Extracting prog: 3m39.199625133s
Minimizing prog: 10m53.813157477s
Simplifying prog options: 0s
Extracting C: 36.375986869s
Simplifying C: 10m15.733573129s
extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00aaba7d2732778a5d439baf7df9c9633641f4c93ee6e163d64260f80d919238314e1e0f6549c6676a2a9f308b3f6a5db9e32f0139bd154c0b2af90455342f31839705eb1ac5b06cec12faebad43835e589e000000ab315087652b9f3dcc9c38408ae14b51b241f9fcffffffffffffff94f221f1567a58b7ebb14846985f751a4ffc974977c31a98384e6df8b828c0c3bf3af0ac70560e71e13b5878c2bb49fbbc699d398f779ba098145747bd36822823bd6ff25daa3957939c18e9c86952dc2c0ccb0e59dbd7ef31d713b023d79a100e99a33d1600"], 0x1, 0x5d1, &(0x7f0000000000)="$eJzs3U9oHNcdB/DvrGXZ64KzSewkLYWKGEwbU1urbWoXCnVLKTqEYuglV2GvY+G1EqRNUUIp6v9rjznkkB7UQ069pvQQmp576l13Q++6qczsrLSyFEWKZe2q+Xzg7Xtv38yb936eedqZxWyAr6z5N3N2LUXmr72xWtY31ju9jfXOo2E5ybkkjWRqkKVYSorPktsZpHy9fLPurvi847z++JMPr37wcWdQm6pTtX3joP0OZ61OmUlyps6Pq7+7T91fsWuGV4aBg3Hb2mPtKLs/5XULTIJi8Hdzj1ZyIcn5+nNA6tWhcbKjO35HWuUAAADglHpuM5tZzcVxjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOk/r3/4s6NYblmRTD3/+frt9LXT7VPh33AAAAAAAAAADgGHxrM5tZzcVhfauovvN/tapcql6/lnezkm6Wcz2rWUg//SynnaQ10tH06kK/v9w+xJ5z++45dzLzBQAAAAAAAID/U7/N/M73/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAmK5Mwgq9KlYbmVxlSS80mmy+3Wkn8My6fZp+MeAAAAAJyA5zazmdVcHNa3iuqe/6Xqvv983s1S+llMP710c696FjC4629srHd6G+udR2Xa2++P/3ukYVQ9ZvDsYf8jz1ZbXN7eYz4/yy9yLTO5k+Us5pdZSD/dzOSnVWkhRVr104vWcJz7j/f2rtqdLxrrK9VImrmfxWps13M3b6eXe2lUc6i2OfiIvymjU/yodsgY3avzckZ/rvPJ0KoicnY7IrN17MtoPH9wJI54njx5pHYa28+gLj2DmF+o8zLWf5zomM+NnH0vHRyJ5Dv/+eedB72lhw/ur1ybnCl9SU9GojMSiZe/UpGYrqMxWEWPtlq+Wu17MYv5ed7OvXRzM7Np51Zm84PMpbPrDLt8iGutcbRr7cq360IzyZ/qfDKUcX1+JK6jK12raht9ZydKLxz/ijT1jbpQHuN3dT4ZnoxEeyQSLx4cib9sla8rvaWHyw8W3jnk8a7WeXnZ/mGi1ubyfHmh/MeqarvPjrLtxX3b2lXbpe22xp62y9ttX3SlTtef4fb2NGh7ed+2TtX2ykjbfp9yAJh4F167MN183Px386Pm75sPmm+c/8m5W+e+OZ2z/5r6+5m/Nf7a+GHxWj7Kr3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v5b33Hy70et1lBQUFhe3CuFcm4Fm70X/0zo2V997/7uKjhbe6b3WX5m7dvHWz8/32927cX+x1Zwev4x4l8Czs/NEf90gAAAAAAAAAAACAwzqJ/04w7jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9v8mzm7liLt2euzZX1jvdMr07C8s+VUkkaS4ldJ8VlyO4OU1kh3xecd5/XHn3x49YOPOzt9TQ23bxy03+Gs1SkzSc7U+XH1d/ep+yu2Z1gG7MowcDBu/wsAAP//6vsOmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000007c0), 0x0, 0x0, 0x1)
program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 1m40s
