program:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0xa08802, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x19}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xf9}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}]}}}]}]}], {0x14}}, 0xe8}}, 0x0)
syz_emit_ethernet(0xee, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "269fe0", 0xb8, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, {[@srh={0x33, 0x4, 0x4, 0x2, 0x4, 0x10, 0x400, [@empty, @mcast2]}, @routing={0x21, 0xe, 0x1, 0x6, 0x0, [@dev={0xfe, 0x80, '\x00', 0xa}, @private2={0xfc, 0x2, '\x00', 0x1}, @rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @multicast2}, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2]}], @ndisc_na={0x88, 0x0, 0x0, 0x6, '\x00', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}}}, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0)
clock_adjtime(0x0, &(0x7f0000000200)={0x1ff, 0xfff0bdc1, 0x2, 0x8, 0xffffffff, 0x5, 0x20011, 0x8000000000000000, 0x4, 0x9e1b4299ffffffff, 0xf423f, 0xf000000000, 0x1, 0x1000000001, 0x10002, 0x5, 0x1, 0x0, 0x8000000000000001, 0x441a6db5, 0xa, 0x8, 0x8000000000000000, 0x400000000000003, 0x2, 0x2})
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00')
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0xa08802, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ") (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x19}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xf9}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}]}}}]}]}], {0x14}}, 0xe8}}, 0x0) (async)
syz_emit_ethernet(0xee, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "269fe0", 0xb8, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, {[@srh={0x33, 0x4, 0x4, 0x2, 0x4, 0x10, 0x400, [@empty, @mcast2]}, @routing={0x21, 0xe, 0x1, 0x6, 0x0, [@dev={0xfe, 0x80, '\x00', 0xa}, @private2={0xfc, 0x2, '\x00', 0x1}, @rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @multicast2}, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2]}], @ndisc_na={0x88, 0x0, 0x0, 0x6, '\x00', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}}}, 0x0) (async)
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0) (async)
clock_adjtime(0x0, &(0x7f0000000200)={0x1ff, 0xfff0bdc1, 0x2, 0x8, 0xffffffff, 0x5, 0x20011, 0x8000000000000000, 0x4, 0x9e1b4299ffffffff, 0xf423f, 0xf000000000, 0x1, 0x1000000001, 0x10002, 0x5, 0x1, 0x0, 0x8000000000000001, 0x441a6db5, 0xa, 0x8, 0x8000000000000000, 0x400000000000003, 0x2, 0x2}) (async)
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00') (async)

[   69.862681][ T4667] Bluetooth: hci0: command tx timeout
[   69.963486][ T5326] loop0: detected capacity change from 0 to 1024
[   70.026353][ T5326] hfsplus: request for non-existent node 211 in B*Tree
[   70.029670][ T5326] hfsplus: request for non-existent node 211 in B*Tree
[   70.036458][ T5327] ==================================================================
[   70.040001][ T5327] BUG: KASAN: wild-memory-access in hfsplus_bnode_dump+0x403/0xbb0
[   70.043677][ T5327] Read of size 2 at addr 000508800000103e by task syz.0.0/5327
[   70.046396][ T5327] 
[   70.047310][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[   70.047325][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.047332][ T5327] Call Trace:
[   70.047339][ T5327]  <TASK>
[   70.047345][ T5327]  dump_stack_lvl+0x241/0x360
[   70.047364][ T5327]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.047375][ T5327]  ? __pfx__printk+0x10/0x10
[   70.047389][ T5327]  ? _printk+0xd5/0x120
[   70.047404][ T5327]  print_report+0xe8/0x550
[   70.047421][ T5327]  ? __virt_addr_valid+0x58/0x530
[   70.047445][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.047462][ T5327]  kasan_report+0x143/0x180
[   70.047477][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.047494][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.047507][ T5327]  kasan_check_range+0x282/0x290
