./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1218320390 <...> Warning: Permanently added '10.128.0.88' (ECDSA) to the list of known hosts. execve("./syz-executor1218320390", ["./syz-executor1218320390"], 0x7ffdcded93b0 /* 10 vars */) = 0 brk(NULL) = 0x555555a93000 brk(0x555555a93c40) = 0x555555a93c40 arch_prctl(ARCH_SET_FS, 0x555555a93300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1218320390", 4096) = 28 brk(0x555555ab4c40) = 0x555555ab4c40 brk(0x555555ab5000) = 0x555555ab5000 mprotect(0x7ff3ece55000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff3e499b000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7ff3e499b000, 524288) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0") = 0 ioctl(4, LOOP_CLR_FD) = 0 close(4) = 0 openat(AT_FDCWD, "memory.events", O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = 4 syzkaller login: [ 50.626637][ T3629] loop0: detected capacity change from 0 to 1024 [ 50.646554][ T3629] ------------[ cut here ]------------ [ 50.652139][ T3629] kernel BUG at fs/hfsplus/xattr.c:175! [ 50.658013][ T3629] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 50.664104][ T3629] CPU: 0 PID: 3629 Comm: syz-executor121 Not tainted 6.1.0-rc8-syzkaller-00164-g4cee37b3a4e6 #0 [ 50.674513][ T3629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 50.684544][ T3629] RIP: 0010:__hfsplus_setxattr+0x1c22/0x1ea0 [ 50.690517][ T3629] Code: 89 34 24 e8 20 7f 87 ff 48 8b 34 24 e9 26 eb ff ff e8 12 7f 87 ff e9 fb ea ff ff e8 08 7f 87 ff e9 a3 ea ff ff e8 0e a6 3a ff <0f> 0b 48 8b 7c 24 48 e8 72 7f 87 ff e9 b7 fe ff ff e8 e8 7e 87 ff [ 50.710460][ T3629] RSP: 0018:ffffc90003d5f620 EFLAGS: 00010293 [ 50.716506][ T3629] RAX: 0000000000000000 RBX: ffff88807288b800 RCX: 0000000000000000 [ 50.724455][ T3629] RDX: ffff888021968000 RSI: ffffffff824577f2 RDI: 0000000000000007 [ 50.732401][ T3629] RBP: ffff888022ce81b0 R08: 0000000000000007 R09: 0000000000000000 [ 50.740347][ T3629] R10: 0000000000010000 R11: 0000000000000001 R12: 0000000000010000 [ 50.748295][ T3629] R13: ffff888020dde800 R14: ffffc90003d5f6e8 R15: ffff888022ce8140 [ 50.756248][ T3629] FS: 0000555555a93300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 50.765155][ T3629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.771715][ T3629] CR2: 00007ff3ecdc1200 CR3: 000000007eca9000 CR4: 0000000000350ef0 [ 50.779662][ T3629] Call Trace: [ 50.782929][ T3629] [ 50.785840][ T3629] ? __stack_depot_save+0x264/0x560 [ 50.791015][ T3629] ? copy_name+0xa0/0xa0 [ 50.795234][ T3629] ? mark_held_locks+0x9f/0xe0 [ 50.799982][ T3629] ? lockdep_hardirqs_on+0x7d/0x100 [ 50.805157][ T3629] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 50.810955][ T3629] ? __stack_depot_save+0x264/0x560 [ 50.816133][ T3629] ? kasan_save_stack+0x35/0x40 [ 50.820961][ T3629] ? kasan_save_stack+0x22/0x40 [ 50.825790][ T3629] ? kasan_set_track+0x25/0x30 [ 50.830545][ T3629] ? __kasan_kmalloc+0xa5/0xb0 [ 50.835285][ T3629] ? hfsplus_setxattr+0x61/0x110 [ 50.840200][ T3629] ? __vfs_setxattr+0x119/0x180 [ 50.845044][ T3629] ? __vfs_setxattr_noperm+0x129/0x5f0 [ 50.850479][ T3629] ? __vfs_setxattr_locked+0x1d3/0x260 [ 50.855914][ T3629] ? vfs_setxattr+0x143/0x340 [ 