Warning: Permanently added '10.128.1.208' (ED25519) to the list of known hosts.
1970/01/01 00:01:25 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:26 parsed 1 programs
[   89.161385][ T4552] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   97.333817][  T511] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.335506][  T511] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.338099][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   97.358486][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.360203][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.363013][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   97.677103][ T4603] chnl_net:caif_netlink_parms(): no params data found
[   97.712216][ T4603] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.715141][ T4603] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.717279][ T4603] device bridge_slave_0 entered promiscuous mode
[   97.720391][ T4603] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.721930][ T4603] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.724090][ T4603] device bridge_slave_1 entered promiscuous mode
[   97.739134][ T4603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.743094][ T4603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.758810][ T4603] team0: Port device team_slave_0 added
[   97.761794][ T4603] team0: Port device team_slave_1 added
[   97.774717][ T4603] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.776216][ T4603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.781052][ T4603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.784621][ T4603] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.786017][ T4603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.790947][ T4603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.864717][ T4603] device hsr_slave_0 entered promiscuous mode
[   97.904497][ T4603] device hsr_slave_1 entered promiscuous mode
[   98.668230][ T4603] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.714687][ T4603] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.754606][ T4603] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.765741][ T4603] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.851740][ T4603] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.864013][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   98.866093][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.871247][ T4603] 8021q: adding VLAN 0 to HW filter on device team0
[   98.879980][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   98.882450][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   98.885825][  T511] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.887406][  T511] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.889357][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   98.895728][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   98.897951][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   98.899967][  T296] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.901366][  T296] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.918025][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   98.920699][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   98.926599][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   98.929379][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   98.931584][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   98.934831][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   98.937321][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   98.939428][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   98.941482][  T511] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   98.949823][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   98.953697][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   98.965556][ T4603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   99.043636][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   99.045345][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   99.051654][ T4603] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.097066][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   99.099591][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   99.115374][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   99.117480][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   99.119602][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   99.121679][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   99.127031][ T4603] device veth0_vlan entered promiscuous mode
[   99.135106][ T4603] device veth1_vlan entered promiscuous mode
[   99.151177][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   99.153825][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   99.155975][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   99.165731][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   99.173504][ T4603] device veth0_macvtap entered promiscuous mode
[   99.177745][ T4603] device veth1_macvtap entered promiscuous mode
