Warning: Permanently added '10.128.0.25' (ECDSA) to the list of known hosts.
executing program
[   34.174245] ==================================================================
[   34.181736] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x910/0xa00
[   34.188837] Read of size 2 at addr ffff8880b0f1cccc by task syz-executor367/8101
[   34.196363] 
[   34.197993] CPU: 1 PID: 8101 Comm: syz-executor367 Not tainted 4.19.211-syzkaller #0
[   34.205895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   34.215248] Call Trace:
[   34.217831]  dump_stack+0x1fc/0x2ef
[   34.221574]  ? char2uni+0x130/0x130
[   34.225179]  print_address_description.cold+0x54/0x219
[   34.231289]  kasan_report_error.cold+0x8a/0x1b9
[   34.235936]  ? hfsplus_uni2asc+0x910/0xa00
[   34.240150]  __asan_report_load2_noabort+0x88/0x90
[   34.245059]  ? char2uni+0x110/0x130
[   34.248667]  ? hfsplus_uni2asc+0x910/0xa00
[   34.252880]  hfsplus_uni2asc+0x910/0xa00
[   34.256920]  ? char2uni+0x130/0x130
[   34.260524]  ? hfsplus_bnode_read+0x160/0x1b0
[   34.264998]  hfsplus_readdir+0x82c/0xf20
[   34.269043]  ? hfsplus_dir_release+0x1c0/0x1c0
[   34.273616]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[   34.278790]  ? mark_held_locks+0xf0/0xf0
[   34.282829]  ? ktime_get_coarse_real_ts64+0x1a1/0x290
[   34.288001]  ? __lock_acquire+0x6de/0x3ff0
[   34.292218]  ? current_time+0x13c/0x1c0
[   34.296173]  ? igrab+0xb0/0xb0
[   34.299345]  ? debug_check_no_obj_freed+0x201/0x490
[   34.304428]  ? fsnotify+0x84e/0xe10
[   34.308121]  ? fsnotify_first_mark+0x200/0x200
[   34.312682]  ? lock_acquire+0x170/0x3c0
[   34.316676]  ? iterate_dir+0xd2/0x5c0
[   34.320460]  iterate_dir+0x473/0x5c0
[   34.324162]  ksys_getdents64+0x175/0x2b0
[   34.328204]  ? __ia32_sys_getdents+0xa0/0xa0
[   34.332681]  ? do_sys_open+0x2bf/0x520
[   34.336548]  ? filldir+0x400/0x400
[   34.340072]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   34.345418]  ? trace_hardirqs_off_caller+0x6e/0x210
[   34.350503]  __x64_sys_getdents64+0x6f/0xb0
[   34.354802]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   34.359361]  do_syscall_64+0xf9/0x620
[   34.363152]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   34.368319] RIP: 0033:0x7fa922d4c879
[   34.372028] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   34.390914] RSP: 002b:00007ffce2835048 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   34.398693] RAX: ffffffffffffffda RBX: 000000000000003f RCX: 00007fa922d4c879
[   34.405941] RDX: 0000000000000061 RSI: 0000000020000340 RDI: 0000000000000004
[   34.413190] RBP: 00007fa922d0c110 R08: 0000000000000000 R09: 0000000000000000
[   34.420439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa922d0c1a0
[   34.427686] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   34.434940] 
[   34.436547] Allocated by task 8101:
[   34.440163]  __kmalloc+0x15a/0x3c0
[   34.443691]  hfsplus_find_init+0x91/0x220
[   34.447814]  hfsplus_readdir+0x21b/0xf20
[   34.451856]  iterate_dir+0x473/0x5c0
[   34.455546]  ksys_getdents64+0x175/0x2b0
[   34.459934]  __x64_sys_getdents64+0x6f/0xb0
[   34.464234]  do_syscall_64+0xf9/0x620
[   34.468017]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   34.473190] 
[   34.474795] Freed by task 0:
[   34.477872] (stack is not available)
[   34.481557] 
[   34.483167] The buggy address belongs to the object at ffff8880b0f1c8c0
[   34.483167]  which belongs to the cache kmalloc-2048 of size 2048
[   34.495975] The buggy address is located 1036 bytes inside of
[   34.495975]  2048-byte region [ffff8880b0f1c8c0, ffff8880b0f1d0c0)
[   34.507995] The buggy address belongs to the page:
[   34.512902] page:ffffea0002c3c700 count:1 mapcount:0 mapping:ffff88813bff0c40 index:0x0 compound_mapcount: 0
[   34.522931] flags: 0xfff00000008100(slab|head)
[   34.527494] raw: 00fff00000008100 ffffea0002c1ba08 ffff88813bff1948 ffff88813bff0c40
[   34.535362] raw: 0000000000000000 ffff8880b0f1c040 0000000100000003 0000000000000000
[   34.543219] page dumped because: kasan: bad access detected
[   34.548903] 
[   34.550507] Memory state around the buggy address:
[   34.555426]  ffff8880b0f1cb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.562777]  ffff8880b0f1cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.570122] >ffff8880b0f1cc80: 00 00 00 00 00 00 00 00 00 04 fc fc fc fc fc fc
[   34.577459]                                               ^
[   34.583150]  ffff8880b0f1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.590489]  ffff8880b0f1cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.597822] ==================================================================
[   34.605157] Disabling lock debugging due to kernel taint
[   34.611368] Kernel panic - not syncing: panic_on_warn set ...
