Extracting prog: 2m1.188673999s
Minimizing prog: 2m37.002283346s
Simplifying prog options: 0s
Extracting C: 27.956218944s
Simplifying C: 17m13.316724809s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2e3, &(0x7f0000000800)="$eJzs3UFPE00cx/Hf7Ja2PPDw7CMYE+PBoERPRvBivDQxxNfgRSPSmhAaiIiJcrHxbHwB3rn4AnwRxoMx8YwnT74AbmtmO2Wn7W5LQbog309S2t2d2fnP7rY7/6XNCsC5dX95b/fOT/swUqhQ0j0psIuuqiTpoi5VX25sr203G/VBKwqlqpKHkZKapq/M6kYjq6qtl9RwIjtV0rQ/DycjjuP4R9FBoEhV9xxmLQykint3hn7h06zSMz3RM90KpdYY4zmNzL729UozRccBACiWaZ/fA3een3bj9yCQFtxp3z//f/+34HiP54b2iw6hYN75P8myYmP373/JojTfM5p05TtZ4qjt2LFYWe0jq2uAabqzyv5kMYklmHy21mzcWt1s1gO9VS1h/LxwTlJNdZezZkXbv+r5jHndyv7E3rDSuaaSPkzYPiyl8ddqXpHZrEaPurUPw3w2X81jE+mD6gfjv1Js/D67PfVgIo3/dt7qNp8/ss9Ru1ROL/+3u6F0uXvDDuxlmJeRyG2pOFT3BYKoO85yZq2yemq1e7eY15Jbz2xmraUhteZsrY9erfRozq950sx789DM65c+adkb/wd2ay+o/52ZvZKkpDsyBvanlJSM/FmtK5klg9H7ghGl2/idnuquZl683llfaTYbW+N+YWMYe6Pn80Wk3jmdg+C0RHi0F/Yz1p+jqLFVGk/r5WNvuqrbKXYw01+msrO+UvELt3vaOSH2rrDztj5E650LeEMjHOOnEgqT7vT8Mm/Ef2L+YvbDw7TzP5evTNlRXZL02D/RgHF6PGzY5mVAixm5QXqp/h9vTcZdn8/PgKYyM7iWDpdzJXWv3ZSuezP3diuDcq5IF3SQDZ99Zlnf9ITr/wAAAAAAAAAAAAAAAAAAAGdN37f/v0y3F/zB30t4zfE9cgAAAAAAAAAAAAAAAAAAAAAAjiD//r9VneD9f9PfAUyOcP/f3ht7AjiW3wEAAP//zmlk6Q==")
syz_mount_image$vfat(&(0x7f0000002100), &(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x304982f, 0x0, 0x3, 0x0, &(0x7f00000000c0))

program crashed: kernel BUG in hfs_write_inode
single: successfully extracted reproducer
found reproducer with 2 syscalls
minimizing guilty program
testing program (duration=45.289568569s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2e3, &(0x7f0000000800)="$eJzs3UFPE00cx/Hf7Ja2PPDw7CMYE+PBoERPRvBivDQxxNfgRSPSmhAaiIiJcrHxbHwB3rn4AnwRxoMx8YwnT74AbmtmO2Wn7W5LQbog309S2t2d2fnP7rY7/6XNCsC5dX95b/fOT/swUqhQ0j0psIuuqiTpoi5VX25sr203G/VBKwqlqpKHkZKapq/M6kYjq6qtl9RwIjtV0rQ/DycjjuP4R9FBoEhV9xxmLQykint3hn7h06zSMz3RM90KpdYY4zmNzL729UozRccBACiWaZ/fA3een3bj9yCQFtxp3z//f/+34HiP54b2iw6hYN75P8myYmP373/JojTfM5p05TtZ4qjt2LFYWe0jq2uAabqzyv5kMYklmHy21mzcWt1s1gO9VS1h/LxwTlJNdZezZkXbv+r5jHndyv7E3rDSuaaSPkzYPiyl8ddqXpHZrEaPurUPw3w2X81jE+mD6gfjv1Js/D67PfVgIo3/dt7qNp8/ss9Ru1ROL/+3u6F0uXvDDuxlmJeRyG2pOFT3BYKoO85yZq2yemq1e7eY15Jbz2xmraUhteZsrY9erfRozq950sx789DM65c+adkb/wd2ay+o/52ZvZKkpDsyBvanlJSM/FmtK5klg9H7ghGl2/idnuquZl683llfaTYbW+N+YWMYe6Pn80Wk3jmdg+C0RHi0F/Yz1p+jqLFVGk/r5WNvuqrbKXYw01+msrO+UvELt3vaOSH2rrDztj5E650LeEMjHOOnEgqT7vT8Mm/Ef2L+YvbDw7TzP5evTNlRXZL02D/RgHF6PGzY5mVAixm5QXqp/h9vTcZdn8/PgKYyM7iWDpdzJXWv3ZSuezP3diuDcq5IF3SQDZ99Zlnf9ITr/wAAAAAAAAAAAAAAAAAAAGdN37f/v0y3F/zB30t4zfE9cgAAAAAAAAAAAAAAAAAAAAAAjiD//r9VneD9f9PfAUyOcP/f3ht7AjiW3wEAAP//zmlk6Q==")

