program:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0xa08802, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ")
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00')
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0xa08802, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ") (async)
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) (async)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) (async)
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00') (async)

[   72.741571][ T4665] Bluetooth: hci0: command tx timeout
[   72.945175][ T5321] loop0: detected capacity change from 0 to 1024
[   73.185085][ T5321] hfsplus: request for non-existent node 211 in B*Tree
[   73.204385][ T5321] hfsplus: request for non-existent node 211 in B*Tree
[   73.210321][ T5322] ==================================================================
[   73.229328][ T5322] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0xc1/0x1e0
[   73.232811][ T5322] Read of size 8 at addr ffff888036b869c8 by task syz.0.0/5322
[   73.235705][ T5322] 
[   73.236706][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[   73.236721][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.236729][ T5322] Call Trace:
[   73.236737][ T5322]  <TASK>
[   73.236743][ T5322]  dump_stack_lvl+0x241/0x360
[   73.236760][ T5322]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.236770][ T5322]  ? __pfx__printk+0x10/0x10
[   73.236780][ T5322]  ? _printk+0xd5/0x120
[   73.236789][ T5322]  ? __virt_addr_valid+0x183/0x530
[   73.236799][ T5322]  ? __virt_addr_valid+0x183/0x530
[   73.236808][ T5322]  print_report+0x16e/0x5b0
[   73.236821][ T5322]  ? __virt_addr_valid+0x183/0x530
[   73.236830][ T5322]  ? __virt_addr_valid+0x183/0x530
[   73.236839][ T5322]  ? __virt_addr_valid+0x45f/0x530
[   73.236848][ T5322]  ? __phys_addr+0xba/0x170
[   73.236857][ T5322]  ? hfsplus_bnode_read+0xc1/0x1e0
[   73.236871][ T5322]  kasan_report+0x143/0x180
[   73.236883][ T5322]  ? block_dirty_folio+0x15d/0x1e0
[   73.236896][ T5322]  ? hfsplus_bnode_read+0xc1/0x1e0
[   73.236910][ T5322]  hfsplus_bnode_read+0xc1/0x1e0
[   73.236924][ T5322]  hfsplus_bnode_dump+0x289/0x6a0
[   73.236938][ T5322]  ? block_dirty_folio+0x167/0x1e0
[   73.236953][ T5322]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   73.236965][ T5322]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   73.236980][ T5322]  ? hfsplus_bnode_move+0x2da/0x900
[   73.236993][ T5322]  ? __mark_inode_dirty+0x3db/0xe90
[   73.237010][ T5322]  hfsplus_brec_remove+0x42c/0x4f0
[   73.237028][ T5322]  __hfsplus_delete_attr+0x275/0x450
[   73.237040][ T5322]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   73.237051][ T5322]  ? hfsplus_attr_build_key+0xef/0x260
[   73.237061][ T5322]  hfsplus_delete_attr+0x25b/0x2f0
[   73.237072][ T5322]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   73.237083][ T5322]  ? hfsplus_find_init+0x85/0x1c0
[   73.237098][ T5322]  ? hfsplus_find_init+0x14a/0x1c0
[   73.237113][ T5322]  __hfsplus_setxattr+0x4ad/0x2380
[   73.237123][ T5322]  ? kernel_text_address+0xa7/0xe0
[   73.237136][ T5322]  ? arch_stack_walk+0xfd/0x150
[   73.237149][ T5322]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   73.237160][ T5322]  ? stack_trace_save+0x118/0x1d0
[   73.237174][ T5322]  ? __pfx_stack_trace_save+0x10/0x10
[   73.237199][ T5322]  ? __kasan_kmalloc+0x98/0xb0
[   73.237212][ T5322]  hfsplus_setxattr+0x11c/0x180
[   73.237256][ T5322]  hfsplus_trusted_setxattr+0x40/0x60
[   73.237268][ T5322]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   73.237280][ T5322]  __vfs_setxattr+0x468/0x4a0
[   73.237297][ T5322]  __vfs_setxattr_noperm+0x12e/0x660
[   73.237311][ T5322]  vfs_setxattr+0x221/0x430
[   73.237326][ T5322]  ? __pfx_vfs_setxattr+0x10/0x10
[   73.237341][ T5322]  filename_setxattr+0x2af/0x430
[   73.237355][ T5322]  ? __phys_addr_symbol+0x2f/0x70
[   73.237366][ T5322]  ? __pfx_filename_setxattr+0x10/0x10
[   73.237381][ T5322]  ? getname_flags+0x1e3/0x540
[   73.237396][ T5322]  path_setxattrat+0x440/0x510
[   73.237407][ T5322]  ? __pfx_path_setxattrat+0x10/0x10
[   73.237425][ T5322]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   73.237442][ T5322]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   73.237457][ T5322]  __x64_sys_setxattr+0xbc/0xe0
[   73.237471][ T5322]  do_syscall_64+0xf3/0x230
