program: bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0xe, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x53}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30, 0x2d, 0x31, 0x3a]}}}, 0x4e}]}) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/11, 0xb) syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x10000, &(0x7f0000000040)={[{@part={'part', 0x3d, 0x4}}]}, 0x1, 0x257, &(0x7f00000002c0)="$eJzs3U9rE0EYx/HfTGKb2lLXtiJ4kmrBk7T1Il4EyYvwJGoToRgqaAX1JJ7Fg0fvvgVfhCfxDejJky8gt5WZnfxttrutzQ5Jvx9IWNh5Zp9xdt15AmUE4Nx60Pz19c4f96lJNdUkfb4uK6kh1SVd0dXG64PD/cNOu3VcRzUf4T5GWaQ50mbvoD0ptDHWMnHxda34XjBVaZqmv2MngeiMf4KPstJieJ79+UblmU3H+9gJnJV0MefExOnsM1119UarU8kJADAzwvvfhhfHSli/Wytthdf+XL3/u7ETiGzo/e+rrNS4+b3kTw3qPV+YufO2VyWe5loLyu6skRWJKaoqfS526dl+p31770WnZfVB94OhZhv+u5Xduj0F2W5OqE2PcfqxL/sxXHBj2M3Jf/1sr1jMfDc/zCOT6Ita/fVfPTVumvxMJWMzleW/nd+jH2WStcoZ5WV/kWvhCkHBKBv5S9iF0OfIDwRJUZ4+am0sKhvdTkHU+sSo3YKojfGo7G5eyg+rgPlkHppN/dU3NYfW/9b9a2+pzJPp2viW4c5wT2duy7pvmZRIzJ5oGPg/H/VUd7X66u275086nfZLDjjggIP+Qez/oFCFwaTHzgSRuHWXyeq/oXpl25dI7isZWaePVk5pUedDPe7k1AZr/vviiSq45fwKrmzNdeOWdLP8FZOQ55wwTf3UY37/BwAAAAAAAAAAAAAAAAAAmDVV/DlB7DECAAAAAAAAAAAAAAAAAAAAADDrBvv/mt7+v/dU9f6/0shGOSX3/52XrciAaP4FAAD//zFPggg=") [ 85.318504][ T5328] tmpfs: Bad value for 'mpol' [ 85.337155][ T5304] Bluetooth: hci0: command tx timeout [ 85.392258][ T5329] loop0: detected capacity change from 0 to 64 [ 85.429214][ T5329] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN NOPTI [ 85.434492][ T5329] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 85.438626][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 85.443436][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.447825][ T5329] RIP: 0010:hfs_find_init+0x6a/0x1e0 [ 85.450358][ T5329] Code: 7e 18 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 c8 b4 8a ff 49 c7 07 00 00 00 00 48 8d 6b 40 49 89 ef 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 0c 01 00 00 8b 45 00 8d 3c 45 04 00 00 [ 85.458510][ T5329] RSP: 0018:ffffc9000d50f588 EFLAGS: 00010202 [ 85.461225][ T5329] RAX: 1ffff92001aa1ecf RBX: 0000000000000000 RCX: 0000000000100000 [ 85.464261][ T5329] RDX: ffffc9000e623000 RSI: 0000000000001afa RDI: ffffc9000d50f670 [ 85.467759][ T5329] RBP: 0000000000000040 R08: ffffc9000d50f697 R09: 0000000000000000 [ 85.471707][ T5329] R10: ffffc9000d50f660 R11: fffff52001aa1ed3 R12: ffff888035fa0640 [ 85.474721][ T5329] R13: dffffc0000000000 R14: ffffc9000d50f660 R15: 0000000000000008 [ 85.478227][ T5329] FS: 00007f46fae896c0(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000 [ 85.482501][ T5329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.485310][ T5329] CR2: 0000556662015070 CR3: 0000000042b12000 CR4: 0000000000352ef0 [ 85.488542][ T5329] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.491752][ T5329] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.494896][ T5329] Call Trace: [ 85.496713][ T5329] [ 85.498377][ T5329] hfs_get_block+0x51b/0xbd0 [ 85.500767][ T5329] ? __pfx_hfs_get_block+0x10/0x10 [ 85.502761][ T5329] ? _raw_spin_unlock+0x28/0x50 [ 85.504848][ T5329] block_read_full_folio+0x29f/0x830 [ 85.507114][ T5329] ? __pfx_hfs_get_block+0x10/0x10 [ 85.509144][ T5329] filemap_read_folio+0x117/0x380 [ 85.511186][ T5329] ? __pfx_hfs_read_folio+0x10/0x10 [ 85.513238][ T5329] ? __pfx_filemap_read_folio+0x10/0x10 [ 85.515559][ T5329] ? filemap_add_folio+0x1af/0x270 [ 85.517857][ T5329] do_read_cache_folio+0x350/0x590 [ 85.520129][ T5329] ? __pfx_hfs_read_folio+0x10/0x10 [ 85.522536][ T5329] read_cache_page+0x5d/0x170 [ 85.524654][ T5329] hfs_btree_open+0x55f/0x14f0 [ 85.526732][ T5329] ? hfs_mdb_get+0x1293/0x2080 [ 85.528995][ T5329] hfs_mdb_get+0x1327/0x2080 [ 85.530910][ T5329] ? __pfx_hfs_mdb_get+0x10/0x10 [ 85.533061][ T5329] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 85.536060][ T5329] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 85.539352][ T5329] hfs_fill_super+0x37b/0x640 [ 85.541628][ T5329] ? __pfx_hfs_fill_super+0x10/0x10 [ 85.543855][ T5329] ? sb_set_blocksize+0x104/0x180 [ 85.545905][ T5329] ? setup_bdev_super+0x4c1/0x5b0 [ 85.548007][ T5329] get_tree_bdev_flags+0x40e/0x4d0 [ 85.550156][ T5329] ? __pfx_hfs_fill_super+0x10/0x10 [ 85.552341][ T5329] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 85.555538][ T5329] vfs_get_tree+0x92/0x2b0 [ 85.557625][ T5329] do_new_mount+0x24a/0xa40 [ 85.559871][ T5329] __se_sys_mount+0x317/0x410 [ 85.562039][ T5329] ? __pfx___se_sys_mount+0x10/0x10 [ 85.564394][ T5329] ? do_syscall_64+0xbe/0x3b0 [ 85.566389][ T5329] ? __x64_sys_mount+0x20/0xc0 [ 85.568387][ T5329] do_syscall_64+0xfa/0x3b0 [ 85.570325][ T5329] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.572550][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.575075][ T5329] ? clear_bhb_loop+0x60/0xb0 [ 85.577097][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.579994][ T5329] RIP: 0033:0x7f46f9f900ca [ 85.582112][ T5329] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.590081][ T5329] RSP: 002b:00007f46fae88e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 85.593501][ T5329] RAX: ffffffffffffffda RBX: 00007f46fae88ef0 RCX: 00007f46f9f900ca [ 85.596727][ T5329] RDX: 0000200000000240 RSI: 0000200000000280 RDI: 00007f46fae88eb0 [ 85.600055][ T5329] RBP: 0000200000000240 R08: 00007f46fae88ef0 R09: 0000000000010000 [ 85.603678][ T5329] R10: 0000000000010000 R11: 0000000000000246 R12: 0000200000000280 [ 85.607120][ T5329] R13: 00007f46fae88eb0 R14: 0000000000000257 R15: 0000200000000040 [ 85.610343][ T5329] [ 85.611658][ T5329] Modules linked in: [ 85.614050][ T5329] ---[ end trace 0000000000000000 ]--- [ 85.640566][ T5329] RIP: 0010:hfs_find_init+0x6a/0x1e0 [ 85.644548][ T5329] Code: 7e 18 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 c8 b4 8a ff 49 c7 07 00 00 00 00 48 8d 6b 40 49 89 ef 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 0c 01 00 00 8b 45 00 8d 3c 45 04 00 00 [ 85.654615][ T5329] RSP: 0018:ffffc9000d50f588 EFLAGS: 00010202 [ 85.657352][ T5329] RAX: 1ffff92001aa1ecf RBX: 0000000000000000 RCX: 0000000000100000 [ 85.660597][ T5329] RDX: ffffc9000e623000 RSI: 0000000000001afa RDI: ffffc9000d50f670 [ 85.664128][ T5329] RBP: 0000000000000040 R08: ffffc9000d50f697 R09: 0000000000000000 [ 85.667915][ T5329] R10: ffffc9000d50f660 R11: fffff52001aa1ed3 R12: ffff888035fa0640 [ 85.671848][ T5329] R13: dffffc0000000000 R14: ffffc9000d50f660 R15: 0000000000000008 [ 85.675272][ T5329] FS: 00007f46fae896c0(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000 [ 85.679036][ T5329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.681861][ T5329] CR2: 00007f1726e01000 CR3: 0000000042b12000 CR4: 0000000000352ef0 [ 85.685235][ T5329] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.689020][ T5329] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.693058][ T5329] Kernel panic - not syncing: Fatal exception [ 85.695940][ T5329] Kernel Offset: disabled [ 85.697785][ T5329] Rebooting in 86400 seconds..