./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4198623749 <...> Warning: Permanently added '10.128.1.214' (ED25519) to the list of known hosts. execve("./syz-executor4198623749", ["./syz-executor4198623749"], 0x7ffdaebb0e60 /* 10 vars */) = 0 brk(NULL) = 0x55555d4d1000 brk(0x55555d4d1d00) = 0x55555d4d1d00 arch_prctl(ARCH_SET_FS, 0x55555d4d1380) = 0 set_tid_address(0x55555d4d1650) = 5179 set_robust_list(0x55555d4d1660, 24) = 0 rseq(0x55555d4d1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4198623749", 4096) = 28 getrandom("\x7d\xbc\x96\xea\xd2\xd6\x8e\x61", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555d4d1d00 brk(0x55555d4f2d00) = 0x55555d4f2d00 brk(0x55555d4f3000) = 0x55555d4f3000 mprotect(0x7fe289e0d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555d4d1650) = 5180 ./strace-static-x86_64: Process 5180 attached [pid 5180] set_robust_list(0x55555d4d1660, 24) = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 executing program [pid 5180] write(1, "executing program\n", 18) = 18 [pid 5180] memfd_create("syzkaller", 0) = 3 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe281800000 [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768 [pid 5180] munmap(0x7fe281800000, 138412032) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5180] close(3) = 0 [pid 5180] close(4) = 0 [pid 5180] mkdir("./file0", 0777) = 0 [pid 5180] mount("/dev/loop0", "./file0", "hfs", MS_NOSUID|MS_NODEV|MS_DIRSYNC|MS_POSIXACL|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "") = 0 [pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5180] chdir("./file0") = 0 [ 175.630719][ T5180] loop0: detected capacity change from 0 to 64 [ 175.687809][ T5180] ===================================================== [ 175.695420][ T5180] BUG: KMSAN: uninit-value in hfs_iget+0x1be/0x240 [ 175.702136][ T5180] hfs_iget+0x1be/0x240 [ 175.707785][ T5180] hfs_lookup+0x2f3/0x3d0 [ 175.712332][ T5180] lookup_one_qstr_excl+0x238/0x530 [ 175.718021][ T5180] do_unlinkat+0x2c5/0xe10 [ 175.722631][ T5180] __x64_sys_unlinkat+0x17a/0x220 [ 175.727915][ T5180] x64_sys_call+0x2c7a/0x3ba0 [ 175.732930][ T5180] do_syscall_64+0xcd/0x1e0 [ 175.737604][ T5180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.743745][ T5180] [ 175.746270][ T5180] Local variable rec created at: [ 175.751303][ T5180] hfs_lookup+0x43/0x3d0 [ 175.755856][ T5180] lookup_one_qstr_excl+0x238/0x530 [ 175.761263][ T5180] [ 175.763788][ T5180] CPU: 1 UID: 0 PID: 5180 Comm: syz-executor419 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0 [ 175.774869][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 175.785202][ T5180] ===================================================== [ 175.792271][ T5180] Disabling lock debugging due to kernel taint [ 175.798676][ T5180] Kernel panic - not syncing: kmsan.panic set ... [ 175.805250][ T5180] CPU: 1 UID: 0 PID: 5180 Comm: syz-executor419 Tainted: G B 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0 [ 175.817701][ T5180] Tainted: [B]=BAD_PAGE [ 175.821924][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 175.832109][ T5180] Call Trace: [ 175.835499][ T5180] [ 175.838536][ T5180] dump_stack_lvl+0x216/0x2d0 [ 175.843392][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 175.849368][ T5180] dump_stack+0x1e/0x30 [ 175.853624][ T5180] panic+0x4e2/0xcf0 [ 175.857657][ T5180] ? kmsan_get_metadata+0xc1/0x1c0 [ 175.862909][ T5180] kmsan_report+0x2c7/0x2d0 [ 175.867576][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 175.873570][ T5180] ? __msan_warning+0x95/0x120 [ 175.878575][ T5180] ? hfs_iget+0x1be/0x240 [ 175.883008][ T5180] ? hfs_lookup+0x2f3/0x3d0 [ 175.887623][ T5180] ? lookup_one_qstr_excl+0x238/0x530 [ 175.893109][ T5180] ? do_unlinkat+0x2c5/0xe10 [ 175.897804][ T5180] ? __x64_sys_unlinkat+0x17a/0x220 [ 175.903156][ T5180] ? x64_sys_call+0x2c7a/0x3ba0 [ 175.908225][ T5180] ? do_syscall_64+0xcd/0x1e0 [ 175.913064][ T5180] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.919290][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 175.924723][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 175.930112][ T5180] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 175.936654][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 175.942035][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 175.948075][ T5180] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 175.954064][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 175.959525][ T5180] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 175.966158][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 175.971532][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 175.977475][ T5180] __msan_warning+0x95/0x120 [ 175.982185][ T5180] hfs_iget+0x1be/0x240 [ 175.986487][ T5180] hfs_lookup+0x2f3/0x3d0 [ 175.990941][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 175.996889][ T5180] ? __pfx_hfs_lookup+0x10/0x10 [ 176.001859][ T5180] lookup_one_qstr_excl+0x238/0x530 [ 176.007273][ T5180] do_unlinkat+0x2c5/0xe10 [ 176.011857][ T5180] __x64_sys_unlinkat+0x17a/0x220 [ 176.017036][ T5180] x64_sys_call+0x2c7a/0x3ba0 [ 176.021870][ T5180] do_syscall_64+0xcd/0x1e0 [ 176.026551][ T5180] ? clear_bhb_loop+0x25/0x80 [ 176.031356][ T5180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.037435][ T5180] RIP: 0033:0x7fe289d98d29 [ 176.041942][ T5180] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 176.061672][ T5180] RSP: 002b:00007fff764e2428 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 176.070292][ T5180] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007fe289d98d29 [ 176.078349][ T5180] RDX: 0000000000000000 RSI: 0000000020000c40 RDI: 00000000ffffff9c [ 176.086399][ T5180] RBP: 00007fe289e0d5f0 R08: 000055555d4d24c0 R09: 000055555d4d24c0 [ 176.094474][ T5180] R10: 000000000000033c R11: 0000000000000246 R12: 00007fff764e2450 [ 176.102565][ T5180] R13: 00007fff764e2678 R14: 431bde82d7b634db R15: 00007fe289de103b [ 176.110783][ T5180] [ 176.114252][ T5180] Kernel Offset: disabled [ 176.118655][ T5180] Rebooting in 86400 seconds..