program did not crash
testing program (duration=45.289568569s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000002100), &(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x304982f, 0x0, 0x3, 0x0, &(0x7f00000000c0))

program did not crash
extracting C reproducer
testing compiled C program (duration=45.289568569s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
simplifying C reproducer
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program did not crash
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
program crashed: kernel BUG in hfs_write_inode
testing program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2e3, &(0x7f0000000800)="$eJzs3UFPE00cx/Hf7Ja2PPDw7CMYE+PBoERPRvBivDQxxNfgRSPSmhAaiIiJcrHxbHwB3rn4AnwRxoMx8YwnT74AbmtmO2Wn7W5LQbog309S2t2d2fnP7rY7/6XNCsC5dX95b/fOT/swUqhQ0j0psIuuqiTpoi5VX25sr203G/VBKwqlqpKHkZKapq/M6kYjq6qtl9RwIjtV0rQ/DycjjuP4R9FBoEhV9xxmLQykint3hn7h06zSMz3RM90KpdYY4zmNzL729UozRccBACiWaZ/fA3een3bj9yCQFtxp3z//f/+34HiP54b2iw6hYN75P8myYmP373/JojTfM5p05TtZ4qjt2LFYWe0jq2uAabqzyv5kMYklmHy21mzcWt1s1gO9VS1h/LxwTlJNdZezZkXbv+r5jHndyv7E3rDSuaaSPkzYPiyl8ddqXpHZrEaPurUPw3w2X81jE+mD6gfjv1Js/D67PfVgIo3/dt7qNp8/ss9Ru1ROL/+3u6F0uXvDDuxlmJeRyG2pOFT3BYKoO85yZq2yemq1e7eY15Jbz2xmraUhteZsrY9erfRozq950sx789DM65c+adkb/wd2ay+o/52ZvZKkpDsyBvanlJSM/FmtK5klg9H7ghGl2/idnuquZl683llfaTYbW+N+YWMYe6Pn80Wk3jmdg+C0RHi0F/Yz1p+jqLFVGk/r5WNvuqrbKXYw01+msrO+UvELt3vaOSH2rrDztj5E650LeEMjHOOnEgqT7vT8Mm/Ef2L+YvbDw7TzP5evTNlRXZL02D/RgHF6PGzY5mVAixm5QXqp/h9vTcZdn8/PgKYyM7iWDpdzJXWv3ZSuezP3diuDcq5IF3SQDZ99Zlnf9ITr/wAAAAAAAAAAAAAAAAAAAGdN37f/v0y3F/zB30t4zfE9cgAAAAAAAAAAAAAAAAAAAAAAjiD//r9VneD9f9PfAUyOcP/f3ht7AjiW3wEAAP//zmlk6Q==")
syz_mount_image$vfat(&(0x7f0000002100), &(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x304982f, 0x0, 0x3, 0x0, &(0x7f00000000c0))

program crashed: kernel BUG in hfs_write_inode
validation run: crashed=true
