Warning: Permanently added '10.128.1.247' (ED25519) to the list of known hosts.
1970/01/01 00:01:29 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:30 parsed 1 programs
[   92.904656][ T4481] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[  101.417632][ T4526] chnl_net:caif_netlink_parms(): no params data found
[  101.453053][ T4526] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.455494][ T4526] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.458247][ T4526] device bridge_slave_0 entered promiscuous mode
[  101.463394][ T4526] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.466881][ T4526] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.469650][ T4526] device bridge_slave_1 entered promiscuous mode
[  101.486062][ T4526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.490573][ T4526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.508229][ T4526] team0: Port device team_slave_0 added
[  101.511771][ T4526] team0: Port device team_slave_1 added
[  101.525573][ T4526] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.527609][ T4526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.535392][ T4526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.539580][ T4526] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.541580][ T4526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.549240][ T4526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.606522][ T4526] device hsr_slave_0 entered promiscuous mode
[  101.643926][ T4526] device hsr_slave_1 entered promiscuous mode
[  102.496885][ T4526] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.535744][ T4526] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.547503][ T4526] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.586525][ T4526] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.680489][ T4526] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.691646][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.694915][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.700491][ T4526] 8021q: adding VLAN 0 to HW filter on device team0
[  102.707853][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  102.710602][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  102.713295][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.715599][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.726648][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  102.729309][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  102.732097][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  102.737173][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.739075][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.741387][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  102.745816][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  102.762834][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  102.767409][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  102.770288][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  102.773022][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  102.777958][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  102.780765][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  102.783427][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  102.787065][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.790417][ T4526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  102.798048][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  102.904822][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  102.907128][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  102.912478][ T4526] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.927171][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  102.929915][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  102.946855][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.949556][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.952347][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.957633][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.962196][ T4526] device veth0_vlan entered promiscuous mode
[  102.969378][ T4526] device veth1_vlan entered promiscuous mode
[  102.989764][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  102.992338][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  102.997143][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  103.000333][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  103.005402][ T4526] device veth0_macvtap entered promiscuous mode
[  103.009840][ T4526] device veth1_macvtap entered promiscuous mode
[  103.021612][ T4526] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.025306][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  103.027929][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  103.030590][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  103.033242][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  103.039186][ T4526] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.043277][ T4526] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.047916][ T4526] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.050425][ T4526] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.052667][ T4526] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.057745][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  103.060437][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  103.472662][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.476512][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.479528][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  103.535562][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.537963][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.541237][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:43 executed programs: 0