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00aaba7d2732778a5d439baf7df9c9633641f4c93ee6e163d64260f80d919238314e1e0f6549c6676a2a9f308b3f6a5db9e32f0139bd154c0b2af90455342f31839705eb1ac5b06cec12faebad43835e589e000000ab315087652b9f3dcc9c38408ae14b51b241f9fcffffffffffffff94f221f1567a58b7ebb14846985f751a4ffc974977c31a98384e6df8b828c0c3bf3af0ac70560e71e13b5878c2bb49fbbc699d398f779ba098145747bd36822823bd6ff25daa3957939c18e9c86952dc2c0ccb0e59dbd7ef31d713b023d79a100e99a33d1600"], 0x1, 0x5d1, &(0x7f0000000000)="$eJzs3U9oHNcdB/DvrGXZ64KzSewkLYWKGEwbU1urbWoXCnVLKTqEYuglV2GvY+G1EqRNUUIp6v9rjznkkB7UQ069pvQQmp576l13Q++6qczsrLSyFEWKZe2q+Xzg7Xtv38yb936eedqZxWyAr6z5N3N2LUXmr72xWtY31ju9jfXOo2E5ybkkjWRqkKVYSorPktsZpHy9fLPurvi847z++JMPr37wcWdQm6pTtX3joP0OZ61OmUlyps6Pq7+7T91fsWuGV4aBg3Hb2mPtKLs/5XULTIJi8Hdzj1ZyIcn5+nNA6tWhcbKjO35HWuUAAADglHpuM5tZzcVxjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOk/r3/4s6NYblmRTD3/+frt9LXT7VPh33AAAAAAAAAADgGHxrM5tZzcVhfauovvN/tapcql6/lnezkm6Wcz2rWUg//SynnaQ10tH06kK/v9w+xJ5z++45dzLzBQAAAAAAAID/U7/N/M73/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAmK5Mwgq9KlYbmVxlSS80mmy+3Wkn8My6fZp+MeAAAAAJyA5zazmdVcHNa3iuqe/6Xqvv983s1S+llMP710c696FjC4629srHd6G+udR2Xa2++P/3ukYVQ9ZvDsYf8jz1ZbXN7eYz4/yy9yLTO5k+Us5pdZSD/dzOSnVWkhRVr104vWcJz7j/f2rtqdLxrrK9VImrmfxWps13M3b6eXe2lUc6i2OfiIvymjU/yodsgY3avzckZ/rvPJ0KoicnY7IrN17MtoPH9wJI54njx5pHYa28+gLj2DmF+o8zLWf5zomM+NnH0vHRyJ5Dv/+eedB72lhw/ur1ybnCl9SU9GojMSiZe/UpGYrqMxWEWPtlq+Wu17MYv5ed7OvXRzM7Np51Zm84PMpbPrDLt8iGutcbRr7cq360IzyZ/qfDKUcX1+JK6jK12raht9ZydKLxz/ijT1jbpQHuN3dT4ZnoxEeyQSLx4cib9sla8rvaWHyw8W3jnk8a7WeXnZ/mGi1ubyfHmh/MeqarvPjrLtxX3b2lXbpe22xp62y9ttX3SlTtef4fb2NGh7ed+2TtX2ykjbfp9yAJh4F167MN183Px386Pm75sPmm+c/8m5W+e+OZ2z/5r6+5m/Nf7a+GHxWj7Kr3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v5b33Hy70et1lBQUFhe3CuFcm4Fm70X/0zo2V997/7uKjhbe6b3WX5m7dvHWz8/32927cX+x1Zwev4x4l8Czs/NEf90gAAAAAAAAAAACAwzqJ/04w7jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9v8mzm7liLt2euzZX1jvdMr07C8s+VUkkaS4ldJ8VlyO4OU1kh3xecd5/XHn3x49YOPOzt9TQ23bxy03+Gs1SkzSc7U+XH1d/ep+yu2Z1gG7MowcDBu/wsAAP//6vsOmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000007c0), 0x0, 0x0, 0x1)
program crashed: kernel BUG in __hfsplus_setxattr
