program:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm")
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0x40000582)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x3}}, './file1/file0\x00'})
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm") (async)
inotify_init1(0x0) (async)
inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0x40000582) (async)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0) (async)
openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x3}}, './file1/file0\x00'}) (async)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)

[   74.611661][ T4690] Bluetooth: hci0: command tx timeout
[   74.669866][ T5343] loop0: detected capacity change from 0 to 1024
[   74.734467][ T5343] hfsplus: request for non-existent node 134217728 in B*Tree
[   74.738196][ T5343] hfsplus: request for non-existent node 134217728 in B*Tree
[   74.762899][ T5343] ==================================================================
[   74.766533][ T5343] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0xc0/0x2a0
[   74.770168][ T5343] Read of size 8 at addr ffff888036f3bce0 by task syz.0.0/5343
[   74.773504][ T5343] 
[   74.774843][ T5343] CPU: 0 UID: 0 PID: 5343 Comm: syz.0.0 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   74.774859][ T5343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.774867][ T5343] Call Trace:
[   74.774876][ T5343]  <TASK>
[   74.774882][ T5343]  dump_stack_lvl+0x189/0x250
[   74.774901][ T5343]  ? __virt_addr_valid+0x1c8/0x5c0
[   74.774915][ T5343]  ? rcu_is_watching+0x15/0xb0
[   74.774927][ T5343]  ? __kasan_check_byte+0x12/0x40
[   74.774942][ T5343]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.774954][ T5343]  ? rcu_is_watching+0x15/0xb0
[   74.774966][ T5343]  ? lock_release+0x4b/0x3e0
[   74.774978][ T5343]  ? __virt_addr_valid+0x1c8/0x5c0
[   74.774991][ T5343]  ? __virt_addr_valid+0x4a5/0x5c0
[   74.775005][ T5343]  print_report+0xca/0x240
[   74.775015][ T5343]  ? hfsplus_bnode_read+0xc0/0x2a0
[   74.775026][ T5343]  kasan_report+0x118/0x150
[   74.775040][ T5343]  ? hfsplus_bnode_read+0xc0/0x2a0
[   74.775052][ T5343]  hfsplus_bnode_read+0xc0/0x2a0
[   74.775064][ T5343]  hfsplus_bnode_dump+0x300/0x450
[   74.775077][ T5343]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   74.775089][ T5343]  ? hfsplus_bnode_write_u16+0x8b/0xd0
[   74.775100][ T5343]  ? hfsplus_bnode_move+0x393/0xb90
[   74.775111][ T5343]  ? __pfx___hfsplus_brec_find+0x10/0x10
[   74.775125][ T5343]  hfsplus_brec_remove+0x480/0x550
[   74.775141][ T5343]  __hfsplus_delete_attr+0x1d4/0x360
[   74.775155][ T5343]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   74.775170][ T5343]  ? hfsplus_attr_build_key+0xee/0x260
[   74.775184][ T5343]  hfsplus_delete_attr+0x231/0x2d0
[   74.775199][ T5343]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   74.775213][ T5343]  ? hfsplus_find_init+0x8c/0x1d0
[   74.775226][ T5343]  ? hfsplus_find_init+0x15a/0x1d0
[   74.775238][ T5343]  __hfsplus_setxattr+0x37a/0x1f40
[   74.775253][ T5343]  ? is_bpf_text_address+0x26/0x2b0
[   74.775265][ T5343]  ? kernel_text_address+0xa5/0xe0
[   74.775276][ T5343]  ? unwind_get_return_address+0x4d/0x90
[   74.775289][ T5343]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   74.775305][ T5343]  ? arch_stack_walk+0xfc/0x150
[   74.775318][ T5343]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   74.775333][ T5343]  ? stack_trace_save+0x9c/0xe0
