program:
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000000c0)={0x3ff, 0x3, {0xffffffffffffffff}, {}, 0x6, 0x5})
gettid() (async)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm")
inotify_init1(0x0) (async)
r1 = inotify_init1(0x0)
socket$inet(0x2, 0x2, 0x0)
inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0x40000582)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@can_delroute={0x34, 0x19, 0x11, 0x0, 0x0, {}, [@CGW_MOD_OR={0x15, 0x2, {{{}, 0x0, 0x0, 0x0, 0x0, "d1ff41251b899175"}, 0x6}}, @CGW_CS_XOR={0x8, 0x5, {0x0, 0x0, 0xfc}}]}, 0x34}}, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x100})
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') (async)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
[ 85.557043][ T4691] Bluetooth: hci0: command tx timeout
[ 85.622056][ T5352] loop0: detected capacity change from 0 to 1024
[ 85.703203][ T5352] hfsplus: request for non-existent node 134217728 in B*Tree
[ 85.715622][ T5352] hfsplus: request for non-existent node 134217728 in B*Tree
[ 85.728834][ T5353] ==================================================================
[ 85.732326][ T5353] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0xc0/0x2a0
[ 85.736161][ T5353] Read of size 8 at addr ffff888036890fe0 by task syz.0.0/5353
[ 85.739506][ T5353]
[ 85.740576][ T5353] CPU: 0 UID: 0 PID: 5353 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full)
[ 85.740591][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.740599][ T5353] Call Trace:
[ 85.740606][ T5353]
[ 85.740612][ T5353] dump_stack_lvl+0x189/0x250
[ 85.740628][ T5353] ? __virt_addr_valid+0x1c8/0x5c0
[ 85.740639][ T5353] ? rcu_is_watching+0x15/0xb0
[ 85.740671][ T5353] ? __kasan_check_byte+0x12/0x40
[ 85.740686][ T5353] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.740697][ T5353] ? rcu_is_watching+0x15/0xb0
[ 85.740710][ T5353] ? lock_release+0x4b/0x3e0
[ 85.740722][ T5353] ? __virt_addr_valid+0x1c8/0x5c0
[ 85.740735][ T5353] ? __virt_addr_valid+0x4a5/0x5c0
[ 85.740749][ T5353] print_report+0xca/0x230
[ 85.740760][ T5353] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.740771][ T5353] kasan_report+0x118/0x150
[ 85.740784][ T5353] ? hfsplus_bnode_read+0xc0/0x2a0
[ 85.740797][ T5353] hfsplus_bnode_read+0xc0/0x2a0
[ 85.740807][ T5353] hfsplus_bnode_dump+0x300/0x450
[ 85.740815][ T5353] ? __pfx_hfsplus_bnode_dump+0x10/0x10
[ 85.740822][ T5353] ? hfsplus_bnode_write_u16+0x8b/0xd0
[ 85.740829][ T5353] ? hfsplus_bnode_move+0x393/0xb90
[ 85.740837][ T5353] ? __pfx___hfsplus_brec_find+0x10/0x10
[ 85.740845][ T5353] hfsplus_brec_remove+0x480/0x550
[ 85.740854][ T5353] __hfsplus_delete_attr+0x1d4/0x360
[ 85.740864][ T5353] ? __pfx___hfsplus_delete_attr+0x10/0x10
[ 85.740873][ T5353] ? hfsplus_attr_build_key+0xee/0x260
[ 85.740882][ T5353] hfsplus_delete_attr+0x231/0x2d0
[ 85.740891][ T5353] ? __pfx_hfsplus_delete_attr+0x10/0x10
[ 85.740900][ T5353] ? hfsplus_find_init+0x8c/0x1d0
[ 85.740912][ T5353] ? hfsplus_find_init+0x15a/0x1d0
[ 85.740923][ T5353] __hfsplus_setxattr+0x71c/0x1f40
[ 85.740937][ T5353] ? is_bpf_text_address+0x26/0x2b0
[ 85.740950][ T5353] ? kernel_text_address+0xa5/0xe0
