Warning: Permanently added '10.128.0.88' (ED25519) to the list of known hosts.
2025/01/20 10:28:51 ignoring optional flag "sandboxArg"="0"
2025/01/20 10:28:52 parsed 1 programs
[   59.922141][ T5816] cgroup: Unknown subsys name 'net'
[   60.039088][ T5816] cgroup: Unknown subsys name 'cpuset'
[   60.046055][ T5816] cgroup: Unknown subsys name 'rlimit'
[   61.081881][ T5816] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   62.907664][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   63.102720][ T5836] chnl_net:caif_netlink_parms(): no params data found
[   63.143793][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.151155][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.158365][ T5836] bridge_slave_0: entered allmulticast mode
[   63.164785][ T5836] bridge_slave_0: entered promiscuous mode
[   63.172047][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.179253][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.186344][ T5836] bridge_slave_1: entered allmulticast mode
[   63.193054][ T5836] bridge_slave_1: entered promiscuous mode
[   63.211318][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.222242][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.241178][ T5836] team0: Port device team_slave_0 added
[   63.248158][ T5836] team0: Port device team_slave_1 added
[   63.262668][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.270084][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.296043][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.307898][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.314853][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.341024][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.375594][ T5836] hsr_slave_0: entered promiscuous mode
[   63.381833][ T5836] hsr_slave_1: entered promiscuous mode
[   63.442381][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.450757][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.459613][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.468770][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.483411][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.490555][ T5836] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.497935][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.505457][ T5836] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.544071][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.556947][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.564754][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.575569][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[   63.585782][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.592910][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.603840][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.610963][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.693058][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.714580][ T5836] veth0_vlan: entered promiscuous mode
[   63.723555][ T5836] veth1_vlan: entered promiscuous mode
[   63.739822][ T5836] veth0_macvtap: entered promiscuous mode
[   63.747110][ T5836] veth1_macvtap: entered promiscuous mode
[   63.759924][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.771482][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.780901][ T5836] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.790227][ T5836] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.799111][ T5836] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.807892][ T5836] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.868468][   T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.903047][   T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.951958][   T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.006510][   T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.253276][ T5862] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   64.262456][ T5862] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   64.270378][ T5862] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   64.279090][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   64.286486][ T5862] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   64.294652][ T5862] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.099447][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.107471][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.122162][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.130244][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/01/20 10:28:59 executed programs: 0