[  103.997133][ T4676] chnl_net:caif_netlink_parms(): no params data found
[  104.038679][ T4676] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.040713][ T4676] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.046298][ T4676] device bridge_slave_0 entered promiscuous mode
[  104.050027][ T4676] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.051999][ T4676] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.055265][ T4676] device bridge_slave_1 entered promiscuous mode
[  104.072473][ T4676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.079736][ T4676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.124145][ T4676] team0: Port device team_slave_0 added
[  104.127759][ T4676] team0: Port device team_slave_1 added
[  104.149277][ T4676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.151167][ T4676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.159862][ T4676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.168164][ T4676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.170190][ T4676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.178720][ T4676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.225686][ T4676] device hsr_slave_0 entered promiscuous mode
[  104.274037][ T4676] device hsr_slave_1 entered promiscuous mode
[  104.323695][ T4676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  104.326127][ T4676] Cannot create hsr debugfs directory
[  104.402255][ T4676] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.973671][ T4147] Bluetooth: hci0: command 0x0409 tx timeout
[  107.257355][ T4676] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.054616][ T4583] Bluetooth: hci0: command 0x041b tx timeout
[  108.480922][ T4676] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.562551][ T4676] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.726829][ T4676] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.756686][ T4676] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.807525][ T4676] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.862380][ T4676] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.949101][ T4676] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.957310][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  108.959914][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  108.964923][ T4676] 8021q: adding VLAN 0 to HW filter on device team0
[  108.969394][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  108.972253][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  108.975164][  T153] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.977057][  T153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.979428][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  108.985070][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  108.987764][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  108.990344][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.992237][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.017855][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  109.023459][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  109.028620][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.032002][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.035497][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  109.041078][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.044402][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.049581][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  109.052290][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.078343][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  109.081100][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  109.085916][ T4676] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  109.168313][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  109.170479][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  109.177574][ T4676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.205977][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  109.209980][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.225697][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  109.228511][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  109.231387][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  109.234736][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  109.238953][ T4676] device veth0_vlan entered promiscuous mode
[  109.246351][ T4676] device veth1_vlan entered promiscuous mode
[  109.260691][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  109.263419][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  109.267670][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  109.270411][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.277911][ T4676] device veth0_macvtap entered promiscuous mode
[  109.282445][ T4676] device veth1_macvtap entered promiscuous mode
