program: syz_mount_image$hfs(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x800000, &(0x7f0000000000)=ANY=[], 0x8a, 0x2d3, &(0x7f00000007c0)="$eJzs3U1r1EAcx/HfZHfbra01thVRPEi1IB7E1ouIoEhfhCexdlcoLhXairYXq0cRT568St+CL8KT+AZ60pMvYE9GZpI02e0m6cPuxur3AxuzyUxmJpPZmb9QIgD/rQeLuzu3ftqPkSqqSLojeQpUl6qSzul8/cXqxspGq9nIu1BFNof9GIU5zb40Rs1eWbsT+jZ/VRP1vPK23x2sgchVD0bHot2Rw+YNnI+v+18rDJsb/T3GoieNRuPZnU/GZGXINeyv7bIrUDLTVluvNFl2PQAA5Yrmfy+a2CeipYDnSXPRtN81/59s7bIrULLU/G/XdgqM7d8z7lQS77nVoD3vxVHiUcpygYXXtWI0RVGlq4s39nSl1byx/LzV8PRW9yKpZDNu2wgf3djuThCR3uy/9GyP2DTH0ds+7tpQs21Y2F9/F3hN97fEYuar+WYeGV+f1Nhb/1UDY7vJ9ZTf1VNh/W9mX9G10g9TZfTSWVfIxc4gs6CV9bAav/d6MjESXbOarqp/Qfn1dLmmoge+s3XzBbmme+ZaKMg1051r72n+Yb+2srMPkPlgHppZ/dIXLabW/569k3M6yMi0aVxKrzZm77gdnZkpqy6lnz60falnSu8AR3Bs0U/fez3RbU2ub26NLLVazbX1za1nWTujyjxVsPP5bljaEbLHA/vwhQ5sJ55UBl5WdcDNiZ+Fv+KuHndHfnOtHQTBUAuN57GlmuJT9y/3+Vm1ZZR3e4f9u4QyJJ1edk1QErvKMmH8N15P1vtunWA3fs46Pej8apPXOo6kIqD5JDZQOjaYcttTyXLv+svw35zYYDw7gsuPuRwXc125Jl1NHSyIRvyonv8Is6jvesz//wMAAAAAAAAAAAAAAAAAAJw0w/hzgrLbCAAAAAAAAAAAAAAAAAAAAADASZf1/l8N4v2/y6s93/9b1+mOF+XE7//tfHkOgH77EwAA///jnoXW") openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) [ 88.797327][ T5116] syz.0.0 (5116) used greates[ 87.098362][ T5116] loop0: detected capacity change from 0 to 64 [ 87.117195][ T5116] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 87.121062][ T5116] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 87.123649][ T5116] CPU: 0 UID: 0 PID: 5116 Comm: syz.0.0 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 87.126739][ T5116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.130003][ T5116] RIP: 0010:hfs_find_init+0x72/0x1f0 [ 87.131699][ T5116] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 34 8e 77 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0 [ 87.137689][ T5116] RSP: 0018:ffffc90002d3f2c0 EFLAGS: 00010202 [ 87.139716][ T5116] RAX: 1ffff920005a7e77 RBX: ffffc90002d3f3b8 RCX: 0000000000040000 [ 87.142340][ T5116] RDX: ffffc900031b1000 RSI: 0000000000012cac RDI: ffffc90002d3f3b0 [ 87.145004][ T5116] RBP: 0000000000000000 R08: ffffffff8284808f R09: 0000000000000000 [ 87.147628][ T5116] R10: ffffc90002d3f3a0 R11: fffff520005a7e7b R12: ffffc90002d3f3a0 [ 87.150291][ T5116] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008 [ 87.152956][ T5116] FS: 00007f3c556d76c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 87.156139][ T5116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.158352][ T5116] CR2: 00007f3c549619e0 CR3: 000000003cb5e000 CR4: 0000000000350ef0 [ 87.161044][ T5116] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 87.163719][ T5116] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 87.166239][ T5116] Call Trace: [ 87.167345][ T5116] [ 87.168344][ T5116] ? __die_body+0x88/0xe0 [ 87.169814][ T5116] ? die_addr+0x108/0x140 [ 87.171283][ T5116] ? exc_general_protection+0x3dd/0x5d0 [ 87.173212][ T5116] ? asm_exc_general_protection+0x26/0x30 [ 87.175076][ T5116] ? hfs_get_block+0x3bf/0xb60 [ 87.176676][ T5116] ? hfs_find_init+0x72/0x1f0 [ 87.178245][ T5116] hfs_get_block+0x4f4/0xb60 [ 87.179845][ T5116] ? __pfx_hfs_get_block+0x10/0x10 [ 87.181606][ T5116] ? _raw_spin_unlock+0x28/0x50 [ 87.183299][ T5116] ? create_empty_buffers+0x53e/0x740 [ 87.185143][ T5116] block_read_full_folio+0x418/0xcd0 [ 87.186840][ T5116] ? __pfx_hfs_get_block+0x10/0x10 [ 87.188628][ T5116] ? __pfx_block_read_full_folio+0x10/0x10 [ 87.190520][ T5116] ? __pfx_lru_add_fn+0x10/0x10 [ 87.192056][ T5116] ? folio_add_lru+0x357/0xd70 [ 87.193699][ T5116] ? folio_add_lru+0x58f/0xd70 [ 87.195319][ T5116] filemap_read_folio+0x1a0/0x790 [ 87.197009][ T5116] ? __pfx_hfs_read_folio+0x10/0x10 [ 87.198786][ T5116] ? __pfx_filemap_read_folio+0x10/0x10 [ 87.200585][ T5116] ? __filemap_get_folio+0x984/0xc10 [ 87.202300][ T5116] ? __pfx_lock_release+0x10/0x10 [ 87.203987][ T5116] do_read_cache_folio+0x134/0x820 [ 87.205733][ T5116] ? __pfx_hfs_read_folio+0x10/0x10 [ 87.207464][ T5116] do_read_cache_page+0x30/0x200 [ 87.209129][ T5116] hfs_btree_open+0x50b/0xf20 [ 87.210705][ T5116] hfs_mdb_get+0x1443/0x21b0 [ 87.212382][ T5116] ? __pfx_hfs_mdb_get+0x10/0x10 [ 87.214114][ T5116] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 87.216129][ T5116] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 87.218349][ T5116] ? __raw_spin_lock_init+0x45/0x100 [ 87.220370][ T5116] hfs_fill_super+0x107e/0x1790 [ 87.222219][ T5116] ? __pfx_hfs_fill_super+0x10/0x10 [ 87.224216][ T5116] ? __pfx_vsnprintf+0x10/0x10 [ 87.226012][ T5116] ? do_raw_spin_lock+0x14f/0x370 [ 87.227881][ T5116] ? sb_set_blocksize+0x98/0xf0 [ 87.229635][ T5116] ? setup_bdev_super+0x4e6/0x5d0 [ 87.231547][ T5116] mount_bdev+0x20a/0x2d0 [ 87.233217][ T5116] ? __pfx_hfs_fill_super+0x10/0x10 [ 87.235271][ T5116] ? __pfx_mount_bdev+0x10/0x10 [ 87.237199][ T5116] ? vfs_parse_fs_string+0x190/0x230 [ 87.239245][ T5116] legacy_get_tree+0xee/0x190 [ 87.241046][ T5116] ? __pfx_hfs_mount+0x10/0x10 [ 87.243129][ T5116] vfs_get_tree+0x90/0x2b0 [ 87.244950][ T5116] do_new_mount+0x2be/0xb40 [ 87.246703][ T5116] ? __pfx_do_new_mount+0x10/0x10 [ 87.248601][ T5116] __se_sys_mount+0x2d6/0x3c0 [ 87.250435][ T5116] ? __pfx___se_sys_mount+0x10/0x10 [ 87.252377][ T5116] ? exc_page_fault+0x590/0x8c0 [ 87.254240][ T5116] ? __x64_sys_mount+0x20/0xc0 [ 87.256039][ T5116] do_syscall_64+0xf3/0x230 [ 87.257751][ T5116] ? clear_bhb_loop+0x35/0x90 [ 87.259414][ T5116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.261629][ T5116] RIP: 0033:0x7f3c5497f69a [ 87.263365][ T5116] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.270615][ T5116] RSP: 002b:00007f3c556d6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 87.273439][ T5116] RAX: ffffffffffffffda RBX: 00007f3c556d6ef0 RCX: 00007f3c5497f69a [ 87.276190][ T5116] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007f3c556d6eb0 [ 87.278984][ T5116] RBP: 00000000200000c0 R08: 00007f3c556d6ef0 R09: 0000000000800000 [ 87.281816][ T5116] R10: 0000000000800000 R11: 0000000000000246 R12: 0000000020000040 [ 87.284519][ T5116] R13: 00007f3c556d6eb0 R14: 00000000000002d3 R15: 0000000020000000 [ 87.287309][ T5116] [ 87.288400][ T5116] Modules linked in: [ 87.305011][ T5116] ---[ end trace 0000000000000000 ]--- [ 87.307168][ T5116] RIP: 0010:hfs_find_init+0x72/0x1f0 [ 87.309137][ T5116] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 34 8e 77 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0 [ 87.316799][ T5116] RSP: 0018:ffffc90002d3f2c0 EFLAGS: 00010202 [ 87.318694][ T5116] RAX: 1ffff920005a7e77 RBX: ffffc90002d3f3b8 RCX: 0000000000040000 [ 87.322298][ T5116] RDX: ffffc900031b1000 RSI: 0000000000012cac RDI: ffffc90002d3f3b0 [ 87.325427][ T5116] RBP: 0000000000000000 R08: ffffffff8284808f R09: 0000000000000000 [ 87.328462][ T5116] R10: ffffc90002d3f3a0 R11: fffff520005a7e7b R12: ffffc90002d3f3a0 [ 87.331926][ T5116] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008 [ 87.334614][ T5116] FS: 00007f3c556d76c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 87.338192][ T5116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.340897][ T5116] CR2: 00007f1b7c1af5eb CR3: 000000003cb5e000 CR4: 0000000000350ef0 [ 87.344365][ T5116] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 87.347570][ T5116] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 87.350807][ T5116] Kernel panic - not syncing: Fatal exception [ 87.353685][ T5116] Kernel Offset: disabled [ 87.355606][ T5116] Rebooting in 86400 seconds..