[   63.104163][    T9] device veth1_vlan left promiscuous mode
[   63.105158][    T9] device veth0_vlan left promiscuous mode
[   63.306329][    T9] team0 (unregistering): Port device team_slave_1 removed
[   63.315497][    T9] team0 (unregistering): Port device team_slave_0 removed
[   63.322635][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   63.399573][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   63.530114][    T9] bond0 (unregistering): Released all slaves
[   69.635103][   T25] cfg80211: failed to load regulatory.db
[   69.637536][ T2055] ieee802154 phy0 wpan0: encryption failed: -22
[   69.638677][ T2055] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '10.128.0.188' (ED25519) to the list of known hosts.
1970/01/01 00:01:18 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:18 parsed 1 programs
[   81.267086][ T4410] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   86.790262][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.792548][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.795660][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   86.811761][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.813870][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.816384][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   87.817832][ T4473] chnl_net:caif_netlink_parms(): no params data found
[   87.853477][ T4473] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.855318][ T4473] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.857838][ T4473] device bridge_slave_0 entered promiscuous mode
[   87.861509][ T4473] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.864732][ T4473] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.867459][ T4473] device bridge_slave_1 entered promiscuous mode
[   87.882791][ T4473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.887903][ T4473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.903975][ T4473] team0: Port device team_slave_0 added
[   87.907833][ T4473] team0: Port device team_slave_1 added
[   87.923488][ T4473] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.925102][ T4473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.931215][ T4473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.935598][ T4473] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.937454][ T4473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.943916][ T4473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.013815][ T4473] device hsr_slave_0 entered promiscuous mode
[   88.052131][ T4473] device hsr_slave_1 entered promiscuous mode
[   88.778476][ T4473] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.813660][ T4473] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.864981][ T4473] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.903693][ T4473] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.014385][ T4473] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.023916][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   89.026461][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   89.031063][ T4473] 8021q: adding VLAN 0 to HW filter on device team0
[   89.037367][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   89.040122][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   89.043023][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.044811][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.054447][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   89.056929][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   89.059586][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   89.064588][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.066317][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.068580][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   89.084440][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   89.087488][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   89.090721][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   89.094005][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   89.096690][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   89.099200][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   89.101858][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   89.107645][ T4473] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   89.110744][ T4473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   89.115867][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   89.118222][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   89.121083][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   89.200846][ T4473] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.205765][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   89.207635][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   89.220822][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   89.225776][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   89.283227][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   89.285649][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   89.288590][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   89.291358][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   89.299501][ T4473] device veth0_vlan entered promiscuous mode
[   89.306570][ T4473] device veth1_vlan entered promiscuous mode