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00aaba7d2732778a5d439baf7df9c9633641f4c93ee6e163d64260f80d919238314e1e0f6549c6676a2a9f308b3f6a5db9e32f0139bd154c0b2af90455342f31839705eb1ac5b06cec12faebad43835e589e000000ab315087652b9f3dcc9c38408ae14b51b241f9fcffffffffffffff94f221f1567a58b7ebb14846985f751a4ffc974977c31a98384e6df8b828c0c3bf3af0ac70560e71e13b5878c2bb49fbbc699d398f779ba098145747bd36822823bd6ff25daa3957939c18e9c86952dc2c0ccb0e59dbd7ef31d713b023d79a100e99a33d1600"], 0x1, 0x5d1, &(0x7f0000000000)="$eJzs3U9oHNcdB/DvrGXZ64KzSewkLYWKGEwbU1urbWoXCnVLKTqEYuglV2GvY+G1EqRNUUIp6v9rjznkkB7UQ069pvQQmp576l13Q++6qczsrLSyFEWKZe2q+Xzg7Xtv38yb936eedqZxWyAr6z5N3N2LUXmr72xWtY31ju9jfXOo2E5ybkkjWRqkKVYSorPktsZpHy9fLPurvi847z++JMPr37wcWdQm6pTtX3joP0OZ61OmUlyps6Pq7+7T91fsWuGV4aBg3Hb2mPtKLs/5XULTIJi8Hdzj1ZyIcn5+nNA6tWhcbKjO35HWuUAAADglHpuM5tZzcVxjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOk/r3/4s6NYblmRTD3/+frt9LXT7VPh33AAAAAAAAAADgGHxrM5tZzcVhfauovvN/tapcql6/lnezkm6Wcz2rWUg//SynnaQ10tH06kK/v9w+xJ5z++45dzLzBQAAAAAAAID/U7/N/M73/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAmK5Mwgq9KlYbmVxlSS80mmy+3Wkn8My6fZp+MeAAAAAJyA5zazmdVcHNa3iuqe/6Xqvv983s1S+llMP710c696FjC4629srHd6G+udR2Xa2++P/3ukYVQ9ZvDsYf8jz1ZbXN7eYz4/yy9yLTO5k+Us5pdZSD/dzOSnVWkhRVr104vWcJz7j/f2rtqdLxrrK9VImrmfxWps13M3b6eXe2lUc6i2OfiIvymjU/yodsgY3avzckZ/rvPJ0KoicnY7IrN17MtoPH9wJI54njx5pHYa28+gLj2DmF+o8zLWf5zomM+NnH0vHRyJ5Dv/+eedB72lhw/ur1ybnCl9SU9GojMSiZe/UpGYrqMxWEWPtlq+Wu17MYv5ed7OvXRzM7Np51Zm84PMpbPrDLt8iGutcbRr7cq360IzyZ/qfDKUcX1+JK6jK12raht9ZydKLxz/ijT1jbpQHuN3dT4ZnoxEeyQSLx4cib9sla8rvaWHyw8W3jnk8a7WeXnZ/mGi1ubyfHmh/MeqarvPjrLtxX3b2lXbpe22xp62y9ttX3SlTtef4fb2NGh7ed+2TtX2ykjbfp9yAJh4F167MN183Px386Pm75sPmm+c/8m5W+e+OZ2z/5r6+5m/Nf7a+GHxWj7Kr3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v5b33Hy70et1lBQUFhe3CuFcm4Fm70X/0zo2V997/7uKjhbe6b3WX5m7dvHWz8/32927cX+x1Zwev4x4l8Czs/NEf90gAAAAAAAAAAACAwzqJ/04w7jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9v8mzm7liLt2euzZX1jvdMr07C8s+VUkkaS4ldJ8VlyO4OU1kh3xecd5/XHn3x49YOPOzt9TQ23bxy03+Gs1SkzSc7U+XH1d/ep+yu2Z1gG7MowcDBu/wsAAP//6vsOmQ==")
openat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', 0x0, 0x0)
program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00aaba7d2732778a5d439baf7df9c9633641f4c93ee6e163d64260f80d919238314e1e0f6549c6676a2a9f308b3f6a5db9e32f0139bd154c0b2af90455342f31839705eb1ac5b06cec12faebad43835e589e000000ab315087652b9f3dcc9c38408ae14b51b241f9fcffffffffffffff94f221f1567a58b7ebb14846985f751a4ffc974977c31a98384e6df8b828c0c3bf3af0ac70560e71e13b5878c2bb49fbbc699d398f779ba098145747bd36822823bd6ff25daa3957939c18e9c86952dc2c0ccb0e59dbd7ef31d713b023d79a100e99a33d1600"], 0x1, 