Extracting prog: 4m36.383294395s
Minimizing prog: 27m37.253529177s
Simplifying prog options: 0s
Extracting C: 34.163958282s
Simplifying C: 9m19.285877236s


1 programs, timeouts [15s 6m0s]
extracting reproducer from 1 programs
single: executing 1 programs separately with timeout 15s
testing program (duration=15s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x86, 0x680, &(0x7f0000000340)="$eJzs3c1vHGcdB/DvbNZONpTUTZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF8rkT+gHHzjgJC4R5QLF7j16mMlBJdeMKdFMzu7Xr/bCfHa4fOJxvPMPPM8z+/57czOvsRygP9bNy6l+ShFblx6c7HcXlmebK8sT97vlZMcT9JImt1Vin93Op1PkuvpLnml3Fl3V2w3zsPZqbc//Xzls+5Ws16q4xs7tdubpXrJhSTH6vXj+e2m/m7u1t+J3fos+jMsE3axlzgYtpEknco/H3b3/Oivz/VrBrS2ar3rmQ8cAUX3vrnJWHKyvtDL1wHdu2L3nn2kLQ07AAAAADgAz69mNYs5New4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cip//5/US+NXvlCit7f/x+t96UuHy7n93f4o6cVBwAAAAAAAAAcoPOrWc1iTiVZKrc7RfWd/2tV5Znq5xfyXuYzk7lczmKms5CFzGUiydhAR6OL0wsLcxP9lr3/GbC55dUtW17dJdDj9br1v5o5AAAAAAAAADxTfp4b1ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwaBTJse6qWs70ymNpNJOcSDJaHreU/L1XPsoeDTsAAAAAeAKdPR73/GpWs5hT/XZF9Z7/pep9/4m8lwdZyGwW0s5MblWfBXTf9TdWlifbK8uT98tlc7/f/te+wq16TPezh61HPlcd0crtzFZ7Ludm3klR3Eqjalk614tn67h+VsZUvNE1slM4A9m7Va/LmX9Urzf5cF+T3c4+P0wZqzIy0s/IeB1bmY0Xds7EPh+djSNNpNEP9syGkTZMYl3O39jjeCfrdTmfX2+X86HYmImrA2ffSzvnPPnKn37/w7vtB/fu3p6/dHimtDe9DwW7V0ZrcyYmBzLx8rOciU3Gq0yc7W/fyPfyg1zKhbyVuczmx5nOQmZyId+tStP1+VwMXPLbZOr6uq23dotktD5Du8+i62PKLjG9VrU9ldl8P+/kVmbyevXvaibyjVzLtUwNPMJn9/BM29jmqu98ccvgL361LrSS/KZeV+40d5v4U1bm9YWBvA4+545VdYN71rJ0eh/3o16W/rBzKM0v1YVyjF/U68NhYyYmBjLx4s6Z+F31tDLffnBv7u70u3sb7vRHdaG8jn51qO4S5flyunywqq31Z0dZ92JdN1Ita/karb9x6bZrbKo726/rXqlL216po/VruM09Xa3qXt6ybrKqOzdQt/H1Vrv/euhZ+PIH4Jl18msnR1v/aP2t9XHrl627rTdPfOf4N4+/OpqRv4x8qzl+7MuNV4s/5uP8dO39PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Pjm3//g3nS7PTO3odDpdD7cpuooF47V0z7AQV95LhnWlEeTHI7M/6fT6dR7isMQz86FTul4Oo/Z/M9J9nZwM8lWVeeHn4QhPzEBT92VhfvvXpl//4Ovz96fvjNzZ+bB1LVrU+NT116fvHJ7tj0z3v057CiBp2Htpj/sSAAAAAAAAAAAAIC9OohfJ9h+9BMHOVUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgiLpxKc1HKTIxfnm83F5ZnmyXS6+8dmQzSSNJ8ZOk+CS5nu6SsYHuiu3GeTg79fann698ttZXs3d8Y6d2W2ps3LFUL7mQ5Fi9fgLr+rv5xP0V/RmWCbvYSxwM238DAAD///NMCDQ=")
unlink(&(0x7f0000000000)='./file1\x00')

