[  137.994282][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  137.997122][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:43740' (ED25519) to the list of known hosts.
2024/10/07 05:57:10 ignoring optional flag "sandboxArg"="0"
2024/10/07 05:57:10 ignoring optional flag "type"="qemu"
2024/10/07 05:57:11 parsed 1 programs
[  155.376234][ T5419] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  158.277260][ T4531] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  158.287788][ T4531] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  158.292449][ T4531] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  158.296035][ T4531] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  158.299701][ T4531] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  158.305169][ T4531] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  160.551804][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.556542][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.607744][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.611567][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.213426][ T5480] chnl_net:caif_netlink_parms(): no params data found
[  161.289464][ T5480] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.293899][ T5480] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.298813][ T5480] bridge_slave_0: entered allmulticast mode
[  161.303555][ T5480] bridge_slave_0: entered promiscuous mode
[  161.308590][ T5480] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.323415][ T5480] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.326385][ T5480] bridge_slave_1: entered allmulticast mode
[  161.332824][ T5480] bridge_slave_1: entered promiscuous mode
[  161.349232][ T5480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  161.355999][ T5480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.375379][ T5480] team0: Port device team_slave_0 added
[  161.380088][ T5480] team0: Port device team_slave_1 added
[  161.394882][ T5480] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.397570][ T5480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.408998][ T5480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.417267][ T5480] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.421487][ T5480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.440637][ T5480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.493832][ T5480] hsr_slave_0: entered promiscuous mode
[  161.496651][ T5480] hsr_slave_1: entered promiscuous mode
[  162.286510][ T5480] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  162.316706][ T5480] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  162.353228][ T5480] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  162.358926][ T5480] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  162.556697][ T5480] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.604388][ T5480] 8021q: adding VLAN 0 to HW filter on device team0
[  162.635181][ T1127] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.638087][ T1127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.683549][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.687435][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.799934][ T5480] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  163.322040][ T5480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.421075][ T5480] veth0_vlan: entered promiscuous mode
[  163.441619][ T5480] veth1_vlan: entered promiscuous mode
[  163.513301][ T5480] veth0_macvtap: entered promiscuous mode
[  163.519564][ T5480] veth1_macvtap: entered promiscuous mode
[  163.575414][ T5480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  163.591447][ T5480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  163.612277][ T5480] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.615549][ T5480] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.618620][ T5480] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.645606][ T5480] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.064489][   T41] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.087034][   T41] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2024/10/07 05:57:26 executed programs: 0
[  165.221719][ T4531] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  165.227243][ T4531] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  165.231254][ T4531] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  165.234669][ T4531] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  165.237920][ T4531] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  165.242520][ T4531] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  165.622210][ T5537] chnl_net:caif_netlink_parms(): no params data found
