5324]  path_openat+0x10d/0x35d0
[   57.651300][ T5324]  do_filp_open+0x284/0x4e0
[   57.653196][ T5324]  do_sys_openat2+0x12b/0x1d0
[   57.655034][ T5324]  __x64_sys_openat+0x249/0x2a0
[   57.656874][ T5324] page last free pid 5305 tgid 5305 stack trace:
[   57.659271][ T5324]  free_frozen_pages+0xe16/0x10f0
[   57.661273][ T5324]  __slab_free+0x2c6/0x390
[   57.663056][ T5324]  qlist_free_all+0x9a/0x140
[   57.664889][ T5324]  kasan_quarantine_reduce+0x14f/0x170
[   57.667119][ T5324]  __kasan_slab_alloc+0x23/0x80
[   57.669112][ T5324]  kmem_cache_alloc_lru_noprof+0x1e5/0x390
[   57.671403][ T5324]  sock_alloc_inode+0x28/0xc0
[   57.673272][ T5324]  alloc_inode+0x69/0x1b0
[   57.674953][ T5324]  __sock_create+0x127/0xa30
[   57.676682][ T5324]  __sys_socket+0x14d/0x3c0
[   57.678393][ T5324]  __x64_sys_socket+0x7a/0x90
[   57.680319][ T5324]  do_syscall_64+0xf3/0x230
[   57.682157][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.685333][ T5324] 
[   57.686271][ T5324] Memory state around the buggy address:
[   57.688381][ T5324]  ffff888011d34b80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   57.691237][ T5324]  ffff888011d34c00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   57.694217][ T5324] >ffff888011d34c80: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc
[   57.697335][ T5324]                                               ^
[   57.699936][ T5324]  ffff888011d34d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   57.702705][ T5324]  ffff888011d34d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   57.705599][ T5324] ==================================================================
[   57.713673][ T5307] Bluetooth: hci0: command tx timeout
[   57.724288][ T5324] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   57.726647][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) 
[   57.730478][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.734265][ T5324] Call Trace:
[   57.735556][ T5324]  <TASK>
[   57.736644][ T5324]  dump_stack_lvl+0x241/0x360
[   57.738477][ T5324]  ? __pfx_dump_stack_lvl+0x10/0x10
[   57.740049][ T5324]  ? __pfx__printk+0x10/0x10
[   57.741367][ T5324]  ? vscnprintf+0x5d/0x90
[   57.742683][ T5324]  panic+0x349/0x880
[   57.743838][ T5324]  ? check_panic_on_warn+0x21/0xb0
[   57.745696][ T5324]  ? __pfx_panic+0x10/0x10
[   57.747751][ T5324]  ? _raw_spin_unlock_irqrestore+0x134/0x140
[   57.750541][ T5324]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   57.753377][ T5324]  ? print_report+0x519/0x5b0
[   57.755194][ T5324]  check_panic_on_warn+0x86/0xb0
[   57.756992][ T5324]  ? hfs_bnode_read+0x16a/0x200
[   57.758797][ T5324]  end_report+0x77/0x160
[   57.760343][ T5324]  kasan_report+0x154/0x180
[   57.762124][ T5324]  ? hfs_bnode_read+0x16a/0x200
[   57.763777][ T5324]  kasan_check_range+0x28f/0x2a0
[   57.765524][ T5324]  ? hfs_bnode_read+0x16a/0x200
[   57.767202][ T5324]  __asan_memcpy+0x40/0x70
[   57.768815][ T5324]  hfs_bnode_read+0x16a/0x200
