[ 69.860546][ T2311] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.165' (ED25519) to the list of known hosts. 1970/01/01 00:01:10 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:10 ignoring optional flag "type"="gce" 1970/01/01 00:01:11 parsed 1 programs [ 71.757728][ T6906] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 72.049905][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.054512][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.054893][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.055583][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.056014][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.413130][ T6944] chnl_net:caif_netlink_parms(): no params data found [ 72.459635][ T6944] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.459745][ T6944] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.459842][ T6944] bridge_slave_0: entered allmulticast mode [ 72.460690][ T6944] bridge_slave_0: entered promiscuous mode [ 72.462070][ T6944] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.462141][ T6944] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.462236][ T6944] bridge_slave_1: entered allmulticast mode [ 72.463063][ T6944] bridge_slave_1: entered promiscuous mode [ 72.478985][ T6944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.483998][ T6944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.526877][ T6944] team0: Port device team_slave_0 added [ 72.528823][ T6944] team0: Port device team_slave_1 added [ 72.549396][ T6944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.549751][ T6944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.549783][ T6944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.550817][ T6944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.550842][ T6944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.550870][ T6944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.588949][ T6944] hsr_slave_0: entered promiscuous mode [ 72.590617][ T6944] hsr_slave_1: entered promiscuous mode [ 73.525965][ T6944] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.533183][ T6944] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.536896][ T6944] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.540463][ T6944] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.580423][ T6944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.587194][ T6944] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.592165][ T242] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.592237][ T242] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.610536][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.610639][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.715533][ T6944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.742652][ T6944] veth0_vlan: entered promiscuous mode [ 73.747746][ T6944] veth1_vlan: entered promiscuous mode [ 73.764340][ T6944] veth0_macvtap: entered promiscuous mode [ 73.768582][ T6944] veth1_macvtap: entered promiscuous mode [ 73.779687][ T6944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.786235][ T6944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.793156][ T6944] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.795609][ T6944] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.798011][ T6944] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.800514][ T6944] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.112124][ T242] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.193023][ T242] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.302926][ T242] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.371263][ T242] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.378264][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.378321][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.397018][ T133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.397087][ T133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:01:14 executed programs: 0 [ 