program:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
listen(r1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0xa08802, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ")
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0)
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00')
listen(r0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffffaaaaaa37410008004500001cfffe00000001907800000000e0000001120090780000000092f264d0630a87b5d839dc78cd83bd949935303190e2efd5c5592370625f8cfba040414e1eeccaac9dcf2290b0c144844fced49a4b26"], 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4) (async)
listen(r1, 0x0) (async)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4) (async)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0xa08802, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x693, &(0x7f0000000ec0)="$eJzs3c1rHOcdB/DvrFay1gVHSWwnLYGKGNJSU1uycFqVQtweig+hBBcaCr0IW46F106QlaKE0qrv1x7yB6QHHQq9tNC7IYWe2h4KoTfRQwkUekkvurnM7Ky0trTKrixprebzMbPzzDyv89uZZzS7mA3wqXX1fJr3U+Tq+VdXy+2N9bn2xvrciTq7naRMN5JmZ5XiblJ8kFxJZ8lny511+aJfP+8tzV/78OONjzpbzXqpyjf2qjeYtXrJdJKxer3T+L7au963vd19vV4vbO0pto6wDNi5buBg1B7ssDZM9ce8boEnQdG5b+4wlZxMMln/HZB6dmgc7egO3lCzHAAAABxTT21mM6s5NepxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHFSpDVWrTpLo5ueTtH9/f+Jel/q9LXGiMf8OO6PegAAAAAAAAAAcAA+v5nNrOZUkr+X2w863+y/WL2erl4/k7dzL4tZzoWsZiErWclyZpNM9TQ0sbqwsrI8O0DNS7vWvLS/8f9+f9UAAAAAAAAA4P/NT3O1+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeGEUy1llVy+lueiqNZpLJJBNlubXkb930MVHstvP+0Y8DAAAAHsvkPuo8tZnNrOZUd/tBUT3zn62elyfzdu5mJUtZSTuLuVE/Q5dP/Y2N9bn2xvrcnY31uarj7z/o6LTzjf8MNYyqxXQ+e9i95+erEq3czFK150KuV4O5kUZVs/R8PZ6t5eFOflKOqfVKbcCR3ajXZWe/7vcpwkFoDFthqqo0vhWRmXpsZUNP7x2JT3x3mnv2NJvG1ic/p/foqXtIxZAxP9mtl+SXj8T8lX/99nsDNnMItiLRSBWJSz1n39mN9bmx9I158oU//u71W+27t2/dvHf+0E6jo/LoOTHXE4nn9j77nvBINIcsP1NF4szW9tV8K9/J+UzntSxnKT/IQlaymHpmzEJ9PpevUz1RSnZE6spDW6990kgm6velM4sOMqbpnKhSC3mxqnsqSynyZm5kMS9X/y5lNl/J5VzOfM87fKbvO1wdWzXTNoa76s99MduX+q/KmXqwesmfBy04vM4ttYzr0z1x7Z1zp6q83j3bUXpmgPvRkHNj83N1ouzjZ/u5bRyaRyMx2xOJZ/eOxG+qa+Ne++7t5VsLb/Vpf+2R7ZfGt9O/OMw789DK8+WZTNYzycNnR5n37NYs83C8JupvXDp5jR15Z6q8ouheqd/e5UotIz5flT67a0uXqrznduaN1SP/xz978h76eytv/mU08QRgSCe/dHKi9e/WX1vvt37eutV6dfKbJ7564oWJjP9p/GvNmbGXGi8Uf8j7+dH28z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB/99559/ZCu724vHui0T/rYBNF/UM+/co008oRDOMoE0Wy1n4wdrAtZ/THNUCi+yOCj9vO61eeiMM51omxJPWeHyfb50/9FnV+Ce27/x3ZDAUclosrd966eO+dd7+8dGfhjcU3Fu+OX748PzN/+eW5izeX2osznddRjxI4DNt/D4x6JAAAAAAAAAAAAMCgjuJ/GvR0Nz3CQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOqavn0xxPkdmZCzPl9sb6XLtcuuntks0kjUZS/DApPkiupLNkqqe5ol8/7y3NX/vw442Ptttqdss39qo3mLV6yXSSsXq9w8T+2rver72BFVtHWAbsXDdwMGr/CwAA//8xgggQ") (async)
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0) (async)
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00') (async)
listen(r0, 0x0) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffffaaaaaa37410008004500001cfffe00000001907800000000e0000001120090780000000092f264d0630a87b5d839dc78cd83bd949935303190e2efd5c5592370625f8cfba040414e1eeccaac9dcf2290b0c144844fced49a4b26"], 0x0) (async)

