./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor380427248 <...> Warning: Permanently added '10.128.10.35' (ED25519) to the list of known hosts. execve("./syz-executor380427248", ["./syz-executor380427248"], 0x7ffc8314f400 /* 10 vars */) = 0 brk(NULL) = 0x55555673d000 brk(0x55555673dd00) = 0x55555673dd00 arch_prctl(ARCH_SET_FS, 0x55555673d380) = 0 set_tid_address(0x55555673d650) = 5018 set_robust_list(0x55555673d660, 24) = 0 rseq(0x55555673dca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor380427248", 4096) = 27 getrandom("\x9b\x8f\x35\x0f\x80\x3a\x72\x50", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555673dd00 brk(0x55555675ed00) = 0x55555675ed00 brk(0x55555675f000) = 0x55555675f000 mprotect(0x7fcff4ace000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555673d650) = 5019 ./strace-static-x86_64: Process 5019 attached [pid 5019] set_robust_list(0x55555673d660, 24) = 0 [pid 5019] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5019] setpgid(0, 0) = 0 [pid 5019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5019] write(3, "1000", 4) = 4 [pid 5019] close(3) = 0 [pid 5019] memfd_create("syzkaller", 0) = 3 [pid 5019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcfec600000 [pid 5019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768 [pid 5019] munmap(0x7fcfec600000, 138412032) = 0 [pid 5019] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5019] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5019] close(3) = 0 [pid 5019] close(4) = 0 [pid 5019] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [ 148.572498][ T5019] loop0: detected capacity change from 0 to 64 [ 148.620829][ T5019] hfs: filesystem is marked locked, mounting read-only. [ 148.628402][ T5019] ===================================================== [ 148.636479][ T5019] BUG: KMSAN: uninit-value in hfs_cat_keycmp+0x154/0x210 [ 148.643839][ T5019] hfs_cat_keycmp+0x154/0x210 [ 148.648737][ T5019] __hfs_brec_find+0x250/0x820 [ 148.653764][ T5019] hfs_brec_find+0x436/0x970 [ 148.658605][ T5019] hfs_brec_read+0x3f/0x1a0 [ 148.663427][ T5019] hfs_cat_find_brec+0xe6/0x400 [ 148.668459][ T5019] hfs_fill_super+0x1f27/0x23c0 [ 148.673682][ T5019] mount_bdev+0x38f/0x510 [ 148.678237][ T5019] hfs_mount+0x4d/0x60 [ 148.682603][ T5019] legacy_get_tree+0x110/0x290 [ 148.687563][ T5019] vfs_get_tree+0xa5/0x560 [ 148.692311][ T5019] do_new_mount+0x71f/0x15e0 [ 148.697119][ T5019] path_mount+0x73d/0x1f20 [ 148.701938][ T5019] __se_sys_mount+0x725/0x810 [ 148.706831][ T5019] __x64_sys_mount+0xe4/0x140 [ 148.711957][ T5019] do_syscall_64+0xcf/0x1e0 [ 148.716689][ T5019] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 148.723193][ T5019] [ 148.726148][ T5019] Uninit was created at: [ 148.730718][ T5019] __kmalloc+0x919/0xf80 [ 148.735280][ T5019] hfs_find_init+0x91/0x250 [ 148.739946][ T5019] hfs_fill_super+0x1eb9/0x23c0 [ 148.745175][ T5019] mount_bdev+0x38f/0x510 [ 148.749718][ T5019] hfs_mount+0x4d/0x60 [ 148.753992][ T5019] legacy_get_tree+0x110/0x290 [ 148.758933][ T5019] vfs_get_tree+0xa5/0x560 [ 148.763669][ T5019] do_new_mount+0x71f/0x15e0 [ 148.768462][ T5019] path_mount+0x73d/0x1f20 [ 148.773127][ T5019] __se_sys_mount+0x725/0x810 [ 148.777993][ T5019] __x64_sys_mount+0xe4/0x140 [ 148.782935][ T5019] do_syscall_64+0xcf/0x1e0 [ 148.787651][ T5019] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 148.793896][ T5019] [ 148.796335][ T5019] CPU: 1 PID: 5019 Comm: syz-executor380 Not tainted 6.8.0-rc6-syzkaller-00238-g5ad3cb0ed525 #0 [ 148.807027][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 148.817257][ T5019] ===================================================== [ 148.824487][ T5019] Disabling lock debugging due to kernel taint [ 148.830842][ T5019] Kernel panic - not syncing: kmsan.panic set ... [ 148.837385][ T5019] CPU: 1 PID: 5019 Comm: syz-executor380 Tainted: G B 6.8.0-rc6-syzkaller-00238-g5ad3cb0ed525 #0 [ 148.849648][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 148.859836][ T5019] Call Trace: [ 148.863200][ T5019] [ 148.866213][ T5019] dump_stack_lvl+0x1bf/0x240 [ 148.871014][ T5019] dump_stack+0x1e/0x20 [ 148.875281][ T5019] panic+0x4de/0xc90 [ 148.879345][ T5019] kmsan_report+0x2d0/0x2d0 [ 148.884121][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 148.889469][ T5019] ? __msan_warning+0x96/0x120 [ 148.894326][ T5019] ? hfs_cat_keycmp+0x154/0x210 [ 148.899354][ T5019] ? __hfs_brec_find+0x250/0x820 [ 148.904552][ T5019] ? hfs_brec_find+0x436/0x970 [ 148.909469][ T5019] ? hfs_brec_read+0x3f/0x1a0 [ 148.914236][ T5019] ? hfs_cat_find_brec+0xe6/0x400 [ 148.919362][ T5019] ? hfs_fill_super+0x1f27/0x23c0 [ 148.924533][ T5019] ? mount_bdev+0x38f/0x510 [ 148.929793][ T5019] ? hfs_mount+0x4d/0x60 [ 148.934223][ T5019] ? legacy_get_tree+0x110/0x290 [ 148.939349][ T5019] ? vfs_get_tree+0xa5/0x560 [ 148.944063][ T5019] ? do_new_mount+0x71f/0x15e0 [ 148.948954][ T5019] ? path_mount+0x73d/0x1f20 [ 148.953656][ T5019] ? __se_sys_mount+0x725/0x810 [ 148.958743][ T5019] ? __x64_sys_mount+0xe4/0x140 [ 148.963806][ T5019] ? do_syscall_64+0xcf/0x1e0 [ 148.968755][ T5019] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 148.975022][ T5019] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 148.981067][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 148.986447][ T5019] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 148.992934][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 148.998289][ T5019] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 149.004701][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 149.010015][ T5019] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 149.015950][ T5019] __msan_warning+0x96/0x120 [ 149.020669][ T5019] hfs_cat_keycmp+0x154/0x210 [ 149.025476][ T5019] __hfs_brec_find+0x250/0x820 [ 149.030337][ T5019] ? hfs_cat_build_record+0x480/0x480 [ 149.035879][ T5019] hfs_brec_find+0x436/0x970 [ 149.040680][ T5019] hfs_brec_read+0x3f/0x1a0 [ 149.045377][ T5019] hfs_cat_find_brec+0xe6/0x400 [ 149.050404][ T5019] ? mutex_lock+0x37/0x50 [ 149.054864][ T5019] ? hfs_find_init+0x224/0x250 [ 149.059734][ T5019] hfs_fill_super+0x1f27/0x23c0 [ 149.064736][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 149.070114][ T5019] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 149.076105][ T5019] ? setup_bdev_super+0x8d2/0x9d0 [ 149.081363][ T5019] mount_bdev+0x38f/0x510 [ 149.085906][ T5019] ? hfs_mount+0x60/0x60 [ 149.090340][ T5019] hfs_mount+0x4d/0x60 [ 149.094592][ T5019] legacy_get_tree+0x110/0x290 [ 149.099543][ T5019] ? hfs_mark_mdb_dirty+0x290/0x290 [ 149.105105][ T5019] ? legacy_parse_monolithic+0x260/0x260 [ 149.111135][ T5019] vfs_get_tree+0xa5/0x560 [ 149.115822][ T5019] ? mount_capable+0x97/0x120 [ 149.120620][ T5019] do_new_mount+0x71f/0x15e0 [ 149.125435][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 149.130788][ T5019] path_mount+0x73d/0x1f20 [ 149.135429][ T5019] ? user_path_at_empty+0x325/0x390 [ 149.140827][ T5019] __se_sys_mount+0x725/0x810 [ 149.145621][ T5019] ? _raw_spin_unlock_irq+0x31/0x50 [ 149.151015][ T5019] ? kmsan_get_metadata+0x146/0x1c0 [ 149.156406][ T5019] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 149.162356][ T5019] __x64_sys_mount+0xe4/0x140 [ 149.167317][ T5019] do_syscall_64+0xcf/0x1e0 [ 149.172010][ T5019] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 149.178123][ T5019] RIP: 0033:0x7fcff4a5bdea [ 149.182679][ T5019] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 149.202582][ T5019] RSP: 002b:00007ffc70aef3a8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 149.211166][ T5019] RAX: ffffffffffffffda RBX: 00007ffc70aef3c0 RCX: 00007fcff4a5bdea [ 149.219254][ T5019] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007ffc70aef3c0 [ 149.227469][ T5019] RBP: 0000000000000004 R08: 00007ffc70aef400 R09: 00000000000002b5 [ 149.235569][ T5019] R10: 0000000003000002 R11: 0000000000000286 R12: 0000000003000002 [ 149.243657][ T5019] R13: 00007ffc70aef400 R14: 0000000000000003 R15: 0000000000008000 [ 149.251792][ T5019] [ 149.255315][ T5019] Kernel Offset: disabled [ 149.259694][ T5019] Rebooting in 86400 seconds..