[   65.431083][ T5131] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   65.438606][ T5131] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   65.445833][ T5131] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   65.453906][ T5131] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   65.462362][ T5131] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   65.470155][ T5131] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.540272][ T5910] chnl_net:caif_netlink_parms(): no params data found
[   65.581626][ T5910] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.588962][ T5910] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.596082][ T5910] bridge_slave_0: entered allmulticast mode
[   65.603339][ T5910] bridge_slave_0: entered promiscuous mode
[   65.610715][ T5910] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.617852][ T5910] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.625025][ T5910] bridge_slave_1: entered allmulticast mode
[   65.632209][ T5910] bridge_slave_1: entered promiscuous mode
[   65.650624][ T5910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.661141][ T5910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.679981][ T5910] team0: Port device team_slave_0 added
[   65.687058][ T5910] team0: Port device team_slave_1 added
[   65.702322][ T5910] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.709566][ T5910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.735817][ T5910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.748607][ T5910] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.755549][ T5910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.782876][ T5910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.810716][ T5910] hsr_slave_0: entered promiscuous mode
[   65.816693][ T5910] hsr_slave_1: entered promiscuous mode
[   65.823104][ T5910] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.830769][ T5910] Cannot create hsr debugfs directory
[   67.190678][   T63] bridge_slave_1: left allmulticast mode
[   67.196371][   T63] bridge_slave_1: left promiscuous mode
[   67.203196][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.211642][   T63] bridge_slave_0: left allmulticast mode
[   67.218196][   T63] bridge_slave_0: left promiscuous mode
[   67.223888][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.277953][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   67.288106][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   67.297448][   T63] bond0 (unregistering): Released all slaves
[   67.352911][   T63] hsr_slave_0: left promiscuous mode
[   67.359887][   T63] hsr_slave_1: left promiscuous mode
[   67.365726][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   67.374430][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[   67.382346][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.391474][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[   67.401009][   T63] veth1_macvtap: left promiscuous mode
[   67.406540][   T63] veth0_macvtap: left promiscuous mode
[   67.413025][   T63] veth1_vlan: left promiscuous mode
[   67.418374][   T63] veth0_vlan: left promiscuous mode
[   67.531145][   T63] team0 (unregistering): Port device team_slave_1 removed
[   67.537395][ T5131] Bluetooth: hci0: command tx timeout
[   67.549787][   T63] team0 (unregistering): Port device team_slave_0 removed
[   67.820773][ T5910] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   67.841843][ T5910] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   67.851397][ T5910] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   67.860590][ T5910] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   67.935721][ T5910] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.952788][ T5910] 8021q: adding VLAN 0 to HW filter on device team0