75.125544][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.126224][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.126586][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.127285][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.127747][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.254786][ T7142] chnl_net:caif_netlink_parms(): no params data found [ 75.299772][ T7142] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.299851][ T7142] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.299982][ T7142] bridge_slave_0: entered allmulticast mode [ 75.300803][ T7142] bridge_slave_0: entered promiscuous mode [ 75.301960][ T7142] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.302017][ T7142] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.302127][ T7142] bridge_slave_1: entered allmulticast mode [ 75.302956][ T7142] bridge_slave_1: entered promiscuous mode [ 75.324578][ T7142] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.326185][ T7142] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.347227][ T7142] team0: Port device team_slave_0 added [ 75.348899][ T7142] team0: Port device team_slave_1 added [ 75.365183][ T7142] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.365242][ T7142] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.365280][ T7142] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.366393][ T7142] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.366418][ T7142] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.366449][ T7142] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.401743][ T7142] hsr_slave_0: entered promiscuous mode [ 75.402316][ T7142] hsr_slave_1: entered promiscuous mode [ 75.402665][ T7142] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.402694][ T7142] Cannot create hsr debugfs directory [ 77.141559][ T52] Bluetooth: hci0: command tx timeout [ 77.526812][ T242] bridge_slave_1: left allmulticast mode [ 77.528632][ T242] bridge_slave_1: left promiscuous mode [ 77.530804][ T242] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.537423][ T242] bridge_slave_0: left allmulticast mode [ 77.539532][ T242] bridge_slave_0: left promiscuous mode [ 77.539915][ T242] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.221076][ T52] Bluetooth: hci0: command tx timeout [ 79.291637][ T242] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 79.331800][ T242] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 79.381197][ T242] bond0 (unregistering): Released all slaves [ 79.511721][ T242] hsr_slave_0: left promiscuous mode [ 79.513449][ T242] hsr_slave_1: left promiscuous mode [ 79.513909][ T242] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.513950][ T242] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.520064][ T242] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.522190][ T242] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 79.535513][ T242] veth1_macvtap: left promiscuous mode [ 79.537144][ T242] veth0_macvtap: left promiscuous mode [ 79.538783][ T242] veth1_vlan: left promiscuous mode [ 79.540626][ T242] veth0_vlan: left promiscuous mode [ 81.299359][ T52] Bluetooth: hci0: command tx timeout [ 81.400878][ T242] team0 (unregistering): Port device team_slave_1 removed [ 81.640776][ T242] team0 (unregistering): Port device team_slave_0 removed [ 83.379731][ T52] Bluetooth: hci0: command tx timeout [ 84.322613][ T7142] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.326550][ T7142] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.334719][ T7142] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.339589][ T7142] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.393238][ T7142] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.557644][ T7142] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.563221][ T705] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.563296][ T705] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.576125][ T705] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.576195][ T705] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.611874][ T7142] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.821330][ T7142] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.840505][ T7142] veth0_vlan: entered promiscuous mode [ 84.845848][ T7142] veth1_vlan: entered promiscuous mode [ 84.897879][ T7142] veth0_macvtap: entered promiscuous mode [ 84.901894][ T7142] veth1_macvtap: entered promiscuous mode [ 84.911550][ T7142] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.914259][ T7142] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.915668][ T7142] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.915706][ T7142] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.915735][ T7142] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.915764][ T7142] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.076028][ T705] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.076095][ T705] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.092516][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.094366][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.162569][ T7370] loop0: detected capacity change from 0 to 1024 [ 85.176689][ T7370] hfsplus: request for non-existent node 128 in B*Tree [ 85.178861][ T7370] hfsplus: request for non-existent node 128 in B*Tree [ 85.183941][ T7370] ================================================================== [ 85.183966][ T7370] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x98/0x1a8 [ 85.183989][ T7370] Read of size 8 at addr ffff0000cb6885c0 by task syz-executor/7370 [ 85.184004][ T7370 ** replaying previous printk message ** [ 85.184004][ T7370] [ 85.184014][ T7370] CPU: 0 UID: 0 PID: 7370 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-gaaef6f251176 #0 PREEMPT [ 85.184027][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 85.184034][ T7370] Call trace: [ 85.184038][ T7370] show_stack+0x2c/0x3c (C) [ 85.184050][ T7370] __dump_stack+0x30/0x40 [ 85.184063][ T7370] dump_stack_lvl+0xd8/0x12c [ 85.184076][ T7370] print_address_description+0xa8/0x220 [ 85.184089][ T7370] print_report+0x68/0x84 [ 85.184101][ T7370] kasan_report+0xb0/0x110 [ 85.184112][ T7370] __asan_report_load8_noabort+0x20/0x2c [ 85.184123][ T7370] hfsplus_bnode_read+0x98/0x1a8 [ 85.184134][ T7370] hfsplus_bnode_dump+0x274/0x384 [ 85.184145][ T7370] hfsplus_brec_remove+0x3cc/0x4a0 [ 85.184157][ T7370] __hfsplus_delete_attr+0x198/0x33c [ 85.184169][ T7370] hfsplus_delete_all_attrs+0x228/0x390 [ 85.184181][ T7370] hfsplus_delete_cat+0x82c/0xbb0 [ 85.184191][ T7370] hfsplus_unlink+0x2a8/0x63c [ 85.184207][ T7370] vfs_unlink+0x2e0/0x520 [ 85.184218][ T7370] do_unlinkat+0x2f0/0x4dc [ 85.184228][ T7370] __arm64_sys_unlinkat+0xdc/0xf8 [ 85.184239][ T7370] invoke_syscall+0x98/0x2b8 [ 85.184249][ T7370] el0_svc_common+0x130/0x23c [ 85.184258][ T7370] do_el0_svc+0x48/0x58 [ 85.184268][ T7370] el0_svc+0x58/0x180 [ 85.184279][ T7370] el0t_64_sync_handler+0x84/0x12c [ 85.184289][ T7370] el0t_64_sync+0x198/0x19c [ 85.184301][ T7370] [ 85.184418][ T7370] Allocated by task 7370: [ 85.184430][ T7370] kasan_save_track+0x40/0x78 [ 85.184449][ T7370] kasan_save_alloc_info+0x44/0x54 [ 85.184464][ T7370] __kasan_kmalloc+0x9c/0xb4 [ 85.184477][ T7370] __kmalloc_noprof+0x2fc/0x4c8 [ 85.184491][ T7370] __hfs_bnode_create+0xe0/0x6f4 [ 85.184506][ T7370] hfsplus_bnode_find+0x1f0/0xb5c [ 85.184520][ T7370] hfsplus_brec_find+0x128/0x448 [ 85.184535][ T7370] hfsplus_find_attr+0x164/0x234 [ 85.184550][ T7370] __hfsplus_getxattr+0x2a0/0x6c4 [ 85.184566][ T7370] hfsplus_getxattr+0x100/0x168 [ 85.184581][ T7370] hfsplus_security_getxattr+0x48/0x5c [ 85.184597][ T7370] __vfs_getxattr+0x394/0x3c0 [ 85.184620][ T7370] smk_fetch+0xc4/0x150 [ 85.184637][ T7370] smack_d_instantiate+0x53c/0x7a4 [ 85.184654][ T7370] security_d_instantiate+0x100/0x204 [ 85.184671][ T7370] d_splice_alias+0x70/0x31c [ 85.184688][ T7370] hfsplus_lookup+0x6b4/0x728 [ 85.184702][ T7370] lookup_one_qstr_excl_raw+0x10c/0x25c [ 85.184719][ T7370] do_unlinkat+0x1a0/0x4dc [ 85.184733][ T7370] __arm64_sys_unlinkat+0xdc/0xf8 [ 85.184747][ T7370] invoke_syscall+0x98/0x2b8 [ 85.184761][ T7370] el0_svc_common+0x130/0x23c [ 85.184774][ T7370] do_el0_svc+0x48/0x58 [ 85.184787][ T7370] el0_svc+0x58/0x180 [ 85.184801][ T7370] el0t_64_sync_handler+0x84/0x12c [ 85.184815][ T7370] el0t_64_sync+0x198/0x19c [ 85.184828][ T7370] [ 85.184836][ T7370] The buggy address belongs to the object at ffff0000cb688500 [ 85.184836][ T7370] which belongs to the cache kmalloc-192 of size 192 [ 85.184851][ T7370] The buggy address is located 40 bytes to the right of [ 85.184851][ T7370] allocated 152-byte region [ffff0000cb688500, ffff0000cb688598) [ 85.184869][ T7370] [ 85.184877][ T7370] The buggy address belongs to the physical page: [ 85.184888][ T7370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b688 [ 85.184903][ T7370] anon flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff) [ 85.184919][ T7370] page_type: f5(slab) [ 85.184934][ T7370] raw: 05ffc00000000000 ffff0000c00013c0 fffffdffc30768c0 dead000000000005 [ 85.184949][ T7370] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 85.184960][ T7370] page dumped because: kasan: bad access detected [ 85.184971][ T7370] [ 85.184979][ T7370] Memory state around the buggy address: [ 85.184990][ T7370] ffff0000cb688480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 85.185003][ T7370] ffff0000cb688500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 85.185016][ T7370] >ffff0000cb688580: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 85.185027][ T7370] ^ [ 85.185038][ T7370] ffff0000cb688600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 85.185051][ T7370] ffff0000cb688680: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 85.185062][ T7370] ================================================================== [ 85.193333][ T7370] Disabling lock debugging due to kernel taint [ 85.193516][ T7370] ------------[ cut here ]------------ [ 85.193527][ T7370] WARNING: CPU: 1 PID: 7370 at ./include/linux/mm.h:2206 kmap_local_page+0x370/0x4ec [ 85.313337][ T7370] Modules linked in: [ 85.314447][ T7370] CPU: 1 UID: 0 PID: 7370 Comm: syz-executor Tainted: G B 6.16.0-rc6-syzkaller-gaaef6f251176 #0 PREEMPT [ 85.318052][ T7370] Tainted: [B]=BAD_PAGE [ 85.319238][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 85.322076][ T7370] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 85.324237][ T7370] pc : kmap_local_page+0x370/0x4ec [ 85.325618][ T7370] lr : kmap_local_page+0x140/0x4ec [ 85.327030][ T7370] sp : ffff8000a14b7470 [ 85.328152][ T7370] x29: ffff8000a14b7470 x28: 0000000000000232 x27: 0000000000007232 [ 85.330486][ T7370] x26: ffff80008ef79000 x25: 1ffff00011def2a0 x24: dfff800000000000 [ 85.332749][ T7370] x23: 07da05da41001cca x22: 0000000000000002 x21: 0000000000000002 [ 85.335010][ T7370] x20: ffff0000cb688500 x19: 001f681769040073 x18: 1fffe000337d6476 [ 85.337343][ T7370] x17: 0000000000000000 x16: ffff80008af005d0 x15: 0000000000000001 [ 85.339565][ T7370] x14: 1ffff000125db6f4 x13: 0000000000000000 x12: 0000000000000000 [ 85.341720][ T7370] x11: ffff7000125db6f5 x10: 0000000000ff0100 x9 : 0000000000000000 [ 85.343919][ T7370] x8 : ffff0000d2d78000 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.346127][ T7370] x5 : ffff8000a14b6d38 x4 : ffff80008f776bc0 x3 : ffff8000803b7030 [ 85.348357][ T7370] x2 : 0000000000000001 x1 : 001f681769040073 x0 : 0010000000000000 [ 85.350631][ T7370] Call trace: [ 85.351617][ T7370] kmap_local_page+0x370/0x4ec (P) [ 85.353051][ T7370] hfsplus_bnode_read+0xa4/0x1a8 [ 85.354473][ T7370] hfsplus_bnode_dump+0x274/0x384 [ 85.355815][ T7370] hfsplus_brec_remove+0x3cc/0x4a0 [ 85.357260][ T7370] __hfsplus_delete_attr+0x198/0x33c [ 85.358776][ T7370] hfsplus_delete_all_attrs+0x228/0x390 [ 85.360319][ T7370] hfsplus_delete_cat+0x82c/0xbb0 [ 85.361707][ T7370] hfsplus_unlink+0x2a8/0x63c [ 85.362963][ T7370] vfs_unlink+0x2e0/0x520 [ 85.364183][ T7370] do_unlinkat+0x2f0/0x4dc [ 85.365390][ T7370] __arm64_sys_unlinkat+0xdc/0xf8 [ 85.366830][ T7370] invoke_syscall+0x98/0x2b8 [ 85.368086][ T7370] el0_svc_common+0x130/0x23c [ 85.369333][ T7370] do_el0_svc+0x48/0x58 [ 85.370467][ T7370] el0_svc+0x58/0x180 [ 85.371530][ T7370] el0t_64_sync_handler+0x84/0x12c [ 85.373048][ T7370] el0t_64_sync+0x198/0x19c [ 85.374546][ T7370] irq event stamp: 2993 [ 85.375744][ T7370] hardirqs