Warning: Permanently added '10.128.0.32' (ED25519) to the list of known hosts.
2025/07/18 22:51:06 ignoring optional flag "sandboxArg"="0"
2025/07/18 22:51:07 parsed 1 programs
[  132.192346][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  132.199069][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  137.280202][ T6281] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  139.945941][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.954470][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.984890][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.992852][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.328916][ T6331] chnl_net:caif_netlink_parms(): no params data found
[  142.436379][ T6331] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.444128][ T6331] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.451404][ T6331] bridge_slave_0: entered allmulticast mode
[  142.459240][ T6331] bridge_slave_0: entered promiscuous mode
[  142.469385][ T6331] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.476621][ T6331] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.484242][ T6331] bridge_slave_1: entered allmulticast mode
[  142.491878][ T6331] bridge_slave_1: entered promiscuous mode
[  142.533083][ T6331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.546959][ T6331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.591871][ T6331] team0: Port device team_slave_0 added
[  142.601398][ T6331] team0: Port device team_slave_1 added
[  142.638917][ T6331] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.645892][ T6331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.671864][ T6331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.684267][ T6331] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.691299][ T6331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.717684][ T6331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.771040][ T6331] hsr_slave_0: entered promiscuous mode
[  142.777693][ T6331] hsr_slave_1: entered promiscuous mode
[  143.418083][ T6331] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  143.431698][ T6331] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  143.452853][ T6331] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  143.464149][ T6331] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  143.583811][ T6331] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.612600][ T6331] 8021q: adding VLAN 0 to HW filter on device team0
[  143.631579][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.638786][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.667697][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.674957][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.956723][ T6331] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.027250][ T6331] veth0_vlan: entered promiscuous mode
[  144.044905][ T6331] veth1_vlan: entered promiscuous mode
[  144.087346][ T6331] veth0_macvtap: entered promiscuous mode
[  144.106497][ T6331] veth1_macvtap: entered promiscuous mode
[  144.137068][ T6331] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.155066][ T6331] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.170933][ T6331] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.182268][ T6331] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.194012][ T6331] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.204063][ T6331] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.377011][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.457407][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.530431][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.601702][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.512634][ T5159] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  145.521998][ T5159] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  145.529848][ T5159] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  145.537872][ T5159] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  145.553031][ T5159] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/07/18 22:51:21 executed programs: 0
[  145.808590][ T5159] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  145.817452][ T5159] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  145.829448][ T5159] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  145.837630][ T5159] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  145.845987][ T5159] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  146.148038][ T6435] chnl_net:caif_netlink_parms(): no params data found