[   85.198139][ T5345] loop0: detected capacity change from 0 to 1024
[   85.204617][ T5322] Bluetooth: hci0: command tx timeout
[   85.359116][ T5345] hfsplus: request for non-existent node 211 in B*Tree
[   85.362406][ T5345] hfsplus: request for non-existent node 211 in B*Tree
[   85.394612][ T5345] ==================================================================
[   85.398343][ T5345] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0xc0/0x2a0
[   85.402003][ T5345] Read of size 8 at addr ffff88803056a1c8 by task syz.0.0/5345
[   85.405735][ T5345] 
[   85.407004][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[   85.407022][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.407031][ T5345] Call Trace:
[   85.407039][ T5345]  <TASK>
[   85.407046][ T5345]  dump_stack_lvl+0x189/0x250
[   85.407065][ T5345]  ? __kasan_check_byte+0x12/0x40
[   85.407082][ T5345]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.407098][ T5345]  ? lock_release+0x4b/0x3e0
[   85.407114][ T5345]  ? __virt_addr_valid+0x4a5/0x5c0
[   85.407133][ T5345]  print_report+0xd2/0x2b0
[   85.407147][ T5345]  ? hfsplus_bnode_read+0xc0/0x2a0
[   85.407160][ T5345]  kasan_report+0x118/0x150
[   85.407176][ T5345]  ? hfsplus_bnode_read+0xc0/0x2a0
[   85.407192][ T5345]  hfsplus_bnode_read+0xc0/0x2a0
[   85.407205][ T5345]  hfsplus_bnode_dump+0x300/0x450
[   85.407221][ T5345]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   85.407236][ T5345]  ? hfsplus_bnode_write_u16+0x8b/0xd0
[   85.407248][ T5345]  ? hfsplus_bnode_move+0x393/0xb90
[   85.407260][ T5345]  ? __pfx___hfsplus_brec_find+0x10/0x10
[   85.407276][ T5345]  hfsplus_brec_remove+0x480/0x550
[   85.407292][ T5345]  __hfsplus_delete_attr+0x1d4/0x360
[   85.407312][ T5345]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   85.407328][ T5345]  ? hfsplus_attr_build_key+0xee/0x260
[   85.407344][ T5345]  hfsplus_delete_attr+0x231/0x2d0
[   85.407359][ T5345]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   85.407373][ T5345]  ? hfsplus_find_init+0x8c/0x1d0
[   85.407387][ T5345]  ? hfsplus_find_init+0x15a/0x1d0
[   85.407401][ T5345]  __hfsplus_setxattr+0x71c/0x1f40
[   85.407417][ T5345]  ? is_bpf_text_address+0x26/0x2b0
[   85.407432][ T5345]  ? kernel_text_address+0xa5/0xe0
[   85.407443][ T5345]  ? __kernel_text_address+0xd/0x40
[   85.407453][ T5345]  ? unwind_get_return_address+0x4d/0x90
[   85.407466][ T5345]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   85.407482][ T5345]  ? arch_stack_walk+0xfc/0x150
[   85.407515][ T5345]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   85.407531][ T5345]  ? stack_trace_save+0x9c/0xe0
[   85.407559][ T5345]  ? hfsplus_setxattr+0x68/0x180
[   85.407574][ T5345]  ? __kasan_kmalloc+0x93/0xb0
[   85.407588][ T5345]  ? hfsplus_setxattr+0x102/0x180
[   85.407602][ T5345]  hfsplus_setxattr+0x11e/0x180
[   85.407617][ T5345]  hfsplus_trusted_setxattr+0x40/0x60
[   85.407633][ T5345]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   85.407649][ T5345]  __vfs_removexattr+0x431/0x470