[   70.047517][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.047531][ T5327]  __asan_memcpy+0x29/0x70
[   70.047545][ T5327]  hfsplus_bnode_dump+0x403/0xbb0
[   70.047562][ T5327]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   70.047576][ T5327]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   70.047590][ T5327]  ? __pfx_hfsplus_bnode_write_u16+0x10/0x10
[   70.047602][ T5327]  ? rcu_is_watching+0x15/0xb0
[   70.047612][ T5327]  ? hfsplus_bnode_move+0x2da/0x910
[   70.047624][ T5327]  ? __mark_inode_dirty+0x3db/0xe90
[   70.047637][ T5327]  hfsplus_brec_remove+0x42c/0x4f0
[   70.047649][ T5327]  __hfsplus_delete_attr+0x275/0x450
[   70.047662][ T5327]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   70.047672][ T5327]  ? hfsplus_find_init+0x85/0x1c0
[   70.047682][ T5327]  hfsplus_delete_attr+0x353/0x4b0
[   70.047694][ T5327]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   70.047705][ T5327]  ? hfsplus_find_init+0x85/0x1c0
[   70.047716][ T5327]  ? hfsplus_find_init+0x14a/0x1c0
[   70.047727][ T5327]  __hfsplus_setxattr+0x801/0x22d0
[   70.047740][ T5327]  ? kernel_text_address+0xa7/0xe0
[   70.047752][ T5327]  ? arch_stack_walk+0xfd/0x150
[   70.047769][ T5327]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   70.047780][ T5327]  ? __pfx_stack_trace_save+0x10/0x10
[   70.047790][ T5327]  ? stack_depot_save_flags+0x37/0x940
[   70.047813][ T5327]  ? __kasan_kmalloc+0x98/0xb0
[   70.047827][ T5327]  ? __kmalloc_cache_noprof+0x243/0x390
[   70.047838][ T5327]  ? hfsplus_setxattr+0x68/0xe0
[   70.047850][ T5327]  hfsplus_setxattr+0xb0/0xe0
[   70.047863][ T5327]  hfsplus_trusted_setxattr+0x40/0x60
[   70.047877][ T5327]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   70.047890][ T5327]  __vfs_removexattr+0x42a/0x460
[   70.047904][ T5327]  __vfs_removexattr_locked+0x206/0x450
[   70.047916][ T5327]  vfs_removexattr+0x103/0x2b0
[   70.047927][ T5327]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   70.047939][ T5327]  ? __pfx_vfs_removexattr+0x10/0x10
[   70.047952][ T5327]  path_removexattrat+0x32e/0x670
[   70.047968][ T5327]  ? __pfx_path_removexattrat+0x10/0x10
[   70.047981][ T5327]  ? do_futex+0x33b/0x560
[   70.047999][ T5327]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   70.048015][ T5327]  ? do_syscall_64+0x100/0x230
[   70.048067][ T5327]  __x64_sys_lremovexattr+0x65/0x80
[   70.048079][ T5327]  do_syscall_64+0xf3/0x230
[   70.048094][ T5327]  ? clear_bhb_loop+0x35/0x90
[   70.048111][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.048126][ T5327] RIP: 0033:0x7fb851f8cde9
[   70.048138][ T5327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.048147][ T5327] RSP: 002b:00007fb852d36038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[   70.048161][ T5327] RAX: ffffffffffffffda RBX: 00007fb8521a6080 RCX: 00007fb851f8cde9
[   70.048169][ T5327] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000400000000240
[   70.048176][ T5327] RBP: 00007fb85200e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.048183][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   70.048190][ T5327] R13: 0000000000000000 R14: 00007fb8521a6080 R15: 00007ffe8bec04a8
[   70.048200][ T5327]  </TASK>
[   70.048204][ T5327] ==================================================================
[   70.223173][ T5327] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   70.226171][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0
[   70.230257][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.234667][ T5327] Call Trace:
[   70.236153][ T5327]  <TASK>
[   70.237564][ T5327]  dump_stack_lvl+0x241/0x360
[   70.239825][ T5327]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.242037][ T5327]  ? __pfx__printk+0x10/0x10
[   70.243940][ T5327]  ? preempt_schedule+0xe1/0xf0
[   70.245820][ T5327]  ? vscnprintf+0x5d/0x90
[   70.247565][ T5327]  panic+0x349/0x880
[   70.249123][ T5327]  ? check_panic_on_warn+0x21/0xb0