[   67.970007][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.977102][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.991743][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.998903][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.181098][ T5910] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   68.348367][ T5910] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.385682][ T5910] veth0_vlan: entered promiscuous mode
[   68.413418][ T5910] veth1_vlan: entered promiscuous mode
[   68.430555][ T5910] veth0_macvtap: entered promiscuous mode
[   68.441354][ T5910] veth1_macvtap: entered promiscuous mode
[   68.455991][ T5910] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.466654][ T5910] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.484117][ T5910] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.498032][ T5910] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.506783][ T5910] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.516298][ T5910] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.558409][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.566276][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.594949][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.606473][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.645525][ T5980] loop0: detected capacity change from 0 to 64
[   68.681799][ T5982] loop0: detected capacity change from 0 to 64
[   68.713986][ T5984] loop0: detected capacity change from 0 to 64
[   68.745611][ T5986] loop0: detected capacity change from 0 to 64
[   68.793155][ T5989] loop0: detected capacity change from 0 to 164
[   68.833066][ T5991] loop0: detected capacity change from 0 to 64
[   68.864099][ T5993] loop0: detected capacity change from 0 to 64
[   68.901722][ T5995] loop0: detected capacity change from 0 to 64
[   68.942095][ T5998] loop0: detected capacity change from 0 to 64
[   68.974703][ T6000] loop0: detected capacity change from 0 to 64
[   69.020927][ T6003] loop0: detected capacity change from 0 to 64
[   69.051710][ T6005] loop0: detected capacity change from 0 to 64
[   69.093313][ T6007] loop0: detected capacity change from 0 to 64
[   69.144028][ T6009] loop0: detected capacity change from 0 to 64
[   69.190371][ T6012] loop0: detected capacity change from 0 to 64
[   69.220654][ T6015] loop0: detected capacity change from 0 to 64
[   69.251964][ T6017] loop0: detected capacity change from 0 to 64
[   69.288300][ T6019] loop0: detected capacity change from 0 to 64
[   69.336288][ T6022] loop0: detected capacity change from 0 to 64
[   69.391517][ T6027] loop0: detected capacity change from 0 to 64
[   69.421322][ T6029] loop0: detected capacity change from 0 to 64
[   69.462499][ T6031] loop0: detected capacity change from 0 to 164
[   69.499767][ T6033] loop0: detected capacity change from 0 to 64
[   69.539672][ T6036] loop0: detected capacity change from 0 to 64
[   69.553521][ T6036] ==================================================================
[   69.561635][ T6036] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read_key+0x314/0x450
[   69.569571][ T6036] Write of size 94 at addr ffff888029bdc300 by task syz.0.40/6036
[   69.577395][ T6036] 
[   69.579751][ T6036] CPU: 1 UID: 0 PID: 6036 Comm: syz.0.40 Not tainted 6.13.0-syzkaller #0
[   69.588188][ T6036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   69.598255][ T6036] Call Trace:
[   69.601525][ T6036]  <TASK>
[   69.604447][ T6036]  dump_stack_lvl+0x241/0x360
[   69.609123][ T6036]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.614310][ T6036]  ? __pfx__printk+0x10/0x10
[   69.617345][ T5131] Bluetooth: hci0: command tx timeout
[   69.618876][ T6036]  ? _printk+0xd5/0x120
[   69.628728][ T6036]  ? __virt_addr_valid+0x183/0x530
[   69.633832][ T6036]  ? __virt_addr_valid+0x183/0x530
[   69.638934][ T6036]  print_report+0x169/0x550
[   69.643457][ T6036]  ? __virt_addr_valid+0x183/0x530
[   69.648552][ T6036]  ? __virt_addr_valid+0x183/0x530
[   69.653759][ T6036]  ? __virt_addr_valid+0x45f/0x530
[   69.658857][ T6036]  ? __phys_addr+0xba/0x170
[   69.663344][ T6036]  ? hfs_bnode_read_key+0x314/0x450
[   69.668525][ T6036]  kasan_report+0x143/0x180
[   69.673022][ T6036]  ? hfs_bnode_read_key+0x314/0x450
[   69.678212][ T6036]  kasan_check_range+0x282/0x290
[   69.683142][ T6036]  ? hfs_bnode_read_key+0x314/0x450
