./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2611419272 <...> Warning: Permanently added '10.128.15.205' (ED25519) to the list of known hosts. execve("./syz-executor2611419272", ["./syz-executor2611419272"], 0x7ffcc25ab410 /* 10 vars */) = 0 brk(NULL) = 0x555555f53000 brk(0x555555f53d00) = 0x555555f53d00 arch_prctl(ARCH_SET_FS, 0x555555f53380) = 0 set_tid_address(0x555555f53650) = 5019 set_robust_list(0x555555f53660, 24) = 0 rseq(0x555555f53ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2611419272", 4096) = 28 getrandom("\x78\x92\xfb\x4b\xa1\x37\xc8\xff", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555f53d00 brk(0x555555f74d00) = 0x555555f74d00 brk(0x555555f75000) = 0x555555f75000 mprotect(0x7f2017867000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f200f3b7000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768 munmap(0x7f200f3b7000, 32768) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [ 38.288027][ T5019] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5019 'syz-executor261' [ 38.301541][ T5019] loop0: detected capacity change from 0 to 64 [ 38.312282][ T5019] general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN [ 38.324052][ T5019] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 38.332456][ T5019] CPU: 0 PID: 5019 Comm: syz-executor261 Not tainted 6.5.0-rc2-syzkaller #0 [ 38.341101][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 38.351131][ T5019] RIP: 0010:hfs_find_init+0x74/0x220 [ 38.356414][ T5019] Code: c1 ea 03 80 3c 02 00 0f 85 9c 01 00 00 4c 8d 6b 40 48 c7 45 18 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 4b 01 00 00 8b 43 40 be c0 0c [ 38.376002][ T5019] RSP: 0018:ffffc90003b8f520 EFLAGS: 00010212 [ 38.382042][ T5019] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 38.389985][ T5019] RDX: 0000000000000008 RSI: ffffffff82562015 RDI: ffffc90003b8f598 [ 38.397932][ T5019] RBP: ffffc90003b8f580 R08: 0000000000000004 R09: 0000000000000000 [ 38.405880][ T5019] R10: 0000000000000000 R11: ffffffff90f166a0 R12: 0000000000000000 [ 38.413911][ T5019] R13: 0000000000000040 R14: ffff8880214a814a R15: 0000000000000000 [ 38.421858][ T5019] FS: 0000555555f53380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 38.430765][ T5019] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.437325][ T5019] CR2: 00007ffc0db16000 CR3: 0000000076959000 CR4: 0000000000350ef0 [ 38.445272][ T5019] Call Trace: [ 38.448527][ T5019] [ 38.451433][ T5019] ? die_addr+0x3b/0xa0 [ 38.455566][ T5019] ? exc_general_protection+0x154/0x230 [ 38.461106][ T5019] ? asm_exc_general_protection+0x26/0x30 [ 38.466806][ T5019] ? hfs_find_init+0x15/0x220 [ 38.471458][ T5019] ? hfs_find_init+0x74/0x220 [ 38.476109][ T5019] hfs_ext_read_extent+0x19c/0x9d0 [ 38.481215][ T5019] ? find_held_lock+0x2d/0x110 [ 38.485962][ T5019] ? hfs_free_extents+0x2f0/0x2f0 [ 38.490965][ T5019] ? reacquire_held_locks+0x4b0/0x4b0 [ 38.496316][ T5019] ? folio_alloc_buffers+0x486/0x800 [ 38.501586][ T5019] hfs_get_block+0x55b/0x820 [ 38.506157][ T5019] block_read_full_folio+0x3df/0xae0 [ 38.511422][ T5019] ? hfs_extend_file+0xb10/0xb10 [ 38.516350][ T5019] ? decrypt_bh+0x390/0x390 [ 38.520830][ T5019] ? folio_add_lru+0x452/0x7d0 [ 38.525565][ T5019] ? hfs_bmap+0x30/0x30 [ 38.529697][ T5019] filemap_read_folio+0xe5/0x2b0 [ 38.534617][ T5019] ? __folio_lock_killable+0x20/0x20 [ 38.539882][ T5019] ? __filemap_get_folio+0x1e7/0x990 [ 38.545143][ T5019] do_read_cache_folio+0x1ff/0x540 [ 38.550227][ T5019] ? hfs_bmap+0x30/0x30 [ 38.554363][ T5019] read_cache_page+0x5b/0x180 [ 38.559018][ T5019] hfs_btree_open+0x662/0x1050 [ 38.563762][ T5019] hfs_mdb_get+0x15d0/0x2020 [ 38.568333][ T5019] ? hfs_mdb_put+0x380/0x380 [ 38.572904][ T5019] ? queue_work_node+0x340/0x340 [ 38.577820][ T5019] ? mark_held_locks+0x9f/0xe0 [ 38.582560][ T5019] ? lockdep_init_map_type+0x16d/0x7c0 [ 38.587996][ T5019] ? lockdep_init_map_type+0x16d/0x7c0 [ 38.593431][ T5019] ? __raw_spin_lock_init+0x3a/0x110 [ 38.598693][ T5019] hfs_fill_super+0xb1e/0x16e0 [ 38.603431][ T5019] ? hfs_remount+0x2c0/0x2c0 [ 38.607997][ T5019] ? pointer+0xbf0/0xbf0 [ 38.612222][ T5019] ? set_blocksize+0x2bd/0x360 [ 38.616964][ T5019] ? hfs_remount+0x2c0/0x2c0 [ 38.621525][ T5019] ? mount_bdev+0x30d/0x3d0 [ 38.626008][ T5019] mount_bdev+0x30d/0x3d0 [ 38.630325][ T5019] ? hfs_statfs+0x4b0/0x4b0 [ 38.634812][ T5019] legacy_get_tree+0x109/0x220 [ 38.639575][ T5019] vfs_get_tree+0x88/0x350 [ 38.644069][ T5019] path_mount+0x1492/0x1ed0 [ 38.648549][ T5019] ? kmem_cache_free+0xf0/0x490 [ 38.653375][ T5019] ? finish_automount+0xa50/0xa50 [ 38.658375][ T5019] ? putname+0x101/0x140 [ 38.662599][ T5019] __x64_sys_mount+0x293/0x310 [ 38.667348][ T5019] ? copy_mnt_ns+0xb60/0xb60 [ 38.671912][ T5019] ? lockdep_hardirqs_on+0x7d/0x100 [ 38.677090][ T5019] ? _raw_spin_unlock_irq+0x2e/0x50 [ 38.682266][ T5019] ? ptrace_notify+0xf4/0x130 [ 38.687007][ T5019] do_syscall_64+0x38/0xb0 [ 38.691488][ T5019] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 38.697362][ T5019] RIP: 0033:0x7f20177f58fa [ 38.701851][ T5019] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 38.721433][ T5019] RSP: 002b:00007ffc0db14fb8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 38.729819][ T5019] RAX: ffffffffffffffda RBX: 00007ffc0db14fd0 RCX: 00007f20177f58fa [ 38.737767][ T5019] RDX: 0000000020000000 RSI: 00000000200001c0 RDI: 00007ffc0db14fd0 [ 38.745718][ T5019] RBP: 0000000000000004 R08: 00007ffc0db15010 R09: 00000000000002d8 [ 38.753665][ T5019] R10: 000000000300041c R11: 0000000000000286 R12: 000000000300041c [ 38.761633][ T5019] R13: 00007ffc0db15010 R14: 0000000000000003 R15: 0000000000008000 [ 38.769582][ T5019] [ 38.772575][ T5019] Modules linked in: [ 38.776635][ T5019] ---[ end trace 0000000000000000 ]--- [ 38.782179][ T5019] RIP: 0010:hfs_find_init+0x74/0x220 [ 38.787688][ T5019] Code: c1 ea 03 80 3c 02 00 0f 85 9c 01 00 00 4c 8d 6b 40 48 c7 45 18 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 4b 01 00 00 8b 43 40 be c0 0c [ 38.807409][ T5019] RSP: 0018:ffffc90003b8f520 EFLAGS: 00010212 [ 38.813460][ T5019] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 38.821443][ T5019] RDX: 0000000000000008 RSI: ffffffff82562015 RDI: ffffc90003b8f598 [ 38.829447][ T5019] RBP: ffffc90003b8f580 R08: 0000000000000004 R09: 0000000000000000 [ 38.837430][ T5019] R10: 0000000000000000 R11: ffffffff90f166a0 R12: 0000000000000000 [ 38.845411][ T5019] R13: 0000000000000040 R14: ffff8880214a814a R15: 0000000000000000 [ 38.853574][ T5019] FS: 0000555555f53380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 38.862516][ T5019] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.869202][ T5019] CR2: 00007ffc0db16000 CR3: 0000000076959000 CR4: 0000000000350ef0 [ 38.877183][ T5019] Kernel panic - not syncing: Fatal exception [ 38.884341][ T5019] Kernel Offset: disabled [ 38.888646][ T5019] Rebooting in 86400 seconds..