[   85.407668][ T5345]  __vfs_removexattr_locked+0x1ed/0x230
[   85.407684][ T5345]  vfs_removexattr+0x80/0x1b0
[   85.407700][ T5345]  path_removexattrat+0x35d/0x690
[   85.407712][ T5345]  ? __pfx_path_removexattrat+0x10/0x10
[   85.407732][ T5345]  ? rcu_is_watching+0x15/0xb0
[   85.407748][ T5345]  __x64_sys_lremovexattr+0x65/0x80
[   85.407765][ T5345]  do_syscall_64+0xfa/0x3b0
[   85.407824][ T5345]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.407842][ T5345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.407853][ T5345]  ? clear_bhb_loop+0x60/0xb0
[   85.407866][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.407878][ T5345] RIP: 0033:0x7f625298e929
[   85.407899][ T5345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.407908][ T5345] RSP: 002b:00007f62538bc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[   85.407922][ T5345] RAX: ffffffffffffffda RBX: 00007f6252bb5fa0 RCX: 00007f625298e929
[   85.407929][ T5345] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000240
[   85.407937][ T5345] RBP: 00007f6252a10b39 R08: 0000000000000000 R09: 0000000000000000
[   85.407944][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.407951][ T5345] R13: 0000000000000000 R14: 00007f6252bb5fa0 R15: 00007fff10d15398
[   85.407963][ T5345]  </TASK>
[   85.407967][ T5345] 
[   85.570583][ T5345] Allocated by task 5345:
[   85.572643][ T5345]  kasan_save_track+0x3e/0x80
[   85.574814][ T5345]  __kasan_kmalloc+0x93/0xb0
[   85.576909][ T5345]  __kmalloc_noprof+0x27a/0x4f0
[   85.579130][ T5345]  __hfs_bnode_create+0xf3/0x810
[   85.581409][ T5345]  hfsplus_bnode_find+0x224/0xd20
[   85.583747][ T5345]  hfsplus_brec_find+0x15c/0x500
[   85.586040][ T5345]  hfsplus_attr_exists+0x163/0x1d0
[   85.588374][ T5345]  __hfsplus_setxattr+0x33e/0x1f40
[   85.590759][ T5345]  hfsplus_setxattr+0x11e/0x180
[   85.593047][ T5345]  hfsplus_trusted_setxattr+0x40/0x60
[   85.595574][ T5345]  __vfs_setxattr+0x43c/0x480
[   85.597854][ T5345]  __vfs_setxattr_noperm+0x12d/0x660
[   85.600206][ T5345]  vfs_setxattr+0x16b/0x2f0
[   85.602283][ T5345]  filename_setxattr+0x274/0x600
[   85.604594][ T5345]  path_setxattrat+0x364/0x3a0
[   85.606808][ T5345]  __x64_sys_setxattr+0xbc/0xe0
[   85.609143][ T5345]  do_syscall_64+0xfa/0x3b0
[   85.611316][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.613987][ T5345] 
[   85.615108][ T5345] The buggy address belongs to the object at ffff88803056a100
[   85.615108][ T5345]  which belongs to the cache kmalloc-192 of size 192
[   85.621252][ T5345] The buggy address is located 48 bytes to the right of
[   85.621252][ T5345]  allocated 152-byte region [ffff88803056a100, ffff88803056a198)
[   85.628282][ T5345] 
[   85.629407][ T5345] The buggy address belongs to the physical page:
[   85.632308][ T5345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3056a
[   85.636178][ T5345] anon flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   85.639550][ T5345] page_type: f5(slab)
[   85.641443][ T5345] raw: 04fff00000000000 ffff88801a4413c0 0000000000000000 dead000000000001