[   69.688326][ T6036]  __asan_memcpy+0x40/0x70
[   69.692731][ T6036]  hfs_bnode_read_key+0x314/0x450
[   69.697754][ T6036]  hfs_brec_insert+0x7f3/0xbd0
[   69.702548][ T6036]  ? __pfx_hfs_brec_insert+0x10/0x10
[   69.707823][ T6036]  hfs_cat_create+0x41d/0xa50
[   69.712487][ T6036]  ? __pfx_hfs_cat_create+0x10/0x10
[   69.717675][ T6036]  ? _raw_spin_unlock+0x28/0x50
[   69.722511][ T6036]  ? hfs_new_inode+0x86e/0xaf0
[   69.727271][ T6036]  hfs_mkdir+0x6c/0xe0
[   69.731332][ T6036]  vfs_mkdir+0x2f9/0x4f0
[   69.735558][ T6036]  do_mkdirat+0x264/0x3a0
[   69.739870][ T6036]  ? __check_object_size+0x47a/0x730
[   69.745146][ T6036]  ? __pfx_do_mkdirat+0x10/0x10
[   69.749988][ T6036]  ? getname_flags+0x1e3/0x540
[   69.754737][ T6036]  __x64_sys_mkdirat+0x87/0xa0
[   69.759489][ T6036]  do_syscall_64+0xf3/0x230
[   69.763981][ T6036]  ? clear_bhb_loop+0x35/0x90
[   69.768645][ T6036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.774523][ T6036] RIP: 0033:0x7fce86d84597
[   69.778932][ T6036] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.798535][ T6036] RSP: 002b:00007fce87b39e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   69.806949][ T6036] RAX: ffffffffffffffda RBX: 00007fce87b39ef0 RCX: 00007fce86d84597
[   69.814907][ T6036] RDX: 00000000000001ff RSI: 0000000020000240 RDI: 00000000ffffff9c
[   69.822865][ T6036] RBP: 0000000020000200 R08: 00000000200000c0 R09: 0000000000000000
[   69.830823][ T6036] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000020000240
[   69.838781][ T6036] R13: 00007fce87b39eb0 R14: 0000000000000000 R15: 0000000000000000
[   69.846740][ T6036]  </TASK>
[   69.849741][ T6036] 
[   69.852050][ T6036] Allocated by task 6036:
[   69.856355][ T6036]  kasan_save_track+0x3f/0x80
[   69.861027][ T6036]  __kasan_kmalloc+0x98/0xb0
[   69.865623][ T6036]  __kmalloc_noprof+0x285/0x4c0
[   69.870453][ T6036]  hfs_find_init+0x90/0x1f0
[   69.874935][ T6036]  hfs_cat_create+0x182/0xa50
[   69.879596][ T6036]  hfs_mkdir+0x6c/0xe0
[   69.883649][ T6036]  vfs_mkdir+0x2f9/0x4f0
[   69.887874][ T6036]  do_mkdirat+0x264/0x3a0
[   69.892185][ T6036]  __x64_sys_mkdirat+0x87/0xa0
[   69.896950][ T6036]  do_syscall_64+0xf3/0x230
[   69.901438][ T6036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.907327][ T6036] 
[   69.909644][ T6036] The buggy address belongs to the object at ffff888029bdc300
[   69.909644][ T6036]  which belongs to the cache kmalloc-96 of size 96
[   69.923506][ T6036] The buggy address is located 0 bytes inside of
[   69.923506][ T6036]  allocated 78-byte region [ffff888029bdc300, ffff888029bdc34e)
[   69.937376][ T6036] 
[   69.939697][ T6036] The buggy address belongs to the physical page:
[   69.946122][ T6036] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29bdc
[   69.954870][ T6036] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   69.962310][ T6036] page_type: f5(slab)
[   69.966273][ T6036] raw: 00fff00000000000 ffff88801ac41280 ffffea0000995c80 dead000000000003
[   69.974858][ T6036] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000
[   69.983428][ T6036] page dumped because: kasan: bad access detected
[   69.989839][ T6036] page_owner tracks the page as allocated
[   69.995562][ T6036] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 9178990057, free_ts 9087590544
[   70.013870][ T6036]  post_alloc_hook+0x1f3/0x230
[   70.018630][ T6036]  get_page_from_freelist+0x3651/0x37a0
[   70.024164][ T6036]  __alloc_pages_noprof+0x292/0x710
[   70.029347][ T6036]  alloc_pages_mpol_noprof+0x3e1/0x780
[   70.034792][ T6036]  alloc_slab_page+0x6a/0x110
[   70.039456][ T6036]  allocate_slab+0x5a/0x2b0
[   70.043947][ T6036]  ___slab_alloc+0xc27/0x14a0
[   70.048605][ T6036]  __slab_alloc+0x58/0xa0
[   70.052916][ T6036]  __kmalloc_cache_noprof+0x27b/0x390
[   70.058297][ T6036]  usb_hub_create_port_device+0xc8/0xc10
[   70.063911][ T6036]  hub_probe+0x2503/0x3640
[   70.068312][ T6036]  usb_probe_interface+0x641/0xbb0
[   70.073406][ T6036]  really_probe+0x2b8/0xad0
[   70.077892][ T6036]  __driver_probe_device+0x1a2/0x390
[   70.083160][ T6036]  driver_probe_device+0x50/0x430
[   70.088167][ T6036]  __device_attach_driver+0x2d6/0x530
