program:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm")
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x40000582)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000001840)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm") (async)
inotify_init1(0x0) (async)
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x40000582) (async)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0) (async)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
perf_event_open$cgroup(&(0x7f0000001840)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (async)
[ 85.149519][ T4685] Bluetooth: hci0: command tx timeout
[ 85.247664][ T5345] loop0: detected capacity change from 0 to 1024
[ 85.316769][ T5345] hfsplus: request for non-existent node 134217728 in B*Tree
[ 85.325896][ T5345] hfsplus: request for non-existent node 134217728 in B*Tree
[ 85.345824][ T5345] ==================================================================
[ 85.349355][ T5345] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0xc0/0x2a0
[ 85.352869][ T5345] Read of size 8 at addr ffff888011d181e0 by task syz.0.0/5345
[ 85.356208][ T5345]
[ 85.357291][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full)
[ 85.357305][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.357312][ T5345] Call Trace:
[ 85.357320][ T5345]
[ 85.357326][ T5345] dump_stack_lvl+0x189/0x250
[ 85.357344][ T5345] ? __virt_addr_valid+0x1c8/0x5c0
[ 85.357359][ T5345] ? rcu_is_watching+0x15/0xb0
[ 85.357372][ T5345] ? __kasan_check_byte+0x12/0x40
[ 85.357385][ T5345] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.357397][ T5345] ? rcu_is_watching+0x15/0xb0
[ 85.357409][ T5345] ? lock_release+0x4b/0x3e0
[ 85.357421][ T5345] ? __virt_addr_valid+0x1c8/0x5c0
[ 85.357434][ T5345] ? __virt_addr_valid+0x4a5/0x5c0
[ 85.357448][ T5345] print_report+0xca/0x240
[ 85.357459][ T5345] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.357470][ T5345] kasan_report+0x118/0x150
[ 85.357483][ T5345] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.357496][ T5345] hfsplus_bnode_read+0xc0/0x2a0
[ 85.357508][ T5345] hfsplus_bnode_dump+0x300/0x450
[ 85.357521][ T5345] ? __pfx_hfsplus_bnode_dump+0x10/0x10
[ 85.357533][ T5345] ? hfsplus_bnode_write_u16+0x8b/0xd0
[ 85.357545][ T5345] ? hfsplus_bnode_move+0x393/0xb90
[ 85.357557][ T5345] ? __pfx___hfsplus_brec_find+0x10/0x10
[ 85.357570][ T5345] hfsplus_brec_remove+0x480/0x550
[ 85.357586][ T5345] __hfsplus_delete_attr+0x1d4/0x360
[ 85.357600][ T5345] ? __pfx___hfsplus_delete_attr+0x10/0x10
[ 85.357615][ T5345] ? hfsplus_attr_build_key+0xee/0x260
[ 85.357628][ T5345] hfsplus_delete_attr+0x231/0x2d0
[ 85.357643][ T5345] ? __pfx_hfsplus_delete_attr+0x10/0x10
[ 85.357657][ T5345] ? hfsplus_find_init+0x8c/0x1d0
[ 85.357670][ T5345] ? hfsplus_find_init+0x15a/0x1d0
[ 85.357682][ T5345] __hfsplus_setxattr+0x37a/0x1f40
[ 85.357697][ T5345] ? is_bpf_text_address+0x26/0x2b0
[ 85.357709][ T5345] ? kernel_text_address+0xa5/0xe0
[ 85.357720][ T5345] ? unwind_get_return_address+0x4d/0x90
[ 85.357732][ T5345] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 85.357772][ T5345] ? arch_stack_walk+0xfc/0x150
[ 85.357787][ T5345] ? __pfx___hfsplus_setxattr+0x10/0x10
[ 85.357802][ T5345] ? stack_trace_save+0x9c/0xe0
[ 85.357833][ T5345] ? __kasan_kmalloc+0x93/0xb0