[  165.773546][ T5537] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.778704][ T5537] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.790493][ T5537] bridge_slave_0: entered allmulticast mode
[  165.801852][ T5537] bridge_slave_0: entered promiscuous mode
[  165.823990][ T5537] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.827300][ T5537] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.830035][ T5537] bridge_slave_1: entered allmulticast mode
[  165.854717][ T5537] bridge_slave_1: entered promiscuous mode
[  165.926322][   T41] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.983035][ T5537] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.991475][ T5537] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.043259][ T5537] team0: Port device team_slave_0 added
[  166.048671][ T5537] team0: Port device team_slave_1 added
[  166.108290][ T5537] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.130384][ T5537] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.155878][ T5537] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.193266][ T5537] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.196433][ T5537] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.233146][ T5537] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.293616][   T41] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.391927][ T5537] hsr_slave_0: entered promiscuous mode
[  166.399106][ T5537] hsr_slave_1: entered promiscuous mode
[  166.406918][ T5537] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  166.409902][ T5537] Cannot create hsr debugfs directory
[  166.683680][   T41] bridge_slave_1: left allmulticast mode
[  166.686511][   T41] bridge_slave_1: left promiscuous mode
[  166.689188][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.731475][   T41] bridge_slave_0: left allmulticast mode
[  166.733725][   T41] bridge_slave_0: left promiscuous mode
[  166.736088][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.273683][ T4531] Bluetooth: hci0: command tx timeout
[  167.515102][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.523758][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.532124][   T41] bond0 (unregistering): Released all slaves
[  167.612126][   T41] hsr_slave_0: left promiscuous mode
[  167.647492][   T41] hsr_slave_1: left promiscuous mode
[  167.652583][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.656359][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[  167.673294][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.676664][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.701723][   T41] veth1_macvtap: left promiscuous mode
[  167.703997][   T41] veth0_macvtap: left promiscuous mode
[  167.706173][   T41] veth1_vlan: left promiscuous mode
[  167.708409][   T41] veth0_vlan: left promiscuous mode
[  168.192129][   T41] team0 (unregistering): Port device team_slave_1 removed
[  168.222421][   T41] team0 (unregistering): Port device team_slave_0 removed
[  169.071993][ T5537] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  169.185303][ T5537] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  169.205300][ T5537] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  169.231747][ T5537] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  169.352167][ T4531] Bluetooth: hci0: command tx timeout
[  169.465008][ T5537] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.504013][ T5537] 8021q: adding VLAN 0 to HW filter on device team0
[  169.511960][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.515741][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.533573][ T1127] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.536569][ T1127] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.904644][ T5537] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.969785][ T5537] veth0_vlan: entered promiscuous mode
[  169.989387][ T5537] veth1_vlan: entered promiscuous mode
[  170.054993][ T5537] veth0_macvtap: entered promiscuous mode
[  170.077814][ T5537] veth1_macvtap: entered promiscuous mode
[  170.099570][ T5537] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.123811][ T5537] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.144535][ T5537] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.148328][ T5537] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.162438][ T5537] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.166399][ T5537] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.294899][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.298239][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.347445][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.353630][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/10/07 05:57:31 executed programs: 2
