program: syz_mount_image$hfs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xb, 0x2cd, &(0x7f0000000680)="$eJzs3U9u00wYx/HfuGn+NFVfv20REmKBSishFgjKBrEBoR6CFaI0QSqNitQWQbuhsEYcgD1X4BCsEBdgBSsOkBVGM540bhLbhTqxWr4fKSFxZsbP2DP2PAhkAfhnPVj79vH2D/sy0pSmJN2VAkWqSxVJF3Sx/mJ7b3Ov025lNTQlW8O+jOKaZqiMUXu44qyr52p4of1W0Wy9kB4iSz2qNfzH6p/WjWKvi48Kk+Zm/4hJG0g1Pzvd7+dlTh6WHUDJTFddvdJc2XEAAMrl7/+Bv8/P+qVAEEgr/rZ/ru7/3bIDmIhK6i+J+78rFBl7fv9zP/XyvWfLptdI0MsSh1vKHxEusQj8ADoKIC+rdLEEjaebnfaNjeedVqC3uuclii2691Y8dHt8tC60N8NNL43ITTOk9z1HVHN9mLZ9WE2Jf6HQPZ6A+Wy+mEcm1Ae1jtZ/lcjY0+TOVDhwpuL4b6a32HS14lIpvfzf7eTS8SQzp5f1OIxfPs1MnuCqb7OSDDXMi9PVmh+YFXHvbuXUWhhZazWn1uJgraPR/N1+7aRXHyPz3jw0S/qpT1pLrP8DeyRXdJKZacu4ksF0wx5xOztTS1ZcyTC56fDyyJLBCbbg1Pyl752e6I7mdvcPquudTntnd/9gq4wPzXHuwhipwAb9lSga92GxF42x7qI3Fsazi5pvfUIDSWF7pxtFUanDeGu9c/+Kim2weopj2Jvmf7/3Mq5NmLT+Se9vmykzIEyaXWWZOP9r1vvrfXcBsW9hxjo9Ov51OK1yuYFfY/dzAyVzg3n3PtNf7l1/Gf+ZkRs0R2Vw9cE9ZuZcV69Jy4mNOdlI6OM8J8yavuoxf/8PAAAAAAAAAAAAAAAAAABw1vh//90o+L8uHPtQdh8BAAAAAAAAAAAAAAAAAAAAADjr0p7/q3E8/3dje8Tzf5X6/N+Mx1cBKMDvAAAA///mc4Hr") bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x0, 0x9, 0x20}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="020000000400000008000000010000008000000076a520d15f5f86d6026314bfb7f8f8cfa88fb5f5e8731c2f549c13cd0b4e6ea46d6bcdfc983e8c960e0da5787c7aee9d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) open(&(0x7f0000000040)='./file0/file0\x00', 0x41, 0x0) [ 57.823486][ T5318] loop0: detected capacity change from 0 to 64 [ 57.835982][ T5318] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 57.840619][ T5318] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 57.844312][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 [ 57.848155][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.851951][ T5318] RIP: 0010:hfs_find_init+0x72/0x1f0 [ 57.854538][ T5318] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 34 16 84 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0 [ 57.868633][ T5318] RSP: 0018:ffffc9000d54f400 EFLAGS: 00010202 [ 57.871226][ T5318] RAX: 1ffff92001aa9e9f RBX: ffffc9000d54f4f8 RCX: 0000000000100000 [ 57.874091][ T5318] RDX: ffffc9000ece2000 RSI: 0000000000001dda RDI: ffffc9000d54f4f0 [ 57.876960][ T5318] RBP: 0000000000000000 R08: ffffffff8283004f R09: 0000000000000000 [ 57.879881][ T5318] R10: ffffc9000d54f4e0 R11: fffff52001aa9ea3 R12: ffffc9000d54f4e0 [ 57.882534][ T5318] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008 [ 57.885291][ T5318] FS: 00007f811a31d6c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 57.888698][ T5318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.891130][ T5318] CR2: 00007f8119569ae0 CR3: 0000000042e80000 CR4: 0000000000352ef0 [ 57.893877][ T5318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.896761][ T5318] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.899750][ T5318] Call Trace: [ 57.901011][ T5318] [ 57.902104][ T5318] ? __die_body+0x5f/0xb0 [ 57.903733][ T5318] ? die_addr+0xb0/0xe0 [ 57.905346][ T5318] ? exc_general_protection+0x3dd/0x5d0 [ 57.907407][ T5318] ? hfs_get_block+0x26f/0xb60 [ 57.909178][ T5318] ? asm_exc_general_protection+0x26/0x30 [ 57.911049][ T5318] ? hfs_get_block+0x3bf/0xb60 [ 57.912746][ T5318] ? hfs_find_init+0x72/0x1f0 [ 57.914433][ T5318] hfs_get_block+0x4f4/0xb60 [ 57.916118][ T5318] ? __pfx_hfs_get_block+0x10/0x10 [ 57.917824][ T5318] ? _raw_spin_unlock+0x28/0x50 [ 57.919569][ T5318] ? create_empty_buffers+0x471/0x530 [ 57.921560][ T5318] block_read_full_folio+0x3ee/0xae0 [ 57.923357][ T5318] ? __pfx_hfs_get_block+0x10/0x10 [ 57.925213][ T5318] ? __pfx_block_read_full_folio+0x10/0x10 [ 57.927333][ T5318] filemap_read_folio+0x148/0x3b0 [ 57.929154][ T5318] ? __pfx_hfs_read_folio+0x10/0x10 [ 57.931134][ T5318] ? __pfx_filemap_read_folio+0x10/0x10 [ 57.933169][ T5318] ? __filemap_get_folio+0x848/0x940 [ 57.935109][ T5318] do_read_cache_folio+0x373/0x5b0 [ 57.936962][ T5318] ? __pfx_hfs_read_folio+0x10/0x10 [ 57.938928][ T5318] ? do_raw_spin_unlock+0x58/0x8b0 [ 57.940658][ T5318] read_cache_page+0x5b/0x170 [ 57.942408][ T5318] hfs_btree_open+0x506/0xf40 [ 57.944270][ T5318] hfs_mdb_get+0x1443/0x21b0 [ 57.946323][ T5318] ? __pfx_hfs_mdb_get+0x10/0x10 [ 57.948302][ T5318] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 57.950387][ T5318] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 57.952540][ T5318] ? __raw_spin_lock_init+0x45/0x100 [ 57.954474][ T5318] hfs_fill_super+0x38c/0x6b0 [ 57.956226][ T5318] ? __pfx_hfs_fill_super+0x10/0x10 [ 57.958158][ T5318] ? do_raw_spin_lock+0x14f/0x370 [ 57.960001][ T5318] ? sb_set_blocksize+0x98/0xf0 [ 57.961806][ T5318] ? setup_bdev_super+0x4e6/0x5d0 [ 57.963623][ T5318] get_tree_bdev_flags+0x48c/0x5c0 [ 57.965526][ T5318] ? __pfx_hfs_fill_super+0x10/0x10 [ 57.967479][ T5318] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 57.969523][ T5318] ? apparmor_capable+0x13b/0x1b0 [ 57.971372][ T5318] vfs_get_tree+0x90/0x2b0 [ 57.973045][ T5318] do_new_mount+0x2be/0xb40 [ 57.974861][ T5318] ? __pfx_do_new_mount+0x10/0x10 [ 57.976743][ T5318] __se_sys_mount+0x2d6/0x3c0 [ 57.978450][ T5318] ? __pfx___se_sys_mount+0x10/0x10 [ 57.980401][ T5318] ? rcu_is_watching+0x15/0xb0 [ 57.982164][ T5318] ? __x64_sys_mount+0x20/0xc0 [ 57.983998][ T5318] do_syscall_64+0xf3/0x230 [ 57.985836][ T5318] ? clear_bhb_loop+0x35/0x90 [ 57.987656][ T5318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.990066][ T5318] RIP: 0033:0x7f81195874ca [ 57.991733][ T5318] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.998428][ T5318] RSP: 002b:00007f811a31ce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 58.001348][ T5318] RAX: ffffffffffffffda RBX: 00007f811a31cef0 RCX: 00007f81195874ca [ 58.004116][ T5318] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 00007f811a31ceb0 [ 58.007045][ T5318] RBP: 00000000200000c0 R08: 00007f811a31cef0 R09: 0000000000000000 [ 58.009861][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000000 [ 58.012611][ T5318] R13: 00007f811a31ceb0 R14: 00000000000002cd R15: 0000000020000040 [ 58.015491][ T5318] [ 58.016564][ T5318] Modules linked in: [ 58.018275][ T5318] ---[ end trace 0000000000000000 ]--- [ 58.031306][ T5318] RIP: 0010:hfs_find_init+0x72/0x1f0 [ 58.033283][ T5318] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 34 16 84 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0 [ 58.041529][ T5318] RSP: 0018:ffffc9000d54f400 EFLAGS: 00010202 [ 58.043853][ T5318] RAX: 1ffff92001aa9e9f RBX: ffffc9000d54f4f8 RCX: 0000000000100000 [ 58.046861][ T5318] RDX: ffffc9000ece2000 RSI: 0000000000001dda RDI: ffffc9000d54f4f0 [ 58.049643][ T5318] RBP: 0000000000000000 R08: ffffffff8283004f R09: 0000000000000000 [ 58.054010][ T5318] R10: ffffc9000d54f4e0 R11: fffff52001aa9ea3 R12: ffffc9000d54f4e0 [ 58.056843][ T5318] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008 [ 58.059546][ T5318] FS: 00007f811a31d6c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 58.063393][ T5318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.065780][ T5318] CR2: 00007fb497f95ed8 CR3: 0000000042e80000 CR4: 0000000000352ef0 [ 58.068615][ T5318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.071896][ T5318] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.074818][ T5318] Kernel panic - not syncing: Fatal exception [ 58.077242][ T5318] Kernel Offset: disabled [ 58.078848][ T5318] Rebooting in 86400 seconds..