./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1622163709 <...> forked to background, child pid 4641 no interfaces have a carrier [ 28.359936][ T4642] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.369312][ T4642] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.10.24' (ECDSA) to the list of known hosts. execve("./syz-executor1622163709", ["./syz-executor1622163709"], 0x7fff6c8f6e70 /* 10 vars */) = 0 brk(NULL) = 0x55555675a000 brk(0x55555675ac40) = 0x55555675ac40 arch_prctl(ARCH_SET_FS, 0x55555675a300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1622163709", 4096) = 28 brk(0x55555677bc40) = 0x55555677bc40 brk(0x55555677c000) = 0x55555677c000 mprotect(0x7f4e091b3000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4e00cf9000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7f4e00cf9000, 524288) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 mount("/dev/loop0", "./file0", "hfsplus", 0, "\x74\x79\x70\x65\x3d\xc5\x0c\xb8\xcf\x2c\x67\x69\x64\x3d\x30\x78\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x2c\x64\x65\x63\x6f\x6d\x70\x6f\x73\x65\x2c\x6e\x6c\x73\x3d\x64\x65\x66\x61\x75\x6c\x74\x2c") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0") = 0 ioctl(4, LOOP_CLR_FD) = 0 close(4) = 0 syzkaller login: [ 52.187886][ T5062] loop0: detected capacity change from 0 to 1024 [ 52.208291][ T5062] ------------[ cut here ]------------ [ 52.213875][ T5062] kernel BUG at fs/hfsplus/xattr.c:175! [ 52.219510][ T5062] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 52.225583][ T5062] CPU: 0 PID: 5062 Comm: syz-executor162 Not tainted 6.2.0-rc1-syzkaller #0 [ 52.234249][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.244283][ T5062] RIP: 0010:__hfsplus_setxattr+0x1c22/0x1ea0 [ 52.250269][ T5062] Code: 89 34 24 e8 90 6d 86 ff 48 8b 34 24 e9 26 eb ff ff e8 82 6d 86 ff e9 fb ea ff ff e8 78 6d 86 ff e9 a3 ea ff ff e8 be 65 38 ff <0f> 0b 48 8b 7c 24 48 e8 e2 6d 86 ff e9 b7 fe ff ff e8 58 6d 86 ff [ 52.269858][ T5062] RSP: 0018:ffffc90003a8f540 EFLAGS: 00010293 [ 52.275923][ T5062] RAX: 0000000000000000 RBX: ffff88802918c000 RCX: 0000000000000000 [ 52.283882][ T5062] RDX: ffff888023f23a80 RSI: ffffffff8248ec82 RDI: 0000000000000007 [ 52.291838][ T5062] RBP: ffff88802b03a370 R08: 0000000000000007 R09: 0000000000000000 [ 52.299795][ T5062] R10: 0000000000010000 R11: 1ffffffff214baba R12: 0000000000010000 [ 52.307748][ T5062] R13: ffff888029e31800 R14: ffffc90003a8f608 R15: ffff88802b03a300 [ 52.315705][ T5062] FS: 000055555675a300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 52.324621][ T5062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.331190][ T5062] CR2: 00000000005fdeb8 CR3: 00000000755dc000 CR4: 0000000000350ef0 [ 52.339145][ T5062] Call Trace: [ 52.342405][ T5062] [ 52.345319][ T5062] ? __stack_depot_save+0x264/0x560 [ 52.350513][ T5062] ? copy_name+0xa0/0xa0 [ 52.354746][ T5062] ? mark_held_locks+0x9f/0xe0 [ 52.359514][ T5062] ? lockdep_hardirqs_on+0x7d/0x100 [ 52.364697][ T5062] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 52.370493][ T5062] ? __stack_depot_save+0x264/0x560 [ 52.375683][ T5062] ? kasan_save_stack+0x35/0x40 [ 52.380522][ T5062] ? kasan_save_stack+0x22/0x40 [ 52.385357][ T5062] ? kasan_set_track+0x25/0x30 [ 52.390103][ T5062] ? __kasan_kmalloc+0xa5/0xb0 [ 52.394850][ T5062] ? hfsplus_setxattr+0x61/0x110 [ 52.399779][ T5062] ? __vfs_setxattr+0x173/0x1e0 [ 52.404622][ T5062] ? __vfs_setxattr_noperm+0x129/0x5f0 [ 52.410063][ T5062] ? __vfs_setxattr_locked+0x1d3/0x260 [ 52.415512][ T5062] ? vfs_setxattr+0x143/0x340 [ 52.420173][ T5062] ? do_setxattr+0x151/0x190 [ 52.424745][ T5062] ? setxattr+0x146/0x160 [ 52.429059][ T5062] ? path_setxattr+0x197/0x1c0 [ 52.433804][ T5062] ? __x64_sys_lsetxattr+0xc1/0x160 [ 52.438988][ T5062] ? do_syscall_64+0x39/0xb0 [ 52.443565][ T5062] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.449621][ T5062] ? find_held_lock+0x2d/0x110 [ 52.454376][ T5062] ? __kmem_cache_alloc_node+0x48/0x430 [ 52.459913][ T5062] hfsplus_setxattr+0xd2/0x110 [ 52.464671][ T5062] ? hfsplus_init_security+0x40/0x40 [ 52.469948][ T5062] __vfs_setxattr+0x173/0x1e0 [ 52.474623][ T5062] ? __vfs_removexattr+0x1c0/0x1c0 [ 52.479729][ T5062] __vfs_setxattr_noperm+0x129/0x5f0 [ 52.484999][ T5062] __vfs_setxattr_locked+0x1d3/0x260 [ 52.490267][ T5062] vfs_setxattr+0x143/0x340 [ 52.494757][ T5062] ? __vfs_setxattr_locked+0x260/0x260 [ 52.500201][ T5062] ? __check_object_size+0xac/0x5a0 [ 52.505392][ T5062] do_setxattr+0x151/0x190 [ 52.509792][ T5062] setxattr+0x146/0x160 [ 52.513930][ T5062] ? do_setxattr+0x190/0x190 [ 52.518506][ T5062] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 52.524475][ T5062] ? find_held_lock+0x2d/0x110 [ 52.529234][ T5062] ? __mnt_want_write+0x3f/0x2e0 [ 52.534156][ T5062] ? lock_downgrade+0x6e0/0x6e0 [ 52.539005][ T5062] ? lock_release+0x810/0x810 [ 52.543684][ T5062] ? __mnt_want_write+0x1fe/0x2e0 [ 52.548697][ T5062] path_setxattr+0x197/0x1c0 [ 52.553273][ T5062] ? setxattr+0x160/0x160 [ 52.557584][ T5062] ? lockdep_hardirqs_on+0x7d/0x100 [ 52.562767][ T5062] __x64_sys_lsetxattr+0xc1/0x160 [ 52.567777][ T5062] do_syscall_64+0x39/0xb0 [ 52.572181][ T5062] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.578060][ T5062] RIP: 0033:0x7f4e09145ae9 [ 52.582456][ T5062] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.602047][ T5062] RSP: 002b:00007ffd05bd1cd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 52.610446][ T5062] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f4e09145ae9 [ 52.618400][ T5062] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000020000000 [ 52.626352][ T5062] RBP: 00007f4e091050f0 R08: 0000000000000003 R09: 0000000000000000 [ 52.634321][ T5062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e09105180 [ 52.642276][ T5062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 52.650233][ T5062] [ 52.653231][ T5062] Modules linked in: [ 52.657261][ T5062] ---[ end trace 0000000000000000 ]--- [ 52.662724][ T5062] RIP: 0010:__hfsplus_setxattr+0x1c22/0x1ea0 [ 52.668768][ T5062] Code: 89 34 24 e8 90 6d 86 ff 48 8b 34 24 e9 26 eb ff ff e8 82 6d 86 ff e9 fb ea ff ff e8 78 6d 86 ff e9 a3 ea ff ff e8 be 65 38 ff <0f> 0b 48 8b 7c 24 48 e8 e2 6d 86 ff e9 b7 fe ff ff e8 58 6d 86 ff [ 52.688632][ T5062] RSP: 0018:ffffc90003a8f540 EFLAGS: 00010293 [ 52.694679][ T5062] RAX: 0000000000000000 RBX: ffff88802918c000 RCX: 0000000000000000 [ 52.702659][ T5062] RDX: ffff888023f23a80 RSI: ffffffff8248ec82 RDI: 0000000000000007 [ 52.710641][ T5062] RBP: ffff88802b03a370 R08: 0000000000000007 R09: 0000000000000000 [ 52.718665][ T5062] R10: 0000000000010000 R11: 1ffffffff214baba R12: 0000000000010000 [ 52.726656][ T5062] R13: ffff888029e31800 R14: ffffc90003a8f608 R15: ffff88802b03a300 [ 52.734610][ T5062] FS: 000055555675a300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 52.743551][ T5062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.750171][ T5062] CR2: 00000000005fdeb8 CR3: 00000000755dc000 CR4: 0000000000350ef0 [ 52.758226][ T5062] Kernel panic - not syncing: Fatal exception [ 52.765044][ T5062] Kernel Offset: disabled [ 52.769354][ T5062] Rebooting in 86400 seconds..