[  146.286609][ T6435] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.294019][ T6435] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.301909][ T6435] bridge_slave_0: entered allmulticast mode
[  146.312468][ T6435] bridge_slave_0: entered promiscuous mode
[  146.322399][ T6435] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.330500][ T6435] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.337732][ T6435] bridge_slave_1: entered allmulticast mode
[  146.346396][ T6435] bridge_slave_1: entered promiscuous mode
[  146.406975][ T6435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.422394][ T6435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.498718][ T6435] team0: Port device team_slave_0 added
[  146.517958][ T6435] team0: Port device team_slave_1 added
[  146.635902][ T6435] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.646468][ T6435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.675549][ T6435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.687704][   T12] bridge_slave_1: left allmulticast mode
[  146.696403][   T12] bridge_slave_1: left promiscuous mode
[  146.702533][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.715928][   T12] bridge_slave_0: left allmulticast mode
[  146.721970][   T12] bridge_slave_0: left promiscuous mode
[  146.728344][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.046790][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.060814][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.073381][   T12] bond0 (unregistering): Released all slaves
[  147.094027][ T6435] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.101961][ T6435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.130218][ T6435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.210613][   T12] hsr_slave_0: left promiscuous mode
[  147.216801][   T12] hsr_slave_1: left promiscuous mode
[  147.223485][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.234003][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  147.242765][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  147.252730][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  147.273857][   T12] veth1_macvtap: left promiscuous mode
[  147.286614][   T12] veth0_macvtap: left promiscuous mode
[  147.293360][   T12] veth1_vlan: left promiscuous mode
[  147.301265][   T12] veth0_vlan: left promiscuous mode
[  147.872335][   T51] Bluetooth: hci1: command tx timeout
[  148.013412][   T12] team0 (unregistering): Port device team_slave_1 removed
[  148.110721][   T12] team0 (unregistering): Port device team_slave_0 removed
[  148.552505][ T6435] hsr_slave_0: entered promiscuous mode
[  148.559557][ T6435] hsr_slave_1: entered promiscuous mode
[  149.351234][ T6435] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  149.379746][ T6435] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  149.402694][ T6435] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  149.433549][ T6435] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  149.563417][ T6435] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.594558][ T6435] 8021q: adding VLAN 0 to HW filter on device team0
[  149.613994][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.621214][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.647890][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.655307][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.943758][ T6435] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.951124][   T51] Bluetooth: hci1: command tx timeout
[  150.011731][ T6435] veth0_vlan: entered promiscuous mode
[  150.025747][ T6435] veth1_vlan: entered promiscuous mode
[  150.063279][ T6435] veth0_macvtap: entered promiscuous mode
[  150.075804][ T6435] veth1_macvtap: entered promiscuous mode
[  150.103562][ T6435] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.123766][ T6435] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.140666][ T6435] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.152177][ T6435] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.162699][ T6435] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.173378][ T6435] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.266253][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.291512][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.324342][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.334036][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.416728][ T6535] loop0: detected capacity change from 0 to 1024