[  170.509154][ T5595] loop0: detected capacity change from 0 to 1024
[  170.629407][ T5595] ==================================================================
[  170.632728][ T5595] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read_key+0x394/0x610
[  170.636240][ T5595] Write of size 4026 at addr ffff88800e5ff000 by task syz.0.15/5595
[  170.640764][ T5595] 
[  170.642034][ T5595] CPU: 0 UID: 0 PID: 5595 Comm: syz.0.15 Not tainted 6.12.0-rc2-syzkaller-g8cf0b93919e1 #0
[  170.646847][ T5595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.651083][ T5595] Call Trace:
[  170.652424][ T5595]  <TASK>
[  170.653571][ T5595]  dump_stack_lvl+0x241/0x360
[  170.655608][ T5595]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.657934][ T5595]  ? __pfx__printk+0x10/0x10
[  170.660173][ T5595]  ? _printk+0xd5/0x120
[  170.662317][ T5595]  ? __virt_addr_valid+0x183/0x530
[  170.664749][ T5595]  ? __virt_addr_valid+0x183/0x530
[  170.666826][ T5595]  print_report+0x169/0x550
[  170.668636][ T5595]  ? __virt_addr_valid+0x183/0x530
[  170.670735][ T5595]  ? __virt_addr_valid+0x183/0x530
[  170.672839][ T5595]  ? __virt_addr_valid+0x45f/0x530
[  170.675204][ T5595]  ? __phys_addr+0xba/0x170
[  170.677771][ T5595]  ? hfsplus_bnode_read_key+0x394/0x610
[  170.680656][ T5595]  kasan_report+0x143/0x180
[  170.682666][ T5595]  ? hfsplus_bnode_read_key+0x394/0x610
[  170.684867][ T5595]  kasan_check_range+0x282/0x290
[  170.686808][ T5595]  ? hfsplus_bnode_read_key+0x394/0x610
[  170.689030][ T5595]  __asan_memcpy+0x40/0x70
[  170.690797][ T5595]  hfsplus_bnode_read_key+0x394/0x610
[  170.693174][ T5595]  ? __pfx_hfsplus_bnode_read_key+0x10/0x10
[  170.696189][ T5595]  ? hfsplus_bnode_write+0x1e1/0x230
[  170.698922][ T5595]  hfsplus_brec_insert+0x6ea/0xde0
[  170.701139][ T5595]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[  170.703377][ T5595]  ? hfsplus_create_attr+0x462/0x640
[  170.705506][ T5595]  hfsplus_create_attr+0x4a2/0x640
[  170.707569][ T5595]  ? __pfx_hfsplus_create_attr+0x10/0x10
[  170.709894][ T5595]  ? hfsplus_find_init+0x85/0x1c0
[  170.712559][ T5595]  ? hfsplus_find_init+0x14a/0x1c0
[  170.715268][ T5595]  __hfsplus_setxattr+0x6fe/0x22d0
[  170.717523][ T5595]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  170.720150][ T5595]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  170.722483][ T5595]  ? __pfx___hfsplus_setxattr+0x10/0x10
[  170.724672][ T5595]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  170.727182][ T5595]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  170.730351][ T5595]  ? stack_trace_save+0x118/0x1d0
[  170.732771][ T5595]  ? stack_depot_save_flags+0x6e4/0x830
[  170.734977][ T5595]  ? __kasan_kmalloc+0x98/0xb0
[  170.736928][ T5595]  ? hfsplus_setxattr+0x68/0xe0
[  170.738862][ T5595]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  170.741339][ T5595]  hfsplus_setxattr+0xb0/0xe0
[  170.743977][ T5595]  hfsplus_user_setxattr+0x40/0x60
[  170.746932][ T5595]  ? __pfx_hfsplus_user_setxattr+0x10/0x10
[  170.749577][ T5595]  __vfs_setxattr+0x468/0x4a0
[  170.751472][ T5595]  __vfs_setxattr_noperm+0x12e/0x660
[  170.753598][ T5595]  vfs_setxattr+0x221/0x430
[  170.755420][ T5595]  ? __pfx_vfs_setxattr+0x10/0x10
[  170.757474][ T5595]  path_setxattr+0x37e/0x4d0
[  170.759355][ T5595]  ? __pfx_path_setxattr+0x10/0x10
[  170.761443][ T5595]  ? do_futex+0x392/0x560
[  170.763481][ T5595]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  170.766304][ T5595]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  170.769175][ T5595]  ? do_syscall_64+0x100/0x230
[  170.770982][ T5595]  __x64_sys_setxattr+0xbb/0xd0
[  170.772772][ T5595]  do_syscall_64+0xf3/0x230
[  170.774414][ T5595]  ? clear_bhb_loop+0x35/0x90
[  170.776356][ T5595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.779382][ T5595] RIP: 0033:0x7fac8417def9
[  170.781571][ T5595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.789261][ T5595] RSP: 002b:00007fac85014038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  170.792960][ T5595] RAX: ffffffffffffffda RBX: 00007fac84335f80 RCX: 00007fac8417def9
[  170.796969][ T5595] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000020000080
[  170.800194][ T5595] RBP: 00007fac841f0b76 R08: 0000000000000001 R09: 0000000000000000
[  170.803364][ T5595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.807168][ T5595] R13: 0000000000000000 R14: 00007fac84335f80 R15: 00007ffc0701ae38
[  170.810818][ T5595]  </TASK>