50.860757][ T3629] ? setxattr+0x146/0x160 [ 50.865062][ T3629] ? __x64_sys_fsetxattr+0x245/0x300 [ 50.870325][ T3629] ? do_syscall_64+0x39/0xb0 [ 50.874895][ T3629] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.880940][ T3629] ? find_held_lock+0x2d/0x110 [ 50.885857][ T3629] ? __kmem_cache_alloc_node+0x4e/0x3e0 [ 50.891471][ T3629] hfsplus_setxattr+0xd2/0x110 [ 50.896212][ T3629] ? hfsplus_init_security+0x40/0x40 [ 50.901471][ T3629] __vfs_setxattr+0x119/0x180 [ 50.906127][ T3629] ? xattr_resolve_name+0x3d0/0x3d0 [ 50.911307][ T3629] __vfs_setxattr_noperm+0x129/0x5f0 [ 50.916571][ T3629] __vfs_setxattr_locked+0x1d3/0x260 [ 50.921834][ T3629] ? lock_downgrade+0x6e0/0x6e0 [ 50.926666][ T3629] vfs_setxattr+0x143/0x340 [ 50.931148][ T3629] ? __vfs_setxattr_locked+0x260/0x260 [ 50.936760][ T3629] ? do_setxattr+0x129/0x220 [ 50.941416][ T3629] setxattr+0x146/0x160 [ 50.945725][ T3629] ? do_setxattr+0x220/0x220 [ 50.950290][ T3629] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 50.956446][ T3629] ? lock_release+0x810/0x810 [ 50.961293][ T3629] ? rcu_read_lock_any_held+0x6d/0x90 [ 50.966826][ T3629] __x64_sys_fsetxattr+0x245/0x300 [ 50.971917][ T3629] do_syscall_64+0x39/0xb0 [ 50.976316][ T3629] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.982273][ T3629] RIP: 0033:0x7ff3ecde77f9 [ 50.986845][ T3629] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 51.006531][ T3629] RSP: 002b:00007ffce3a736f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 51.014919][ T3629] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff3ecde77f9 [ 51.022878][ T3629] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 51.030824][ T3629] RBP: 00007ff3ecda7090 R08: 0000000000000003 R09: 0000000000000000 [ 51.038774][ T3629] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff3ecda7120 [ 51.046735][ T3629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 51.054685][ T3629] [ 51.057679][ T3629] Modules linked in: [ 51.061775][ T3629] ---[ end trace 0000000000000000 ]--- [ 51.067422][ T3629] RIP: 0010:__hfsplus_setxattr+0x1c22/0x1ea0 [ 51.073448][ T3629] Code: 89 34 24 e8 20 7f 87 ff 48 8b 34 24 e9 26 eb ff ff e8 12 7f 87 ff e9 fb ea ff ff e8 08 7f 87 ff e9 a3 ea ff ff e8 0e a6 3a ff <0f> 0b 48 8b 7c 24 48 e8 72 7f 87 ff e9 b7 fe ff ff e8 e8 7e 87 ff [ 51.093282][ T3629] RSP: 0018:ffffc90003d5f620 EFLAGS: 00010293 [ 51.099351][ T3629] RAX: 0000000000000000 RBX: ffff88807288b800 RCX: 0000000000000000 [ 51.107509][ T3629] RDX: ffff888021968000 RSI: ffffffff824577f2 RDI: 0000000000000007 [ 51.115497][ T3629] RBP: ffff888022ce81b0 R08: 0000000000000007 R09: 0000000000000000 [ 51.123469][ T3629] R10: 0000000000010000 R11: 0000000000000001 R12: 0000000000010000 [ 51.131430][ T3629] R13: ffff888020dde800 R14: ffffc90003d5f6e8 R15: ffff888022ce8140 [ 51.139417][ T3629] FS: 0000555555a93300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 51.148359][ T3629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.154954][ T3629] CR2: 00007ff3ecdc1200 CR3: 000000007eca9000 CR4: 0000000000350ef0 [ 51.162934][ T3629] Kernel panic - not syncing: Fatal exception [ 51.170048][ T3629] Kernel Offset: disabled [ 51.174423][ T3629] Rebooting in 86400 seconds..