[  150.472880][ T6535] hfsplus: request for non-existent node 65030 in B*Tree
[  150.491907][ T6535] hfsplus: request for non-existent node 65030 in B*Tree
[  150.502950][ T6535] ==================================================================
[  150.511064][ T6535] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0xc0/0x2a0
[  150.518915][ T6535] Read of size 8 at addr ffff88805cd76cc0 by task syz.0.15/6535
[  150.526568][ T6535] 
[  150.528905][ T6535] CPU: 1 UID: 0 PID: 6535 Comm: syz.0.15 Not tainted 6.16.0-rc6-syzkaller-gc7de79e662b8 #0 PREEMPT(full) 
[  150.528936][ T6535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.528951][ T6535] Call Trace:
[  150.528960][ T6535]  <TASK>
[  150.528970][ T6535]  dump_stack_lvl+0x189/0x250
[  150.529005][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529035][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529063][ T6535]  ? __kasan_check_byte+0x12/0x40
[  150.529109][ T6535]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.529137][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529165][ T6535]  ? rcu_is_watching+0x15/0xb0
[  150.529195][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529224][ T6535]  ? lock_release+0x4b/0x3e0
[  150.529252][ T6535]  ? __virt_addr_valid+0x1c8/0x5c0
[  150.529285][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529313][ T6535]  ? __virt_addr_valid+0x4a5/0x5c0
[  150.529347][ T6535]  print_report+0xca/0x230
[  150.529370][ T6535]  ? hfsplus_bnode_read+0xc0/0x2a0
[  150.529400][ T6535]  kasan_report+0x118/0x150
[  150.529438][ T6535]  ? hfsplus_bnode_read+0xc0/0x2a0
[  150.529474][ T6535]  hfsplus_bnode_read+0xc0/0x2a0
[  150.529507][ T6535]  hfsplus_bnode_dump+0x300/0x450
[  150.529544][ T6535]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[  150.529576][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529604][ T6535]  ? hfsplus_bnode_write_u16+0x8b/0xd0
[  150.529636][ T6535]  ? hfsplus_bnode_move+0x393/0xb90
[  150.529667][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.529697][ T6535]  ? __pfx___hfsplus_brec_find+0x10/0x10
[  150.529734][ T6535]  hfsplus_brec_remove+0x480/0x550
[  150.529777][ T6535]  __hfsplus_delete_attr+0x1d4/0x360
[  150.529818][ T6535]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[  150.529856][ T6535]  ? hfsplus_find_init+0x8c/0x1d0
[  150.529895][ T6535]  hfsplus_delete_all_attrs+0x277/0x410
[  150.529936][ T6535]  ? __pfx_hfsplus_delete_all_attrs+0x10/0x10
[  150.529978][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.530007][ T6535]  ? rcu_is_watching+0x15/0xb0
[  150.530036][ T6535]  ? __mark_inode_dirty+0x8c5/0xdf0
[  150.530067][ T6535]  hfsplus_delete_cat+0x92c/0xd20
[  150.530107][ T6535]  ? __pfx_hfsplus_delete_cat+0x10/0x10
[  150.530138][ T6535]  ? __pfx___mutex_lock+0x10/0x10
[  150.530178][ T6535]  hfsplus_unlink+0x359/0x730
[  150.530211][ T6535]  ? __pfx_hfsplus_unlink+0x10/0x10
[  150.530242][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.530270][ T6535]  ? down_write_nested+0x169/0x200
[  150.530303][ T6535]  ? __pfx_down_write_nested+0x10/0x10
[  150.530335][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.530367][ T6535]  hfsplus_rename+0xcb/0x1c0
[  150.530393][ T6535]  ? __pfx_hfsplus_rename+0x10/0x10
[  150.530422][ T6535]  vfs_rename+0xb9c/0xec0
[  150.530465][ T6535]  ? __pfx_vfs_rename+0x10/0x10
[  150.530502][ T6535]  ? d_alloc+0x144/0x190
[  150.530528][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.530557][ T6535]  ? security_path_rename+0x17d/0x490
[  150.530592][ T6535]  do_renameat2+0x878/0xc50
[  150.530640][ T6535]  ? __pfx_do_renameat2+0x10/0x10
[  150.530680][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.530714][ T6535]  ? getname_flags+0x1e5/0x540
[  150.530740][ T6535]  __x64_sys_renameat2+0xce/0xe0
[  150.530779][ T6535]  do_syscall_64+0xfa/0x3b0
[  150.530807][ T6535]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.530832][ T6535]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.530856][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.530885][ T6535]  ? exc_page_fault+0x9f/0xf0
[  150.530910][ T6535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.530935][ T6535] RIP: 0033:0x7feb93b7ff19
[  150.530955][ T6535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.530975][ T6535] RSP: 002b:00007feb9496c058 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  150.531000][ T6535] RAX: ffffffffffffffda RBX: 00007feb93d45fa0 RCX: 00007feb93b7ff19
[  150.531018][ T6535] RDX: 0000000000000004 RSI: 00000000200000c0 RDI: 0000000000000005