[   99.189625][ T4603] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.191237][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   99.193531][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   99.197423][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   99.199696][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   99.205968][ T4603] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.209027][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   99.211293][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   99.215311][ T4603] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.217063][ T4603] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.218751][ T4603] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.220371][ T4603] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
1970/01/01 00:01:39 executed programs: 0
[   99.723607][ T4717] chnl_net:caif_netlink_parms(): no params data found
[   99.766573][ T4717] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.768021][ T4717] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.770146][ T4717] device bridge_slave_0 entered promiscuous mode
[   99.773830][ T4717] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.775209][ T4717] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.777306][ T4717] device bridge_slave_1 entered promiscuous mode
[   99.818323][ T4717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.822217][ T4717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.844449][ T4717] team0: Port device team_slave_0 added
[   99.847610][ T4717] team0: Port device team_slave_1 added
[   99.865973][ T4717] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.867440][ T4717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.872414][ T4717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.885505][ T4717] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.886883][ T4717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.891852][ T4717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.955201][ T4717] device hsr_slave_0 entered promiscuous mode
[   99.982988][ T4717] device hsr_slave_1 entered promiscuous mode
[  100.022979][ T4717] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  100.024578][ T4717] Cannot create hsr debugfs directory
[  100.154994][ T4717] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.713398][ T4107] Bluetooth: hci1: command 0x0409 tx timeout
[  102.270253][ T4717] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.792837][ T4107] Bluetooth: hci1: command 0x041b tx timeout
[  104.620247][ T4717] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.701922][ T4717] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.849998][ T4717] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.916650][ T4717] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.954843][ T4717] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.013493][ T4717] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.121677][ T4717] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.133707][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  105.135778][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  105.140222][ T4717] 8021q: adding VLAN 0 to HW filter on device team0
[  105.145138][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  105.147346][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  105.149357][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.150725][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.152718][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  105.157394][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  105.159556][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  105.161507][  T296] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.162987][  T296] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.168484][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  105.173405][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  105.178023][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  105.180870][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  105.184709][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  105.189186][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  105.191576][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  105.199240][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  105.201453][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  105.207369][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  105.209478][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  105.213602][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  105.285616][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  105.287377][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  105.294272][ T4717] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.306617][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  105.308983][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  105.320279][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  105.324186][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  105.326782][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  105.328759][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  105.333558][ T4717] device veth0_vlan entered promiscuous mode