program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x86, 0x680, &(0x7f0000000340)="$eJzs3c1vHGcdB/DvbNZONpTUTZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF8rkT+gHHzjgJC4R5QLF7j16mMlBJdeMKdFMzu7Xr/bCfHa4fOJxvPMPPM8z+/57czOvsRygP9bNy6l+ShFblx6c7HcXlmebK8sT97vlZMcT9JImt1Vin93Op1PkuvpLnml3Fl3V2w3zsPZqbc//Xzls+5Ws16q4xs7tdubpXrJhSTH6vXj+e2m/m7u1t+J3fos+jMsE3axlzgYtpEknco/H3b3/Oivz/VrBrS2ar3rmQ8cAUX3vrnJWHKyvtDL1wHdu2L3nn2kLQ07AAAAADgAz69mNYs5New4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cip//5/US+NXvlCit7f/x+t96UuHy7n93f4o6cVBwAAAAAAAAAcoPOrWc1iTiVZKrc7RfWd/2tV5Znq5xfyXuYzk7lczmKms5CFzGUiydhAR6OL0wsLcxP9lr3/GbC55dUtW17dJdDj9br1v5o5AAAAAAAAADxTfp4b1ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwaBTJse6qWs70ymNpNJOcSDJaHreU/L1XPsoeDTsAAAAAeAKdPR73/GpWs5hT/XZF9Z7/pep9/4m8lwdZyGwW0s5MblWfBXTf9TdWlifbK8uT98tlc7/f/te+wq16TPezh61HPlcd0crtzFZ7Ludm3klR3Eqjalk614tn67h+VsZUvNE1slM4A9m7Va/LmX9Urzf5cF+T3c4+P0wZqzIy0s/IeB1bmY0Xds7EPh+djSNNpNEP9syGkTZMYl3O39jjeCfrdTmfX2+X86HYmImrA2ffSzvnPPnKn37/w7vtB/fu3p6/dHimtDe9DwW7V0ZrcyYmBzLx8rOciU3Gq0yc7W/fyPfyg1zKhbyVuczmx5nOQmZyId+tStP1+VwMXPLbZOr6uq23dotktD5Du8+i62PKLjG9VrU9ldl8P+/kVmbyevXvaibyjVzLtUwNPMJn9/BM29jmqu98ccvgL361LrSS/KZeV+40d5v4U1bm9YWBvA4+545VdYN71rJ0eh/3o16W/rBzKM0v1YVyjF/U68NhYyYmBjLx4s6Z+F31tDLffnBv7u70u3sb7vRHdaG8jn51qO4S5flyunywqq31Z0dZ92JdN1Ita/karb9x6bZrbKo726/rXqlL216po/VruM09Xa3qXt6ybrKqOzdQt/H1Vrv/euhZ+PIH4Jl18msnR1v/aP2t9XHrl627rTdPfOf4N4+/OpqRv4x8qzl+7MuNV4s/5uP8dO39PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Pjm3//g3nS7PTO3odDpdD7cpuooF47V0z7AQV95LhnWlEeTHI7M/6fT6dR7isMQz86FTul4Oo/Z/M9J9nZwM8lWVeeHn4QhPzEBT92VhfvvXpl//4Ovz96fvjNzZ+bB1LVrU+NT116fvHJ7tj0z3v057CiBp2Htpj/sSAAAAAAAAAAAAIC9OohfJ9h+9BMHOVUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgiLpxKc1HKTIxfnm83F5ZnmyXS6+8dmQzSSNJ8ZOk+CS5nu6SsYHuiu3GeTg79fann698ttZXs3d8Y6d2W2ps3LFUL7mQ5Fi9fgLr+rv5xP0V/RmWCbvYSxwM238DAAD///NMCDQ=")
unlink(&(0x7f0000000000)='./file1\x00')

program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
single: successfully extracted reproducer
found reproducer with 2 syscalls
minimizing guilty program
testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x86, 0x680, &(0x7f0000000340)="$eJzs3c1vHGcdB/DvbNZONpTUTZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF8rkT+gHHzjgJC4R5QLF7j16mMlBJdeMKdFMzu7Xr/bCfHa4fOJxvPMPPM8z+/57czOvsRygP9bNy6l+ShFblx6c7HcXlmebK8sT97vlZMcT9JImt1Vin93Op1PkuvpLnml3Fl3V2w3zsPZqbc//Xzls+5Ws16q4xs7tdubpXrJhSTH6vXj+e2m/m7u1t+J3fos+jMsE3axlzgYtpEknco/H3b3/Oivz/VrBrS2ar3rmQ8cAUX3vrnJWHKyvtDL1wHdu2L3nn2kLQ07AAAAADgAz69mNYs5New4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cip//5/US+NXvlCit7f/x+t96UuHy7n93f4o6cVBwAAAAAAAAAcoPOrWc1iTiVZKrc7RfWd/2tV5Znq5xfyXuYzk7lczmKms5CFzGUiydhAR6OL0wsLcxP9lr3/GbC55dUtW17dJdDj9br1v5o5AAAAAAAAADxTfp4b1ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwaBTJse6qWs70ymNpNJOcSDJaHreU/L1XPsoeDTsAAAAAeAKdPR73/GpWs5hT/XZF9Z7/pep9/4m8lwdZyGwW0s5MblWfBXTf9TdWlifbK8uT98tlc7/f/te+wq16TPezh61HPlcd0crtzFZ7Ludm3klR3Eqjalk614tn67h+VsZUvNE1slM4A9m7Va/LmX9Urzf5cF+T3c4+P0wZqzIy0s/IeB1bmY0Xds7EPh+djSNNpNEP9syGkTZMYl3O39jjeCfrdTmfX2+X86HYmImrA2ffSzvnPPnKn37/w7vtB/fu3p6/dHimtDe9DwW7V0ZrcyYmBzLx8rOciU3Gq0yc7W/fyPfyg1zKhbyVuczmx5nOQmZyId+tStP1+VwMXPLbZOr6uq23dotktD5Du8+i62PKLjG9VrU9ldl8P+/kVmbyevXvaibyjVzLtUwNPMJn9/BM29jmqu98ccvgL361LrSS/KZeV+40d5v4U1bm9YWBvA4+545VdYN71rJ0eh/3o16W/rBzKM0v1YVyjF/U68NhYyYmBjLx4s6Z+F31tDLffnBv7u70u3sb7vRHdaG8jn51qO4S5flyunywqq31Z0dZ92JdN1Ita/karb9x6bZrbKo726/rXqlL216po/VruM09Xa3qXt6ybrKqOzdQt/H1Vrv/euhZ+PIH4Jl18msnR1v/aP2t9XHrl627rTdPfOf4N4+/OpqRv4x8qzl+7MuNV4s/5uP8dO39PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Pjm3//g3nS7PTO3odDpdD7cpuooF47V0z7AQV95LhnWlEeTHI7M/6fT6dR7isMQz86FTul4Oo/Z/M9J9nZwM8lWVeeHn4QhPzEBT92VhfvvXpl//4Ovz96fvjNzZ+bB1LVrU+NT116fvHJ7tj0z3v057CiBp2Htpj/sSAAAAAAAAAAAAIC9OohfJ9h+9BMHOVUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgiLpxKc1HKTIxfnm83F5ZnmyXS6+8dmQzSSNJ8ZOk+CS5nu6SsYHuiu3GeTg79fann698ttZXs3d8Y6d2W2ps3LFUL7mQ5Fi9fgLr+rv5xP0V/RmWCbvYSxwM238DAAD///NMCDQ=")

program did not crash
testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): unlink
detailed listing:
executing program 0:
unlink(&(0x7f0000000000)='./file1\x00')

program did not crash
testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x86, 0x680, &(0x7f0000000340)="$eJzs3c1vHGcdB/DvbNZONpTUTZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF8rkT+gHHzjgJC4R5QLF7j16mMlBJdeMKdFMzu7Xr/bCfHa4fOJxvPMPPM8z+/57czOvsRygP9bNy6l+ShFblx6c7HcXlmebK8sT97vlZMcT9JImt1Vin93Op1PkuvpLnml3Fl3V2w3zsPZqbc//Xzls+5Ws16q4xs7tdubpXrJhSTH6vXj+e2m/m7u1t+J3fos+jMsE3axlzgYtpEknco/H3b3/Oivz/VrBrS2ar3rmQ8cAUX3vrnJWHKyvtDL1wHdu2L3nn2kLQ07AAAAADgAz69mNYs5New4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cip//5/US+NXvlCit7f/x+t96UuHy7n93f4o6cVBwAAAAAAAAAcoPOrWc1iTiVZKrc7RfWd/2tV5Znq5xfyXuYzk7lczmKms5CFzGUiydhAR6OL0wsLcxP9lr3/GbC55dUtW17dJdDj9br1v5o5AAAAAAAAADxTfp4b1ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwaBTJse6qWs70ymNpNJOcSDJaHreU/L1XPsoeDTsAAAAAeAKdPR73/GpWs5hT/XZF9Z7/pep9/4m8lwdZyGwW0s5MblWfBXTf9TdWlifbK8uT98tlc7/f/te+wq16TPezh61HPlcd0crtzFZ7Ludm3klR3Eqjalk614tn67h+VsZUvNE1slM4A9m7Va/LmX9Urzf5cF+T3c4+P0wZqzIy0s/IeB1bmY0Xds7EPh+djSNNpNEP9syGkTZMYl3O39jjeCfrdTmfX2+X86HYmImrA2ffSzvnPPnKn37/w7vtB/fu3p6/dHimtDe9DwW7V0ZrcyYmBzLx8rOciU3Gq0yc7W/fyPfyg1zKhbyVuczmx5nOQmZyId+tStP1+VwMXPLbZOr6uq23dotktD5Du8+i62PKLjG9VrU9ldl8P+/kVmbyevXvaibyjVzLtUwNPMJn9/BM29jmqu98ccvgL361LrSS/KZeV+40d5v4U1bm9YWBvA4+545VdYN71rJ0eh/3o16W/rBzKM0v1YVyjF/U68NhYyYmBjLx4s6Z+F31tDLffnBv7u70u3sb7vRHdaG8jn51qO4S5flyunywqq31Z0dZ92JdN1Ita/karb9x6bZrbKo726/rXqlL216po/VruM09Xa3qXt6ybrKqOzdQt/H1Vrv/euhZ+PIH4Jl18msnR1v/aP2t9XHrl627rTdPfOf4N4+/OpqRv4x8qzl+7MuNV4s/5uP8dO39PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Pjm3//g3nS7PTO3odDpdD7cpuooF47V0z7AQV95LhnWlEeTHI7M/6fT6dR7isMQz86FTul4Oo/Z/M9J9nZwM8lWVeeHn4QhPzEBT92VhfvvXpl//4Ovz96fvjNzZ+bB1LVrU+NT116fvHJ7tj0z3v057CiBp2Htpj/sSAAAAAAAAAAAAIC9OohfJ9h+9BMHOVUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgiLpxKc1HKTIxfnm83F5ZnmyXS6+8dmQzSSNJ8ZOk+CS5nu6SsYHuiu3GeTg79fann698ttZXs3d8Y6d2W2ps3LFUL7mQ5Fi9fgLr+rv5xP0V/RmWCbvYSxwM238DAAD///NMCDQ=")
unlink(0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
simplifying C reproducer
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-unlink
program crashed: KASAN: wild-memory-access Read in hfsplus_bnode_dump
reproducing took 42m7.08668243s
repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 1024
hfsplus: request for non-existent node 128 in B*Tree
hfsplus: request for non-existent node 128 in B*Tree
==================================================================
BUG: KASAN: wild-memory-access in memcpy_from_page include/linux/highmem.h:423 [inline]
BUG: KASAN: wild-memory-access in hfsplus_bnode_read fs/hfsplus/bnode.c:32 [inline]
BUG: KASAN: wild-memory-access in hfsplus_bnode_read_u16 fs/hfsplus/bnode.c:45 [inline]
BUG: KASAN: wild-memory-access in hfsplus_bnode_dump+0x403/0xbb0 fs/hfsplus/bnode.c:305
Read of size 2 at addr 000508800000103e by task syz-executor276/5212

CPU: 1 UID: 0 PID: 5212 Comm: syz-executor276 Not tainted 6.11.0-rc3-syzkaller-00007-gd74da846046a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:93 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119
 print_report+0xe8/0x550 mm/kasan/report.c:491
 kasan_report+0x143/0x180 mm/kasan/report.c:601
 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189
 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105
 memcpy_from_page include/linux/highmem.h:423 [inline]
 hfsplus_bnode_read fs/hfsplus/bnode.c:32 [inline]
 hfsplus_bnode_read_u16 fs/hfsplus/bnode.c:45 [inline]
 hfsplus_bnode_dump+0x403/0xbb0 fs/hfsplus/bnode.c:305
 hfsplus_brec_remove+0x42c/0x4f0 fs/hfsplus/brec.c:229
 __hfsplus_delete_attr+0x275/0x450 fs/hfsplus/attributes.c:299
 hfsplus_delete_all_attrs+0x26b/0x3d0 fs/hfsplus/attributes.c:378
 hfsplus_delete_cat+0xb33/0xf80 fs/hfsplus/catalog.c:425
 hfsplus_unlink+0x363/0x790 fs/hfsplus/dir.c:385
 vfs_unlink+0x365/0x650 fs/namei.c:4422
 do_unlinkat+0x4ae/0x830 fs/namei.c:4486
 __do_sys_unlink fs/namei.c:4534 [inline]
 __se_sys_unlink fs/namei.c:4532 [inline]
 __x64_sys_unlink+0x47/0x50 fs/namei.c:4532
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f670da5ca59
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffed1d97ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f670da5ca59