[   89.328493][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   89.330839][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   89.333535][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   89.336635][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   89.340910][ T4473] device veth0_macvtap entered promiscuous mode
[   89.345390][ T4473] device veth1_macvtap entered promiscuous mode
[   89.359154][ T4473] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.361206][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   89.365308][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   89.367904][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   89.370443][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   89.376950][ T4473] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.380953][ T4473] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.383852][ T4473] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.386100][ T4473] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.388169][ T4473] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.391229][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   89.394041][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
1970/01/01 00:01:29 executed programs: 0
[   89.695239][ T4595] chnl_net:caif_netlink_parms(): no params data found
[   89.789573][ T4595] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.791431][ T4595] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.795408][ T4595] device bridge_slave_0 entered promiscuous mode
[   89.799410][ T4595] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.801092][ T4595] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.803619][ T4595] device bridge_slave_1 entered promiscuous mode
[   89.832562][ T4595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.836854][ T4595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.852700][ T4595] team0: Port device team_slave_0 added
[   89.856149][ T4595] team0: Port device team_slave_1 added
[   89.876863][ T4595] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.878620][ T4595] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.888717][ T4595] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.893341][ T4595] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.895124][ T4595] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.903094][ T4595] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.963736][ T4595] device hsr_slave_0 entered promiscuous mode
[   89.992178][ T4595] device hsr_slave_1 entered promiscuous mode
[   90.032095][ T4595] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.034016][ T4595] Cannot create hsr debugfs directory
[   90.109403][ T4595] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.631928][ T4519] Bluetooth: hci0: command 0x0409 tx timeout
[   92.690178][ T4595] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.711864][ T4519] Bluetooth: hci0: command 0x041b tx timeout
[   95.102520][ T4595] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.183102][ T4595] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.402039][ T4595] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.433762][ T4595] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.483261][ T4595] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.526139][ T4595] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.640405][ T4595] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.657035][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.659344][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.665166][ T4595] 8021q: adding VLAN 0 to HW filter on device team0
[   95.669672][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.675284][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.677683][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.679423][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.681603][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.693812][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.696472][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.699956][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.701623][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.708800][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   95.715004][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   95.720114][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   95.724126][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.726819][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   95.731563][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   95.735460][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.740471][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   95.744481][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.749586][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   95.752956][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.757320][ T4595] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   95.794742][ T4112] Bluetooth: hci0: command 0x040f tx timeout
[   95.833642][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   95.835514][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   95.841408][ T4595] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.855718][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   95.858529][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   95.871394][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   95.874180][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.877746][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.880014][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.894477][ T4595] device veth0_vlan entered promiscuous mode