[  109.294274][ T4676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.297155][ T4676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.300694][ T4676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.302695][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  109.305773][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  109.308300][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  109.311007][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.315518][ T4676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.318466][ T4676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.322106][ T4676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.326627][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  109.329306][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  109.334443][ T4676] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.336954][ T4676] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.339337][ T4676] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.341574][ T4676] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.403247][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.406090][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.410047][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  109.427610][  T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.429926][  T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.433074][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:49 executed programs: 2
[  109.482099][ T4929] loop0: detected capacity change from 0 to 1024
[  109.577552][ T4929] hfsplus: request for non-existent node 65030 in B*Tree
[  109.579808][ T4929] hfsplus: request for non-existent node 65030 in B*Tree
[  109.586959][ T4929] ==================================================================
[  109.589348][ T4929] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x84/0x21c
[  109.591581][ T4929] Read of size 8 at addr ffff0000cf246ec0 by task syz.0.15/4929
[  109.593707][ T4929] 
[  109.594329][ T4929] CPU: 1 PID: 4929 Comm: syz.0.15 Not tainted 5.15.189-syzkaller #0
[  109.596696][ T4929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.599562][ T4929] Call trace:
[  109.600432][ T4929]  dump_backtrace+0x0/0x43c
[  109.601685][ T4929]  show_stack+0x2c/0x3c
[  109.602854][ T4929]  __dump_stack+0x30/0x40
[  109.604041][ T4929]  dump_stack_lvl+0xf8/0x160
[  109.605297][ T4929]  print_address_description+0x78/0x30c
[  109.606837][ T4929]  kasan_report+0xec/0x15c
[  109.608075][ T4929]  __asan_report_load8_noabort+0x44/0x50
[  109.609651][ T4929]  hfsplus_bnode_read+0x84/0x21c
[  109.611059][ T4929]  hfsplus_bnode_dump+0x26c/0x37c
[  109.612444][ T4929]  hfsplus_brec_remove+0x3cc/0x4a0
[  109.613817][ T4929]  __hfsplus_delete_attr+0x198/0x350
[  109.615325][ T4929]  hfsplus_delete_all_attrs+0x204/0x33c
[  109.616903][ T4929]  hfsplus_delete_cat+0x844/0xbb0
[  109.618286][ T4929]  hfsplus_unlink+0x2a0/0x664
[  109.619639][ T4929]  hfsplus_rename+0xd0/0x1b0
[  109.620873][ T4929]  vfs_rename+0x954/0xdcc
[  109.622101][ T4929]  do_renameat2+0x74c/0xcdc
[  109.623383][ T4929]  __arm64_sys_renameat2+0xe0/0xfc
[  109.624789][ T4929]  invoke_syscall+0x98/0x2b8
[  109.626131][ T4929]  el0_svc_common+0x138/0x258
[  109.627436][ T4929]  do_el0_svc+0x58/0x14c
[  109.628624][ T4929]  el0_svc+0x78/0x1e0
[  109.629747][ T4929]  el0t_64_sync_handler+0xcc/0xe4
[  109.631122][ T4929]  el0t_64_sync+0x1a0/0x1a4
[  109.632386][ T4929] 
[  109.633040][ T4929] Allocated by task 4929:
[  109.634218][ T4929]  __kasan_kmalloc+0xb0/0xf0
[  109.635491][ T4929]  __kmalloc+0x298/0x44c
[  109.636660][ T4929]  __hfs_bnode_create+0xe4/0x84c
[  109.638153][ T4929]  hfsplus_bnode_find+0x1f8/0xbcc
[  109.639543][ T4929]  hfsplus_brec_find+0x128/0x448
[  109.640914][ T4929]  hfsplus_delete_all_attrs+0x1e0/0x33c
[  109.642415][ T4929]  hfsplus_delete_cat+0x844/0xbb0
[  109.643805][ T4929]  hfsplus_unlink+0x2a0/0x664
[  109.645048][ T4929]  hfsplus_rename+0xd0/0x1b0
[  109.646329][ T4929]  vfs_rename+0x954/0xdcc
[  109.647470][ T4929]  do_renameat2+0x74c/0xcdc
[  109.648708][ T4929]  __arm64_sys_renameat2+0xe0/0xfc
[  109.650104][ T4929]  invoke_syscall+0x98/0x2b8
[  109.651345][ T4929]  el0_svc_common+0x138/0x258
[  109.652589][ T4929]  do_el0_svc+0x58/0x14c
[  109.653796][ T4929]  el0_svc+0x78/0x1e0
[  109.654923][ T4929]  el0t_64_sync_handler+0xcc/0xe4
[  109.656311][ T4929]  el0t_64_sync+0x1a0/0x1a4
[  109.657532][ T4929] 
[  109.658172][ T4929] Last potentially related work creation:
[  109.659734][ T4929]  kasan_save_stack+0x38/0x68
[  109.660998][ T4929]  kasan_record_aux_stack+0xcc/0x114
[  109.662499][ T4929]  kvfree_call_rcu+0xb8/0x66c
[  109.663801][ T4929]  drop_sysctl_table+0x274/0x39c
[  109.665141][ T4929]  unregister_sysctl_table+0x94/0x134
[  109.666551][ T4929]  unregister_net_sysctl_table+0x20/0x30
[  109.668097][ T4929]  ipv6_frags_exit_net+0x60/0x118
[  109.669452][ T4929]  cleanup_net+0x5c4/0xa98
[  109.670629][ T4929]  process_one_work+0x79c/0x1140
[  109.672022][ T4929]  worker_thread+0x8f4/0x101c
[  109.673264][ T4929]  kthread+0x374/0x454
[  109.674367][ T4929]  ret_from_fork+0x10/0x20
[  109.675576][ T4929] 
[  109.676210][ T4929] Second to last potentially related work creation:
[  109.678107][ T4929]  kasan_save_stack+0x38/0x68
[  109.679362][ T4929]  kasan_record_aux_stack+0xcc/0x114
[  109.680782][ T4929]  insert_work+0x64/0x388
[  109.682072][ T4929]  __queue_work+0xb30/0x1054
[  109.683311][ T4929]  queue_work_on+0xc4/0x17c
[  109.684555][ T4929]  call_usermodehelper_exec+0x22c/0x478
[  109.686071][ T4929]  kobject_uevent_env+0x670/0x888
[  109.687532][ T4929]  kobject_uevent+0x2c/0x3c
[  109.688732][ T4929]  driver_register+0x29c/0x374
[  109.690084][ T4929]  usb_register_driver+0x1bc/0x390
[  109.691548][ T4929]  usb_serial_register_drivers+0x1f8/0xbb8
[  109.693208][ T4929]  usb_serial_module_init+0x2c/0x38