[  170.812087][ T5595] 
[  170.813015][ T5595] Allocated by task 5595:
[  170.814769][ T5595]  kasan_save_track+0x3f/0x80
[  170.816695][ T5595]  __kasan_kmalloc+0x98/0xb0
[  170.818647][ T5595]  __kmalloc_noprof+0x1fc/0x400
[  170.820872][ T5595]  hfsplus_find_init+0x85/0x1c0
[  170.823070][ T5595]  hfsplus_create_attr+0x161/0x640
[  170.825094][ T5595]  __hfsplus_setxattr+0x6fe/0x22d0
[  170.827112][ T5595]  hfsplus_setxattr+0xb0/0xe0
[  170.828975][ T5595]  hfsplus_user_setxattr+0x40/0x60
[  170.831268][ T5595]  __vfs_setxattr+0x468/0x4a0
[  170.833365][ T5595]  __vfs_setxattr_noperm+0x12e/0x660
[  170.835722][ T5595]  vfs_setxattr+0x221/0x430
[  170.837801][ T5595]  path_setxattr+0x37e/0x4d0
[  170.839614][ T5595]  __x64_sys_setxattr+0xbb/0xd0
[  170.841562][ T5595]  do_syscall_64+0xf3/0x230
[  170.843392][ T5595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.845737][ T5595] 
[  170.846701][ T5595] The buggy address belongs to the object at ffff88800e5ff000
[  170.846701][ T5595]  which belongs to the cache kmalloc-1k of size 1024
[  170.853001][ T5595] The buggy address is located 0 bytes inside of
[  170.853001][ T5595]  allocated 536-byte region [ffff88800e5ff000, ffff88800e5ff218)
[  170.858422][ T5595] 
[  170.859417][ T5595] The buggy address belongs to the physical page:
[  170.862014][ T5595] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe5fc
[  170.865580][ T5595] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  170.870252][ T5595] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  170.874014][ T5595] page_type: f5(slab)
[  170.875709][ T5595] raw: 00fff00000000040 ffff88801ac41dc0 ffffea00007e7000 dead000000000003
[  170.878970][ T5595] raw: 0000000000000000 0000000080080008 00000001f5000000 0000000000000000
[  170.882131][ T5595] head: 00fff00000000040 ffff88801ac41dc0 ffffea00007e7000 dead000000000003
[  170.885576][ T5595] head: 0000000000000000 0000000080080008 00000001f5000000 0000000000000000
[  170.889227][ T5595] head: 00fff00000000002 ffffea0000397f01 ffffffffffffffff 0000000000000000
[  170.893320][ T5595] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  170.896884][ T5595] page dumped because: kasan: bad access detected
[  170.899442][ T5595] page_owner tracks the page as allocated
[  170.901745][ T5595] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 41, tgid 41 (kworker/u4:3), ts 115628600628, free_ts 115607741321
[  170.910610][ T5595]  post_alloc_hook+0x1f3/0x230
[  170.912503][ T5595]  get_page_from_freelist+0x3045/0x3190
[  170.914712][ T5595]  __alloc_pages_noprof+0x256/0x6c0
[  170.917016][ T5595]  alloc_pages_mpol_noprof+0x3e8/0x680
[  170.919622][ T5595]  alloc_slab_page+0x6a/0x120
[  170.921957][ T5595]  allocate_slab+0x5a/0x2f0
[  170.924050][ T5595]  ___slab_alloc+0xcd1/0x14b0
[  170.925861][ T5595]  __slab_alloc+0x58/0xa0
[  170.927555][ T5595]  __kmalloc_node_track_caller_noprof+0x281/0x440
[  170.930035][ T5595]  kmalloc_reserve+0x111/0x2a0
[  170.932003][ T5595]  __alloc_skb+0x1f3/0x440
[  170.933890][ T5595]  br_info_notify+0x113/0x270
[  170.935902][ T5595]  br_port_carrier_check+0x2fb/0x3e0
[  170.938238][ T5595]  br_device_event+0x5f0/0x970
[  170.940265][ T5595]  notifier_call_chain+0x19f/0x3e0
[  170.942300][ T5595]  netdev_state_change+0x11f/0x1a0
[  170.944407][ T5595] page last free pid 41 tgid 41 stack trace:
[  170.947110][ T5595]  free_unref_page+0xcfb/0xf20
[  170.949434][ T5595]  stack_depot_save_flags+0x6f6/0x830
[  170.951861][ T5595]  kasan_save_track+0x51/0x80
[  170.953727][ T5595]  __kasan_slab_alloc+0x66/0x80
[  170.955602][ T5595]  kmem_cache_alloc_node_noprof+0x16b/0x320
[  170.957831][ T5595]  __alloc_skb+0x1c3/0x440
[  170.959694][ T5595]  br_info_notify+0x113/0x270
[  170.961856][ T5595]  br_port_carrier_check+0x2fb/0x3e0
[  170.964253][ T5595]  br_device_event+0x5f0/0x970
[  170.966321][ T5595]  notifier_call_chain+0x19f/0x3e0
[  170.968298][ T5595]  netdev_state_change+0x11f/0x1a0
[  170.970260][ T5595]  linkwatch_do_dev+0x112/0x170
[  170.972169][ T5595]  __linkwatch_run_queue+0x44f/0x6c0
[  170.974328][ T5595]  linkwatch_event+0x4c/0x60
[  170.976233][ T5595]  process_scheduled_works+0xa63/0x1850
[  170.978536][ T5595]  worker_thread+0x870/0xd30
[  170.980705][ T5595] 
[  170.981771][ T5595] Memory state around the buggy address:
[  170.984057][ T5595]  ffff88800e5ff100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.987225][ T5595]  ffff88800e5ff180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  170.990356][ T5595] >ffff88800e5ff200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  170.993481][ T5595]                             ^