[   85.645820][ T5345] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   85.649426][ T5345] page dumped because: kasan: bad access detected
[   85.651944][ T5345] page_owner tracks the page as allocated
[   85.654350][ T5345] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 2723771395, free_ts 0
[   85.661758][ T5345]  post_alloc_hook+0x240/0x2a0
[   85.664053][ T5345]  get_page_from_freelist+0x21e4/0x22c0
[   85.666754][ T5345]  __alloc_frozen_pages_noprof+0x181/0x370
[   85.669533][ T5345]  alloc_pages_mpol+0x232/0x4a0
[   85.671742][ T5345]  allocate_slab+0x8a/0x3b0
[   85.673760][ T5345]  ___slab_alloc+0xbfc/0x1480
[   85.675779][ T5345]  __kmalloc_cache_noprof+0x296/0x3d0
[   85.678268][ T5345]  call_usermodehelper_setup+0x8e/0x270
[   85.680672][ T5345]  kobject_uevent_env+0x65c/0x8c0
[   85.683025][ T5345]  kset_register+0x1aa/0x210
[   85.685193][ T5345]  class_register+0x22c/0x380
[   85.687349][ T5345]  do_one_initcall+0x233/0x820
[   85.689386][ T5345]  do_initcall_level+0x137/0x1f0
[   85.691797][ T5345]  do_initcalls+0x69/0xd0
[   85.693777][ T5345]  kernel_init_freeable+0x3d9/0x570
[   85.695935][ T5345]  kernel_init+0x1d/0x1d0
[   85.697884][ T5345] page_owner free stack trace missing
[   85.700092][ T5345] 
[   85.701438][ T5345] Memory state around the buggy address:
[   85.704203][ T5345]  ffff88803056a080: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   85.708037][ T5345]  ffff88803056a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.711552][ T5345] >ffff88803056a180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   85.715041][ T5345]                                               ^
[   85.717757][ T5345]  ffff88803056a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.721095][ T5345]  ffff88803056a280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   85.724421][ T5345] ==================================================================
[   85.790137][ T5345] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.793447][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[   85.798028][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.803062][ T5345] Call Trace:
[   85.804589][ T5345]  <TASK>
[   85.805877][ T5345]  dump_stack_lvl+0x99/0x250
[   85.808001][ T5345]  ? __asan_memcpy+0x40/0x70
[   85.810082][ T5345]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.812646][ T5345]  ? __pfx__printk+0x10/0x10
[   85.814996][ T5345]  panic+0x2db/0x790
[   85.817278][ T5345]  ? __pfx_preempt_schedule+0x10/0x10
[   85.819448][ T5345]  ? __pfx_panic+0x10/0x10
[   85.821371][ T5345]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   85.823912][ T5345]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   85.826710][ T5345]  ? hfsplus_bnode_read+0xc0/0x2a0
[   85.829009][ T5345]  check_panic_on_warn+0x89/0xb0
[   85.831217][ T5345]  ? hfsplus_bnode_read+0xc0/0x2a0
[   85.833537][ T5345]  end_report+0x78/0x160
[   85.835429][ T5345]  kasan_report+0x129/0x150
[   85.837602][ T5345]  ? hfsplus_bnode_read+0xc0/0x2a0
[   85.840034][ T5345]  hfsplus_bnode_read+0xc0/0x2a0
