./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1747498708 <...> Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts. execve("./syz-executor1747498708", ["./syz-executor1747498708"], 0x7ffd6640f840 /* 10 vars */) = 0 brk(NULL) = 0x5555603b5000 brk(0x5555603b5d00) = 0x5555603b5d00 arch_prctl(ARCH_SET_FS, 0x5555603b5380) = 0 set_tid_address(0x5555603b5650) = 5773 set_robust_list(0x5555603b5660, 24) = 0 rseq(0x5555603b5ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1747498708", 4096) = 28 getrandom("\xb2\x0b\x7e\x11\x1b\x95\x1b\xcf", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555603b5d00 brk(0x5555603d6d00) = 0x5555603d6d00 brk(0x5555603d7000) = 0x5555603d7000 mprotect(0x7fae33ecb000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555603b5650) = 5774 ./strace-static-x86_64: Process 5774 attached [pid 5774] set_robust_list(0x5555603b5660, 24) = 0 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5774] setpgid(0, 0) = 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5774] write(3, "1000", 4) = 4 [pid 5774] close(3) = 0 [pid 5774] write(1, "executing program\n", 18executing program ) = 18 [pid 5774] memfd_create("syzkaller", 0) = 3 [pid 5774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fae2ba00000 [pid 5774] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5774] munmap(0x7fae2ba00000, 138412032) = 0 [pid 5774] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5774] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5774] close(3) = 0 [pid 5774] close(4) = 0 [pid 5774] mkdir("./file1", 0777) = 0 [pid 5774] mount("/dev/loop0", "./file1", "hfsplus", MS_NODEV|MS_I_VERSION, "") = 0 [pid 5774] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5774] chdir("./file1") = 0 [ 205.134611][ T5774] loop0: detected capacity change from 0 to 1024 [pid 5774] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5774] creat("./bus", 000) = 4 [pid 5774] io_setup(514, [0x7fae33e0a000]) = 0 [ 205.217370][ T5774] ===================================================== [ 205.224916][ T5774] BUG: KMSAN: uninit-value in hfsplus_attr_bin_cmp_key+0xf1/0x190 [ 205.233176][ T5774] hfsplus_attr_bin_cmp_key+0xf1/0x190 [ 205.238870][ T5774] hfs_find_rec_by_key+0xb1/0x240 [ 205.244395][ T5774] __hfsplus_brec_find+0x26f/0x7b0 [ 205.249796][ T5774] hfsplus_brec_find+0x445/0x970 [ 205.255264][ T5774] hfsplus_find_attr+0x30c/0x390 [ 205.260424][ T5774] __hfsplus_getxattr+0x376/0xe40 [ 205.265895][ T5774] hfsplus_getxattr+0x123/0x1e0 [ 205.270972][ T5774] hfsplus_security_getxattr+0x53/0x70 [ 205.276927][ T5774] __vfs_getxattr+0x7bc/0x810 [ 205.282241][ T5774] cap_inode_need_killpriv+0x56/0xc0 [ 205.287931][ T5774] security_inode_need_killpriv+0xba/0x520 [ 205.294096][ T5774] file_remove_privs_flags+0x2e9/0x8b0 [ 205.299785][ T5774] file_remove_privs+0x2f/0x40 [ 205.304842][ T5774] __generic_file_write_iter+0x9a/0x460 [ 205.310643][ T5774] generic_file_write_iter+0x10c/0x940 [ 205.316478][ T5774] aio_write+0x72b/0x9d0 [ 205.320999][ T5774] io_submit_one+0x283f/0x3280 [ 205.326049][ T5774] __se_sys_io_submit+0x275/0x700 [ 205.331316][ T5774] __x64_sys_io_submit+0x96/0xe0 [ 205.336794][ T5774] x64_sys_call+0x38ed/0x3c30 [ 205.341660][ T5774] do_syscall_64+0xcd/0x1e0 [ 205.346437][ T5774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.352684][ T5774] [ 205.355127][ T5774] Uninit was created at: [ 205.359582][ T5774] __kmalloc_noprof+0x923/0x1230 [ 205.364808][ T5774] hfsplus_find_init+0x95/0x1d0 [ 205.369970][ T5774] __hfsplus_getxattr+0x2c6/0xe40 [ 205.375414][ T5774] hfsplus_getxattr+0x123/0x1e0 [ 205.380550][ T5774] hfsplus_security_getxattr+0x53/0x70 [ 205.386291][ T5774] __vfs_getxattr+0x7bc/0x810 [ 205.391178][ T5774] cap_inode_need_killpriv+0x56/0xc0 [ 205.397097][ T5774] security_inode_need_killpriv+0xba/0x520 [ 205.403254][ T5774] file_remove_privs_flags+0x2e9/0x8b0 [ 205.408892][ T5774] file_remove_privs+0x2f/0x40 [ 205.414042][ T5774] __generic_file_write_iter+0x9a/0x460 [ 205.419823][ T5774] generic_file_write_iter+0x10c/0x940 [ 205.425581][ T5774] aio_write+0x72b/0x9d0 [ 205.429995][ T5774] io_submit_one+0x283f/0x3280 [ 205.435107][ T5774] __se_sys_io_submit+0x275/0x700 [ 205.440374][ T5774] __x64_sys_io_submit+0x96/0xe0 [ 205.445705][ T5774] x64_sys_call+0x38ed/0x3c30 [ 205.450611][ T5774] do_syscall_64+0xcd/0x1e0 [ 205.455543][ T5774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.461663][ T5774] [ 205.464212][ T5774] CPU: 0 UID: 0 PID: 5774 Comm: syz-executor174 Not tainted 6.14.0-rc1-syzkaller-00081-gbb066fe812d6 #0 [ 205.475808][ T5774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 205.486196][ T5774] ===================================================== [ 205.493330][ T5774] Disabling lock debugging due to kernel taint [ 205.499596][ T5774] Kernel panic - not syncing: kmsan.panic set ... [ 205.506153][ T5774] CPU: 0 UID: 0 PID: 5774 Comm: syz-executor174 Tainted: G B 6.14.0-rc1-syzkaller-00081-gbb066fe812d6 #0 [ 205.519065][ T5774] Tainted: [B]=BAD_PAGE [ 205.523330][ T5774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 205.533588][ T5774] Call Trace: [ 205.536984][ T5774] [ 205.539988][ T5774] dump_stack_lvl+0x216/0x2d0 [ 205.544792][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.550773][ T5774] dump_stack+0x1e/0x24 [ 205.555060][ T5774] panic+0x4e2/0xcf0 [ 205.559117][ T5774] ? kmsan_get_metadata+0x81/0x1c0 [ 205.564405][ T5774] kmsan_report+0x2c7/0x2d0 [ 205.569090][ T5774] ? folio_wait_bit_common+0xbac/0xcf0 [ 205.574842][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.580221][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.585623][ T5774] ? __msan_warning+0x95/0x120 [ 205.590526][ T5774] ? hfsplus_attr_bin_cmp_key+0xf1/0x190 [ 205.596288][ T5774] ? hfs_find_rec_by_key+0xb1/0x240 [ 205.601644][ T5774] ? __hfsplus_brec_find+0x26f/0x7b0 [ 205.607108][ T5774] ? hfsplus_brec_find+0x445/0x970 [ 205.612399][ T5774] ? hfsplus_find_attr+0x30c/0x390 [ 205.617653][ T5774] ? __hfsplus_getxattr+0x376/0xe40 [ 205.622993][ T5774] ? hfsplus_getxattr+0x123/0x1e0 [ 205.628162][ T5774] ? hfsplus_security_getxattr+0x53/0x70 [ 205.633995][ T5774] ? __vfs_getxattr+0x7bc/0x810 [ 205.638998][ T5774] ? cap_inode_need_killpriv+0x56/0xc0 [ 205.644709][ T5774] ? security_inode_need_killpriv+0xba/0x520 [ 205.650877][ T5774] ? file_remove_privs_flags+0x2e9/0x8b0 [ 205.656798][ T5774] ? file_remove_privs+0x2f/0x40 [ 205.661920][ T5774] ? __generic_file_write_iter+0x9a/0x460 [ 205.667919][ T5774] ? generic_file_write_iter+0x10c/0x940 [ 205.673734][ T5774] ? aio_write+0x72b/0x9d0 [ 205.678337][ T5774] ? io_submit_one+0x283f/0x3280 [ 205.683388][ T5774] ? __se_sys_io_submit+0x275/0x700 [ 205.688733][ T5774] ? __x64_sys_io_submit+0x96/0xe0 [ 205.694002][ T5774] ? x64_sys_call+0x38ed/0x3c30 [ 205.698987][ T5774] ? do_syscall_64+0xcd/0x1e0 [ 205.703775][ T5774] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.709999][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.715950][ T5774] ? hfsplus_bnode_read_u16+0x3e/0x2b0 [ 205.721566][ T5774] ? filter_irq_stacks+0x60/0x1a0 [ 205.726761][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.732299][ T5774] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 