[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.140' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.232912] ====================================================== [ 28.232912] WARNING: the mand mount option is being deprecated and [ 28.232912] will be removed in v5.15! [ 28.232912] ====================================================== [ 28.272045] ================================================================== [ 28.279559] BUG: KASAN: wild-memory-access in hfsplus_bnode_read+0x154/0x1a0 [ 28.286731] Read of size 1 at addr 0005088000000fff by task syz-executor268/7996 [ 28.294456] [ 28.296068] CPU: 1 PID: 7996 Comm: syz-executor268 Not tainted 4.14.302-syzkaller #0 [ 28.303982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.313433] Call Trace: [ 28.316024] dump_stack+0x1b2/0x281 [ 28.319642] kasan_report_error.cold+0x144/0x191 [ 28.324423] ? hfsplus_bnode_read+0x154/0x1a0 [ 28.328937] kasan_report+0x6f/0x80 [ 28.332567] ? hfsplus_bnode_read+0x154/0x1a0 [ 28.337061] memcpy+0x20/0x50 [ 28.340240] hfsplus_bnode_read+0x154/0x1a0 [ 28.344546] hfsplus_bnode_find+0x6e0/0x9e0 [ 28.349156] ? hfsplus_bnode_put+0x3e0/0x3e0 [ 28.353569] ? depot_save_stack+0x1d3/0x3f0 [ 28.358364] ? hfsplus_bmap_reserve+0x27e/0x410 [ 28.363148] ? trace_hardirqs_on+0x10/0x10 [ 28.367631] hfsplus_bmap_alloc+0xca/0x740 [ 28.371866] ? kasan_kmalloc+0xeb/0x160 [ 28.375847] ? __kmalloc+0x15a/0x400 [ 28.379542] ? hfsplus_find_init+0x91/0x220 [ 28.383842] ? hfsplus_ext_read_extent+0x15f/0x9e0 [ 28.388766] ? hfsplus_bmap_reserve+0x410/0x410 [ 28.393900] ? hfsplus_write_begin+0x87/0x130 [ 28.398384] ? generic_cont_expand_simple+0xe1/0x130 [ 28.403465] ? hfsplus_setattr+0x139/0x310 [ 28.407691] ? notify_change+0x56b/0xd10 [ 28.411747] hfs_btree_inc_height.isra.0+0xb7/0x910 [ 28.416742] ? hfs_bnode_split+0xcf0/0xcf0 [ 28.421042] ? hfsplus_find_init+0x161/0x220 [ 28.425554] ? __mutex_lock+0x360/0x1310 [ 28.429590] hfsplus_brec_insert+0x8f3/0xb30 [ 28.434131] ? fs_reclaim_release+0xd0/0x110 [ 28.438813] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 28.444343] ? hfsplus_brec_find+0x37b/0x460 [ 28.448754] ? hfsplus_brec_remove+0x480/0x480 [ 28.453320] ? hfsplus_brec_keylen+0x2c0/0x2c0 [ 28.457982] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 28.462980] __hfsplus_ext_write_extent+0x439/0x560 [ 28.467976] hfsplus_ext_read_extent+0x81a/0x9e0 [ 28.472707] ? __hfsplus_ext_write_extent+0x560/0x560 [ 28.477870] ? find_get_entries+0x870/0x870 [ 28.482198] ? hfsplus_get_block+0x1f9/0x820 [ 28.486604] hfsplus_file_extend+0x616/0xef0 [ 28.490987] ? clean_bdev_aliases+0x40d/0x510 [ 28.495477] ? hfsplus_free_fork+0x720/0x720 [ 28.499857] ? invalidate_bh_lru+0x150/0x150 [ 28.504240] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 28.509242] hfsplus_get_block+0x15b/0x820 [ 28.513481] __block_write_begin_int+0x35c/0x11d0 [ 28.518486] ? hfsplus_file_extend+0xef0/0xef0 [ 28.523049] ? __breadahead_gfp+0x150/0x150 [ 28.527359] ? wait_for_stable_page+0xe3/0x260 [ 28.531922] ? hfsplus_file_extend+0xef0/0xef0 [ 28.536477] block_write_begin+0x58/0x270 [ 28.540599] cont_write_begin+0x4a3/0x740 [ 