0x5d1, &(0x7f0000000000)="$eJzs3U9oHNcdB/DvrGXZ64KzSewkLYWKGEwbU1urbWoXCnVLKTqEYuglV2GvY+G1EqRNUUIp6v9rjznkkB7UQ069pvQQmp576l13Q++6qczsrLSyFEWKZe2q+Xzg7Xtv38yb936eedqZxWyAr6z5N3N2LUXmr72xWtY31ju9jfXOo2E5ybkkjWRqkKVYSorPktsZpHy9fLPurvi847z++JMPr37wcWdQm6pTtX3joP0OZ61OmUlyps6Pq7+7T91fsWuGV4aBg3Hb2mPtKLs/5XULTIJi8Hdzj1ZyIcn5+nNA6tWhcbKjO35HWuUAAADglHpuM5tZzcVxjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOk/r3/4s6NYblmRTD3/+frt9LXT7VPh33AAAAAAAAAADgGHxrM5tZzcVhfauovvN/tapcql6/lnezkm6Wcz2rWUg//SynnaQ10tH06kK/v9w+xJ5z++45dzLzBQAAAAAAAID/U7/N/M73/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAmK5Mwgq9KlYbmVxlSS80mmy+3Wkn8My6fZp+MeAAAAAJyA5zazmdVcHNa3iuqe/6Xqvv983s1S+llMP710c696FjC4629srHd6G+udR2Xa2++P/3ukYVQ9ZvDsYf8jz1ZbXN7eYz4/yy9yLTO5k+Us5pdZSD/dzOSnVWkhRVr104vWcJz7j/f2rtqdLxrrK9VImrmfxWps13M3b6eXe2lUc6i2OfiIvymjU/yodsgY3avzckZ/rvPJ0KoicnY7IrN17MtoPH9wJI54njx5pHYa28+gLj2DmF+o8zLWf5zomM+NnH0vHRyJ5Dv/+eedB72lhw/ur1ybnCl9SU9GojMSiZe/UpGYrqMxWEWPtlq+Wu17MYv5ed7OvXRzM7Np51Zm84PMpbPrDLt8iGutcbRr7cq360IzyZ/qfDKUcX1+JK6jK12raht9ZydKLxz/ijT1jbpQHuN3dT4ZnoxEeyQSLx4cib9sla8rvaWHyw8W3jnk8a7WeXnZ/mGi1ubyfHmh/MeqarvPjrLtxX3b2lXbpe22xp62y9ttX3SlTtef4fb2NGh7ed+2TtX2ykjbfp9yAJh4F167MN183Px386Pm75sPmm+c/8m5W+e+OZ2z/5r6+5m/Nf7a+GHxWj7Kr3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v5b33Hy70et1lBQUFhe3CuFcm4Fm70X/0zo2V997/7uKjhbe6b3WX5m7dvHWz8/32927cX+x1Zwev4x4l8Czs/NEf90gAAAAAAAAAAACAwzqJ/04w7jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9v8mzm7liLt2euzZX1jvdMr07C8s+VUkkaS4ldJ8VlyO4OU1kh3xecd5/XHn3x49YOPOzt9TQ23bxy03+Gs1SkzSc7U+XH1d/ep+yu2Z1gG7MowcDBu/wsAAP//6vsOmQ==")
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000007c0), 0x0, 0x0, 0x1)
program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000007c0), 0x0, 0x0, 0x1)
program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00aaba7d2732778a5d439baf7df9c9633641f4c93ee6e163d64260f80d919238314e1e0f6549c6676a2a9f308b3f6a5db9e32f0139bd154c0b2af90455342f31839705eb1ac5b06cec12faebad43835e589e000000ab315087652b9f3dcc9c38408ae14b51b241f9fcffffffffffffff94f221f1567a58b7ebb14846985f751a4ffc974977c31a98384e6df8b828c0c3bf3af0ac70560e71e13b5878c2bb49fbbc699d398f779ba098145747bd36822823bd6ff25daa3957939c18e9c86952dc2c0ccb0e59dbd7ef31d713b023d79a100e99a33d1600"], 0x1, 