[   34.611368] 
[   34.618754] CPU: 0 PID: 8101 Comm: syz-executor367 Tainted: G    B             4.19.211-syzkaller #0
[   34.628037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   34.637383] Call Trace:
[   34.639960]  dump_stack+0x1fc/0x2ef
[   34.643570]  ? char2uni+0x130/0x130
[   34.647176]  panic+0x26a/0x50e
[   34.650349]  ? __warn_printk+0xf3/0xf3
[   34.654326]  ? char2uni+0x130/0x130
[   34.657930]  ? preempt_schedule_common+0x45/0xc0
[   34.662668]  ? ___preempt_schedule+0x16/0x18
[   34.667060]  ? trace_hardirqs_on+0x55/0x210
[   34.671360]  ? char2uni+0x130/0x130
[   34.674990]  kasan_end_report+0x43/0x49
[   34.678945]  kasan_report_error.cold+0xa7/0x1b9
[   34.683643]  ? hfsplus_uni2asc+0x910/0xa00
[   34.687859]  __asan_report_load2_noabort+0x88/0x90
[   34.692772]  ? char2uni+0x110/0x130
[   34.696381]  ? hfsplus_uni2asc+0x910/0xa00
[   34.700596]  hfsplus_uni2asc+0x910/0xa00
[   34.704637]  ? char2uni+0x130/0x130
[   34.708389]  ? hfsplus_bnode_read+0x160/0x1b0
[   34.712866]  hfsplus_readdir+0x82c/0xf20
[   34.716907]  ? hfsplus_dir_release+0x1c0/0x1c0
[   34.721650]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[   34.726850]  ? mark_held_locks+0xf0/0xf0
[   34.730888]  ? ktime_get_coarse_real_ts64+0x1a1/0x290
[   34.736063]  ? __lock_acquire+0x6de/0x3ff0
[   34.740278]  ? current_time+0x13c/0x1c0
[   34.744317]  ? igrab+0xb0/0xb0
[   34.747490]  ? debug_check_no_obj_freed+0x201/0x490
[   34.752485]  ? fsnotify+0x84e/0xe10
[   34.756091]  ? fsnotify_first_mark+0x200/0x200
[   34.760742]  ? lock_acquire+0x170/0x3c0
[   34.765742]  ? iterate_dir+0xd2/0x5c0
[   34.769522]  iterate_dir+0x473/0x5c0
[   34.773218]  ksys_getdents64+0x175/0x2b0
[   34.777256]  ? __ia32_sys_getdents+0xa0/0xa0
[   34.781650]  ? do_sys_open+0x2bf/0x520
[   34.785526]  ? filldir+0x400/0x400
[   34.789050]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   34.794396]  ? trace_hardirqs_off_caller+0x6e/0x210
[   34.799391]  __x64_sys_getdents64+0x6f/0xb0
[   34.803692]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   34.808252]  do_syscall_64+0xf9/0x620
[   34.812051]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   34.817336] RIP: 0033:0x7fa922d4c879
[   34.821038] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   34.839935] RSP: 002b:00007ffce2835048 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   34.847645] RAX: ffffffffffffffda RBX: 000000000000003f RCX: 00007fa922d4c879
[   34.854895] RDX: 0000000000000061 RSI: 0000000020000340 RDI: 0000000000000004
[   34.862146] RBP: 00007fa922d0c110 R08: 0000000000000000 R09: 0000000000000000
[   34.869404] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa922d0c1a0
[   34.876661] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   34.884146] Kernel Offset: disabled
[   34.887767] Rebooting in 86400 seconds..