[   73.237541][ T5322]  ? clear_bhb_loop+0x35/0x90
[   73.237557][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.237571][ T5322] RIP: 0033:0x7f1eeef8d169
[   73.237584][ T5322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.237593][ T5322] RSP: 002b:00007f1eeb3f5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   73.237606][ T5322] RAX: ffffffffffffffda RBX: 00007f1eef1a6080 RCX: 00007f1eeef8d169
[   73.237613][ T5322] RDX: 0000200000001400 RSI: 0000200000000240 RDI: 0000200000000280
[   73.237621][ T5322] RBP: 00007f1eef00e2a0 R08: 0000000000000000 R09: 0000000000000000
[   73.237627][ T5322] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000
[   73.237633][ T5322] R13: 0000000000000000 R14: 00007f1eef1a6080 R15: 00007fff25de4cc8
[   73.237643][ T5322]  </TASK>
[   73.237647][ T5322] 
[   73.578932][ T5322] Allocated by task 5321:
[   73.580844][ T5322]  kasan_save_track+0x3f/0x80
[   73.582898][ T5322]  __kasan_kmalloc+0x98/0xb0
[   73.599456][ T5322]  __kmalloc_noprof+0x285/0x4c0
[   73.601399][ T5322]  __hfs_bnode_create+0xf8/0x770
[   73.603424][ T5322]  hfsplus_bnode_find+0x22b/0xe40
[   73.605437][ T5322]  hfsplus_brec_find+0x183/0x570
[   73.607444][ T5322]  hfsplus_attr_exists+0x15f/0x1d0
[   73.609468][ T5322]  __hfsplus_setxattr+0x476/0x2380
[   73.611637][ T5322]  hfsplus_setxattr+0x11c/0x180
[   73.623847][ T5322]  hfsplus_trusted_setxattr+0x40/0x60
[   73.626109][ T5322]  __vfs_setxattr+0x468/0x4a0
[   73.628153][ T5322]  __vfs_setxattr_noperm+0x12e/0x660
[   73.633589][ T5322]  vfs_setxattr+0x221/0x430
[   73.644189][ T5322]  filename_setxattr+0x2af/0x430
[   73.648676][ T5322]  path_setxattrat+0x440/0x510
[   73.652882][ T5322]  __x64_sys_setxattr+0xbc/0xe0
[   73.660856][ T5322]  do_syscall_64+0xf3/0x230
[   73.667261][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.673617][ T5322] 
[   73.675737][ T5322] The buggy address belongs to the object at ffff888036b86900
[   73.675737][ T5322]  which belongs to the cache kmalloc-192 of size 192
[   73.686464][ T5322] The buggy address is located 48 bytes to the right of
[   73.686464][ T5322]  allocated 152-byte region [ffff888036b86900, ffff888036b86998)
[   73.711978][ T5322] 
[   73.713097][ T5322] The buggy address belongs to the physical page:
[   73.719644][ T5322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36b86
[   73.730227][ T5322] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   73.733014][ T5322] page_type: f5(slab)
[   73.736704][ T5322] raw: 04fff00000000000 ffff88801b0413c0 dead000000000100 dead000000000122
[   73.744192][ T5322] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   73.751240][ T5322] page dumped because: kasan: bad access detected
[   73.758493][ T5322] page_owner tracks the page as allocated
[   73.763967][ T5322] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 15339197185, free_ts 0
[   73.782715][ T5322]  post_alloc_hook+0x1f4/0x240
[   73.787349][ T5322]  get_page_from_freelist+0x365c/0x37a0
[   73.793705][ T5322]  __alloc_frozen_pages_noprof+0x292/0x710
[   73.804003][ T5322]  alloc_pages_mpol+0x311/0x660
[   73.806458][ T5322]  allocate_slab+0x8f/0x3a0
[   73.808591][ T5322]  ___slab_alloc+0xc27/0x14a0
[   73.814463][ T5322]  __slab_alloc+0x58/0xa0
[   73.816419][ T5322]  __kmalloc_noprof+0x2e6/0x4c0
[   73.818532][ T5322]  usb_alloc_urb+0x41/0x150
[   73.833637][ T5322]  usb_control_msg+0x189/0x4c0
[   73.836192][ T5322]  usb_get_string+0xa3/0x3b0
[   73.838117][ T5322]  usb_string_sub+0x72/0x420
[   73.839935][ T5322]  usb_string+0x3a6/0x7a0
[   73.841721][ T5322]  usb_cache_string+0x7f/0x130
[   73.858900][ T5322]  usb_new_device+0x313/0x19a0
[   73.865261][ T5322]  register_root_hub+0x25c/0x550
[   73.869964][ T5322] page_owner free stack trace missing
[   73.875632][ T5322] 
[   73.878655][ T5322] Memory state around the buggy address:
[   73.896111][ T5322]  ffff888036b86880: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   73.905500][ T5322]  ffff888036b86900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.924782][ T5322] >ffff888036b86980: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.950038][ T5322]                                               ^
[   73.960811][ T5322]  ffff888036b86a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.967793][ T5322]  ffff888036b86a80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.986355][ T5322] ==================================================================