[  105.340400][ T4717] device veth1_vlan entered promiscuous mode
[  105.365974][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  105.368289][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  105.370453][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  105.373671][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  105.377615][ T4717] device veth0_macvtap entered promiscuous mode
[  105.381517][ T4717] device veth1_macvtap entered promiscuous mode
[  105.393651][ T4717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.395932][ T4717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.398959][ T4717] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.400568][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  105.403408][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  105.405518][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  105.407740][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  105.411696][ T4717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.414603][ T4717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.417486][ T4717] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.419469][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  105.421616][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  105.427303][ T4717] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.429036][ T4717] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.430826][ T4717] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.433824][ T4717] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.488094][  T465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.489848][  T465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.493188][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  105.511140][  T465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.514470][  T465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.516972][  T465] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:45 executed programs: 2
[  105.558091][ T4977] loop0: detected capacity change from 0 to 1024
[  105.677449][ T4977] hfsplus: request for non-existent node 65030 in B*Tree
[  105.679085][ T4977] hfsplus: request for non-existent node 65030 in B*Tree
[  105.684232][ T4977] ==================================================================
[  105.685960][ T4977] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x84/0x24c
[  105.687422][ T4977] Read of size 8 at addr ffff0000cef248c0 by task syz.0.15/4977
[  105.688983][ T4977] 
[  105.689467][ T4977] CPU: 1 PID: 4977 Comm: syz.0.15 Not tainted 5.15.171-syzkaller #0
[  105.691076][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  105.693167][ T4977] Call trace:
[  105.693775][ T4977]  dump_backtrace+0x0/0x530
[  105.694703][ T4977]  show_stack+0x2c/0x3c
[  105.695510][ T4977]  dump_stack_lvl+0x108/0x170
[  105.696594][ T4977]  print_address_description+0x7c/0x3f0
[  105.697806][ T4977]  kasan_report+0x174/0x1e4
[  105.698703][ T4977]  __asan_report_load8_noabort+0x44/0x50
[  105.699787][ T4977]  hfsplus_bnode_read+0x84/0x24c
[  105.700736][ T4977]  hfsplus_bnode_dump+0x2c4/0x4cc
[  105.701747][ T4977]  hfsplus_brec_remove+0x3d0/0x4a4
[  105.702723][ T4977]  __hfsplus_delete_attr+0x1e0/0x3ec
[  105.703813][ T4977]  hfsplus_delete_all_attrs+0x214/0x348
[  105.704926][ T4977]  hfsplus_delete_cat+0x9a4/0xd6c
[  105.705931][ T4977]  hfsplus_unlink+0x2c0/0x6a0
[  105.706906][ T4977]  hfsplus_rename+0xd0/0x1b0
[  105.707810][ T4977]  vfs_rename+0xac8/0xe04
[  105.708662][ T4977]  do_renameat2+0xa00/0x10c0
[  105.709558][ T4977]  __arm64_sys_renameat2+0xe0/0xfc
[  105.710710][ T4977]  invoke_syscall+0x98/0x2b8
[  105.711675][ T4977]  el0_svc_common+0x138/0x258
[  105.712594][ T4977]  do_el0_svc+0x58/0x14c
[  105.713410][ T4977]  el0_svc+0x7c/0x1f0
[  105.714279][ T4977]  el0t_64_sync_handler+0x84/0xe4
[  105.715362][ T4977]  el0t_64_sync+0x1a0/0x1a4
[  105.716255][ T4977] 
[  105.716768][ T4977] Allocated by task 4977:
[  105.717727][ T4977]  ____kasan_kmalloc+0xbc/0xfc
[  105.718674][ T4977]  __kasan_kmalloc+0x10/0x1c
[  105.719604][ T4977]  __kmalloc+0x29c/0x4c8
[  105.720495][ T4977]  __hfs_bnode_create+0xe4/0x864
[  105.721465][ T4977]  hfsplus_bnode_find+0x200/0xcb0
[  105.722478][ T4977]  hfsplus_brec_find+0x134/0x4a0
[  105.723601][ T4977]  hfsplus_delete_all_attrs+0x1ec/0x348
[  105.724737][ T4977]  hfsplus_delete_cat+0x9a4/0xd6c
[  105.725762][ T4977]  hfsplus_unlink+0x2c0/0x6a0
[  105.726688][ T4977]  hfsplus_rename+0xd0/0x1b0
[  105.727582][ T4977]  vfs_rename+0xac8/0xe04
[  105.728453][ T4977]  do_renameat2+0xa00/0x10c0
[  105.729341][ T4977]  __arm64_sys_renameat2+0xe0/0xfc
[  105.730343][ T4977]  invoke_syscall+0x98/0x2b8
[  105.731220][ T4977]  el0_svc_common+0x138/0x258
[  105.732225][ T4977]  do_el0_svc+0x58/0x14c
[  105.733124][ T4977]  el0_svc+0x7c/0x1f0
[  105.733982][ T4977]  el0t_64_sync_handler+0x84/0xe4
[  105.735038][ T4977]  el0t_64_sync+0x1a0/0x1a4
[  105.736002][ T4977] 
[  105.736449][ T4977] The buggy address belongs to the object at ffff0000cef24800