28.544724] ? block_write_begin+0x270/0x270 [ 28.549113] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 28.554112] ? __mark_inode_dirty+0x17d/0xf40 [ 28.558579] ? check_preemption_disabled+0x35/0x240 [ 28.563581] hfsplus_write_begin+0x87/0x130 [ 28.567876] ? hfsplus_file_extend+0xef0/0xef0 [ 28.572433] cont_write_begin+0x296/0x740 [ 28.576574] ? block_write_begin+0x270/0x270 [ 28.580959] ? mark_held_locks+0xa6/0xf0 [ 28.584992] hfsplus_write_begin+0x87/0x130 [ 28.589288] ? hfsplus_file_extend+0xef0/0xef0 [ 28.593846] generic_cont_expand_simple+0xe1/0x130 [ 28.598750] ? page_zero_new_buffers+0x420/0x420 [ 28.603483] ? inode_newsize_ok+0x145/0x1c0 [ 28.607777] ? setattr_prepare+0xbe/0x530 [ 28.611900] hfsplus_setattr+0x139/0x310 [ 28.615936] ? hfsplus_file_fsync+0x4a0/0x4a0 [ 28.620406] notify_change+0x56b/0xd10 [ 28.624276] do_truncate+0xff/0x1a0 [ 28.627879] ? finish_open+0x170/0x170 [ 28.631741] ? apparmor_path_truncate+0x163/0x1d0 [ 28.636562] do_sys_ftruncate.constprop.0+0x3a3/0x480 [ 28.641722] ? compat_SyS_truncate+0x40/0x40 [ 28.646116] do_syscall_64+0x1d5/0x640 [ 28.649981] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.655148] RIP: 0033:0x7f17619207b9 [ 28.658832] RSP: 002b:00007ffcd5e2be68 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 28.666515] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f17619207b9 [ 28.673767] RDX: 0000000000000000 RSI: 0000000000048280 RDI: 0000000000000004 [ 28.681019] RBP: 00007f17618e0050 R08: 0000000000000000 R09: 0000000000000000 [ 28.688268] R10: 00000000000005f1 R11: 0000000000000246 R12: 00007f17618e00e0 [ 28.695525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 28.702963] ================================================================== [ 28.710293] Disabling lock debugging due to kernel taint [ 28.722152] Kernel panic - not syncing: panic_on_warn set ... [ 28.722152] [ 28.729541] CPU: 0 PID: 7996 Comm: syz-executor268 Tainted: G B 4.14.302-syzkaller #0 [ 28.738713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.748055] Call Trace: [ 28.750621] dump_stack+0x1b2/0x281 [ 28.754229] panic+0x1f9/0x42d [ 28.757396] ? add_taint.cold+0x16/0x16 [ 28.761614] ? ___preempt_schedule+0x16/0x18 [ 28.766001] kasan_end_report+0x43/0x49 [ 28.769948] kasan_report_error.cold+0xa7/0x191 [ 28.774589] ? hfsplus_bnode_read+0x154/0x1a0 [ 28.779057] kasan_report+0x6f/0x80 [ 28.782669] ? hfsplus_bnode_read+0x154/0x1a0 [ 28.787141] memcpy+0x20/0x50 [ 28.790220] hfsplus_bnode_read+0x154/0x1a0 [ 28.794516] hfsplus_bnode_find+0x6e0/0x9e0 [ 28.798812] ? hfsplus_bnode_put+0x3e0/0x3e0 [ 28.803198] ? depot_save_stack+0x1d3/0x3f0 [ 28.807492] ? hfsplus_bmap_reserve+0x27e/0x410 [ 28.812136] ? trace_hardirqs_on+0x10/0x10 [ 28.816346] hfsplus_bmap_alloc+0xca/0x740 [ 28.820564] ? kasan_kmalloc+0xeb/0x160 [ 28.824532] ? __kmalloc+0x15a/0x400 [ 28.828222] ? hfsplus_find_init+0x91/0x220 [ 28.832523] ? hfsplus_ext_read_extent+0x15f/0x9e0 [ 28.837432] ? hfsplus_bmap_reserve+0x410/0x410 [ 28.842072] ? hfsplus_write_begin+0x87/0x130 [ 28.846542] ? generic_cont_expand_simple+0xe1/0x130 [ 28.851618] ? hfsplus_setattr+0x139/0x310 [ 28.855828] ? notify_change+0x56b/0xd10 [ 28.860047] hfs_btree_inc_height.isra.0+0xb7/0x910 [ 28.865041] ? hfs_bnode_split+0xcf0/0xcf0 [ 28.869255] ? hfsplus_find_init+0x161/0x220 [ 28.873641] ? __mutex_lock+0x360/0x1310 [ 28.877691] hfsplus_brec_insert+0x8f3/0xb30 [ 28.882078] ? fs_reclaim_release+0xd0/0x110 [ 28.886465] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 28.891891] ? hfsplus_brec_find+0x37b/0x460 [ 28.896283] ? hfsplus_brec_remove+0x480/0x480 [ 28.900838] ? hfsplus_brec_keylen+0x2c0/0x2c0 [ 28.905393] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 28.910491] __hfsplus_ext_write_extent+0x439/0x560 [ 28.915494] hfsplus_ext_read_extent+0x81a/0x9e0 [ 28.920311] ? __hfsplus_ext_write_extent+0x560/0x560 [ 28.925484] ? find_get_entries+0x870/0x870 [ 28.929781] ? hfsplus_get_block+0x1f9/0x820 [ 28.934172] hfsplus_file_extend+0x616/0xef0 [ 28.938554] ? clean_bdev_aliases+0x40d/0x510 [ 28.943024] ? hfsplus_free_fork+0x720/0x720 [ 28.947494] ? invalidate_bh_lru+0x150/0x150 [ 28.951879] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 28.956869] hfsplus_get_block+0x15b/0x820 [ 28.961082] __block_write_begin_int+0x35c/0x11d0 [ 28.965899] ? hfsplus_file_extend+0xef0/0xef0 [ 28.970457] ? __breadahead_gfp+0x150/0x150 [ 28.974754] ? wait_for_stable_page+0xe3/0x260 [ 28.979396] ? hfsplus_file_extend+0xef0/0xef0 [ 28.983972] block_write_begin+0x58/0x270 [ 28.988095] cont_write_begin+0x4a3/0x740 [ 28.992306] ? block_write_begin+0x270/0x270 [ 28.996690] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 29.001712] ? __mark_inode_dirty+0x17d/0xf40 [ 29.006187] ? check_preemption_disabled+0x35/0x240 [ 29.011197] hfsplus_write_begin+0x87/0x130 [ 29.015509] ? hfsplus_file_extend+0xef0/0xef0 [ 29.020081] cont_write_begin+0x296/0x740 [ 29.024209] ? block_write_begin+0x270/0x270 [ 29.028591] ? mark_held_locks+0xa6/0xf0 [ 29.032626] hfsplus_write_begin+0x87/0x130 [ 29.036922] ? hfsplus_file_extend+0xef0/0xef0 [ 29.041476] generic_cont_expand_simple+0xe1/0x130 [ 29.046382] ? page_zero_new_buffers+0x420/0x420 [ 29.051112] ? inode_newsize_ok+0x145/0x1c0 [ 29.055405] ? setattr_prepare+0xbe/0x530 [ 29.059526] hfsplus_setattr+0x139/0x310 [ 29.063560] ? hfsplus_file_fsync+0x4a0/0x4a0 [ 29.068030] notify_change+0x56b/0xd10 [ 29.071900] do_truncate+0xff/0x1a0 [ 29.075500] ? finish_open+0x170/0x170 [ 29.079363] ? apparmor_path_truncate+0x163/0x1d0 [ 29.084180] do_sys_ftruncate.constprop.0+0x3a3/0x480 [ 29.089345] ? compat_SyS_truncate+0x40/0x40 [ 29.093730] do_syscall_64+0x1d5/0x640 [ 29.097594] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 29.102770] RIP: 0033:0x7f17619207b9 [ 29.106467] RSP: 002b:00007ffcd5e2be68 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 29.115710] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f17619207b9 [ 29.122958] RDX: 0000000000000000 RSI: 0000000000048280 RDI: 0000000000000004 [ 29.130202] RBP: 00007f17618e0050 R08: 0000000000000000 R09: 0000000000000000 [ 29.137532] R10: 00000000000005f1 R11: 0000000000000246 R12: 00007f17618e00e0 [ 29.144778] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 29.152261] Kernel Offset: disabled [ 29.155869] Rebooting in 86400 seconds..