[   74.775360][ T5343]  ? hfsplus_setxattr+0x68/0x180
[   74.775374][ T5343]  ? __kasan_kmalloc+0x93/0xb0
[   74.775404][ T5343]  ? hfsplus_setxattr+0x102/0x180
[   74.775419][ T5343]  hfsplus_setxattr+0x11e/0x180
[   74.775435][ T5343]  hfsplus_user_setxattr+0x40/0x60
[   74.775449][ T5343]  ? __pfx_hfsplus_user_setxattr+0x10/0x10
[   74.775463][ T5343]  __vfs_setxattr+0x439/0x480
[   74.775480][ T5343]  __vfs_setxattr_noperm+0x12d/0x660
[   74.775495][ T5343]  vfs_setxattr+0x16b/0x2f0
[   74.775510][ T5343]  ? __pfx_vfs_setxattr+0x10/0x10
[   74.775523][ T5343]  ? mnt_get_write_access+0x223/0x2a0
[   74.775535][ T5343]  filename_setxattr+0x274/0x600
[   74.775552][ T5343]  ? __pfx_filename_setxattr+0x10/0x10
[   74.775566][ T5343]  ? getname_flags+0x1e5/0x540
[   74.775581][ T5343]  path_setxattrat+0x364/0x3a0
[   74.775594][ T5343]  ? __pfx_path_setxattrat+0x10/0x10
[   74.775610][ T5343]  ? rcu_is_watching+0x15/0xb0
[   74.775623][ T5343]  __x64_sys_setxattr+0xbc/0xe0
[   74.775638][ T5343]  do_syscall_64+0xfa/0x3b0
[   74.775705][ T5343]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.775716][ T5343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.775727][ T5343]  ? clear_bhb_loop+0x60/0xb0
[   74.775740][ T5343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.775751][ T5343] RIP: 0033:0x7fa5e4f8e9a9
[   74.775764][ T5343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.775772][ T5343] RSP: 002b:00007fa5e5e98038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   74.775786][ T5343] RAX: ffffffffffffffda RBX: 00007fa5e51b5fa0 RCX: 00007fa5e4f8e9a9
[   74.775794][ T5343] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000200000000340
[   74.775801][ T5343] RBP: 00007fa5e5010d69 R08: 0000000000000000 R09: 0000000000000000
[   74.775807][ T5343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.775814][ T5343] R13: 0000000000000000 R14: 00007fa5e51b5fa0 R15: 00007ffd0f1a0378
[   74.775826][ T5343]  </TASK>
[   74.775830][ T5343] 
[   74.956007][ T5343] Allocated by task 5343:
[   74.957981][ T5343]  kasan_save_track+0x3e/0x80
[   74.960152][ T5343]  __kasan_kmalloc+0x93/0xb0
[   74.962214][ T5343]  __kmalloc_noprof+0x27a/0x4f0
[   74.964420][ T5343]  __hfs_bnode_create+0xf3/0x810
[   74.966602][ T5343]  hfsplus_bnode_find+0x224/0xd20
[   74.968948][ T5343]  hfsplus_brec_find+0x15c/0x500
[   74.971256][ T5343]  hfsplus_attr_exists+0x163/0x1d0
[   74.973582][ T5343]  __hfsplus_setxattr+0x33e/0x1f40
[   74.975801][ T5343]  hfsplus_setxattr+0x11e/0x180
[   74.977976][ T5343]  hfsplus_user_setxattr+0x40/0x60
[   74.980312][ T5343]  __vfs_setxattr+0x439/0x480
[   74.982397][ T5343]  __vfs_setxattr_noperm+0x12d/0x660
[   74.984798][ T5343]  vfs_setxattr+0x16b/0x2f0
[   74.986883][ T5343]  filename_setxattr+0x274/0x600
[   74.989265][ T5343]  path_setxattrat+0x364/0x3a0
[   74.991665][ T5343]  __x64_sys_setxattr+0xbc/0xe0
[   74.994066][ T5343]  do_syscall_64+0xfa/0x3b0
[   74.996183][ T5343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.998761][ T5343] 
[   74.999844][ T5343] The buggy address belongs to the object at ffff888036f3bc00
[   74.999844][ T5343]  which belongs to the cache kmalloc-192 of size 192
[   75.004776][ T5343] The buggy address is located 72 bytes to the right of
[   75.004776][ T5343]  allocated 152-byte region [ffff888036f3bc00, ffff888036f3bc98)
[   75.010665][ T5343] 