0x5d1, &(0x7f0000000000)="$eJzs3U9oHNcdB/DvrGXZ64KzSewkLYWKGEwbU1urbWoXCnVLKTqEYuglV2GvY+G1EqRNUUIp6v9rjznkkB7UQ069pvQQmp576l13Q++6qczsrLSyFEWKZe2q+Xzg7Xtv38yb936eedqZxWyAr6z5N3N2LUXmr72xWtY31ju9jfXOo2E5ybkkjWRqkKVYSorPktsZpHy9fLPurvi847z++JMPr37wcWdQm6pTtX3joP0OZ61OmUlyps6Pq7+7T91fsWuGV4aBg3Hb2mPtKLs/5XULTIJi8Hdzj1ZyIcn5+nNA6tWhcbKjO35HWuUAAADglHpuM5tZzcVxjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOk/r3/4s6NYblmRTD3/+frt9LXT7VPh33AAAAAAAAAADgGHxrM5tZzcVhfauovvN/tapcql6/lnezkm6Wcz2rWUg//SynnaQ10tH06kK/v9w+xJ5z++45dzLzBQAAAAAAAID/U7/N/M73/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAmK5Mwgq9KlYbmVxlSS80mmy+3Wkn8My6fZp+MeAAAAAJyA5zazmdVcHNa3iuqe/6Xqvv983s1S+llMP710c696FjC4629srHd6G+udR2Xa2++P/3ukYVQ9ZvDsYf8jz1ZbXN7eYz4/yy9yLTO5k+Us5pdZSD/dzOSnVWkhRVr104vWcJz7j/f2rtqdLxrrK9VImrmfxWps13M3b6eXe2lUc6i2OfiIvymjU/yodsgY3avzckZ/rvPJ0KoicnY7IrN17MtoPH9wJI54njx5pHYa28+gLj2DmF+o8zLWf5zomM+NnH0vHRyJ5Dv/+eedB72lhw/ur1ybnCl9SU9GojMSiZe/UpGYrqMxWEWPtlq+Wu17MYv5ed7OvXRzM7Np51Zm84PMpbPrDLt8iGutcbRr7cq360IzyZ/qfDKUcX1+JK6jK12raht9ZydKLxz/ijT1jbpQHuN3dT4ZnoxEeyQSLx4cib9sla8rvaWHyw8W3jnk8a7WeXnZ/mGi1ubyfHmh/MeqarvPjrLtxX3b2lXbpe22xp62y9ttX3SlTtef4fb2NGh7ed+2TtX2ykjbfp9yAJh4F167MN183Px386Pm75sPmm+c/8m5W+e+OZ2z/5r6+5m/Nf7a+GHxWj7Kr3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v5b33Hy70et1lBQUFhe3CuFcm4Fm70X/0zo2V997/7uKjhbe6b3WX5m7dvHWz8/32927cX+x1Zwev4x4l8Czs/NEf90gAAAAAAAAAAACAwzqJ/04w7jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9v8mzm7liLt2euzZX1jvdMr07C8s+VUkkaS4ldJ8VlyO4OU1kh3xecd5/XHn3x49YOPOzt9TQ23bxy03+Gs1SkzSc7U+XH1d/ep+yu2Z1gG7MowcDBu/wsAAP//6vsOmQ==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000007c0), 0x0, 0x0, 0x1)
program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00aaba7d2732778a5d439baf7df9c9633641f4c93ee6e163d64260f80d919238314e1e0f6549c6676a2a9f308b3f6a5db9e32f0139bd154c0b2af90455342f31839705eb1ac5b06cec12faebad43835e589e000000ab315087652b9f3dcc9c38408ae14b51b241f9fcffffffffffffff94f221f1567a58b7ebb14846985f751a4ffc974977c31a98384e6df8b828c0c3bf3af0ac70560e71e13b5878c2bb49fbbc699d398f779ba098145747bd36822823bd6ff25daa3957939c18e9c86952dc2c0ccb0e59dbd7ef31d713b023d79a100e99a33d1600"], 0x1, 0x5d1, &(0x7f0000000000)="$eJzs3U9oHNcdB/DvrGXZ64KzSewkLYWKGEwbU1urbWoXCnVLKTqEYuglV2GvY+G1EqRNUUIp6v9rjznkkB7UQ069pvQQmp576l13Q++6qczsrLSyFEWKZe2q+Xzg7Xtv38yb936eedqZxWyAr6z5N3N2LUXmr72xWtY31ju9jfXOo2E5ybkkjWRqkKVYSorPktsZpHy9fLPurvi847z++JMPr37wcWdQm6pTtX3joP0OZ61OmUlyps6Pq7+7T91fsWuGV4aBg3Hb2mPtKLs/5XULTIJi8Hdzj1ZyIcn5+nNA6tWhcbKjO35HWuUAAADglHpuM5tZzcVxjwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOk/r3/4s6NYblmRTD3/+frt9LXT7VPh33AAAAAAAAAADgGHxrM5tZzcVhfauovvN/tapcql6/lnezkm6Wcz2rWUg//SynnaQ10tH06kK/v9w+xJ5z++45dzLzBQAAAAAAAID/U7/N/M73/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAmK5Mwgq9KlYbmVxlSS80mmy+3Wkn8My6fZp+MeAAAAAJyA5zazmdVcHNa3iuqe/6Xqvv983s1S+llMP710c696FjC4629srHd6G+udR2Xa2++P/3ukYVQ9ZvDsYf8jz1ZbXN7eYz4/yy9yLTO5k+Us5pdZSD/dzOSnVWkhRVr104vWcJz7j/f2rtqdLxrrK9VImrmfxWps13M3b6eXe2lUc6i2OfiIvymjU/yodsgY3avzckZ/rvPJ0KoicnY7IrN17MtoPH9wJI54njx5pHYa28+gLj2DmF+o8zLWf5zomM+NnH0vHRyJ5Dv/+eedB72lhw/ur1ybnCl9SU9GojMSiZe/UpGYrqMxWEWPtlq+Wu17MYv5ed7OvXRzM7Np51Zm84PMpbPrDLt8iGutcbRr7cq360IzyZ/qfDKUcX1+JK6jK12raht9ZydKLxz/ijT1jbpQHuN3dT4ZnoxEeyQSLx4cib9sla8rvaWHyw8W3jnk8a7WeXnZ/mGi1ubyfHmh/MeqarvPjrLtxX3b2lXbpe22xp62y9ttX3SlTtef4fb2NGh7ed+2TtX2ykjbfp9yAJh4F167MN183Px386Pm75sPmm+c/8m5W+e+OZ2z/5r6+5m/Nf7a+GHxWj7Kr3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9v5b33Hy70et1lBQUFhe3CuFcm4Fm70X/0zo2V997/7uKjhbe6b3WX5m7dvHWz8/32927cX+x1Zwev4x4l8Czs/NEf90gAAAAAAAAAAACAwzqJ/04w7jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9v8mzm7liLt2euzZX1jvdMr07C8s+VUkkaS4ldJ8VlyO4OU1kh3xecd5/XHn3x49YOPOzt9TQ23bxy03+Gs1SkzSc7U+XH1d/ep+yu2Z1gG7MowcDBu/wsAAP//6vsOmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r0, 0x0, 0x0, 0x0, 0x1)
program did not crash
extracting C reproducer
testing compiled C program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
simplifying C reproducer
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat-fsetxattr$trusted_overlay_upper
program crashed: kernel BUG in __hfsplus_setxattr
reproducing took 25m25.122373063s
repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 1024
------------[ cut here ]------------
kernel BUG at fs/hfsplus/xattr.c:175!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 5827 Comm: syz-executor302 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
RIP: 0010:__hfsplus_setxattr+0x1fb4/0x2180 fs/hfsplus/xattr.c:331
Code: ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 84 eb ff ff e8 e1 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 4e eb ff ff e8 3d 42 23 ff 90 <0f> 0b 48 8b 7c 24 40 e8 c0 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48
RSP: 0018:ffffc90003167540 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000010000 RCX: ffffffff829656c2
RDX: ffff888022f65a00 RSI: ffffffff82966bc3 RDI: 0000000000000007
RBP: ffffed100f7d9907 R08: ffff888034e14000 R09: 0000000000000000
R10: ffff88807becc830 R11: ffffffff9626b700 R12: 0000000000000003
R13: ffff88807becc800 R14: 1ffff9200062ceba R15: ffffc90003167600
