./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2711865786 <...> Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts. execve("./syz-executor2711865786", ["./syz-executor2711865786"], 0x7ffdfa7d5cf0 /* 10 vars */) = 0 brk(NULL) = 0x5555571c3000 brk(0x5555571c3c40) = 0x5555571c3c40 arch_prctl(ARCH_SET_FS, 0x5555571c3300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2711865786", 4096) = 28 brk(0x5555571e4c40) = 0x5555571e4c40 brk(0x5555571e5000) = 0x5555571e5000 mprotect(0x7fc1e3bbd000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc1db704000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7fc1db704000, 524288) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file1", 0777) = 0 mount("/dev/loop0", "./file1", "hfsplus", MS_MANDLOCK|MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL|MS_LAZYTIME, "") = 0 openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 chdir("./file1") = 0 ioctl(4, LOOP_CLR_FD) = 0 [ 52.519745][ T3635] loop0: detected capacity change from 0 to 1024 [ 52.529494][ T3635] ======================================================= [ 52.529494][ T3635] WARNING: The mand mount option has been deprecated and [ 52.529494][ T3635] and is ignored by this kernel. Remove the mand [ 52.529494][ T3635] option from the mount to silence this warning. [ 52.529494][ T3635] ======================================================= close(4) = 0 [ 52.573675][ T3635] ------------[ cut here ]------------ [ 52.579460][ T3635] kernel BUG at fs/hfsplus/xattr.c:175! [ 52.585031][ T3635] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 52.591116][ T3635] CPU: 0 PID: 3635 Comm: syz-executor271 Not tainted 6.1.0-rc8-syzkaller-00154-g296a7b7eb792 #0 [ 52.601540][ T3635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.611584][ T3635] RIP: 0010:__hfsplus_setxattr+0x1c22/0x1ea0 [ 52.617569][ T3635] Code: 89 34 24 e8 20 7f 87 ff 48 8b 34 24 e9 26 eb ff ff e8 12 7f 87 ff e9 fb ea ff ff e8 08 7f 87 ff e9 a3 ea ff ff e8 ce a4 3a ff <0f> 0b 48 8b 7c 24 48 e8 72 7f 87 ff e9 b7 fe ff ff e8 e8 7e 87 ff [ 52.637168][ T3635] RSP: 0018:ffffc90003c4f580 EFLAGS: 00010293 [ 52.643226][ T3635] RAX: 0000000000000000 RBX: ffff888078117800 RCX: 0000000000000000 [ 52.651200][ T3635] RDX: ffff888028369d40 RSI: ffffffff82457932 RDI: 0000000000000007 [ 52.659169][ T3635] RBP: ffff8880727e01b0 R08: 0000000000000007 R09: 0000000000000000 [ 52.667133][ T3635] R10: 0000000000010000 R11: 1ffffffff2102d94 R12: 0000000000010000 [ 52.675100][ T3635] R13: ffff888073f69800 R14: ffffc90003c4f648 R15: ffff8880727e0140 [ 52.683243][ T3635] FS: 00005555571c3300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 52.692259][ T3635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.698833][ T3635] CR2: 00000000005d84c8 CR3: 000000007621d000 CR4: 0000000000350ef0 [ 52.706795][ T3635] Call Trace: [ 52.710061][ T3635] [ 52.712982][ T3635] ? __stack_depot_save+0x264/0x560 [ 52.718174][ T3635] ? copy_name+0xa0/0xa0 [ 52.722404][ T3635] ? mark_held_locks+0x9f/0xe0 [ 52.727166][ T3635] ? lockdep_hardirqs_on+0x7d/0x100 [ 52.732353][ T3635] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 52.738151][ T3635] ? __stack_depot_save+0x264/0x560 [ 52.743339][ T3635] ? kasan_save_stack+0x35/0x40 [ 52.748182][ T3635] ? kasan_save_stack+0x22/0x40 [ 52.753020][ T3635] ? kasan_set_track+0x25/0x30 [ 52.757773][ T3635] ? __kasan_kmalloc+0xa5/0xb0 [ 52.762531][ T3635] ? hfsplus_setxattr+0x61/0x110 [ 52.767545][ T3635] ? __vfs_setxattr+0x119/0x180 [ 52.772385][ T3635] ? __vfs_setxattr_noperm+0x129/0x5f0 [ 52.777831][ T3635] ? __vfs_setxattr_locked+0x1d3/0x260 [ 52.783275][ T3635] ? vfs_setxattr+0x143/0x340 [ 52.787938][ T3635] ? setxattr+0x146/0x160 [ 52.792256][ T3635] ? path_setxattr+0x197/0x1c0 [ 52.797005][ T3635] ? __x64_sys_setxattr+0xc4/0x160 [ 52.802101][ T3635] ? do_syscall_64+0x39/0xb0 [ 52.806685][ T3635] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.812748][ T3635] ? find_held_lock+0x2d/0x110 [ 52.817509][ T3635] ? __kmem_cache_alloc_node+0x4e/0x3e0 [ 52.823054][ T3635] hfsplus_setxattr+0xd2/0x110 [ 52.827811][ T3635] ? hfsplus_listxattr+0xb70/0xb70 [ 52.832911][ T3635] __vfs_setxattr+0x119/0x180 [ 52.837582][ T3635] ? xattr_resolve_name+0x3d0/0x3d0 [ 52.842861][ T3635] __vfs_setxattr_noperm+0x129/0x5f0 [ 52.848142][ T3635] __vfs_setxattr_locked+0x1d3/0x260 [ 52.853418][ T3635] ? lock_downgrade+0x6e0/0x6e0 [ 52.858354][ T3635] vfs_setxattr+0x143/0x340 [ 52.862846][ T3635] ? __vfs_setxattr_locked+0x260/0x260 [ 52.868292][ T3635] ? do_setxattr+0x129/0x220 [ 52.872868][ T3635] setxattr+0x146/0x160 [ 52.877011][ T3635] ? do_setxattr+0x220/0x220 [ 52.881588][ T3635] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 52.887565][ T3635] ? find_held_lock+0x2d/0x110 [ 52.892319][ T3635] ? __mnt_want_write+0x3f/0x2e0 [ 52.897246][ T3635] ? lock_downgrade+0x6e0/0x6e0 [ 52.902090][ T3635] ? lock_release+0x810/0x810 [ 52.906761][ T3635] ? __mnt_want_write+0x1fe/0x2e0 [ 52.911776][ T3635] path_setxattr+0x197/0x1c0 [ 52.916352][ T3635] ? setxattr+0x160/0x160 [ 52.920667][ T3635] ? lockdep_hardirqs_on+0x7d/0x100 [ 52.925906][ T3635] __x64_sys_setxattr+0xc4/0x160 [ 52.930829][ T3635] do_syscall_64+0x39/0xb0 [ 52.935235][ T3635] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.941117][ T3635] RIP: 0033:0x7fc1e3b50789 [ 52.945516][ T3635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.965119][ T3635] RSP: 002b:00007fffaab50c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 52.973522][ T3635] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007fc1e3b50789 [ 52.981478][ T3635] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020000080 [ 52.989433][ T3635] RBP: 00007fc1e3b10020 R08: 0000000000000000 R09: 0000000000000000 [ 52.997387][ T3635] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc1e3b100b0 [ 53.005362][ T3635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 53.013416][ T3635] [ 53.016419][ T3635] Modules linked in: [ 53.020571][ T3635] ---[ end trace 0000000000000000 ]--- [ 53.026233][ T3635] RIP: 0010:__hfsplus_setxattr+0x1c22/0x1ea0 [ 53.032311][ T3635] Code: 89 34 24 e8 20 7f 87 ff 48 8b 34 24 e9 26 eb ff ff e8 12 7f 87 ff e9 fb ea ff ff e8 08 7f 87 ff e9 a3 ea ff ff e8 ce a4 3a ff <0f> 0b 48 8b 7c 24 48 e8 72 7f 87 ff e9 b7 fe ff ff e8 e8 7e 87 ff [ 53.051952][ T3635] RSP: 0018:ffffc90003c4f580 EFLAGS: 00010293 [ 53.058063][ T3635] RAX: 0000000000000000 RBX: ffff888078117800 RCX: 0000000000000000 [ 53.066029][ T3635] RDX: ffff888028369d40 RSI: ffffffff82457932 RDI: 0000000000000007 [ 53.074021][ T3635] RBP: ffff8880727e01b0 R08: 0000000000000007 R09: 0000000000000000 [ 53.082014][ T3635] R10: 0000000000010000 R11: 1ffffffff2102d94 R12: 0000000000010000 [ 53.090022][ T3635] R13: ffff888073f69800 R14: ffffc90003c4f648 R15: ffff8880727e0140 [ 53.098026][ T3635] FS: 00005555571c3300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 53.106994][ T3635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.113577][ T3635] CR2: 0000563ad5c6bc18 CR3: 000000007621d000 CR4: 0000000000350ee0 [ 53.121668][ T3635] Kernel panic - not syncing: Fatal exception [ 53.128400][ T3635] Kernel Offset: disabled [ 53.132713][ T3635] Rebooting in 86400 seconds..