[   70.251092][ T5327]  ? __pfx_panic+0x10/0x10
[   70.252911][ T5327]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   70.255829][ T5327]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.259040][ T5327]  ? print_report+0xe8/0x550
[   70.261196][ T5327]  check_panic_on_warn+0x86/0xb0
[   70.263254][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.265292][ T5327]  end_report+0x77/0x160
[   70.266959][ T5327]  kasan_report+0x154/0x180
[   70.268758][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.270722][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.272738][ T5327]  kasan_check_range+0x282/0x290
[   70.274638][ T5327]  ? hfsplus_bnode_dump+0x403/0xbb0
[   70.276574][ T5327]  __asan_memcpy+0x29/0x70
[   70.278423][ T5327]  hfsplus_bnode_dump+0x403/0xbb0
[   70.280379][ T5327]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   70.282686][ T5327]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   70.285019][ T5327]  ? __pfx_hfsplus_bnode_write_u16+0x10/0x10
[   70.287704][ T5327]  ? rcu_is_watching+0x15/0xb0
[   70.289808][ T5327]  ? hfsplus_bnode_move+0x2da/0x910
[   70.291836][ T5327]  ? __mark_inode_dirty+0x3db/0xe90
[   70.293896][ T5327]  hfsplus_brec_remove+0x42c/0x4f0
[   70.295943][ T5327]  __hfsplus_delete_attr+0x275/0x450
[   70.298095][ T5327]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   70.300322][ T5327]  ? hfsplus_find_init+0x85/0x1c0
[   70.302337][ T5327]  hfsplus_delete_attr+0x353/0x4b0
[   70.304456][ T5327]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   70.306724][ T5327]  ? hfsplus_find_init+0x85/0x1c0
[   70.308739][ T5327]  ? hfsplus_find_init+0x14a/0x1c0
[   70.310769][ T5327]  __hfsplus_setxattr+0x801/0x22d0
[   70.312667][ T5327]  ? kernel_text_address+0xa7/0xe0
[   70.314679][ T5327]  ? arch_stack_walk+0xfd/0x150
[   70.316669][ T5327]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   70.319204][ T5327]  ? __pfx_stack_trace_save+0x10/0x10
[   70.321568][ T5327]  ? stack_depot_save_flags+0x37/0x940
[   70.323642][ T5327]  ? __kasan_kmalloc+0x98/0xb0
[   70.325350][ T5327]  ? __kmalloc_cache_noprof+0x243/0x390
[   70.327470][ T5327]  ? hfsplus_setxattr+0x68/0xe0
[   70.329169][ T5327]  hfsplus_setxattr+0xb0/0xe0
[   70.330970][ T5327]  hfsplus_trusted_setxattr+0x40/0x60
[   70.333093][ T5327]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   70.335748][ T5327]  __vfs_removexattr+0x42a/0x460
[   70.337945][ T5327]  __vfs_removexattr_locked+0x206/0x450
[   70.340102][ T5327]  vfs_removexattr+0x103/0x2b0
[   70.341799][ T5327]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   70.344033][ T5327]  ? __pfx_vfs_removexattr+0x10/0x10
[   70.346022][ T5327]  path_removexattrat+0x32e/0x670
[   70.348160][ T5327]  ? __pfx_path_removexattrat+0x10/0x10
[   70.350501][ T5327]  ? do_futex+0x33b/0x560
[   70.352458][ T5327]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   70.354952][ T5327]  ? do_syscall_64+0x100/0x230
[   70.356849][ T5327]  __x64_sys_lremovexattr+0x65/0x80
[   70.358753][ T5327]  do_syscall_64+0xf3/0x230
[   70.360459][ T5327]  ? clear_bhb_loop+0x35/0x90
[   70.362427][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.365208][ T5327] RIP: 0033:0x7fb851f8cde9
[   70.367275][ T5327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.374714][ T5327] RSP: 002b:00007fb852d36038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[   70.377984][ T5327] RAX: ffffffffffffffda RBX: 00007fb8521a6080 RCX: 00007fb851f8cde9
[   70.380553][ T5327] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000400000000240
[   70.383501][ T5327] RBP: 00007fb85200e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.386606][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   70.390736][ T5327] R13: 0000000000000000 R14: 00007fb8521a6080 R15: 00007ffe8bec04a8
[   70.394128][ T5327]  </TASK>
[   70.395585][ T5327] Kernel Offset: disabled
[   70.397212][ T5327] Rebooting in 86400 seconds..