FS: 0000555570752380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fad44e3f0f8 CR3: 0000000075404000 CR4: 0000000000350ef0
Call Trace:
hfsplus_setxattr+0x10c/0x180 fs/hfsplus/xattr.c:432
__vfs_setxattr+0x176/0x1e0 fs/xattr.c:200
__vfs_setxattr_noperm+0x127/0x660 fs/xattr.c:234
__vfs_setxattr_locked+0x182/0x260 fs/xattr.c:295
vfs_setxattr+0x146/0x360 fs/xattr.c:321
do_setxattr+0x142/0x170 fs/xattr.c:636
file_setxattr fs/xattr.c:646 [inline]
file_setxattr+0x139/0x1b0 fs/xattr.c:640
path_setxattrat+0x233/0x290 fs/xattr.c:711
__do_sys_fsetxattr fs/xattr.c:761 [inline]
__se_sys_fsetxattr fs/xattr.c:758 [inline]
__x64_sys_fsetxattr+0xc5/0x140 fs/xattr.c:758
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fad44dc7ad9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc490b9068 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007fad44dc7ad9
RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
RBP: 00007fad44e3b5f0 R08: 0000000000000001 R09: 00005555707534c0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc490b9090
R13: 00007ffc490b92b8 R14: 431bde82d7b634db R15: 00007fad44e1003b
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
RIP: 0010:__hfsplus_setxattr+0x1fb4/0x2180 fs/hfsplus/xattr.c:331
Code: ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 84 eb ff ff e8 e1 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 4e eb ff ff e8 3d 42 23 ff 90 <0f> 0b 48 8b 7c 24 40 e8 c0 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48
RSP: 0018:ffffc90003167540 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000010000 RCX: ffffffff829656c2
RDX: ffff888022f65a00 RSI: ffffffff82966bc3 RDI: 0000000000000007
RBP: ffffed100f7d9907 R08: ffff888034e14000 R09: 0000000000000000
R10: ffff88807becc830 R11: ffffffff9626b700 R12: 0000000000000003
R13: ffff88807becc800 R14: 1ffff9200062ceba R15: ffffc90003167600
FS: 0000555570752380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055c399440b70 CR3: 0000000075404000 CR4: 0000000000350ef0
final repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 1024
------------[ cut here ]------------
kernel BUG at fs/hfsplus/xattr.c:175!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 5827 Comm: syz-executor302 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
RIP: 0010:__hfsplus_setxattr+0x1fb4/0x2180 fs/hfsplus/xattr.c:331
Code: ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 84 eb ff ff e8 e1 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 4e eb ff ff e8 3d 42 23 ff 90 <0f> 0b 48 8b 7c 24 40 e8 c0 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48