[ 85.740960][ T5353] ? __kernel_text_address+0xd/0x40
[ 85.740968][ T5353] ? unwind_get_return_address+0x4d/0x90
[ 85.740981][ T5353] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 85.740995][ T5353] ? arch_stack_walk+0xfc/0x150
[ 85.741009][ T5353] ? __pfx___hfsplus_setxattr+0x10/0x10
[ 85.741024][ T5353] ? stack_trace_save+0x9c/0xe0
[ 85.741054][ T5353] ? __kasan_kmalloc+0x93/0xb0
[ 85.741065][ T5353] ? hfsplus_setxattr+0x102/0x180
[ 85.741074][ T5353] hfsplus_setxattr+0x11e/0x180
[ 85.741084][ T5353] hfsplus_user_setxattr+0x40/0x60
[ 85.741097][ T5353] ? __pfx_hfsplus_user_setxattr+0x10/0x10
[ 85.741111][ T5353] __vfs_removexattr+0x42e/0x470
[ 85.741137][ T5353] __vfs_removexattr_locked+0x1ed/0x230
[ 85.741152][ T5353] vfs_removexattr+0x80/0x1b0
[ 85.741167][ T5353] path_removexattrat+0x35d/0x690
[ 85.741176][ T5353] ? __pfx_path_removexattrat+0x10/0x10
[ 85.741190][ T5353] ? rcu_is_watching+0x15/0xb0
[ 85.741204][ T5353] __x64_sys_removexattr+0x62/0x70
[ 85.741219][ T5353] do_syscall_64+0xfa/0x3b0
[ 85.741274][ T5353] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.741290][ T5353] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.741301][ T5353] ? clear_bhb_loop+0x60/0xb0
[ 85.741308][ T5353] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.741316][ T5353] RIP: 0033:0x7f7cb4b8e929
[ 85.741324][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.741333][ T5353] RSP: 002b:00007f7cb0fd4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[ 85.741346][ T5353] RAX: ffffffffffffffda RBX: 00007f7cb4db6080 RCX: 00007f7cb4b8e929
[ 85.741354][ T5353] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000200000000040
[ 85.741362][ T5353] RBP: 00007f7cb4c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 85.741369][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.741375][ T5353] R13: 0000000000000000 R14: 00007f7cb4db6080 R15: 00007fff943577a8
[ 85.741387][ T5353]
[ 85.741391][ T5353]
[ 85.913769][ T5353] Allocated by task 5353:
[ 85.915877][ T5353] kasan_save_track+0x3e/0x80
[ 85.917840][ T5353] __kasan_kmalloc+0x93/0xb0
[ 85.919687][ T5353] __kmalloc_noprof+0x27a/0x4f0
[ 85.921657][ T5353] __hfs_bnode_create+0xf3/0x810
[ 85.923585][ T5353] hfsplus_bnode_find+0x224/0xd20
[ 85.925669][ T5353] hfsplus_brec_find+0x15c/0x500
[ 85.927809][ T5353] hfsplus_attr_exists+0x163/0x1d0
[ 85.930085][ T5353] __hfsplus_setxattr+0x33e/0x1f40
[ 85.932296][ T5353] hfsplus_setxattr+0x11e/0x180
[ 85.934516][ T5353] hfsplus_user_setxattr+0x40/0x60
[ 85.936671][ T5353] __vfs_setxattr+0x439/0x480
[ 85.938444][ T5353] __vfs_setxattr_noperm+0x12d/0x660
[ 85.940786][ T5353] vfs_setxattr+0x16b/0x2f0
[ 85.942647][ T5353] filename_setxattr+0x274/0x600
[ 85.944669][ T5353] path_setxattrat+0x364/0x3a0
[ 85.946617][ T5353] __x64_sys_setxattr+0xbc/0xe0
[ 85.948593][ T5353] do_syscall_64+0xfa/0x3b0
[ 85.950518][ T5353] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.953152][ T5353]
[ 85.954438][ T5353] The buggy address belongs to the object at ffff888036890f00
[ 85.954438][ T5353] which belongs to the cache kmalloc-192 of size 192
[ 85.960354][ T5353] The buggy address is located 72 bytes to the right of