testing program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2e3, &(0x7f0000000800)="$eJzs3UFPE00cx/Hf7Ja2PPDw7CMYE+PBoERPRvBivDQxxNfgRSPSmhAaiIiJcrHxbHwB3rn4AnwRxoMx8YwnT74AbmtmO2Wn7W5LQbog309S2t2d2fnP7rY7/6XNCsC5dX95b/fOT/swUqhQ0j0psIuuqiTpoi5VX25sr203G/VBKwqlqpKHkZKapq/M6kYjq6qtl9RwIjtV0rQ/DycjjuP4R9FBoEhV9xxmLQykint3hn7h06zSMz3RM90KpdYY4zmNzL729UozRccBACiWaZ/fA3een3bj9yCQFtxp3z//f/+34HiP54b2iw6hYN75P8myYmP373/JojTfM5p05TtZ4qjt2LFYWe0jq2uAabqzyv5kMYklmHy21mzcWt1s1gO9VS1h/LxwTlJNdZezZkXbv+r5jHndyv7E3rDSuaaSPkzYPiyl8ddqXpHZrEaPurUPw3w2X81jE+mD6gfjv1Js/D67PfVgIo3/dt7qNp8/ss9Ru1ROL/+3u6F0uXvDDuxlmJeRyG2pOFT3BYKoO85yZq2yemq1e7eY15Jbz2xmraUhteZsrY9erfRozq950sx789DM65c+adkb/wd2ay+o/52ZvZKkpDsyBvanlJSM/FmtK5klg9H7ghGl2/idnuquZl683llfaTYbW+N+YWMYe6Pn80Wk3jmdg+C0RHi0F/Yz1p+jqLFVGk/r5WNvuqrbKXYw01+msrO+UvELt3vaOSH2rrDztj5E650LeEMjHOOnEgqT7vT8Mm/Ef2L+YvbDw7TzP5evTNlRXZL02D/RgHF6PGzY5mVAixm5QXqp/h9vTcZdn8/PgKYyM7iWDpdzJXWv3ZSuezP3diuDcq5IF3SQDZ99Zlnf9ITr/wAAAAAAAAAAAAAAAAAAAGdN37f/v0y3F/zB30t4zfE9cgAAAAAAAAAAAAAAAAAAAAAAjiD//r9VneD9f9PfAUyOcP/f3ht7AjiW3wEAAP//zmlk6Q==")
syz_mount_image$vfat(&(0x7f0000002100), &(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x304982f, 0x0, 0x3, 0x0, &(0x7f00000000c0))

program crashed: kernel BUG in hfs_write_inode
validation run: crashed=true
testing program (duration=45.289568569s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-syz_mount_image$vfat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2e3, &(0x7f0000000800)="$eJzs3UFPE00cx/Hf7Ja2PPDw7CMYE+PBoERPRvBivDQxxNfgRSPSmhAaiIiJcrHxbHwB3rn4AnwRxoMx8YwnT74AbmtmO2Wn7W5LQbog309S2t2d2fnP7rY7/6XNCsC5dX95b/fOT/swUqhQ0j0psIuuqiTpoi5VX25sr203G/VBKwqlqpKHkZKapq/M6kYjq6qtl9RwIjtV0rQ/DycjjuP4R9FBoEhV9xxmLQykint3hn7h06zSMz3RM90KpdYY4zmNzL729UozRccBACiWaZ/fA3een3bj9yCQFtxp3z//f/+34HiP54b2iw6hYN75P8myYmP373/JojTfM5p05TtZ4qjt2LFYWe0jq2uAabqzyv5kMYklmHy21mzcWt1s1gO9VS1h/LxwTlJNdZezZkXbv+r5jHndyv7E3rDSuaaSPkzYPiyl8ddqXpHZrEaPurUPw3w2X81jE+mD6gfjv1Js/D67PfVgIo3/dt7qNp8/ss9Ru1ROL/+3u6F0uXvDDuxlmJeRyG2pOFT3BYKoO85yZq2yemq1e7eY15Jbz2xmraUhteZsrY9erfRozq950sx789DM65c+adkb/wd2ay+o/52ZvZKkpDsyBvanlJSM/FmtK5klg9H7ghGl2/idnuquZl683llfaTYbW+N+YWMYe6Pn80Wk3jmdg+C0RHi0F/Yz1p+jqLFVGk/r5WNvuqrbKXYw01+msrO+UvELt3vaOSH2rrDztj5E650LeEMjHOOnEgqT7vT8Mm/Ef2L+YvbDw7TzP5evTNlRXZL02D/RgHF6PGzY5mVAixm5QXqp/h9vTcZdn8/PgKYyM7iWDpdzJXWv3ZSuezP3diuDcq5IF3SQDZ99Zlnf9ITr/wAAAAAAAAAAAAAAAAAAAGdN37f/v0y3F/zB30t4zfE9cgAAAAAAAAAAAAAAAAAAAAAAjiD//r9VneD9f9PfAUyOcP/f3ht7AjiW3wEAAP//zmlk6Q==")
syz_mount_image$vfat(&(0x7f0000002100), &(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x304982f, 0x0, 0x3, 0x0, &(0x7f00000000c0))

program crashed: kernel BUG in hfs_write_inode
validation run: crashed=true