RSP: 0018:ffffc90003167540 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000010000 RCX: ffffffff829656c2
RDX: ffff888022f65a00 RSI: ffffffff82966bc3 RDI: 0000000000000007
RBP: ffffed100f7d9907 R08: ffff888034e14000 R09: 0000000000000000
R10: ffff88807becc830 R11: ffffffff9626b700 R12: 0000000000000003
R13: ffff88807becc800 R14: 1ffff9200062ceba R15: ffffc90003167600
FS: 0000555570752380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fad44e3f0f8 CR3: 0000000075404000 CR4: 0000000000350ef0
Call Trace:
hfsplus_setxattr+0x10c/0x180 fs/hfsplus/xattr.c:432
__vfs_setxattr+0x176/0x1e0 fs/xattr.c:200
__vfs_setxattr_noperm+0x127/0x660 fs/xattr.c:234
__vfs_setxattr_locked+0x182/0x260 fs/xattr.c:295
vfs_setxattr+0x146/0x360 fs/xattr.c:321
do_setxattr+0x142/0x170 fs/xattr.c:636
file_setxattr fs/xattr.c:646 [inline]
file_setxattr+0x139/0x1b0 fs/xattr.c:640
path_setxattrat+0x233/0x290 fs/xattr.c:711
__do_sys_fsetxattr fs/xattr.c:761 [inline]
__se_sys_fsetxattr fs/xattr.c:758 [inline]
__x64_sys_fsetxattr+0xc5/0x140 fs/xattr.c:758
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fad44dc7ad9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc490b9068 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007fad44dc7ad9
RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
RBP: 00007fad44e3b5f0 R08: 0000000000000001 R09: 00005555707534c0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc490b9090
R13: 00007ffc490b92b8 R14: 431bde82d7b634db R15: 00007fad44e1003b
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
RIP: 0010:__hfsplus_setxattr+0x1fb4/0x2180 fs/hfsplus/xattr.c:331
Code: ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 84 eb ff ff e8 e1 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48 e9 4e eb ff ff e8 3d 42 23 ff 90 <0f> 0b 48 8b 7c 24 40 e8 c0 7c 85 ff 4c 8b 54 24 50 4c 8b 44 24 48
RSP: 0018:ffffc90003167540 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000010000 RCX: ffffffff829656c2
RDX: ffff888022f65a00 RSI: ffffffff82966bc3 RDI: 0000000000000007
RBP: ffffed100f7d9907 R08: ffff888034e14000 R09: 0000000000000000
R10: ffff88807becc830 R11: ffffffff9626b700 R12: 0000000000000003
R13: ffff88807becc800 R14: 1ffff9200062ceba R15: ffffc90003167600
FS: 0000555570752380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055c399440b70 CR3: 0000000075404000 CR4: 0000000000350ef0