[ 85.357845][ T5345] ? hfsplus_setxattr+0x102/0x180
[ 85.357860][ T5345] hfsplus_setxattr+0x11e/0x180
[ 85.357875][ T5345] hfsplus_user_setxattr+0x40/0x60
[ 85.357889][ T5345] ? __pfx_hfsplus_user_setxattr+0x10/0x10
[ 85.357902][ T5345] __vfs_setxattr+0x439/0x480
[ 85.357919][ T5345] __vfs_setxattr_noperm+0x12d/0x660
[ 85.357934][ T5345] vfs_setxattr+0x16b/0x2f0
[ 85.357949][ T5345] ? __pfx_vfs_setxattr+0x10/0x10
[ 85.357961][ T5345] ? mnt_get_write_access+0x223/0x2a0
[ 85.357973][ T5345] filename_setxattr+0x274/0x600
[ 85.357995][ T5345] ? __pfx_filename_setxattr+0x10/0x10
[ 85.358010][ T5345] ? getname_flags+0x1e5/0x540
[ 85.358025][ T5345] path_setxattrat+0x364/0x3a0
[ 85.358038][ T5345] ? __pfx_path_setxattrat+0x10/0x10
[ 85.358056][ T5345] ? rcu_is_watching+0x15/0xb0
[ 85.358069][ T5345] __x64_sys_setxattr+0xbc/0xe0
[ 85.358084][ T5345] do_syscall_64+0xfa/0x3b0
[ 85.358140][ T5345] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.358151][ T5345] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.358162][ T5345] ? clear_bhb_loop+0x60/0xb0
[ 85.358174][ T5345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.358185][ T5345] RIP: 0033:0x7f5c4bf8e9a9
[ 85.358196][ T5345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.358205][ T5345] RSP: 002b:00007f5c4cde3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 85.358218][ T5345] RAX: ffffffffffffffda RBX: 00007f5c4c1b5fa0 RCX: 00007f5c4bf8e9a9
[ 85.358226][ T5345] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000200000000340
[ 85.358233][ T5345] RBP: 00007f5c4c010d69 R08: 0000000000000000 R09: 0000000000000000
[ 85.358239][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.358246][ T5345] R13: 0000000000000000 R14: 00007f5c4c1b5fa0 R15: 00007ffe5cd975e8
[ 85.358258][ T5345]
[ 85.358262][ T5345]
[ 85.538946][ T5345] Allocated by task 5345:
[ 85.540796][ T5345] kasan_save_track+0x3e/0x80
[ 85.542868][ T5345] __kasan_kmalloc+0x93/0xb0
[ 85.544874][ T5345] __kmalloc_noprof+0x27a/0x4f0
[ 85.546984][ T5345] __hfs_bnode_create+0xf3/0x810
[ 85.549071][ T5345] hfsplus_bnode_find+0x224/0xd20
[ 85.551200][ T5345] hfsplus_brec_find+0x15c/0x500
[ 85.553428][ T5345] hfsplus_attr_exists+0x163/0x1d0
[ 85.555711][ T5345] __hfsplus_setxattr+0x33e/0x1f40
[ 85.557871][ T5345] hfsplus_setxattr+0x11e/0x180
[ 85.560018][ T5345] hfsplus_user_setxattr+0x40/0x60
[ 85.562652][ T5345] __vfs_setxattr+0x439/0x480
[ 85.565045][ T5345] __vfs_setxattr_noperm+0x12d/0x660
[ 85.567432][ T5345] vfs_setxattr+0x16b/0x2f0
[ 85.569391][ T5345] filename_setxattr+0x274/0x600
[ 85.571583][ T5345] path_setxattrat+0x364/0x3a0
[ 85.573780][ T5345] __x64_sys_setxattr+0xbc/0xe0
[ 85.575983][ T5345] do_syscall_64+0xfa/0x3b0
[ 85.578037][ T5345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.580678][ T5345]
[ 85.581803][ T5345] The buggy address belongs to the object at ffff888011d18100
[ 85.581803][ T5345] which belongs to the cache kmalloc-192 of size 192
[ 85.587767][ T5345] The buggy address is located 72 bytes to the right of
[ 85.587767][ T5345] allocated 152-byte region [ffff888011d18100, ffff888011d18198)
[ 85.594214][ T5345]
[ 85.595468][ T5345] The buggy address belongs to the physical page:
[ 85.598751][ T5345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888011d18200 pfn:0x11d18