[  170.995941][ T5595]  ffff88800e5ff280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  170.999768][ T5595]  ffff88800e5ff300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  171.002858][ T5595] ==================================================================
[  171.131503][ T5595] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  171.134431][ T5595] CPU: 0 UID: 0 PID: 5595 Comm: syz.0.15 Not tainted 6.12.0-rc2-syzkaller-g8cf0b93919e1 #0
[  171.138243][ T5595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.142318][ T5595] Call Trace:
[  171.143672][ T5595]  <TASK>
[  171.144838][ T5595]  dump_stack_lvl+0x241/0x360
[  171.146804][ T5595]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.149617][ T5595]  ? __pfx__printk+0x10/0x10
[  171.152129][ T5595]  ? preempt_schedule+0xe1/0xf0
[  171.154248][ T5595]  ? vscnprintf+0x5d/0x90
[  171.156067][ T5595]  panic+0x349/0x880
[  171.157580][ T5595]  ? check_panic_on_warn+0x21/0xb0
[  171.159570][ T5595]  ? __pfx_panic+0x10/0x10
[  171.161341][ T5595]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  171.163592][ T5595]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  171.166291][ T5595]  ? print_report+0x502/0x550
[  171.168828][ T5595]  check_panic_on_warn+0x86/0xb0
[  171.171244][ T5595]  ? hfsplus_bnode_read_key+0x394/0x610
[  171.173435][ T5595]  end_report+0x77/0x160
[  171.175101][ T5595]  kasan_report+0x154/0x180
[  171.177124][ T5595]  ? hfsplus_bnode_read_key+0x394/0x610
[  171.179612][ T5595]  kasan_check_range+0x282/0x290
[  171.181950][ T5595]  ? hfsplus_bnode_read_key+0x394/0x610
[  171.184811][ T5595]  __asan_memcpy+0x40/0x70
[  171.186791][ T5595]  hfsplus_bnode_read_key+0x394/0x610
[  171.188937][ T5595]  ? __pfx_hfsplus_bnode_read_key+0x10/0x10
[  171.191212][ T5595]  ? hfsplus_bnode_write+0x1e1/0x230
[  171.193302][ T5595]  hfsplus_brec_insert+0x6ea/0xde0
[  171.195984][ T5595]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[  171.198821][ T5595]  ? hfsplus_create_attr+0x462/0x640
[  171.201024][ T5595]  hfsplus_create_attr+0x4a2/0x640
[  171.203083][ T5595]  ? __pfx_hfsplus_create_attr+0x10/0x10
[  171.205324][ T5595]  ? hfsplus_find_init+0x85/0x1c0
[  171.207557][ T5595]  ? hfsplus_find_init+0x14a/0x1c0
[  171.210103][ T5595]  __hfsplus_setxattr+0x6fe/0x22d0
[  171.212771][ T5595]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  171.215583][ T5595]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  171.217823][ T5595]  ? __pfx___hfsplus_setxattr+0x10/0x10
[  171.219994][ T5595]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  171.222329][ T5595]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  171.224749][ T5595]  ? stack_trace_save+0x118/0x1d0
[  171.226817][ T5595]  ? stack_depot_save_flags+0x6e4/0x830
[  171.229150][ T5595]  ? __kasan_kmalloc+0x98/0xb0
[  171.231285][ T5595]  ? hfsplus_setxattr+0x68/0xe0
[  171.233403][ T5595]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  171.235820][ T5595]  hfsplus_setxattr+0xb0/0xe0
[  171.237804][ T5595]  hfsplus_user_setxattr+0x40/0x60
[  171.239856][ T5595]  ? __pfx_hfsplus_user_setxattr+0x10/0x10
[  171.242247][ T5595]  __vfs_setxattr+0x468/0x4a0
[  171.244137][ T5595]  __vfs_setxattr_noperm+0x12e/0x660
[  171.246693][ T5595]  vfs_setxattr+0x221/0x430
[  171.249446][ T5595]  ? __pfx_vfs_setxattr+0x10/0x10
[  171.252125][ T5595]  path_setxattr+0x37e/0x4d0
[  171.254254][ T5595]  ? __pfx_path_setxattr+0x10/0x10
[  171.256250][ T5595]  ? do_futex+0x392/0x560
[  171.257971][ T5595]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  171.260317][ T5595]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  171.262722][ T5595]  ? do_syscall_64+0x100/0x230
[  171.264584][ T5595]  __x64_sys_setxattr+0xbb/0xd0
[  171.266500][ T5595]  do_syscall_64+0xf3/0x230
[  171.268373][ T5595]  ? clear_bhb_loop+0x35/0x90
[  171.270557][ T5595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.273704][ T5595] RIP: 0033:0x7fac8417def9
[  171.275898][ T5595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.283404][ T5595] RSP: 002b:00007fac85014038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  171.286752][ T5595] RAX: ffffffffffffffda RBX: 00007fac84335f80 RCX: 00007fac8417def9
[  171.290083][ T5595] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000020000080
[  171.293723][ T5595] RBP: 00007fac841f0b76 R08: 0000000000000001 R09: 0000000000000000
[  171.297105][ T5595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.300027][ T5595] R13: 0000000000000000 R14: 00007fac84335f80 R15: 00007ffc0701ae38
[  171.303031][ T5595]  </TASK>
[  171.304491][ T5595] Kernel Offset: disabled
[  171.306346][ T5595] Rebooting in 86400 seconds..