program: newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) setresuid(r0, r0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in, @in6=@local}}, {{@in6=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000000)=0xe8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000002c0)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in=@broadcast, 0x200, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast2, 0x0, 0x6c}, @in6=@remote, {0x0, 0x0, 0x0, 0x1}, {}, {}, 0x0, 0x0, 0x2, 0x4}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0) (async) sendmsg$nl_xfrm(r1, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000002c0)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in=@broadcast, 0x200, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast2, 0x0, 0x6c}, @in6=@remote, {0x0, 0x0, 0x0, 0x1}, {}, {}, 0x0, 0x0, 0x2, 0x4}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0) syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000300)='./file2\x00', 0x200a00, &(0x7f0000000340)={[{@file_umask={'file_umask', 0x3d, 0x9}}, {@dir_umask={'dir_umask', 0x3d, 0xb4a}}, {@file_umask}, {@uid={'uid', 0x3d, r0}}, {}]}, 0x8, 0x34d, &(0x7f0000000a00)="$eJzs3btrFEEcB/Dv7D1yZ0I8TSRgGQ1YhSQWigiKBBtLGwsJxmQDIWsEE8EIkjO1iJ0gWNqItei/oI34D2iVIlhpEyxcmce+cjObuySXTbjvB3K3dzuP3+zu7M6snAsi6lk3pn+8u7gp/0QFQAnAFcADUAPKAM5gpPZ4eXVxNfDn8woqqRzyT0DnFC1p5pb91ozvVT6Vw2jIT2UMpL+j7gjDMPy5a6rfhxILFUfovt/CA/pM71Tra4ceWXc0dbt6S2oPi21s4wkGiwyHiIiKZ67/nrlKDJjxu+cBY2Ycbrn+h9p6MTFrbV/GM+Ob7a7EcnzE139Pfw6F3D4n1apkvqemcHLve9Es0VaWdUwYJpu7Cn1kZXaA2G1WqWLx6guLgT/eVAVs4JqRSjasXucRNURxRVvVb6OWuWmOvLbn61dtqCwsBhuu+Ic6rvHzFl7bq5v52kZM4ov4JmZEA28wH4//yqGQG0dtnwZQT2dQ8fsT7hJVKxs6VaaVyfz9lKrkbLQHPn1IWll3bdcaSjIWG1mKyHZ82RIT56uqOxdOI3tbQbdu0t06lWvImmsq/vzXmmt4Z676QiXwx+ceBrm3Ug6MdUYnXoo7YhS/8BHTqfG/3NoYg7tnZnq5UCnNkZHbnrJK6diPmZJVB37QUc8k5aZ1R+d7gfu4jMGVtadLs0HgPyp+IeoqRyQefSCaw1F+I99TaVCTCxUAB1bpvzAM5cJtM66KV5VxkA10xVxRTb30Nm6yOs029cf9VYqm3oapVdfdiZPTpvwmOiPspfb1OJe8WnSS/Y+pfWXNfkCKVITVfe6UqLWONFFVmVUl9LXVU+p7iOfWs6XZoPNTCh0/yU7HyN2tq0WHQ4dPjruEnv8l8xV/Qp115EsjZzYSypdKTuGpEid3zIDMhUWOyAGcaG8GFxfrHCf2RwuBP5U35zp3AThfy9boIarx+c5iGyZOHMV/lbTeA6nn5RDT+I57vP9PRERERERERERERERERERERERERHTcdPqLBcvPCTyzUHXlyv46abMH/+MNIiIiIiIiIiIiIiIiIiIiIiIiIiIiIqL9ST3/FyipJ8ZUM8//1br4/F+0Pv+31Mbzf6PnUhDRnv0PAAD//wLLY8c=") (async) syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000300)='./file2\x00', 0x200a00, &(0x7f0000000340)={[{@file_umask={'file_umask', 0x3d, 0x9}}, {@dir_umask={'dir_umask', 0x3d, 0xb4a}}, {@file_umask}, {@uid={'uid', 0x3d, r0}}, {}]}, 0x8, 0x34d, &(0x7f0000000a00)="$eJzs3btrFEEcB/Dv7D1yZ0I8TSRgGQ1YhSQWigiKBBtLGwsJxmQDIWsEE8EIkjO1iJ0gWNqItei/oI34D2iVIlhpEyxcmce+cjObuySXTbjvB3K3dzuP3+zu7M6snAsi6lk3pn+8u7gp/0QFQAnAFcADUAPKAM5gpPZ4eXVxNfDn8woqqRzyT0DnFC1p5pb91ozvVT6Vw2jIT2UMpL+j7gjDMPy5a6rfhxILFUfovt/CA/pM71Tra4ceWXc0dbt6S2oPi21s4wkGiwyHiIiKZ67/nrlKDJjxu+cBY2Ycbrn+h9p6MTFrbV/GM+Ob7a7EcnzE139Pfw6F3D4n1apkvqemcHLve9Es0VaWdUwYJpu7Cn1kZXaA2G1WqWLx6guLgT/eVAVs4JqRSjasXucRNURxRVvVb6OWuWmOvLbn61dtqCwsBhuu+Ic6rvHzFl7bq5v52kZM4ov4JmZEA28wH4//yqGQG0dtnwZQT2dQ8fsT7hJVKxs6VaaVyfz9lKrkbLQHPn1IWll3bdcaSjIWG1mKyHZ82RIT56uqOxdOI3tbQbdu0t06lWvImmsq/vzXmmt4Z676QiXwx+ceBrm3Ug6MdUYnXoo7YhS/8BHTqfG/3NoYg7tnZnq5UCnNkZHbnrJK6diPmZJVB37QUc8k5aZ1R+d7gfu4jMGVtadLs0HgPyp+IeoqRyQefSCaw1F+I99TaVCTCxUAB1bpvzAM5cJtM66KV5VxkA10xVxRTb30Nm6yOs029cf9VYqm3oapVdfdiZPTpvwmOiPspfb1OJe8WnSS/Y+pfWXNfkCKVITVfe6UqLWONFFVmVUl9LXVU+p7iOfWs6XZoPNTCh0/yU7HyN2tq0WHQ4dPjruEnv8l8xV/Qp115EsjZzYSypdKTuGpEid3zIDMhUWOyAGcaG8GFxfrHCf2RwuBP5U35zp3AThfy9boIarx+c5iGyZOHMV/lbTeA6nn5RDT+I57vP9PRERERERERERERERERERERERERHTcdPqLBcvPCTyzUHXlyv46abMH/+MNIiIiIiIiIiIiIiIiIiIiIiIiIiIiIqL9ST3/FyipJ8ZUM8//1br4/F+0Pv+31Mbzf6PnUhDRnv0PAAD//wLLY8c=") [ 68.378625][ T5308] Bluetooth: hci0: command tx timeout [ 68.420834][ T5323] loop0: detected capacity change from 0 to 64 [ 68.479522][ T5323] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN NOPTI [ 68.484605][ T5323] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 68.488215][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 68.492927][ T5323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.497373][ T5323] RIP: 0010:hfs_find_init+0x6a/0x1e0 [ 68.499700][ T5323] Code: 7e 18 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 38 b6 8a ff 49 c7 07 00 00 00 00 48 8d 6b 40 49 89 ef 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 0c 01 00 00 8b 45 00 8d 3c 45 04 00 00 [ 68.507694][ T5323] RSP: 0018:ffffc9000d4df588 EFLAGS: 00010202 [ 68.510324][ T5323] RAX: 1ffff92001a9becf RBX: 0000000000000000 RCX: ffff8880003b0000 [ 68.513678][ T5323] RDX: 0000000000000000 RSI: ffffc9000d4df660 RDI: ffffc9000d4df670 [ 68.517140][ T5323] RBP: 0000000000000040 R08: ffffc9000d4df697 R09: 0000000000000000 [ 68.520572][ T5323] R10: ffffc9000d4df660 R11: fffff52001a9bed3 R12: ffff888043b8c640 [ 68.524009][ T5323] R13: dffffc0000000000 R14: ffffc9000d4df660 R15: 0000000000000008 [ 68.527506][ T5323] FS: 00007fa6aa9586c0(0000) GS:ffff88808d25c000(0000) knlGS:0000000000000000 [ 68.531174][ T5323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.533991][ T5323] CR2: 000056456c332000 CR3: 0000000043896000 CR4: 0000000000352ef0 [ 68.537896][ T5323] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.541312][ T5323] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.544665][ T5323] Call Trace: [ 68.546231][ T5323] [ 68.547567][ T5323] hfs_get_block+0x51b/0xbd0 [ 68.549635][ T5323] ? __pfx_hfs_get_block+0x10/0x10 [ 68.551781][ T5323] block_read_full_folio+0x29c/0x830 [ 68.554149][ T5323] ? __pfx_hfs_get_block+0x10/0x10 [ 68.556376][ T5323] filemap_read_folio+0x117/0x380 [ 68.558543][ T5323] ? __pfx_hfs_read_folio+0x10/0x10 [ 68.560800][ T5323] ? __pfx_filemap_read_folio+0x10/0x10 [ 68.563486][ T5323] ? filemap_add_folio+0x1af/0x270 [ 68.565823][ T5323] do_read_cache_folio+0x350/0x590 [ 68.568075][ T5323] ? __pfx_hfs_read_folio+0x10/0x10 [ 68.570284][ T5323] read_cache_page+0x5d/0x170 [ 68.572486][ T5323] hfs_btree_open+0x55f/0x14f0 [ 68.574641][ T5323] ? hfs_mdb_get+0x1293/0x2080 [ 68.576727][ T5323] hfs_mdb_get+0x1327/0x2080 [ 68.578816][ T5323] ? __pfx_hfs_mdb_get+0x10/0x10 [ 68.581197][ T5323] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 68.584066][ T5323] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 68.586899][ T5323] hfs_fill_super+0x37b/0x640 [ 68.588978][ T5323] ? __pfx_hfs_fill_super+0x10/0x10 [ 68.591223][ T5323] ? sb_set_blocksize+0x104/0x180 [ 68.593419][ T5323] ? setup_bdev_super+0x4c1/0x5b0 [ 68.595693][ T5323] get_tree_bdev_flags+0x40e/0x4d0 [ 68.597889][ T5323] ? __pfx_hfs_fill_super+0x10/0x10 [ 68.600192][ T5323] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 68.602809][ T5323] vfs_get_tree+0x8f/0x2b0 [ 68.604986][ T5323] do_new_mount+0x24a/0xa40 [ 68.606996][ T5323] __se_sys_mount+0x317/0x410 [ 68.609093][ T5323] ? __pfx___se_sys_mount+0x10/0x10 [ 68.611374][ T5323] ? do_syscall_64+0xbe/0x3b0 [ 68.613183][ T5323] ? __x64_sys_mount+0x20/0xc0 [ 68.615416][ T5323] do_syscall_64+0xfa/0x3b0 [ 68.617356][ T5323] ? lockdep_hardirqs_on+0x9c/0x150 [ 68.619557][ T5323] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.622152][ T5323] ? clear_bhb_loop+0x60/0xb0 [ 68.624098][ T5323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.626651][ T5323] RIP: 0033:0x7fa6a9b9010a [ 68.628543][ T5323] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.636621][ T5323] RSP: 002b:00007fa6aa957e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.639734][ T5323] RAX: ffffffffffffffda RBX: 00007fa6aa957ef0 RCX: 00007fa6a9b9010a [ 68.642741][ T5323] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 00007fa6aa957eb0 [ 68.645754][ T5323] RBP: 0000200000000080 R08: 00007fa6aa957ef0 R09: 0000000000200a00 [ 68.648784][ T5323] R10: 0000000000200a00 R11: 0000000000000246 R12: 0000200000000300 [ 68.651853][ T5323] R13: 00007fa6aa957eb0 R14: 000000000000034d R15: 0000200000000340 [ 68.655394][ T5323] [ 68.656665][ T5323] Modules linked in: [ 68.658953][ T5323] ---[ end trace 0000000000000000 ]--- [ 68.685911][ T5323] RIP: 0010:hfs_find_init+0x6a/0x1e0 [ 68.688629][ T5323] Code: 7e 18 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 38 b6 8a ff 49 c7 07 00 00 00 00 48 8d 6b 40 49 89 ef 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 0c 01 00 00 8b 45 00 8d 3c 45 04 00 00 [ 68.698285][ T5323] RSP: 0018:ffffc9000d4df588 EFLAGS: 00010202 [ 68.701096][ T5323] RAX: 1ffff92001a9becf RBX: 0000000000000000 RCX: ffff8880003b0000 [ 68.704429][ T5323] RDX: 0000000000000000 RSI: ffffc9000d4df660 RDI: ffffc9000d4df670 [ 68.710132][ T5323] RBP: 0000000000000040 R08: ffffc9000d4df697 R09: 0000000000000000 [ 68.714735][ T5323] R10: ffffc9000d4df660 R11: fffff52001a9bed3 R12: ffff888043b8c640 [ 68.718361][ T5323] R13: dffffc0000000000 R14: ffffc9000d4df660 R15: 0000000000000008 [ 68.721794][ T5323] FS: 00007fa6aa9586c0(0000) GS:ffff88808d25c000(0000) knlGS:0000000000000000 [ 68.725554][ T5323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.728863][ T5323] CR2: 00007f440761b000 CR3: 0000000043896000 CR4: 0000000000352ef0 [ 68.732282][ T5323] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.735627][ T5323] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.739498][ T5323] Kernel panic - not syncing: Fatal exception [ 68.742383][ T5323] Kernel Offset: disabled [ 68.744192][ T5323] Rebooting in 86400 seconds..