[ 85.603542][ T5345] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff)
[ 85.606857][ T5345] page_type: f5(slab)
[ 85.608441][ T5345] raw: 00fff00000000200 ffff88801a4413c0 ffff88801a440288 ffff88801a440288
[ 85.612196][ T5345] raw: ffff888011d18200 0000000000100002 00000000f5000000 0000000000000000
[ 85.615989][ T5345] page dumped because: kasan: bad access detected
[ 85.618926][ T5345] page_owner tracks the page as allocated
[ 85.622399][ T5345] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5345, tgid 5344 (syz.0.0), ts 85307147069, free_ts 83127146631
[ 85.630621][ T5345] post_alloc_hook+0x240/0x2a0
[ 85.632864][ T5345] get_page_from_freelist+0x21e4/0x22c0
[ 85.635381][ T5345] __alloc_pages_slowpath+0x2fe/0xce0
[ 85.637788][ T5345] __alloc_frozen_pages_noprof+0x319/0x370
[ 85.640458][ T5345] allocate_slab+0x65/0x3b0
[ 85.642550][ T5345] ___slab_alloc+0xbfc/0x1480
[ 85.644685][ T5345] __kmalloc_node_noprof+0x2fd/0x4e0
[ 85.646932][ T5345] alloc_slab_obj_exts+0x39/0xa0
[ 85.649203][ T5345] __memcg_slab_post_alloc_hook+0x31e/0x7f0
[ 85.651989][ T5345] kmem_cache_alloc_noprof+0x2bf/0x3c0
[ 85.654520][ T5345] __se_sys_inotify_add_watch+0x6d4/0xf10
[ 85.657023][ T5345] do_syscall_64+0xfa/0x3b0
[ 85.659047][ T5345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.661590][ T5345] page last free pid 15 tgid 15 stack trace:
[ 85.664219][ T5345] __free_frozen_pages+0xc71/0xe70
[ 85.666504][ T5345] rcu_core+0xca8/0x1710
[ 85.668443][ T5345] handle_softirqs+0x286/0x870
[ 85.670658][ T5345] run_ksoftirqd+0x9b/0x100
[ 85.672828][ T5345] smpboot_thread_fn+0x542/0xa60
[ 85.675316][ T5345] kthread+0x711/0x8a0
[ 85.677273][ T5345] ret_from_fork+0x3fc/0x770
[ 85.679343][ T5345] ret_from_fork_asm+0x1a/0x30
[ 85.681423][ T5345]
[ 85.682534][ T5345] Memory state around the buggy address:
[ 85.684933][ T5345] ffff888011d18080: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.688219][ T5345] ffff888011d18100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.691400][ T5345] >ffff888011d18180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.694947][ T5345] ^
[ 85.697882][ T5345] ffff888011d18200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.701267][ T5345] ffff888011d18280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.704762][ T5345] ==================================================================
[ 85.723609][ T5345] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 85.726737][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full)
[ 85.731830][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.736616][ T5345] Call Trace:
[ 85.738267][ T5345]
[ 85.739859][ T5345] dump_stack_lvl+0x99/0x250
[ 85.742342][ T5345] ? __asan_memcpy+0x40/0x70
[ 85.744985][ T5345] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.747349][ T5345] ? __pfx__printk+0x10/0x10
[ 85.749654][ T5345] panic+0x2db/0x790
[ 85.751611][ T5345] ? __pfx_preempt_schedule+0x10/0x10
[ 85.754021][ T5345] ? __pfx_panic+0x10/0x10
[ 85.755907][ T5345] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 85.758540][ T5345] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 85.761259][ T5345] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.763461][ T5345] check_panic_on_warn+0x89/0xb0
[ 85.765822][ T5345] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.768274][ T5345] end_report+0x78/0x160