[   57.770430][ T5324]  hfs_bnode_read_key+0x174/0x240
[   57.772051][ T5324]  ? do_raw_spin_unlock+0x58/0x8b0
[   57.773988][ T5324]  ? __pfx_hfs_bnode_read_key+0x10/0x10
[   57.776150][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   57.778068][ T5324]  ? block_dirty_folio+0x167/0x1e0
[   57.780074][ T5324]  hfs_brec_insert+0x6a5/0xbe0
[   57.781929][ T5324]  ? __pfx_hfs_brec_insert+0x10/0x10
[   57.784010][ T5324]  hfs_cat_create+0x3de/0x760
[   57.785933][ T5324]  ? __pfx_hfs_cat_create+0x10/0x10
[   57.788280][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   57.790333][ T5324]  ? hfs_new_inode+0x8df/0xba0
[   57.792289][ T5324]  hfs_create+0x66/0xe0
[   57.793966][ T5324]  ? __pfx_hfs_create+0x10/0x10
[   57.795884][ T5324]  path_openat+0x194b/0x35d0
[   57.797600][ T5324]  ? __pfx_path_openat+0x10/0x10
[   57.799525][ T5324]  ? do_coredump+0x20e2/0x3260
[   57.801460][ T5324]  do_filp_open+0x284/0x4e0
[   57.803373][ T5324]  ? __pfx_do_filp_open+0x10/0x10
[   57.805433][ T5324]  ? trace_kmem_cache_alloc+0x1f/0xc0
[   57.807439][ T5324]  ? kmem_cache_alloc_noprof+0x237/0x390
[   57.809645][ T5324]  ? getname_kernel+0x140/0x2f0
[   57.811622][ T5324]  ? build_open_flags+0x448/0x5b0
[   57.813535][ T5324]  filp_open+0x263/0x2d0
[   57.815170][ T5324]  ? __pfx_filp_open+0x10/0x10
[   57.817064][ T5324]  ? getname_kernel+0x140/0x2f0
[   57.818964][ T5324]  do_coredump+0x20e2/0x3260
[   57.820591][ T5324]  ? __pfx_do_coredump+0x10/0x10
[   57.822356][ T5324]  ? proc_coredump_connector+0x1fe/0x6a0
[   57.824353][ T5324]  ? __pfx_proc_coredump_connector+0x10/0x10
[   57.826572][ T5324]  ? _raw_spin_unlock_irq+0x23/0x50
[   57.828346][ T5324]  ? lockdep_hardirqs_on+0x9d/0x150
[   57.829913][ T5324]  get_signal+0x13ed/0x1730
[   57.831419][ T5324]  ? __pfx_get_signal+0x10/0x10
[   57.833294][ T5324]  ? __pfx_force_sig_fault+0x10/0x10
[   57.835331][ T5324]  arch_do_signal_or_restart+0x98/0x840
[   57.837352][ T5324]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   57.839613][ T5324]  ? irqentry_exit_to_user_mode+0x53/0x250
[   57.841932][ T5324]  irqentry_exit_to_user_mode+0x7e/0x250
[   57.843896][ T5324]  exc_page_fault+0x599/0x8b0
[   57.845459][ T5324]  asm_exc_page_fault+0x26/0x30
[   57.847469][ T5324] RIP: 0033:0x0
[   57.848895][ T5324] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   57.851652][ T5324] RSP: 002b:00002000000002c8 EFLAGS: 00010217
[   57.854003][ T5324] RAX: 0000000000000000 RBX: 00007fe8ddfa5fa0 RCX: 00007fe8ddd8d169
[   57.857000][ T5324] RDX: 00002000000002c0 RSI: 00002000000002c0 RDI: 000000000a000000
[   57.860114][ T5324] RBP: 00007fe8dde0e2a0 R08: 0000200000000400 R09: 0000200000000400
[   57.863217][ T5324] R10: 0000200000000300 R11: 0000000000000206 R12: 0000000000000000
[   57.866322][ T5324] R13: 0000000000000000 R14: 00007fe8ddfa5fa0 R15: 00007ffd6e9af678
[   57.869432][ T5324]  </TASK>
[   57.870957][ T5324] Kernel Offset: disabled
[   57.872733][ T5324] Rebooting in 86400 seconds..