[  109.694757][ T4929]  do_one_initcall+0x228/0x8b0
[  109.696195][ T4929]  do_initcall_level+0x154/0x214
[  109.697524][ T4929]  do_initcalls+0x58/0xac
[  109.698769][ T4929]  do_basic_setup+0x8c/0xa0
[  109.699978][ T4929]  kernel_init_freeable+0x404/0x5fc
[  109.701408][ T4929]  kernel_init+0x24/0x1d0
[  109.702612][ T4929]  ret_from_fork+0x10/0x20
[  109.703822][ T4929] 
[  109.704461][ T4929] The buggy address belongs to the object at ffff0000cf246e00
[  109.704461][ T4929]  which belongs to the cache kmalloc-256 of size 256
[  109.708555][ T4929] The buggy address is located 192 bytes inside of
[  109.708555][ T4929]  256-byte region [ffff0000cf246e00, ffff0000cf246f00)
[  109.712305][ T4929] The buggy address belongs to the page:
[  109.713920][ T4929] page:00000000775e01d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10f246
[  109.716766][ T4929] head:00000000775e01d3 order:1 compound_mapcount:0
[  109.718600][ T4929] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[  109.720855][ T4929] raw: 05ffc00000010200 0000000000000000 0000000800000001 ffff0000c0002480
[  109.723284][ T4929] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  109.725668][ T4929] page dumped because: kasan: bad access detected
[  109.727443][ T4929] 
[  109.728045][ T4929] Memory state around the buggy address:
[  109.729615][ T4929]  ffff0000cf246d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.731810][ T4929]  ffff0000cf246e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  109.734104][ T4929] >ffff0000cf246e80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.736310][ T4929]                                            ^
[  109.738029][ T4929]  ffff0000cf246f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.740266][ T4929]  ffff0000cf246f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.742431][ T4929] ==================================================================
[  109.744647][ T4929] Disabling lock debugging due to kernel taint
[  109.749647][ T4929] Unable to handle kernel paging request at virtual address ffff7b2000009bff
[  109.752328][ T4929] Mem abort info:
[  109.753319][ T4929]   ESR = 0x0000000096000004
[  109.754758][ T4929]   EC = 0x25: DABT (current EL), IL = 32 bits
[  109.756448][ T4929]   SET = 0, FnV = 0
[  109.757590][ T4929]   EA = 0, S1PTW = 0
[  109.758623][ T4929]   FSC = 0x04: level 0 translation fault
[  109.760295][ T4929] Data abort info:
[  109.761331][ T4929]   ISV = 0, ISS = 0x00000004
[  109.762635][ T4929]   CM = 0, WnR = 0
[  109.763867][ T4929] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000002113bb000
[  109.765978][ T4929] [ffff7b2000009bff] pgd=0000000000000000, p4d=0000000000000000
[  109.768274][ T4929] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[  109.770243][ T4929] Modules linked in:
[  109.771346][ T4929] CPU: 1 PID: 4929 Comm: syz.0.15 Tainted: G    B             5.15.189-syzkaller #0
[  109.773954][ T4929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.776679][ T4929] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  109.778884][ T4929] pc : kasan_check_range+0x74/0x2b0
[  109.780342][ T4929] lr : memcpy+0x90/0xe8
[  109.781492][ T4929] sp : ffff80001f667230
[  109.782634][ T4929] x29: ffff80001f667230 x28: 1fffe00019e48dc3 x27: ffff80001f667300
[  109.784853][ T4929] x26: 0000000040000000 x25: 1ffff0000276bbf8 x24: dfff800000000000
[  109.787155][ T4929] x23: ffff8000167a8000 x22: ffff800008eaca8c x21: ffff80001f667320
[  109.789297][ T4929] x20: ffffd9000004dfff x19: 0000000000000001 x18: 0000000000000000
[  109.791446][ T4929] x17: 0000000000000000 x16: ffff800008eae884 x15: 00000000000000ff
[  109.793623][ T4929] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000000001
[  109.795855][ T4929] x11: 1ffffb2000009bff x10: 1ffffb2000009bff x9 : ffffffffffffffff
[  109.798140][ T4929] x8 : ffff7b2000009bff x7 : 0000000000000000 x6 : 00000000000000ff
[  109.800410][ T4929] x5 : ffff80001f667342 x4 : ffff0000eb62100c x3 : ffff800008eaca8c
[  109.802731][ T4929] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffffd9000004dfff
[  109.805000][ T4929] Call trace:
[  109.805905][ T4929]  kasan_check_range+0x74/0x2b0
[  109.807303][ T4929]  memcpy+0x90/0xe8
[  109.808286][ T4929]  hfsplus_bnode_read+0x10c/0x21c
[  109.809611][ T4929]  hfsplus_bnode_dump+0x26c/0x37c
[  109.811014][ T4929]  hfsplus_brec_remove+0x3cc/0x4a0
[  109.812455][ T4929]  __hfsplus_delete_attr+0x198/0x350
[  109.813891][ T4929]  hfsplus_delete_all_attrs+0x204/0x33c
[  109.815572][ T4929]  hfsplus_delete_cat+0x844/0xbb0
[  109.816965][ T4929]  hfsplus_unlink+0x2a0/0x664
[  109.818268][ T4929]  hfsplus_rename+0xd0/0x1b0
[  109.819524][ T4929]  vfs_rename+0x954/0xdcc
[  109.820815][ T4929]  do_renameat2+0x74c/0xcdc
[  109.822063][ T4929]  __arm64_sys_renameat2+0xe0/0xfc
[  109.823427][ T4929]  invoke_syscall+0x98/0x2b8
[  109.824705][ T4929]  el0_svc_common+0x138/0x258
[  109.826013][ T4929]  do_el0_svc+0x58/0x14c
[  109.827122][ T4929]  el0_svc+0x78/0x1e0
[  109.828281][ T4929]  el0t_64_sync_handler+0xcc/0xe4
[  109.829663][ T4929]  el0t_64_sync+0x1a0/0x1a4
[  109.830984][ T4929] Code: 5400014c b4000b8c aa2a03e9 8b0b0129 (3940010a) 
[  109.832809][ T4929] ---[ end trace 31084842e1c70060 ]---
[  110.251776][ T4929] Kernel panic - not syncing: Oops: Fatal exception
[  110.253835][ T4929] SMP: stopping secondary CPUs
[  110.255212][ T4929] Kernel Offset: disabled
[  110.256413][ T4929] CPU features: 0x8,000081c1,21302e40
[  110.257884][ T4929] Memory Limit: none
[  110.655117][ T4929] Rebooting in 86400 seconds..