205.738808][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.744176][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.749611][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.755629][ T5774] __msan_warning+0x95/0x120 [ 205.760410][ T5774] hfsplus_attr_bin_cmp_key+0xf1/0x190 [ 205.766016][ T5774] hfs_find_rec_by_key+0xb1/0x240 [ 205.771254][ T5774] ? __pfx_hfsplus_attr_bin_cmp_key+0x10/0x10 [ 205.777453][ T5774] __hfsplus_brec_find+0x26f/0x7b0 [ 205.782730][ T5774] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 205.788533][ T5774] hfsplus_brec_find+0x445/0x970 [ 205.793627][ T5774] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 205.799439][ T5774] hfsplus_find_attr+0x30c/0x390 [ 205.804507][ T5774] __hfsplus_getxattr+0x376/0xe40 [ 205.809658][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.815656][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.820993][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.826958][ T5774] ? strcpy+0x53/0xc0 [ 205.831056][ T5774] hfsplus_getxattr+0x123/0x1e0 [ 205.836063][ T5774] hfsplus_security_getxattr+0x53/0x70 [ 205.841724][ T5774] ? __pfx_hfsplus_security_getxattr+0x10/0x10 [ 205.848043][ T5774] __vfs_getxattr+0x7bc/0x810 [ 205.852986][ T5774] cap_inode_need_killpriv+0x56/0xc0 [ 205.858459][ T5774] security_inode_need_killpriv+0xba/0x520 [ 205.864439][ T5774] file_remove_privs_flags+0x2e9/0x8b0 [ 205.870072][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.876040][ T5774] file_remove_privs+0x2f/0x40 [ 205.880984][ T5774] __generic_file_write_iter+0x9a/0x460 [ 205.886724][ T5774] generic_file_write_iter+0x10c/0x940 [ 205.892392][ T5774] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 205.898943][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.904308][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.910276][ T5774] ? end_current_label_crit_section+0x124/0x2a0 [ 205.916664][ T5774] ? common_file_perm+0x327/0x3c0 [ 205.921829][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.927184][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.933147][ T5774] ? __pfx_generic_file_write_iter+0x10/0x10 [ 205.939320][ T5774] aio_write+0x72b/0x9d0 [ 205.943695][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.949050][ T5774] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 205.955576][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.960923][ T5774] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 205.966879][ T5774] io_submit_one+0x283f/0x3280 [ 205.971772][ T5774] ? stack_depot_save_flags+0x6db/0x750 [ 205.977502][ T5774] ? kmsan_get_metadata+0x13e/0x1c0 [ 205.982862][ T5774] __se_sys_io_submit+0x275/0x700 [ 205.988105][ T5774] __x64_sys_io_submit+0x96/0xe0 [ 205.993328][ T5774] x64_sys_call+0x38ed/0x3c30 [ 205.998145][ T5774] do_syscall_64+0xcd/0x1e0 [ 206.002799][ T5774] ? clear_bhb_loop+0x25/0x80 [ 206.007656][ T5774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.013897][ T5774] RIP: 0033:0x7fae33e57b99 [ 206.018416][ T5774] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 206.038197][ T5774] RSP: 002b:00007ffcb30b3f68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 206.046787][ T5774] RAX: ffffffffffffffda RBX: 0000200000000200 RCX: 00007fae33e57b99 [ 206.054986][ T5774] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007fae33e0a000 [ 206.063078][ T5774] RBP: 00007fae33ecb5f0 R08: 00005555603b64c0 R09: 00005555603b64c0 [ 206.071168][ T5774] R10: 00005555603b64c0 R11: 0000000000000246 R12: 00007ffcb30b3f90 [ 206.079268][ T5774] R13: 00007ffcb30b41b8 R14: 431bde82d7b634db R15: 00007fae33ea003b [ 206.087380][ T5774] [ 206.090896][ T5774] Kernel Offset: disabled [ 206.095314][ T5774] Rebooting in 86400 seconds..