reproducing took 26m54.646678226s
repro crashed as (corrupted=false):
wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
------------[ cut here ]------------
kernel BUG at fs/hfs/inode.c:475!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 1165 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
Workqueue: writeback wb_workfn (flush-7:0)
RIP: 0010:hfs_write_inode+0x95e/0x990 fs/hfs/inode.c:475
Code: 89 de 81 e6 00 00 00 40 31 ff e8 cd 06 1d ff 81 e3 00 00 00 40 75 15 e8 10 02 1d ff 4c 89 f3 e9 b1 f7 ff ff e8 03 02 1d ff 90 <0f> 0b e8 fb 01 1d ff e8 c6 a1 8a fe eb e4 44 89 e1 80 e1 07 80 c1
RSP: 0018:ffffc900063771a0 EFLAGS: 00010293
RAX: ffffffff82a7c9ed RBX: f8f8f8f8f8f8f8f8 RCX: ffff888028560000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90006377328 R08: ffff888028560000 R09: 0000000000000003
R10: 0000000000000100 R11: 0000000000000004 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff8880421324c8 R15: 1ffff92000c6ee38
FS:  0000000000000000(0000) GS:ffff888126390000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f17aa98e1c0 CR3: 000000003f04e000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 write_inode fs/fs-writeback.c:1607 [inline]
 __writeback_single_inode+0x6af/0xf90 fs/fs-writeback.c:1850
 writeback_sb_inodes+0x9db/0x1ab0 fs/fs-writeback.c:2079
 wb_writeback+0x41c/0xad0 fs/fs-writeback.c:2264
 wb_do_writeback fs/fs-writeback.c:2432 [inline]
 wb_workfn+0x437/0x10f0 fs/fs-writeback.c:2477
 process_one_work kernel/workqueue.c:3314 [inline]
 process_scheduled_works+0xa8e/0x14e0 kernel/workqueue.c:3397
 worker_thread+0xa47/0xfb0 kernel/workqueue.c:3478
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfs_write_inode+0x95e/0x990 fs/hfs/inode.c:475
Code: 89 de 81 e6 00 00 00 40 31 ff e8 cd 06 1d ff 81 e3 00 00 00 40 75 15 e8 10 02 1d ff 4c 89 f3 e9 b1 f7 ff ff e8 03 02 1d ff 90 <0f> 0b e8 fb 01 1d ff e8 c6 a1 8a fe eb e4 44 89 e1 80 e1 07 80 c1
RSP: 0018:ffffc900063771a0 EFLAGS: 00010293
RAX: ffffffff82a7c9ed RBX: f8f8f8f8f8f8f8f8 RCX: ffff888028560000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90006377328 R08: ffff888028560000 R09: 0000000000000003
R10: 0000000000000100 R11: 0000000000000004 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff8880421324c8 R15: 1ffff92000c6ee38
FS:  0000000000000000(0000) GS:ffff888126390000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f17aa98e1c0 CR3: 000000003f04e000 CR4: 00000000003526f0