[   75.011760][ T5343] The buggy address belongs to the physical page:
[   75.014572][ T5343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36f3b
[   75.018776][ T5343] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   75.021729][ T5343] page_type: f5(slab)
[   75.023521][ T5343] raw: 04fff00000000000 ffff88801a4413c0 ffffea0000d17ec0 dead000000000003
[   75.027131][ T5343] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   75.030939][ T5343] page dumped because: kasan: bad access detected
[   75.033769][ T5343] page_owner tracks the page as allocated
[   75.036331][ T5343] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 19086063632, free_ts 0
[   75.043705][ T5343]  post_alloc_hook+0x240/0x2a0
[   75.045889][ T5343]  get_page_from_freelist+0x21e4/0x22c0
[   75.048379][ T5343]  __alloc_frozen_pages_noprof+0x181/0x370
[   75.050928][ T5343]  alloc_pages_mpol+0x232/0x4a0
[   75.053286][ T5343]  allocate_slab+0x8a/0x3b0
[   75.055331][ T5343]  ___slab_alloc+0xbfc/0x1480
[   75.057768][ T5343]  __kmalloc_cache_noprof+0x296/0x3d0
[   75.060097][ T5343]  call_usermodehelper_setup+0x8e/0x270
[   75.062423][ T5343]  kobject_uevent_env+0x65c/0x8c0
[   75.064700][ T5343]  driver_register+0x2d4/0x320
[   75.066888][ T5343]  i2c_register_driver+0xba/0x170
[   75.069214][ T5343]  do_one_initcall+0x233/0x820
[   75.071226][ T5343]  do_initcall_level+0x137/0x1f0
[   75.073408][ T5343]  do_initcalls+0x69/0xd0
[   75.075396][ T5343]  kernel_init_freeable+0x3d9/0x570
[   75.077728][ T5343]  kernel_init+0x1d/0x1d0
[   75.079798][ T5343] page_owner free stack trace missing
[   75.082206][ T5343] 
[   75.083300][ T5343] Memory state around the buggy address:
[   75.085815][ T5343]  ffff888036f3bb80: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[   75.089174][ T5343]  ffff888036f3bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.092489][ T5343] >ffff888036f3bc80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   75.095838][ T5343]                                                        ^
[   75.099000][ T5343]  ffff888036f3bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.102567][ T5343]  ffff888036f3bd80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   75.106090][ T5343] ==================================================================
[   75.127113][ T5343] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   75.130568][ T5343] CPU: 0 UID: 0 PID: 5343 Comm: syz.0.0 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   75.135664][ T5343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.140821][ T5343] Call Trace:
[   75.142276][ T5343]  <TASK>
[   75.143615][ T5343]  dump_stack_lvl+0x99/0x250
[   75.145641][ T5343]  ? __asan_memcpy+0x40/0x70
[   75.147767][ T5343]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.149964][ T5343]  ? __pfx__printk+0x10/0x10
[   75.151944][ T5343]  panic+0x2db/0x790
[   75.154264][ T5343]  ? __pfx_preempt_schedule+0x10/0x10
[   75.157555][ T5343]  ? __pfx_panic+0x10/0x10
[   75.159940][ T5343]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   75.162614][ T5343]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.165516][ T5343]  ? hfsplus_bnode_read+0xc0/0x2a0
[   75.167791][ T5343]  check_panic_on_warn+0x89/0xb0
[   75.169863][ T5343]  ? hfsplus_bnode_read+0xc0/0x2a0
[   75.172117][ T5343]  end_report+0x78/0x160
[   75.174526][ T5343]  kasan_report+0x129/0x150
[   75.176922][ T5343]  ? hfsplus_bnode_read+0xc0/0x2a0