[ 85.960354][ T5353] allocated 152-byte region [ffff888036890f00, ffff888036890f98)
[ 85.966959][ T5353]
[ 85.968215][ T5353] The buggy address belongs to the physical page:
[ 85.971045][ T5353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36890
[ 85.974791][ T5353] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 85.978230][ T5353] page_type: f5(slab)
[ 85.980348][ T5353] raw: 04fff00000000000 ffff88801a4413c0 ffffea0000d1e100 dead000000000004
[ 85.984721][ T5353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[ 85.988729][ T5353] page dumped because: kasan: bad access detected
[ 85.991607][ T5353] page_owner tracks the page as allocated
[ 85.994208][ T5353] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 16249714723, free_ts 0
[ 86.001659][ T5353] post_alloc_hook+0x240/0x2a0
[ 86.004115][ T5353] get_page_from_freelist+0x21e4/0x22c0
[ 86.007099][ T5353] __alloc_frozen_pages_noprof+0x181/0x370
[ 86.009795][ T5353] alloc_pages_mpol+0x232/0x4a0
[ 86.011966][ T5353] allocate_slab+0x8a/0x3b0
[ 86.013984][ T5353] ___slab_alloc+0xbfc/0x1480
[ 86.016023][ T5353] __kmalloc_noprof+0x305/0x4f0
[ 86.018174][ T5353] usb_alloc_urb+0x46/0x150
[ 86.020234][ T5353] usb_control_msg+0x118/0x3e0
[ 86.022420][ T5353] usb_get_string+0xa1/0x3c0
[ 86.024524][ T5353] usb_string_sub+0x76/0x420
[ 86.026885][ T5353] usb_string+0x38f/0x770
[ 86.029438][ T5353] usb_cache_string+0x80/0x130
[ 86.032501][ T5353] usb_new_device+0x29a/0x16c0
[ 86.035335][ T5353] register_root_hub+0x275/0x590
[ 86.038419][ T5353] usb_add_hcd+0xba1/0x1050
[ 86.041071][ T5353] page_owner free stack trace missing
[ 86.044291][ T5353]
[ 86.046157][ T5353] Memory state around the buggy address:
[ 86.049520][ T5353] ffff888036890e80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 86.053682][ T5353] ffff888036890f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 86.057243][ T5353] >ffff888036890f80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.060780][ T5353] ^
[ 86.064174][ T5353] ffff888036891000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 86.068287][ T5353] ffff888036891080: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[ 86.072083][ T5353] ==================================================================
[ 86.112986][ T5353] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 86.116342][ T5353] CPU: 0 UID: 0 PID: 5353 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full)
[ 86.121424][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.125821][ T5353] Call Trace:
[ 86.127230][ T5353]
[ 86.128518][ T5353] dump_stack_lvl+0x99/0x250
[ 86.130612][ T5353] ? __asan_memcpy+0x40/0x70
[ 86.132855][ T5353] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.135458][ T5353] ? __pfx__printk+0x10/0x10
[ 86.137811][ T5353] panic+0x2db/0x790
[ 86.139747][ T5353] ? __pfx_preempt_schedule+0x10/0x10
[ 86.142276][ T5353] ? __pfx_panic+0x10/0x10
[ 86.144285][ T5353] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 86.147006][ T5353] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 86.149877][ T5353] ? hfsplus_bnode_read+0xc0/0x2a0
[ 86.152219][ T5353] check_panic_on_warn+0x89/0xb0