[   74.093468][ T5322] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   74.103028][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[   74.113115][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.129585][ T5322] Call Trace:
[   74.133975][ T5322]  <TASK>
[   74.135747][ T5322]  dump_stack_lvl+0x241/0x360
[   74.145635][ T5322]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.148429][ T5322]  ? __pfx__printk+0x10/0x10
[   74.152224][ T5322]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   74.158453][ T5322]  ? vscnprintf+0x5d/0x90
[   74.161919][ T5322]  panic+0x349/0x880
[   74.167575][ T5322]  ? check_panic_on_warn+0x21/0xb0
[   74.172603][ T5322]  ? __pfx_panic+0x10/0x10
[   74.175704][ T5322]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   74.179731][ T5322]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   74.184012][ T5322]  check_panic_on_warn+0x86/0xb0
[   74.187350][ T5322]  ? hfsplus_bnode_read+0xc1/0x1e0
[   74.195913][ T5322]  end_report+0x77/0x160
[   74.197775][ T5322]  kasan_report+0x154/0x180
[   74.201371][ T5322]  ? block_dirty_folio+0x15d/0x1e0
[   74.215444][ T5322]  ? hfsplus_bnode_read+0xc1/0x1e0
[   74.218441][ T5322]  hfsplus_bnode_read+0xc1/0x1e0
[   74.220751][ T5322]  hfsplus_bnode_dump+0x289/0x6a0
[   74.222940][ T5322]  ? block_dirty_folio+0x167/0x1e0
[   74.225011][ T5322]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   74.235204][ T5322]  ? hfsplus_bnode_write_u16+0x9b/0xf0
[   74.237914][ T5322]  ? hfsplus_bnode_move+0x2da/0x900
[   74.244099][ T5322]  ? __mark_inode_dirty+0x3db/0xe90
[   74.246206][ T5322]  hfsplus_brec_remove+0x42c/0x4f0
[   74.254018][ T5322]  __hfsplus_delete_attr+0x275/0x450
[   74.256561][ T5322]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   74.261107][ T5322]  ? hfsplus_attr_build_key+0xef/0x260
[   74.265049][ T5322]  hfsplus_delete_attr+0x25b/0x2f0
[   74.267075][ T5322]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   74.269254][ T5322]  ? hfsplus_find_init+0x85/0x1c0
[   74.271322][ T5322]  ? hfsplus_find_init+0x14a/0x1c0
[   74.273494][ T5322]  __hfsplus_setxattr+0x4ad/0x2380
[   74.278989][ T5322]  ? kernel_text_address+0xa7/0xe0
[   74.282912][ T5322]  ? arch_stack_walk+0xfd/0x150
[   74.284944][ T5322]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   74.287108][ T5322]  ? stack_trace_save+0x118/0x1d0
[   74.289073][ T5322]  ? __pfx_stack_trace_save+0x10/0x10
[   74.291215][ T5322]  ? __kasan_kmalloc+0x98/0xb0
[   74.294733][ T5322]  hfsplus_setxattr+0x11c/0x180
[   74.298613][ T5322]  hfsplus_trusted_setxattr+0x40/0x60
[   74.303031][ T5322]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   74.306858][ T5322]  __vfs_setxattr+0x468/0x4a0
[   74.310748][ T5322]  __vfs_setxattr_noperm+0x12e/0x660
[   74.313836][ T5322]  vfs_setxattr+0x221/0x430
[   74.315702][ T5322]  ? __pfx_vfs_setxattr+0x10/0x10
[   74.318692][ T5322]  filename_setxattr+0x2af/0x430
[   74.324594][ T5322]  ? __phys_addr_symbol+0x2f/0x70
[   74.330778][ T5322]  ? __pfx_filename_setxattr+0x10/0x10
[   74.337906][ T5322]  ? getname_flags+0x1e3/0x540
[   74.345367][ T5322]  path_setxattrat+0x440/0x510
[   74.347566][ T5322]  ? __pfx_path_setxattrat+0x10/0x10
[   74.349853][ T5322]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   74.352228][ T5322]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   74.365472][ T5322]  __x64_sys_setxattr+0xbc/0xe0
[   74.367583][ T5322]  do_syscall_64+0xf3/0x230
[   74.373982][ T5322]  ? clear_bhb_loop+0x35/0x90
[   74.376413][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.383712][ T5322] RIP: 0033:0x7f1eeef8d169
[   74.386780][ T5322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.400427][ T5322] RSP: 002b:00007f1eeb3f5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   74.429047][ T5322] RAX: ffffffffffffffda RBX: 00007f1eef1a6080 RCX: 00007f1eeef8d169
[   74.434720][ T5322] RDX: 0000200000001400 RSI: 0000200000000240 RDI: 0000200000000280
[   74.437990][ T5322] RBP: 00007f1eef00e2a0 R08: 0000000000000000 R09: 0000000000000000
[   74.444422][ T5322] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000
[   74.455304][ T5322] R13: 0000000000000000 R14: 00007f1eef1a6080 R15: 00007fff25de4cc8
[   74.458938][ T5322]  </TASK>
[   74.460682][ T5322] Kernel Offset: disabled
[   74.473842][ T5322] Rebooting in 86400 seconds..