[ 85.770346][ T5345] kasan_report+0x129/0x150
[ 85.773025][ T5345] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.775716][ T5345] hfsplus_bnode_read+0xc0/0x2a0
[ 85.778454][ T5345] hfsplus_bnode_dump+0x300/0x450
[ 85.780934][ T5345] ? __pfx_hfsplus_bnode_dump+0x10/0x10
[ 85.783338][ T5345] ? hfsplus_bnode_write_u16+0x8b/0xd0
[ 85.785723][ T5345] ? hfsplus_bnode_move+0x393/0xb90
[ 85.788194][ T5345] ? __pfx___hfsplus_brec_find+0x10/0x10
[ 85.790841][ T5345] hfsplus_brec_remove+0x480/0x550
[ 85.793341][ T5345] __hfsplus_delete_attr+0x1d4/0x360
[ 85.795815][ T5345] ? __pfx___hfsplus_delete_attr+0x10/0x10
[ 85.798533][ T5345] ? hfsplus_attr_build_key+0xee/0x260
[ 85.800974][ T5345] hfsplus_delete_attr+0x231/0x2d0
[ 85.803056][ T5345] ? __pfx_hfsplus_delete_attr+0x10/0x10
[ 85.805352][ T5345] ? hfsplus_find_init+0x8c/0x1d0
[ 85.807468][ T5345] ? hfsplus_find_init+0x15a/0x1d0
[ 85.810074][ T5345] __hfsplus_setxattr+0x37a/0x1f40
[ 85.812662][ T5345] ? is_bpf_text_address+0x26/0x2b0
[ 85.815149][ T5345] ? kernel_text_address+0xa5/0xe0
[ 85.817313][ T5345] ? unwind_get_return_address+0x4d/0x90
[ 85.819789][ T5345] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 85.822974][ T5345] ? arch_stack_walk+0xfc/0x150
[ 85.825312][ T5345] ? __pfx___hfsplus_setxattr+0x10/0x10
[ 85.827879][ T5345] ? stack_trace_save+0x9c/0xe0
[ 85.830102][ T5345] ? __kasan_kmalloc+0x93/0xb0
[ 85.832160][ T5345] ? hfsplus_setxattr+0x102/0x180
[ 85.834508][ T5345] hfsplus_setxattr+0x11e/0x180
[ 85.836648][ T5345] hfsplus_user_setxattr+0x40/0x60
[ 85.838934][ T5345] ? __pfx_hfsplus_user_setxattr+0x10/0x10
[ 85.841547][ T5345] __vfs_setxattr+0x439/0x480
[ 85.843617][ T5345] __vfs_setxattr_noperm+0x12d/0x660
[ 85.845780][ T5345] vfs_setxattr+0x16b/0x2f0
[ 85.847798][ T5345] ? __pfx_vfs_setxattr+0x10/0x10
[ 85.850122][ T5345] ? mnt_get_write_access+0x223/0x2a0
[ 85.853217][ T5345] filename_setxattr+0x274/0x600
[ 85.855913][ T5345] ? __pfx_filename_setxattr+0x10/0x10
[ 85.858410][ T5345] ? getname_flags+0x1e5/0x540
[ 85.860507][ T5345] path_setxattrat+0x364/0x3a0
[ 85.862755][ T5345] ? __pfx_path_setxattrat+0x10/0x10
[ 85.865161][ T5345] ? rcu_is_watching+0x15/0xb0
[ 85.867425][ T5345] __x64_sys_setxattr+0xbc/0xe0
[ 85.869795][ T5345] do_syscall_64+0xfa/0x3b0
[ 85.871882][ T5345] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.874098][ T5345] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.876792][ T5345] ? clear_bhb_loop+0x60/0xb0
[ 85.878863][ T5345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.881462][ T5345] RIP: 0033:0x7f5c4bf8e9a9
[ 85.883467][ T5345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.891848][ T5345] RSP: 002b:00007f5c4cde3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 85.894873][ T5345] RAX: ffffffffffffffda RBX: 00007f5c4c1b5fa0 RCX: 00007f5c4bf8e9a9
[ 85.897893][ T5345] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000200000000340
[ 85.900983][ T5345] RBP: 00007f5c4c010d69 R08: 0000000000000000 R09: 0000000000000000
[ 85.904490][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.908299][ T5345] R13: 0000000000000000 R14: 00007f5c4c1b5fa0 R15: 00007ffe5cd975e8
[ 85.912118][ T5345]
[ 85.914136][ T5345] Kernel Offset: disabled
[ 85.916088][ T5345] Rebooting in 86400 seconds..