Warning: Permanently added '10.128.1.91' (ED25519) to the list of known hosts. executing program [ 40.742147][ T4020] loop0: detected capacity change from 0 to 1024 [ 40.756578][ T4020] hfsplus: request for non-existent node -1191182336 in B*Tree [ 40.758218][ T4020] hfsplus: request for non-existent node -1191182336 in B*Tree [ 40.762356][ T4020] ================================================================== [ 40.763989][ T4020] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x84/0x24c [ 40.765559][ T4020] Read of size 8 at addr ffff0000c0b1b6c0 by task syz-executor237/4020 [ 40.767100][ T4020] [ 40.767574][ T4020] CPU: 1 PID: 4020 Comm: syz-executor237 Not tainted 5.15.176-syzkaller #0 [ 40.769252][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 40.771255][ T4020] Call trace: [ 40.771870][ T4020] dump_backtrace+0x0/0x530 [ 40.772781][ T4020] show_stack+0x2c/0x3c [ 40.773604][ T4020] dump_stack_lvl+0x108/0x170 [ 40.774499][ T4020] print_address_description+0x7c/0x3f0 [ 40.775580][ T4020] kasan_report+0x174/0x1e4 [ 40.776457][ T4020] __asan_report_load8_noabort+0x44/0x50 [ 40.777614][ T4020] hfsplus_bnode_read+0x84/0x24c [ 40.778599][ T4020] hfsplus_bnode_dump+0x2c4/0x4cc [ 40.779597][ T4020] hfsplus_brec_remove+0x3d0/0x4a4 [ 40.780612][ T4020] __hfsplus_delete_attr+0x1e0/0x3ec [ 40.781627][ T4020] hfsplus_delete_all_attrs+0x214/0x348 [ 40.782729][ T4020] hfsplus_delete_cat+0x9a4/0xd6c [ 40.783768][ T4020] hfsplus_unlink+0x2c0/0x6a0 [ 40.784700][ T4020] vfs_unlink+0x2f0/0x508 [ 40.785559][ T4020] do_unlinkat+0x4cc/0x830 [ 40.786409][ T4020] __arm64_sys_unlinkat+0xcc/0xfc [ 40.787418][ T4020] invoke_syscall+0x98/0x2b8 [ 40.788303][ T4020] el0_svc_common+0x138/0x258 [ 40.789255][ T4020] do_el0_svc+0x58/0x14c [ 40.790075][ T4020] el0_svc+0x7c/0x1f0 [ 40.790869][ T4020] el0t_64_sync_handler+0x84/0xe4 [ 40.791843][ T4020] el0t_64_sync+0x1a0/0x1a4 [ 40.792704][ T4020] [ 40.793157][ T4020] Allocated by task 4020: [ 40.793997][ T4020] ____kasan_kmalloc+0xbc/0xfc [ 40.794969][ T4020] __kasan_kmalloc+0x10/0x1c [ 40.795860][ T4020] __kmalloc+0x29c/0x4c8 [ 40.796674][ T4020] __hfs_bnode_create+0xe4/0x864 [ 40.797656][ T4020] hfsplus_bnode_find+0x200/0xcb0 [ 40.798652][ T4020] hfsplus_brec_find+0x134/0x4a0 [ 40.799648][ T4020] hfsplus_delete_all_attrs+0x1ec/0x348 [ 40.800800][ T4020] hfsplus_delete_cat+0x9a4/0xd6c [ 40.801817][ T4020] hfsplus_unlink+0x2c0/0x6a0 [ 40.802744][ T4020] vfs_unlink+0x2f0/0x508 [ 40.803591][ T4020] do_unlinkat+0x4cc/0x830 [ 40.804504][ T4020] __arm64_sys_unlinkat+0xcc/0xfc [ 40.805461][ T4020] invoke_syscall+0x98/0x2b8 [ 40.806355][ T4020] el0_svc_common+0x138/0x258 [ 40.807269][ T4020] do_el0_svc+0x58/0x14c [ 40.808112][ T4020] el0_svc+0x7c/0x1f0 [ 40.808888][ T4020] el0t_64_sync_handler+0x84/0xe4 [ 40.809868][ T4020] el0t_64_sync+0x1a0/0x1a4 [ 40.810770][ T4020] [ 40.811215][ T4020] The buggy address belongs to the object at ffff0000c0b1b600 [ 40.811215][ T4020] which belongs to the cache kmalloc-256 of size 256 [ 40.813920][ T4020] The buggy address is located 192 bytes inside of [ 40.813920][ T4020] 256-byte region [ffff0000c0b1b600, ffff0000c0b1b700) [ 40.816446][ T4020] The buggy address belongs to the page: [ 40.817558][ T4020] page:00000000628a6e82 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b1a [ 40.819520][ T4020] head:00000000628a6e82 order:1 compound_mapcount:0 [ 40.820837][ T4020] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 40.822383][ T4020] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0002480 [ 40.824051][ T4020] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 40.825723][ T4020] page dumped because: kasan: bad access detected [ 40.826970][ T4020] [ 40.827414][ T4020] Memory state around the buggy address: [ 40.828579][ T4020] ffff0000c0b1b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.830086][ T4020] ffff0000c0b1b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 40.831673][ T4020] >ffff0000c0b1b680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.833199][ T4020] ^ [ 40.834374][ T4020] ffff0000c0b1b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.835928][ T4020] ffff0000c0b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.837526][ T4020] ================================================================== [ 40.839072][ T4020] Disabling lock debugging due to kernel taint [ 40.840387][ T4020] Unable to handle kernel paging request at virtual address ffff72c800007f9f [ 40.842046][ T4020] Mem abort info: [ 40.842741][ T4020] ESR = 0x0000000096000004 [ 40.843611][ T4020] EC = 0x25: DABT (current EL), IL = 32 bits [ 40.844765][ T4020] SET = 0, FnV = 0 [ 40.845494][ T4020] EA = 0, S1PTW = 0 [ 40.846261][ T4020] FSC = 0x04: level 0 translation fault [ 40.847398][ T4020] Data abort info: [ 40.848106][ T4020] ISV = 0, ISS = 0x00000004 [ 40.848992][ T4020] CM = 0, WnR = 0 [ 40.849790][ T4020] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001ae186000 [ 40.851215][ T4020] [ffff72c800007f9f] pgd=0000000000000000, p4d=0000000000000000 [ 40.852825][ T4020] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 40.854148][ T4020] Modules linked in: [ 40.854919][ T4020] CPU: 1 PID: 4020 Comm: syz-executor237 Tainted: G B 5.15.176-syzkaller #0 [ 40.856821][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 40.858764][ T4020] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 40.860288][ T4020] pc : kasan_check_range+0x74/0x2b4 [ 40.861325][ T4020] lr : memcpy+0x90/0xe8 [ 40.862157][ T4020] sp : ffff80001fe47370 [ 40.862969][ T4020] x29: ffff80001fe47370 x28: 00000000000000ff x27: dfff800000000000 [ 40.864505][ T4020] x26: ffff80001fe474a0 x25: 1ffff000028a5903 x24: 0000000000000001 [ 40.866056][ T4020] x23: ffff8000171b4000 x22: ffff800008fc355c x21: ffff80001fe47480 [ 40.867642][ T4020] x20: ffff96400003fcff x19: 0000000000000001 x18: 0000000000000000 [ 40.869186][ T4020] x17: 0000000000000000 x16: ffff800011b4b8b4 x15: 00000000000000ff [ 40.870805][ T4020] x14: ffff0000dd663680 x13: 0000000000ff0100 x12: 0000000000000001 [ 40.872366][ T4020] x11: 1ffff2c800007f9f x10: 1ffff2c800007f9f x9 : ffffffffffffffff [ 40.873971][ T4020] x8 : ffff72c800007f9f x7 : 0000000000000000 x6 : 00000000000000ff [ 40.875516][ T4020] x5 : ffff80001fe474a2 x4 : ffff0000dc7f800c x3 : ffff800008fc355c [ 40.877073][ T4020] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffff96400003fcff [ 40.878653][ T4020] Call trace: [ 40.879308][ T4020] kasan_check_range+0x74/0x2b4 [ 40.880273][ T4020] memcpy+0x90/0xe8 [ 40.881005][ T4020] hfsplus_bnode_read+0x120/0x24c [ 40.881960][ T4020] hfsplus_bnode_dump+0x2c4/0x4cc [ 40.882963][ T4020] hfsplus_brec_remove+0x3d0/0x4a4 [ 40.883928][ T4020] __hfsplus_delete_attr+0x1e0/0x3ec [ 40.884966][ T4020] hfsplus_delete_all_attrs+0x214/0x348 [ 40.886055][ T4020] hfsplus_delete_cat+0x9a4/0xd6c [ 40.887065][ T4020] hfsplus_unlink+0x2c0/0x6a0 [ 40.887958][ T4020] vfs_unlink+0x2f0/0x508 [ 40.888800][ T4020] do_unlinkat+0x4cc/0x830 [ 40.889637][ T4020] __arm64_sys_unlinkat+0xcc/0xfc [ 40.890631][ T4020] invoke_syscall+0x98/0x2b8 [ 40.891512][ T4020] el0_svc_common+0x138/0x258 [ 40.892405][ T4020] do_el0_svc+0x58/0x14c [ 40.893227][ T4020] el0_svc+0x7c/0x1f0 [ 40.894003][ T4020] el0t_64_sync_handler+0x84/0xe4 [ 40.894958][ T4020] el0t_64_sync+0x1a0/0x1a4 [ 40.895851][ T4020] Code: 5400014c b4000b8c aa2a03e9 8b0b0129 (3940010a) [ 40.897198][ T4020] ---[ end trace d54f7d270c5c3066 ]--- [ 41.202040][ T4020] Kernel panic - not syncing: Oops: Fatal exception [ 41.203610][ T4020] SMP: stopping secondary CPUs [ 41.204747][ T4020] Kernel Offset: disabled [ 41.205642][ T4020] CPU features: 0x8,000081c1,21302e40 [ 41.206744][ T4020] Memory Limit: none [ 41.485489][ T4020] Rebooting in 86400 seconds..