[  105.736449][ T4977]  which belongs to the cache kmalloc-256 of size 256
[  105.739418][ T4977] The buggy address is located 192 bytes inside of
[  105.739418][ T4977]  256-byte region [ffff0000cef24800, ffff0000cef24900)
[  105.742341][ T4977] The buggy address belongs to the page:
[  105.743611][ T4977] page:000000006a96ce82 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ef24
[  105.745614][ T4977] head:000000006a96ce82 order:1 compound_mapcount:0
[  105.746968][ T4977] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[  105.748732][ T4977] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0002480
[  105.750435][ T4977] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  105.752101][ T4977] page dumped because: kasan: bad access detected
[  105.753411][ T4977] 
[  105.753836][ T4977] Memory state around the buggy address:
[  105.754983][ T4977]  ffff0000cef24780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  105.756772][ T4977]  ffff0000cef24800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  105.758372][ T4977] >ffff0000cef24880: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  105.759985][ T4977]                                            ^
[  105.761199][ T4977]  ffff0000cef24900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  105.762851][ T4977]  ffff0000cef24980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  105.764390][ T4977] ==================================================================
[  105.765865][ T4977] Disabling lock debugging due to kernel taint
[  105.768505][ T4977] Unable to handle kernel paging request at virtual address ffff7b5000009d87
[  105.770399][ T4977] Mem abort info:
[  105.771087][ T4977]   ESR = 0x0000000096000004
[  105.772087][ T4977]   EC = 0x25: DABT (current EL), IL = 32 bits
[  105.774666][ T4977]   SET = 0, FnV = 0
[  105.775570][ T4977]   EA = 0, S1PTW = 0
[  105.776379][ T4977]   FSC = 0x04: level 0 translation fault
[  105.777479][ T4977] Data abort info:
[  105.778197][ T4977]   ISV = 0, ISS = 0x00000004
[  105.779104][ T4977]   CM = 0, WnR = 0
[  105.779821][ T4977] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001ae2f0000
[  105.781263][ T4977] [ffff7b5000009d87] pgd=0000000000000000, p4d=0000000000000000
[  105.783459][ T4977] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[  105.784825][ T4977] Modules linked in:
[  105.785724][ T4977] CPU: 0 PID: 4977 Comm: syz.0.15 Tainted: G    B             5.15.171-syzkaller #0
[  105.787490][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  105.789459][ T4977] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  105.790882][ T4977] pc : kasan_check_range+0x74/0x2b4
[  105.791951][ T4977] lr : memcpy+0x90/0xe8
[  105.792816][ T4977] sp : ffff80001fa97090
[  105.793626][ T4977] x29: ffff80001fa97090 x28: 00000000000000ff x27: dfff800000000000
[  105.795284][ T4977] x26: ffff80001fa971c0 x25: 1ffff00002892ef3 x24: 0000000000000001
[  105.796957][ T4977] x23: ffff800017114000 x22: ffff800008fc4104 x21: ffff80001fa971a0
[  105.798439][ T4977] x20: ffffda800004ec3f x19: 0000000000000001 x18: 0000000000000000
[  105.800044][ T4977] x17: 0000000000000000 x16: ffff800011abf984 x15: 00000000000000ff
[  105.801820][ T4977] x14: ffff0000d5d551c0 x13: 0000000000ff0100 x12: 0000000000000001
[  105.803426][ T4977] x11: 1ffffb5000009d87 x10: 1ffffb5000009d87 x9 : ffffffffffffffff
[  105.805036][ T4977] x8 : ffff7b5000009d87 x7 : 0000000000000000 x6 : 00000000000000ff
[  105.806747][ T4977] x5 : ffff80001fa971c2 x4 : ffff0000ecb0800c x3 : ffff800008fc4104
[  105.808373][ T4977] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffffda800004ec3f
[  105.809917][ T4977] Call trace:
[  105.810577][ T4977]  kasan_check_range+0x74/0x2b4
[  105.811625][ T4977]  memcpy+0x90/0xe8
[  105.812361][ T4977]  hfsplus_bnode_read+0x120/0x24c
[  105.813467][ T4977]  hfsplus_bnode_dump+0x2c4/0x4cc
[  105.814463][ T4977]  hfsplus_brec_remove+0x3d0/0x4a4
[  105.815532][ T4977]  __hfsplus_delete_attr+0x1e0/0x3ec
[  105.816612][ T4977]  hfsplus_delete_all_attrs+0x214/0x348
[  105.817761][ T4977]  hfsplus_delete_cat+0x9a4/0xd6c
[  105.818824][ T4977]  hfsplus_unlink+0x2c0/0x6a0
[  105.819788][ T4977]  hfsplus_rename+0xd0/0x1b0
[  105.820821][ T4977]  vfs_rename+0xac8/0xe04
[  105.821598][ T4977]  do_renameat2+0xa00/0x10c0
[  105.822552][ T4977]  __arm64_sys_renameat2+0xe0/0xfc
[  105.823566][ T4977]  invoke_syscall+0x98/0x2b8
[  105.824506][ T4977]  el0_svc_common+0x138/0x258
[  105.825449][ T4977]  do_el0_svc+0x58/0x14c
[  105.826249][ T4977]  el0_svc+0x7c/0x1f0
[  105.827022][ T4977]  el0t_64_sync_handler+0x84/0xe4
[  105.827958][ T4977]  el0t_64_sync+0x1a0/0x1a4
[  105.828899][ T4977] Code: 5400014c b4000b8c aa2a03e9 8b0b0129 (3940010a) 
[  105.830355][ T4977] ---[ end trace 69b1a3119e5f3129 ]---
[  106.304172][ T4977] Kernel panic - not syncing: Oops: Fatal exception
[  106.305531][ T4977] SMP: stopping secondary CPUs
[  106.306483][ T4977] Kernel Offset: disabled
[  106.307326][ T4977] CPU features: 0x8,000081c1,21302e40
[  106.308425][ T4977] Memory Limit: none
[  106.754339][ T4977] Rebooting in 86400 seconds..