[   75.179629][ T5343]  hfsplus_bnode_read+0xc0/0x2a0
[   75.182142][ T5343]  hfsplus_bnode_dump+0x300/0x450
[   75.184452][ T5343]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   75.186859][ T5343]  ? hfsplus_bnode_write_u16+0x8b/0xd0
[   75.189303][ T5343]  ? hfsplus_bnode_move+0x393/0xb90
[   75.191536][ T5343]  ? __pfx___hfsplus_brec_find+0x10/0x10
[   75.194043][ T5343]  hfsplus_brec_remove+0x480/0x550
[   75.196325][ T5343]  __hfsplus_delete_attr+0x1d4/0x360
[   75.198963][ T5343]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   75.201950][ T5343]  ? hfsplus_attr_build_key+0xee/0x260
[   75.204783][ T5343]  hfsplus_delete_attr+0x231/0x2d0
[   75.207045][ T5343]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   75.209536][ T5343]  ? hfsplus_find_init+0x8c/0x1d0
[   75.211678][ T5343]  ? hfsplus_find_init+0x15a/0x1d0
[   75.213858][ T5343]  __hfsplus_setxattr+0x37a/0x1f40
[   75.216099][ T5343]  ? is_bpf_text_address+0x26/0x2b0
[   75.218312][ T5343]  ? kernel_text_address+0xa5/0xe0
[   75.220588][ T5343]  ? unwind_get_return_address+0x4d/0x90
[   75.223040][ T5343]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   75.225850][ T5343]  ? arch_stack_walk+0xfc/0x150
[   75.228261][ T5343]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   75.230856][ T5343]  ? stack_trace_save+0x9c/0xe0
[   75.233048][ T5343]  ? hfsplus_setxattr+0x68/0x180
[   75.235326][ T5343]  ? __kasan_kmalloc+0x93/0xb0
[   75.237552][ T5343]  ? hfsplus_setxattr+0x102/0x180
[   75.239879][ T5343]  hfsplus_setxattr+0x11e/0x180
[   75.242202][ T5343]  hfsplus_user_setxattr+0x40/0x60
[   75.244660][ T5343]  ? __pfx_hfsplus_user_setxattr+0x10/0x10
[   75.247442][ T5343]  __vfs_setxattr+0x439/0x480
[   75.249635][ T5343]  __vfs_setxattr_noperm+0x12d/0x660
[   75.251958][ T5343]  vfs_setxattr+0x16b/0x2f0
[   75.254063][ T5343]  ? __pfx_vfs_setxattr+0x10/0x10
[   75.256393][ T5343]  ? mnt_get_write_access+0x223/0x2a0
[   75.258921][ T5343]  filename_setxattr+0x274/0x600
[   75.261258][ T5343]  ? __pfx_filename_setxattr+0x10/0x10
[   75.263858][ T5343]  ? getname_flags+0x1e5/0x540
[   75.266074][ T5343]  path_setxattrat+0x364/0x3a0
[   75.268413][ T5343]  ? __pfx_path_setxattrat+0x10/0x10
[   75.270729][ T5343]  ? rcu_is_watching+0x15/0xb0
[   75.272651][ T5343]  __x64_sys_setxattr+0xbc/0xe0
[   75.274682][ T5343]  do_syscall_64+0xfa/0x3b0
[   75.276660][ T5343]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.278892][ T5343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.281481][ T5343]  ? clear_bhb_loop+0x60/0xb0
[   75.283710][ T5343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.286232][ T5343] RIP: 0033:0x7fa5e4f8e9a9
[   75.288119][ T5343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.296762][ T5343] RSP: 002b:00007fa5e5e98038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   75.300646][ T5343] RAX: ffffffffffffffda RBX: 00007fa5e51b5fa0 RCX: 00007fa5e4f8e9a9
[   75.304000][ T5343] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000200000000340
[   75.307323][ T5343] RBP: 00007fa5e5010d69 R08: 0000000000000000 R09: 0000000000000000
[   75.310770][ T5343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.314262][ T5343] R13: 0000000000000000 R14: 00007fa5e51b5fa0 R15: 00007ffd0f1a0378
[   75.317764][ T5343]  </TASK>
[   75.319470][ T5343] Kernel Offset: disabled
[   75.321432][ T5343] Rebooting in 86400 seconds..