[   95.901170][ T4595] device veth1_vlan entered promiscuous mode
[   95.917253][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   95.919894][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   95.922685][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   95.925337][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.929821][ T4595] device veth0_macvtap entered promiscuous mode
[   95.935530][ T4595] device veth1_macvtap entered promiscuous mode
[   95.946829][ T4595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.949436][ T4595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.953487][ T4595] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.968076][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   95.970512][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   95.973193][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   95.975897][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   95.980205][ T4595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.984156][ T4595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.987315][ T4595] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.989245][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   95.995893][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   96.000366][ T4595] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.002979][ T4595] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.005188][ T4595] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.007157][ T4595] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.058906][  T288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.060831][  T288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.068831][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   96.081126][  T413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.083948][  T413] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.086735][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:36 executed programs: 2
[   96.123344][ T4856] loop0: detected capacity change from 0 to 1024
[   96.168198][    T9] device hsr_slave_0 left promiscuous mode
[   96.178981][ T4856] ==================================================================
[   96.181134][ T4856] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x120/0x24c
[   96.183045][ T4856] Write of size 3970 at addr ffff0000d6a76000 by task syz.0.15/4856
[   96.185077][ T4856] 
[   96.185628][ T4856] CPU: 1 PID: 4856 Comm: syz.0.15 Not tainted 5.15.179-syzkaller #0
[   96.187642][ T4856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   96.190255][ T4856] Call trace:
[   96.191085][ T4856]  dump_backtrace+0x0/0x530
[   96.192252][ T4856]  show_stack+0x2c/0x3c
[   96.193334][ T4856]  dump_stack_lvl+0x108/0x170
[   96.194534][ T4856]  print_address_description+0x7c/0x3f0
[   96.195927][ T4856]  kasan_report+0x174/0x1e4
[   96.196974][ T4856]  kasan_check_range+0x274/0x2b4
[   96.198224][ T4856]  memcpy+0xb4/0xe8
[   96.199149][ T4856]  hfsplus_bnode_read+0x120/0x24c
[   96.200455][ T4856]  hfsplus_bnode_read_key+0x170/0x278
[   96.201746][ T4856]  hfsplus_brec_insert+0x520/0xaa0
[   96.203011][ T4856]  hfsplus_create_attr+0x3b0/0x568
[   96.204269][ T4856]  __hfsplus_setxattr+0x9a8/0x1df0
[   96.205526][ T4856]  hfsplus_setxattr+0xb4/0xec
[   96.206720][ T4856]  hfsplus_security_setxattr+0x54/0x6c
[   96.208133][ T4856]  __vfs_setxattr+0x388/0x3a4
[   96.209285][ T4856]  __vfs_setxattr_noperm+0x110/0x528
[   96.210584][ T4856]  __vfs_setxattr_locked+0x1ec/0x218
[   96.211956][ T4856]  vfs_setxattr+0x1a8/0x344
[   96.213115][ T4856]  setxattr+0x250/0x2b4
[   96.214172][ T4856]  path_setxattr+0x17c/0x258
[   96.215378][ T4856]  __arm64_sys_setxattr+0xbc/0xd8
[   96.216598][ T4856]  invoke_syscall+0x98/0x2b8
[   96.217770][ T4856]  el0_svc_common+0x138/0x258
[   96.218890][ T4856]  do_el0_svc+0x58/0x14c
[   96.219968][ T4856]  el0_svc+0x7c/0x1f0
[   96.220904][ T4856]  el0t_64_sync_handler+0x84/0xe4
[   96.222176][ T4856]  el0t_64_sync+0x1a0/0x1a4
[   96.223318][ T4856] 
[   96.223907][ T4856] Allocated by task 4856:
[   96.224987][ T4856]  ____kasan_kmalloc+0xbc/0xfc
[   96.226223][ T4856]  __kasan_kmalloc+0x10/0x1c
[   96.227295][ T4856]  __kmalloc+0x29c/0x4c8
[   96.228425][ T4856]  hfsplus_find_init+0x84/0x1bc
[   96.229677][ T4856]  hfsplus_create_attr+0x14c/0x568
[   96.230870][ T4856]  __hfsplus_setxattr+0x9a8/0x1df0
[   96.232155][ T4856]  hfsplus_setxattr+0xb4/0xec
[   96.233253][ T4856]  hfsplus_security_setxattr+0x54/0x6c
[   96.234562][ T4856]  __vfs_setxattr+0x388/0x3a4
[   96.235671][ T4856]  __vfs_setxattr_noperm+0x110/0x528
[   96.236941][ T4856]  __vfs_setxattr_locked+0x1ec/0x218
[   96.238247][ T4856]  vfs_setxattr+0x1a8/0x344
[   96.239338][ T4856]  setxattr+0x250/0x2b4
[   96.240397][ T4856]  path_setxattr+0x17c/0x258
[   96.241507][ T4856]  __arm64_sys_setxattr+0xbc/0xd8
[   96.242731][ T4856]  invoke_syscall+0x98/0x2b8
[   96.243916][ T4856]  el0_svc_common+0x138/0x258
[   96.245117][ T4856]  do_el0_svc+0x58/0x14c
[   96.246212][ T4856]  el0_svc+0x7c/0x1f0
[   96.247174][ T4856]  el0t_64_sync_handler+0x84/0xe4
[   96.248526][ T4856]  el0t_64_sync+0x1a0/0x1a4