[ 86.154510][ T5353] ? hfsplus_bnode_read+0xc0/0x2a0
[ 86.156880][ T5353] end_report+0x78/0x160
[ 86.158795][ T5353] kasan_report+0x129/0x150
[ 86.160942][ T5353] ? hfsplus_bnode_read+0xc0/0x2a0
[ 86.163240][ T5353] hfsplus_bnode_read+0xc0/0x2a0
[ 86.165504][ T5353] hfsplus_bnode_dump+0x300/0x450
[ 86.167812][ T5353] ? __pfx_hfsplus_bnode_dump+0x10/0x10
[ 86.170323][ T5353] ? hfsplus_bnode_write_u16+0x8b/0xd0
[ 86.172819][ T5353] ? hfsplus_bnode_move+0x393/0xb90
[ 86.175191][ T5353] ? __pfx___hfsplus_brec_find+0x10/0x10
[ 86.177876][ T5353] hfsplus_brec_remove+0x480/0x550
[ 86.180499][ T5353] __hfsplus_delete_attr+0x1d4/0x360
[ 86.183354][ T5353] ? __pfx___hfsplus_delete_attr+0x10/0x10
[ 86.186314][ T5353] ? hfsplus_attr_build_key+0xee/0x260
[ 86.188743][ T5353] hfsplus_delete_attr+0x231/0x2d0
[ 86.191044][ T5353] ? __pfx_hfsplus_delete_attr+0x10/0x10
[ 86.193648][ T5353] ? hfsplus_find_init+0x8c/0x1d0
[ 86.195971][ T5353] ? hfsplus_find_init+0x15a/0x1d0
[ 86.198270][ T5353] __hfsplus_setxattr+0x71c/0x1f40
[ 86.200587][ T5353] ? is_bpf_text_address+0x26/0x2b0
[ 86.203078][ T5353] ? kernel_text_address+0xa5/0xe0
[ 86.205813][ T5353] ? __kernel_text_address+0xd/0x40
[ 86.208696][ T5353] ? unwind_get_return_address+0x4d/0x90
[ 86.211245][ T5353] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 86.213939][ T5353] ? arch_stack_walk+0xfc/0x150
[ 86.216167][ T5353] ? __pfx___hfsplus_setxattr+0x10/0x10
[ 86.218617][ T5353] ? stack_trace_save+0x9c/0xe0
[ 86.220893][ T5353] ? __kasan_kmalloc+0x93/0xb0
[ 86.223092][ T5353] ? hfsplus_setxattr+0x102/0x180
[ 86.225615][ T5353] hfsplus_setxattr+0x11e/0x180
[ 86.228072][ T5353] hfsplus_user_setxattr+0x40/0x60
[ 86.230513][ T5353] ? __pfx_hfsplus_user_setxattr+0x10/0x10
[ 86.233407][ T5353] __vfs_removexattr+0x42e/0x470
[ 86.235695][ T5353] __vfs_removexattr_locked+0x1ed/0x230
[ 86.238203][ T5353] vfs_removexattr+0x80/0x1b0
[ 86.240285][ T5353] path_removexattrat+0x35d/0x690
[ 86.242637][ T5353] ? __pfx_path_removexattrat+0x10/0x10
[ 86.245150][ T5353] ? rcu_is_watching+0x15/0xb0
[ 86.247152][ T5353] __x64_sys_removexattr+0x62/0x70
[ 86.249320][ T5353] do_syscall_64+0xfa/0x3b0
[ 86.251221][ T5353] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.253343][ T5353] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.256018][ T5353] ? clear_bhb_loop+0x60/0xb0
[ 86.258181][ T5353] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.260918][ T5353] RIP: 0033:0x7f7cb4b8e929
[ 86.262924][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 86.271565][ T5353] RSP: 002b:00007f7cb0fd4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[ 86.275534][ T5353] RAX: ffffffffffffffda RBX: 00007f7cb4db6080 RCX: 00007f7cb4b8e929
[ 86.279365][ T5353] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000200000000040
[ 86.283196][ T5353] RBP: 00007f7cb4c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 86.286838][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 86.290474][ T5353] R13: 0000000000000000 R14: 00007f7cb4db6080 R15: 00007fff943577a8
[ 86.294780][ T5353]
[ 86.296819][ T5353] Kernel Offset: disabled
[ 86.298554][ T5353] Rebooting in 86400 seconds..