last enabled at (2993): [] finish_lock_switch+0xb0/0x1c0 [ 85.378371][ T7370] hardirqs last disabled at (2992): [] __schedule+0x320/0x2a28 [ 85.380862][ T7370] softirqs last enabled at (2974): [] handle_softirqs+0xaf8/0xc88 [ 85.383621][ T7370] softirqs last disabled at (2963): [] __do_softirq+0x14/0x20 [ 85.386148][ T7370] ---[ end trace 0000000000000000 ]--- [ 85.3 ** replaying previous printk message ** [ 85.391254][ T7370] Unable to handle kernel paging request at virtual address fff07690000734b2 [ 85.391298][ T7370] KASAN: maybe wild-memory-access in range [0xff87b4800039a590-0xff87b4800039a597] [ 85.391318][ T7370] Mem abort info: [ 85.391331][ T7370] ESR = 0x0000000096000004 [ 85.391345][ T7370] EC = 0x25: DABT (current EL), IL = 32 bits [ 85.391362][ T7370] SET = 0, FnV = 0 [ 85.391376][ T7370] EA = 0, S1PTW = 0 [ 85.391390][ T7370] FSC = 0x04: level 0 translation fault [ 85.391406][ T7370] Data abort info: [ 85.391418][ T7370] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 85.391434][ T7370] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 85.391450][ T7370] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 85.391467][ T7370] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000207157000 [ 85.391485][ T7370] [fff07690000734b2] pgd=180000023ffff403, p4d=0000000000000000 [ 85.391519][ T7370] Internal error: Oops: 0000000096000004 [#1] SMP [ 85.416499][ T7370] Modules linked in: [ 85.417515][ T7370] CPU: 1 UID: 0 PID: 7370 Comm: syz-executor Tainted: G B W 6.16.0-rc6-syzkaller-gaaef6f251176 #0 PREEMPT [ 85.420852][ T7370] Tainted: [B]=BAD_PAGE, [W]=WARN [ 85.422152][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 85.424851][ T7370] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 85.427077][ T7370] pc : __pi_memcpy_generic+0x70/0x22c [ 85.428602][ T7370] lr : __asan_memcpy+0x68/0x84 [ 85.429951][ T7370] sp : ffff8000a14b7490 [ 85.431100][ T7370] x29: ffff8000a14b7490 x28: 0000000000000232 x27: 0000000000007232 [ 85.433374][ T7370] x26: 0000000000000002 x25: dfff800000000000 x24: 0000000000000234 [ 85.435549][ T7370] x23: fff0769000073280 x22: ffff8000812aa99c x21: ffff8000a14b7560 [ 85.437834][ T7370] x20: fff07690000734b2 x19: 0000000000000002 x18: 1fffe000337d6476 [ 85.439999][ T7370] x17: 0000000000000000 x16: ffff80008af005d0 x15: ffff700014296eac [ 85.442186][ T7370] x14: 0000000000000001 x13: 0000000000000002 x12: ffffffffffffffff [ 85.444393][ T7370] x11: ffff700014296eac x10: dfff800000000000 x9 : 0000000000000002 [ 85.446610][ T7370] x8 : 0000000000000001 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.448934][ T7370] x5 : ffff8000a14b7562 x4 : fff07690000734b4 x3 : ffff8000812aa99c [ 85.451138][ T7370] x2 : 0000000000000002 x1 : fff07690000734b2 x0 : ffff8000a14b7560 [ 85.453252][ T7370] Call trace: [ 85.454155][ T7370] __pi_memcpy_generic+0x70/0x22c (P) [ 85.455655][ T7370] hfsplus_bnode_read+0xd0/0x1a8 [ 85.456974][ T7370] hfsplus_bnode_dump+0x274/0x384 [ 85.458410][ T7370] hfsplus_brec_remove+0x3cc/0x4a0 [ 85.459744][ T7370] __hfsplus_delete_attr+0x198/0x33c [ 85.461197][ T7370] hfsplus_delete_all_attrs+0x228/0x390 [ 85.462702][ T7370] hfsplus_delete_cat+0x82c/0xbb0 [ 85.464105][ T7370] hfsplus_unlink+0x2a8/0x63c [ 85.465415][ T7370] vfs_unlink+0x2e0/0x520 [ 85.466638][ T7370] do_unlinkat+0x2f0/0x4dc [ 85.467841][ T7370] __arm64_sys_unlinkat+0xdc/0xf8 [ 85.469236][ T7370] invoke_syscall+0x98/0x2b8 [ 85.470534][ T7370] el0_svc_common+0x130/0x23c [ 85.471870][ T7370] do_el0_svc+0x48/0x58 [ 85.473024][ T7370] el0_svc+0x58/0x180 [ 85.474211][ T7370] el0t_64_sync_handler+0x84/0x12c [ 85.475597][ T7370] el0t_64_sync+0x198/0x19c [ 85.476882][ T7370] Code: b81fc0a8 d65f03c0 b4000102 d341fc4e (39400026) [ 85.478794][ T7370] ---[ end trace 0000000000000000 ]--- [ 85.863792][ T7370] Kernel panic - not syncing: Oops: Fatal exception [ 85.865594][ T7370] SMP: stopping secondary CPUs [ 85.866892][ T7370] Kernel Offset: disabled [ 85.868057][ T7370] CPU features: 0x10000,00040e00,040008a1,04017203 [ 85.869791][ T7370] Memory Limit: none [ 86.226934][ T7370] Rebooting in 86400 seconds..