Extracting prog: 6m40.949299158s
Minimizing prog: 13m41.697030529s
Simplifying prog options: 0s
Extracting C: 1m42.606386776s
Simplifying C: 20m37.952195046s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000400)='./file0\x00', 0x3000c04, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRESHEX, @ANYRES16=0x0, @ANYRES16, @ANYRES8, @ANYRES32, @ANYRES8], 0x1, 0x65f, &(0x7f0000002280)="$eJzs3U9sHFcdB/DvrNd2NpTUTZM2RZUSNRIgIhI7VgquhAgIoRwqVJUDZytxGiubtDguSitEw/9rD+GIVA6+cULiHqlcuMCNIz4iIbhwwVxYNLOz9sbe9Z/K9trl84lm35t5M+/93m9md3bXijbA/60bl9J8kiI3Lr3+sFxfXZltr67M3uvVk0wmaSTNqihS/LvT6XycXE93yUtJirq7Ytg4jxfn3vzLv1b/1u1rXVGvDz1udx7VSy4kGavL/erv5k79ndipu2J9hmXCLvYSB6M2nqRT+cfj7pbv//GZ9ZY+rUFH73jlA8dA0b1vbjGVnKyf6OX7gO5d8el7+LH0aNQBAAAAwCF4di1reZhTo44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjpP69/+Lemn06hdS9H7/f6Lelrp+tJzf2+5PDioOAAAAAAAAADhE59eq4lRvvVNUf/N/pVo5Uz1+Ju/mQRaylMt5mPksZzlLmUky1dfRxMP55eWlmf4jJwcfeXXgkVd3CHSyLlv7Mm0AAAAAAAAA+LT5SW5s/P0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOgiIZ6xbVcqZXn0qjmeREkolyv0fJn3v14+zJqAMAAACAQ/DsWtbyMKd6652i+sz/QvW5/0Tezf0sZzHLaWcht6rvArqf+hurK7Pt1ZXZe+Wytd9v/HNPYVQ9pvvdw+CRz1V7tHI7i9WWy7mZt9POrTSqI0vnevEMjuvHZUzF12u7jOxWXZYz/7Aut/hgT5MdZo9fpkxVGRlfz8h0HVuZjee2z8Qez87mkWbSWA/2zKaRNk3iE+X8ZF2W8/nFsJyPxOZMXO27+l7YPufJF37/2+/dad+/e+f2g0tHZ0q7M1aXneqxtTUTs32ZePHTnIktpqtMnF1fv5Fv57u5lAt5I0tZzA8yn+Us5EK+VdXm6+u5fJysjxmSqetPrb2xUyQT9RXaPVl7i+mV6thTWcx38nZuZSGvVv+uZiZfybVcy1zfGT67i1faxpBnfeezA4O/+MW60kryy7o8Gsq8PteX1/7X3KmqrX/LRpZO7//9qPm5ulKO8dO6PBo2Z2KmLxPPb5+J31QvKw/a9+8u3Zl/Z3fDnf6wrpTPo58fqbtEeb2cLk9Wtfb01VG2PT+wbaZqO7Pe1tjSdrbX9tdf/+q1ap9hz9SJ+j1c82tzW+5YZduLA0eZrdrO9bUNer8FwJF38ksnJ1p/b/2p9VHrZ607rddPfHPyq5MvT2T8D+OvNafHPt94ufhdPsqPNj7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn9yD996/O99uLyxtqnQ6nQ+GNB1I5b+HM1bv58yG7jO+74O+9ExyQNMZ22mfiSSHdQa3r/yn0+nUW4qjEM/2lU5pMp0DH6uZZFDT+dEnYcQvTMCBu7J8750rD957/8uL9+bfWnhr4f7ctWtz03PXXp29cnuxvTDdfRx1lMBB2LjpjzoSAAAAAAAAAAAAYLcO478TDB/9xGFOFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADimblxK80mKzExfni7XV1dm2+XSq2/s2UzSSFL8MCk+Tq6nu2Sqr7ti2DiPF+feHH+qr2Zv/8Z2x+3Oo3rJhSRjdblf/d3csb+JHbor1mdYJuxiL3Ewav8LAAD//wVhAus=")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000400)='./file0\x00', 0x3000c04, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRESHEX, @ANYRES16=0x0, @ANYRES16, @ANYRES8, @ANYRES32, @ANYRES8], 0x1, 