[   85.842472][ T5345]  hfsplus_bnode_dump+0x300/0x450
[   85.844893][ T5345]  ? __pfx_hfsplus_bnode_dump+0x10/0x10
[   85.847319][ T5345]  ? hfsplus_bnode_write_u16+0x8b/0xd0
[   85.849771][ T5345]  ? hfsplus_bnode_move+0x393/0xb90
[   85.852041][ T5345]  ? __pfx___hfsplus_brec_find+0x10/0x10
[   85.855269][ T5345]  hfsplus_brec_remove+0x480/0x550
[   85.857805][ T5345]  __hfsplus_delete_attr+0x1d4/0x360
[   85.860386][ T5345]  ? __pfx___hfsplus_delete_attr+0x10/0x10
[   85.863441][ T5345]  ? hfsplus_attr_build_key+0xee/0x260
[   85.866168][ T5345]  hfsplus_delete_attr+0x231/0x2d0
[   85.868898][ T5345]  ? __pfx_hfsplus_delete_attr+0x10/0x10
[   85.871349][ T5345]  ? hfsplus_find_init+0x8c/0x1d0
[   85.873767][ T5345]  ? hfsplus_find_init+0x15a/0x1d0
[   85.876148][ T5345]  __hfsplus_setxattr+0x71c/0x1f40
[   85.878498][ T5345]  ? is_bpf_text_address+0x26/0x2b0
[   85.881058][ T5345]  ? kernel_text_address+0xa5/0xe0
[   85.883409][ T5345]  ? __kernel_text_address+0xd/0x40
[   85.885737][ T5345]  ? unwind_get_return_address+0x4d/0x90
[   85.888356][ T5345]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   85.891114][ T5345]  ? arch_stack_walk+0xfc/0x150
[   85.893212][ T5345]  ? __pfx___hfsplus_setxattr+0x10/0x10
[   85.895670][ T5345]  ? stack_trace_save+0x9c/0xe0
[   85.897968][ T5345]  ? hfsplus_setxattr+0x68/0x180
[   85.899980][ T5345]  ? __kasan_kmalloc+0x93/0xb0
[   85.902247][ T5345]  ? hfsplus_setxattr+0x102/0x180
[   85.904697][ T5345]  hfsplus_setxattr+0x11e/0x180
[   85.907199][ T5345]  hfsplus_trusted_setxattr+0x40/0x60
[   85.909760][ T5345]  ? __pfx_hfsplus_trusted_setxattr+0x10/0x10
[   85.912698][ T5345]  __vfs_removexattr+0x431/0x470
[   85.914774][ T5345]  __vfs_removexattr_locked+0x1ed/0x230
[   85.919248][ T5345]  vfs_removexattr+0x80/0x1b0
[   85.921945][ T5345]  path_removexattrat+0x35d/0x690
[   85.924747][ T5345]  ? __pfx_path_removexattrat+0x10/0x10
[   85.927249][ T5345]  ? rcu_is_watching+0x15/0xb0
[   85.929415][ T5345]  __x64_sys_lremovexattr+0x65/0x80
[   85.931988][ T5345]  do_syscall_64+0xfa/0x3b0
[   85.934003][ T5345]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.936383][ T5345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.939251][ T5345]  ? clear_bhb_loop+0x60/0xb0
[   85.941389][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.944220][ T5345] RIP: 0033:0x7f625298e929
[   85.946387][ T5345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.954959][ T5345] RSP: 002b:00007f62538bc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[   85.959077][ T5345] RAX: ffffffffffffffda RBX: 00007f6252bb5fa0 RCX: 00007f625298e929
[   85.962999][ T5345] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000240
[   85.966679][ T5345] RBP: 00007f6252a10b39 R08: 0000000000000000 R09: 0000000000000000
[   85.969837][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.973004][ T5345] R13: 0000000000000000 R14: 00007f6252bb5fa0 R15: 00007fff10d15398
[   85.976085][ T5345]  </TASK>
[   85.977817][ T5345] Kernel Offset: disabled
[   85.979857][ T5345] Rebooting in 86400 seconds..