[   70.093520][ T6036] page last free pid 8 tgid 8 stack trace:
[   70.099310][ T6036]  free_unref_page+0xd2c/0x1000
[   70.104147][ T6036]  vfree+0x1c3/0x360
[   70.108023][ T6036]  delayed_vfree_work+0x56/0x80
[   70.112861][ T6036]  process_scheduled_works+0xa66/0x1840
[   70.118393][ T6036]  worker_thread+0x870/0xd30
[   70.122965][ T6036]  kthread+0x2f0/0x390
[   70.127019][ T6036]  ret_from_fork+0x4b/0x80
[   70.131422][ T6036]  ret_from_fork_asm+0x1a/0x30
[   70.136173][ T6036] 
[   70.138484][ T6036] Memory state around the buggy address:
[   70.144094][ T6036]  ffff888029bdc200: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   70.152137][ T6036]  ffff888029bdc280: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   70.160537][ T6036] >ffff888029bdc300: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc
[   70.168577][ T6036]                                               ^
[   70.174967][ T6036]  ffff888029bdc380: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   70.183021][ T6036]  ffff888029bdc400: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   70.191064][ T6036] ==================================================================
[   70.203077][ T6036] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   70.210309][ T6036] CPU: 1 UID: 0 PID: 6036 Comm: syz.0.40 Not tainted 6.13.0-syzkaller #0
[   70.218721][ T6036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   70.228773][ T6036] Call Trace:
[   70.232046][ T6036]  <TASK>
[   70.234972][ T6036]  dump_stack_lvl+0x241/0x360
[   70.239653][ T6036]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.244849][ T6036]  ? __pfx__printk+0x10/0x10
[   70.249431][ T6036]  ? rcu_is_watching+0x15/0xb0
[   70.254191][ T6036]  ? preempt_schedule+0xe1/0xf0
[   70.259041][ T6036]  ? vscnprintf+0x5d/0x90
[   70.263367][ T6036]  panic+0x349/0x880
[   70.267258][ T6036]  ? check_panic_on_warn+0x21/0xb0
[   70.272365][ T6036]  ? __pfx_panic+0x10/0x10
[   70.276774][ T6036]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   70.282751][ T6036]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.289073][ T6036]  ? print_report+0x502/0x550
[   70.293747][ T6036]  check_panic_on_warn+0x86/0xb0
[   70.298682][ T6036]  ? hfs_bnode_read_key+0x314/0x450
[   70.303873][ T6036]  end_report+0x77/0x160
[   70.308112][ T6036]  kasan_report+0x154/0x180
[   70.312611][ T6036]  ? hfs_bnode_read_key+0x314/0x450
[   70.317805][ T6036]  kasan_check_range+0x282/0x290
[   70.322740][ T6036]  ? hfs_bnode_read_key+0x314/0x450
[   70.327941][ T6036]  __asan_memcpy+0x40/0x70
[   70.332359][ T6036]  hfs_bnode_read_key+0x314/0x450
[   70.337379][ T6036]  hfs_brec_insert+0x7f3/0xbd0
[   70.342142][ T6036]  ? __pfx_hfs_brec_insert+0x10/0x10
[   70.347429][ T6036]  hfs_cat_create+0x41d/0xa50
[   70.352106][ T6036]  ? __pfx_hfs_cat_create+0x10/0x10
[   70.357302][ T6036]  ? _raw_spin_unlock+0x28/0x50
[   70.362146][ T6036]  ? hfs_new_inode+0x86e/0xaf0
[   70.366932][ T6036]  hfs_mkdir+0x6c/0xe0
[   70.371012][ T6036]  vfs_mkdir+0x2f9/0x4f0
[   70.375263][ T6036]  do_mkdirat+0x264/0x3a0
[   70.379599][ T6036]  ? __check_object_size+0x47a/0x730
[   70.384888][ T6036]  ? __pfx_do_mkdirat+0x10/0x10
[   70.389739][ T6036]  ? getname_flags+0x1e3/0x540
[   70.394494][ T6036]  __x64_sys_mkdirat+0x87/0xa0
[   70.399254][ T6036]  do_syscall_64+0xf3/0x230
[   70.403759][ T6036]  ? clear_bhb_loop+0x35/0x90
[   70.408446][ T6036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.414364][ T6036] RIP: 0033:0x7fce86d84597
[   70.418779][ T6036] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.438384][ T6036] RSP: 002b:00007fce87b39e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   70.446791][ T6036] RAX: ffffffffffffffda RBX: 00007fce87b39ef0 RCX: 00007fce86d84597
[   70.454753][ T6036] RDX: 00000000000001ff RSI: 0000000020000240 RDI: 00000000ffffff9c
[   70.462719][ T6036] RBP: 0000000020000200 R08: 00000000200000c0 R09: 0000000000000000
[   70.470685][ T6036] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000020000240
[   70.478656][ T6036] R13: 00007fce87b39eb0 R14: 0000000000000000 R15: 0000000000000000
[   70.486624][ T6036]  </TASK>
[   70.489900][ T6036] Kernel Offset: disabled
[   70.494215][ T6036] Rebooting in 86400 seconds..