[  150.531035][ T6535] RBP: 00007feb93bf3986 R08: 0000000000000000 R09: 0000000000000000
[  150.531051][ T6535] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000
[  150.531067][ T6535] R13: 0000000000000000 R14: 00007feb93d45fa0 R15: 00007fffe88b1e68
[  150.531101][ T6535]  </TASK>
[  150.531110][ T6535] 
[  150.947264][ T6535] Allocated by task 6535:
[  150.951592][ T6535]  kasan_save_track+0x3e/0x80
[  150.956473][ T6535]  __kasan_kmalloc+0x93/0xb0
[  150.961070][ T6535]  __kmalloc_noprof+0x27a/0x4f0
[  150.965926][ T6535]  __hfs_bnode_create+0xf3/0x810
[  150.970867][ T6535]  hfsplus_bnode_find+0x224/0xd20
[  150.975892][ T6535]  hfsplus_brec_find+0x15c/0x500
[  150.980833][ T6535]  hfsplus_delete_all_attrs+0x24c/0x410
[  150.986389][ T6535]  hfsplus_delete_cat+0x92c/0xd20
[  150.991408][ T6535]  hfsplus_unlink+0x359/0x730
[  150.996088][ T6535]  hfsplus_rename+0xcb/0x1c0
[  151.000675][ T6535]  vfs_rename+0xb9c/0xec0
[  151.005011][ T6535]  do_renameat2+0x878/0xc50
[  151.009517][ T6535]  __x64_sys_renameat2+0xce/0xe0
[  151.014460][ T6535]  do_syscall_64+0xfa/0x3b0
[  151.018961][ T6535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.024877][ T6535] 
[  151.027204][ T6535] The buggy address belongs to the object at ffff88805cd76c00
[  151.027204][ T6535]  which belongs to the cache kmalloc-192 of size 192
[  151.041283][ T6535] The buggy address is located 40 bytes to the right of
[  151.041283][ T6535]  allocated 152-byte region [ffff88805cd76c00, ffff88805cd76c98)
[  151.055889][ T6535] 
[  151.058212][ T6535] The buggy address belongs to the physical page:
[  151.064614][ T6535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5cd76
[  151.073392][ T6535] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.080498][ T6535] page_type: f5(slab)
[  151.084507][ T6535] raw: 00fff00000000000 ffff88801a4413c0 dead000000000122 0000000000000000
[  151.093179][ T6535] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  151.101753][ T6535] page dumped because: kasan: bad access detected
[  151.108158][ T6535] page_owner tracks the page as allocated
[  151.113865][ T6535] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6535, tgid 6534 (syz.0.15), ts 150424515640, free_ts 150401002641
[  151.133499][ T6535]  post_alloc_hook+0x240/0x2a0
[  151.138279][ T6535]  get_page_from_freelist+0x21e4/0x22c0
[  151.143826][ T6535]  __alloc_frozen_pages_noprof+0x181/0x370
[  151.149636][ T6535]  allocate_slab+0x65/0x3b0
[  151.154153][ T6535]  ___slab_alloc+0xbfc/0x1480
[  151.158819][ T6535]  __kmalloc_node_noprof+0x2fd/0x4e0
[  151.164125][ T6535]  allocate_slab+0x17c/0x3b0
[  151.168827][ T6535]  ___slab_alloc+0xbfc/0x1480
[  151.173510][ T6535]  kmem_cache_alloc_lru_noprof+0x288/0x3d0
[  151.179326][ T6535]  __d_alloc+0x31/0x6f0
[  151.183931][ T6535]  d_alloc+0x4b/0x190
[  151.187914][ T6535]  lookup_one_qstr_excl_raw+0xc8/0x280
[  151.193474][ T6535]  filename_create+0x225/0x470
[  151.198243][ T6535]  do_mkdirat+0xa0/0x590
[  151.202510][ T6535]  __x64_sys_mkdirat+0x87/0xa0
[  151.207278][ T6535]  do_syscall_64+0xfa/0x3b0
[  151.211781][ T6535] page last free pid 15 tgid 15 stack trace:
[  151.217748][ T6535]  __free_frozen_pages+0xc71/0xe70
[  151.223478][ T6535]  __tlb_remove_table+0x2d2/0x3b0
[  151.228521][ T6535]  tlb_remove_table_rcu+0x85/0x100
[  151.233747][ T6535]  rcu_core+0xca8/0x1710
[  151.237986][ T6535]  handle_softirqs+0x286/0x870
[  151.242772][ T6535]  run_ksoftirqd+0x9b/0x100
[  151.247327][ T6535]  smpboot_thread_fn+0x542/0xa60
[  151.252459][ T6535]  kthread+0x711/0x8a0
[  151.256536][ T6535]  ret_from_fork+0x3fc/0x770
[  151.261229][ T6535]  ret_from_fork_asm+0x1a/0x30
[  151.266025][ T6535] 
[  151.268345][ T6535] Memory state around the buggy address:
[  151.273969][ T6535]  ffff88805cd76b80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[  151.282156][ T6535]  ffff88805cd76c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  151.290220][ T6535] >ffff88805cd76c80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  151.298278][ T6535]                                            ^
[  151.304445][ T6535]  ffff88805cd76d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  151.312514][ T6535]  ffff88805cd76d80: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  151.321267][ T6535] ==================================================================
[  151.398402][ T6535] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  151.405677][ T6535] CPU: 0 UID: 0 PID: 6535 Comm: syz.0.15 Not tainted 6.16.0-rc6-syzkaller-gc7de79e662b8 #0 PREEMPT(full) 