RDX: 00007f670da5ba51 RSI: 0000000000000000 RDI: 0000000020000000
RBP: 00007f670dad05f0 R08: 000000000000067a R09: 000055557804b4c0
R10: 00007ffed1d979a0 R11: 0000000000000246 R12: 00007ffed1d97b00
R13: 00007ffed1d97d28 R14: 431bde82d7b634db R15: 00007f670daa503b
 </TASK>
==================================================================

final repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 1024
hfsplus: request for non-existent node 128 in B*Tree
hfsplus: request for non-existent node 128 in B*Tree
==================================================================
BUG: KASAN: wild-memory-access in memcpy_from_page include/linux/highmem.h:423 [inline]
BUG: KASAN: wild-memory-access in hfsplus_bnode_read fs/hfsplus/bnode.c:32 [inline]
BUG: KASAN: wild-memory-access in hfsplus_bnode_read_u16 fs/hfsplus/bnode.c:45 [inline]
BUG: KASAN: wild-memory-access in hfsplus_bnode_dump+0x403/0xbb0 fs/hfsplus/bnode.c:305
Read of size 2 at addr 000508800000103e by task syz-executor276/5212

CPU: 1 UID: 0 PID: 5212 Comm: syz-executor276 Not tainted 6.11.0-rc3-syzkaller-00007-gd74da846046a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:93 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119
 print_report+0xe8/0x550 mm/kasan/report.c:491
 kasan_report+0x143/0x180 mm/kasan/report.c:601
 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189
 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105
 memcpy_from_page include/linux/highmem.h:423 [inline]
 hfsplus_bnode_read fs/hfsplus/bnode.c:32 [inline]
 hfsplus_bnode_read_u16 fs/hfsplus/bnode.c:45 [inline]
 hfsplus_bnode_dump+0x403/0xbb0 fs/hfsplus/bnode.c:305
 hfsplus_brec_remove+0x42c/0x4f0 fs/hfsplus/brec.c:229
 __hfsplus_delete_attr+0x275/0x450 fs/hfsplus/attributes.c:299
 hfsplus_delete_all_attrs+0x26b/0x3d0 fs/hfsplus/attributes.c:378
 hfsplus_delete_cat+0xb33/0xf80 fs/hfsplus/catalog.c:425
 hfsplus_unlink+0x363/0x790 fs/hfsplus/dir.c:385
 vfs_unlink+0x365/0x650 fs/namei.c:4422
 do_unlinkat+0x4ae/0x830 fs/namei.c:4486
 __do_sys_unlink fs/namei.c:4534 [inline]
 __se_sys_unlink fs/namei.c:4532 [inline]
 __x64_sys_unlink+0x47/0x50 fs/namei.c:4532
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f670da5ca59
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffed1d97ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f670da5ca59
RDX: 00007f670da5ba51 RSI: 0000000000000000 RDI: 0000000020000000
RBP: 00007f670dad05f0 R08: 000000000000067a R09: 000055557804b4c0
R10: 00007ffed1d979a0 R11: 0000000000000246 R12: 00007ffed1d97b00
R13: 00007ffed1d97d28 R14: 431bde82d7b634db R15: 00007f670daa503b
 </TASK>
==================================================================