final repro crashed as (corrupted=false):
wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
------------[ cut here ]------------
kernel BUG at fs/hfs/inode.c:475!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 1165 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
Workqueue: writeback wb_workfn (flush-7:0)
RIP: 0010:hfs_write_inode+0x95e/0x990 fs/hfs/inode.c:475
Code: 89 de 81 e6 00 00 00 40 31 ff e8 cd 06 1d ff 81 e3 00 00 00 40 75 15 e8 10 02 1d ff 4c 89 f3 e9 b1 f7 ff ff e8 03 02 1d ff 90 <0f> 0b e8 fb 01 1d ff e8 c6 a1 8a fe eb e4 44 89 e1 80 e1 07 80 c1
RSP: 0018:ffffc900063771a0 EFLAGS: 00010293
RAX: ffffffff82a7c9ed RBX: f8f8f8f8f8f8f8f8 RCX: ffff888028560000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90006377328 R08: ffff888028560000 R09: 0000000000000003
R10: 0000000000000100 R11: 0000000000000004 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff8880421324c8 R15: 1ffff92000c6ee38
FS:  0000000000000000(0000) GS:ffff888126390000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f17aa98e1c0 CR3: 000000003f04e000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 write_inode fs/fs-writeback.c:1607 [inline]
 __writeback_single_inode+0x6af/0xf90 fs/fs-writeback.c:1850
 writeback_sb_inodes+0x9db/0x1ab0 fs/fs-writeback.c:2079
 wb_writeback+0x41c/0xad0 fs/fs-writeback.c:2264
 wb_do_writeback fs/fs-writeback.c:2432 [inline]
 wb_workfn+0x437/0x10f0 fs/fs-writeback.c:2477
 process_one_work kernel/workqueue.c:3314 [inline]
 process_scheduled_works+0xa8e/0x14e0 kernel/workqueue.c:3397
 worker_thread+0xa47/0xfb0 kernel/workqueue.c:3478
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfs_write_inode+0x95e/0x990 fs/hfs/inode.c:475
Code: 89 de 81 e6 00 00 00 40 31 ff e8 cd 06 1d ff 81 e3 00 00 00 40 75 15 e8 10 02 1d ff 4c 89 f3 e9 b1 f7 ff ff e8 03 02 1d ff 90 <0f> 0b e8 fb 01 1d ff e8 c6 a1 8a fe eb e4 44 89 e1 80 e1 07 80 c1
RSP: 0018:ffffc900063771a0 EFLAGS: 00010293
RAX: ffffffff82a7c9ed RBX: f8f8f8f8f8f8f8f8 RCX: ffff888028560000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90006377328 R08: ffff888028560000 R09: 0000000000000003
R10: 0000000000000100 R11: 0000000000000004 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff8880421324c8 R15: 1ffff92000c6ee38
FS:  0000000000000000(0000) GS:ffff888126390000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f17aa98e1c0 CR3: 000000003f04e000 CR4: 00000000003526f0