[   96.249613][ T4856] 
[   96.250181][ T4856] The buggy address belongs to the object at ffff0000d6a76000
[   96.250181][ T4856]  which belongs to the cache kmalloc-1k of size 1024
[   96.253509][ T4856] The buggy address is located 0 bytes inside of
[   96.253509][ T4856]  1024-byte region [ffff0000d6a76000, ffff0000d6a76400)
[   96.256819][ T4856] The buggy address belongs to the page:
[   96.258180][ T4856] page:00000000de2f0f18 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116a70
[   96.260701][ T4856] head:00000000de2f0f18 order:3 compound_mapcount:0 compound_pincount:0
[   96.262646][ T4856] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   96.264630][ T4856] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0002780
[   96.266724][ T4856] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   96.268835][ T4856] page dumped because: kasan: bad access detected
[   96.270461][ T4856] 
[   96.271059][ T4856] Memory state around the buggy address:
[   96.272452][ T4856]  ffff0000d6a76100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   96.274325][ T4856]  ffff0000d6a76180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   96.276295][ T4856] >ffff0000d6a76200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   96.278347][ T4856]                             ^
[   96.279556][ T4856]  ffff0000d6a76280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   96.281700][ T4856]  ffff0000d6a76300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   96.283718][ T4856] ==================================================================
[   96.285768][ T4856] Disabling lock debugging due to kernel taint
[   96.302775][    T9] device hsr_slave_1 left promiscuous mode
[   96.360602][ T4858] loop0: detected capacity change from 0 to 1024
[   96.381970][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.383844][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[   96.387315][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   96.389134][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[   96.391197][    T9] device bridge_slave_1 left promiscuous mode
[   96.394739][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.397691][ T4860] loop0: detected capacity change from 0 to 1024
[   96.415712][  T413] Unable to handle kernel paging request at virtual address dfff800000000008
[   96.417854][  T413] Mem abort info:
[   96.418768][  T413]   ESR = 0x0000000096000006
[   96.419865][  T413]   EC = 0x25: DABT (current EL), IL = 32 bits
[   96.421330][  T413]   SET = 0, FnV = 0
[   96.423969][  T413]   EA = 0, S1PTW = 0
[   96.425082][  T413]   FSC = 0x06: level 2 translation fault
[   96.426421][  T413] Data abort info:
[   96.427366][  T413]   ISV = 0, ISS = 0x00000006
[   96.428481][  T413]   CM = 0, WnR = 0
[   96.429324][  T413] [dfff800000000008] address between user and kernel address ranges
[   96.431213][  T413] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
[   96.432935][  T413] Modules linked in:
[   96.433909][  T413] CPU: 1 PID: 413 Comm: kworker/u4:5 Tainted: G    B             5.15.179-syzkaller #0
[   96.436283][  T413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   96.438686][  T413] Workqueue: writeback wb_workfn (flush-7:0)
[   96.440171][  T413] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   96.442187][  T413] pc : hfsplus_find_init+0x68/0x1bc
[   96.443420][  T413] lr : hfsplus_find_init+0x2c/0x1bc
[   96.444746][  T413] sp : ffff8000203a6ee0
[   96.445750][  T413] x29: ffff8000203a6ee0 x28: dfff800000000000 x27: ffff700004074de8
[   96.447692][  T413] x26: 1fffe00018f58e80 x25: ffff0000da3ba828 x24: dfff800000000000
[   96.449849][  T413] x23: 0000000000000008 x22: ffff8000203a6f78 x21: 0000000000000040
[   96.451839][  T413] x20: ffff8000203a6f60 x19: 0000000000000000 x18: ffff8000203a7a94
[   96.453811][  T413] x17: 0000000000000000 x16: ffff8000088d8138 x15: 0000000000000012
[   96.455754][  T413] x14: ffff0000c8110000 x13: 0000000000ff0100 x12: 0000000000000001
[   96.457770][  T413] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff0000c8110000
[   96.459716][  T413] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f
[   96.461695][  T413] x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000000
[   96.463703][  T413] x2 : 0000000000000008 x1 : ffff8000203a6f60 x0 : ffff8000203a6f70
[   96.465736][  T413] Call trace:
[   96.466525][  T413]  hfsplus_find_init+0x68/0x1bc
[   96.467866][  T413]  hfsplus_cat_write_inode+0x1a4/0xd58
[   96.469189][  T413]  hfsplus_write_inode+0x15c/0x4ec
[   96.470496][  T413]  __writeback_single_inode+0x584/0x13a4
[   96.471800][  T413]  writeback_sb_inodes+0x94c/0x1654
[   96.473015][  T413]  wb_writeback+0x3fc/0xfc8
[   96.474147][  T413]  wb_workfn+0x3a4/0x1070
[   96.475149][  T413]  process_one_work+0x790/0x11b8
[   96.476404][  T413]  worker_thread+0x910/0x1034
[   96.477576][  T413]  kthread+0x37c/0x45c
[   96.478548][  T413]  ret_from_fork+0x10/0x20
[   96.479708][  T413] Code: 97e425d2 91010275 f90002df d343feb7 (38f86ae8) 
[   96.481393][  T413] ---[ end trace b25bcde8cb2ee31f ]---
[   96.914402][  T413] Kernel panic - not syncing: Oops: Fatal exception
[   96.916130][  T413] SMP: stopping secondary CPUs
[   96.917332][  T413] Kernel Offset: disabled
[   96.918367][  T413] CPU features: 0x8,000081c1,21302e40
[   96.919709][  T413] Memory Limit: none
[   97.370266][  T413] Rebooting in 86400 seconds..