[  151.417055][ T6535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.427120][ T6535] Call Trace:
[  151.430419][ T6535]  <TASK>
[  151.433348][ T6535]  dump_stack_lvl+0x99/0x250
[  151.437943][ T6535]  ? __asan_memcpy+0x40/0x70
[  151.442540][ T6535]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.447746][ T6535]  ? __pfx__printk+0x10/0x10
[  151.452354][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.458004][ T6535]  panic+0x2db/0x790
[  151.461921][ T6535]  ? __pfx_preempt_schedule+0x10/0x10
[  151.467299][ T6535]  ? __pfx_panic+0x10/0x10
[  151.471735][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.477392][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.483035][ T6535]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  151.489053][ T6535]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  151.495572][ T6535]  ? hfsplus_bnode_read+0xc0/0x2a0
[  151.500688][ T6535]  check_panic_on_warn+0x89/0xb0
[  151.505639][ T6535]  ? hfsplus_bnode_read+0xc0/0x2a0
[  151.510759][ T6535]  end_report+0x78/0x160
[  151.515011][ T6535]  kasan_report+0x129/0x150
[  151.519554][ T6535]  ? hfsplus_bnode_read+0xc0/0x2a0
[  151.524673][ T6535]  hfsplus_bnode_read+0xc0/0x2a0
[  151.529626][ T6535]  hfsplus_bnode_dump+0x300/0x450
[  151.534670][ T6535]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[  151.540228][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.545972][ T6535]  ? hfsplus_bnode_write_u16+0x8b/0xd0
[  151.551442][ T6535]  ? hfsplus_bnode_move+0x393/0xb90
[  151.556735][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.562475][ T6535]  ? __pfx___hfsplus_brec_find+0x10/0x10
[  151.568159][ T6535]  hfsplus_brec_remove+0x480/0x550
[  151.573495][ T6535]  __hfsplus_delete_attr+0x1d4/0x360
[  151.578804][ T6535]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[  151.584621][ T6535]  ? hfsplus_find_init+0x8c/0x1d0
[  151.589661][ T6535]  hfsplus_delete_all_attrs+0x277/0x410
[  151.595406][ T6535]  ? __pfx_hfsplus_delete_all_attrs+0x10/0x10
[  151.601490][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.607138][ T6535]  ? rcu_is_watching+0x15/0xb0
[  151.612023][ T6535]  ? __mark_inode_dirty+0x8c5/0xdf0
[  151.617232][ T6535]  hfsplus_delete_cat+0x92c/0xd20
[  151.622269][ T6535]  ? __pfx_hfsplus_delete_cat+0x10/0x10
[  151.627828][ T6535]  ? __pfx___mutex_lock+0x10/0x10
[  151.632870][ T6535]  hfsplus_unlink+0x359/0x730
[  151.637579][ T6535]  ? __pfx_hfsplus_unlink+0x10/0x10
[  151.642874][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.648516][ T6535]  ? down_write_nested+0x169/0x200
[  151.653642][ T6535]  ? __pfx_down_write_nested+0x10/0x10
[  151.659116][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.664757][ T6535]  hfsplus_rename+0xcb/0x1c0
[  151.669352][ T6535]  ? __pfx_hfsplus_rename+0x10/0x10
[  151.674558][ T6535]  vfs_rename+0xb9c/0xec0
[  151.678936][ T6535]  ? __pfx_vfs_rename+0x10/0x10
[  151.683816][ T6535]  ? d_alloc+0x144/0x190
[  151.688128][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.693781][ T6535]  ? security_path_rename+0x17d/0x490
[  151.699175][ T6535]  do_renameat2+0x878/0xc50
[  151.704150][ T6535]  ? __pfx_do_renameat2+0x10/0x10
[  151.709283][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.714927][ T6535]  ? getname_flags+0x1e5/0x540
[  151.719704][ T6535]  __x64_sys_renameat2+0xce/0xe0
[  151.724658][ T6535]  do_syscall_64+0xfa/0x3b0
[  151.729165][ T6535]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.734364][ T6535]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.740639][ T6535]  ? srso_alias_return_thunk+0x5/0xfbef5
[  151.746298][ T6535]  ? exc_page_fault+0x9f/0xf0
[  151.750984][ T6535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.756879][ T6535] RIP: 0033:0x7feb93b7ff19
[  151.761384][ T6535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.781010][ T6535] RSP: 002b:00007feb9496c058 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  151.789464][ T6535] RAX: ffffffffffffffda RBX: 00007feb93d45fa0 RCX: 00007feb93b7ff19
[  151.797439][ T6535] RDX: 0000000000000004 RSI: 00000000200000c0 RDI: 0000000000000005
[  151.805676][ T6535] RBP: 00007feb93bf3986 R08: 0000000000000000 R09: 0000000000000000
[  151.813655][ T6535] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000
[  151.821633][ T6535] R13: 0000000000000000 R14: 00007feb93d45fa0 R15: 00007fffe88b1e68
[  151.829618][ T6535]  </TASK>
[  151.832834][ T6535] Kernel Offset: disabled
[  151.837182][ T6535] Rebooting in 86400 seconds..