0x65f, &(0x7f0000002280)="$eJzs3U9sHFcdB/DvrNd2NpTUTZM2RZUSNRIgIhI7VgquhAgIoRwqVJUDZytxGiubtDguSitEw/9rD+GIVA6+cULiHqlcuMCNIz4iIbhwwVxYNLOz9sbe9Z/K9trl84lm35t5M+/93m9md3bXijbA/60bl9J8kiI3Lr3+sFxfXZltr67M3uvVk0wmaSTNqihS/LvT6XycXE93yUtJirq7Ytg4jxfn3vzLv1b/1u1rXVGvDz1udx7VSy4kGavL/erv5k79ndipu2J9hmXCLvYSB6M2nqRT+cfj7pbv//GZ9ZY+rUFH73jlA8dA0b1vbjGVnKyf6OX7gO5d8el7+LH0aNQBAAAAwCF4di1reZhTo44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjpP69/+Lemn06hdS9H7/f6Lelrp+tJzf2+5PDioOAAAAAAAAADhE59eq4lRvvVNUf/N/pVo5Uz1+Ju/mQRaylMt5mPksZzlLmUky1dfRxMP55eWlmf4jJwcfeXXgkVd3CHSyLlv7Mm0AAAAAAAAA+LT5SW5s/P0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOgiIZ6xbVcqZXn0qjmeREkolyv0fJn3v14+zJqAMAAACAQ/DsWtbyMKd6652i+sz/QvW5/0Tezf0sZzHLaWcht6rvArqf+hurK7Pt1ZXZe+Wytd9v/HNPYVQ9pvvdw+CRz1V7tHI7i9WWy7mZt9POrTSqI0vnevEMjuvHZUzF12u7jOxWXZYz/7Aut/hgT5MdZo9fpkxVGRlfz8h0HVuZjee2z8Qez87mkWbSWA/2zKaRNk3iE+X8ZF2W8/nFsJyPxOZMXO27+l7YPufJF37/2+/dad+/e+f2g0tHZ0q7M1aXneqxtTUTs32ZePHTnIktpqtMnF1fv5Fv57u5lAt5I0tZzA8yn+Us5EK+VdXm6+u5fJysjxmSqetPrb2xUyQT9RXaPVl7i+mV6thTWcx38nZuZSGvVv+uZiZfybVcy1zfGT67i1faxpBnfeezA4O/+MW60kryy7o8Gsq8PteX1/7X3KmqrX/LRpZO7//9qPm5ulKO8dO6PBo2Z2KmLxPPb5+J31QvKw/a9+8u3Zl/Z3fDnf6wrpTPo58fqbtEeb2cLk9Wtfb01VG2PT+wbaZqO7Pe1tjSdrbX9tdf/+q1ap9hz9SJ+j1c82tzW+5YZduLA0eZrdrO9bUNer8FwJF38ksnJ1p/b/2p9VHrZ607rddPfHPyq5MvT2T8D+OvNafHPt94ufhdPsqPNj7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn9yD996/O99uLyxtqnQ6nQ+GNB1I5b+HM1bv58yG7jO+74O+9ExyQNMZ22mfiSSHdQa3r/yn0+nUW4qjEM/2lU5pMp0DH6uZZFDT+dEnYcQvTMCBu7J8750rD957/8uL9+bfWnhr4f7ctWtz03PXXp29cnuxvTDdfRx1lMBB2LjpjzoSAAAAAAAAAAAAYLcO478TDB/9xGFOFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADimblxK80mKzExfni7XV1dm2+XSq2/s2UzSSFL8MCk+Tq6nu2Sqr7ti2DiPF+feHH+qr2Zv/8Z2x+3Oo3rJhSRjdblf/d3csb+JHbor1mdYJuxiL3Ewav8LAAD//wVhAus=")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

program crashed: KMSAN: uninit-value in hfsplus_lookup
single: successfully extracted reproducer
found reproducer with 2 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000400)='./file0\x00', 0x3000c04, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRESHEX, @ANYRES16=0x0, @ANYRES16, @ANYRES8, @ANYRES32, @ANYRES8], 0x1, 0x65f, &(0x7f0000002280)="$eJzs3U9sHFcdB/DvrNd2NpTUTZM2RZUSNRIgIhI7VgquhAgIoRwqVJUDZytxGiubtDguSitEw/9rD+GIVA6+cULiHqlcuMCNIz4iIbhwwVxYNLOz9sbe9Z/K9trl84lm35t5M+/93m9md3bXijbA/60bl9J8kiI3Lr3+sFxfXZltr67M3uvVk0wmaSTNqihS/LvT6XycXE93yUtJirq7Ytg4jxfn3vzLv1b/1u1rXVGvDz1udx7VSy4kGavL/erv5k79ndipu2J9hmXCLvYSB6M2nqRT+cfj7pbv//GZ9ZY+rUFH73jlA8dA0b1vbjGVnKyf6OX7gO5d8el7+LH0aNQBAAAAwCF4di1reZhTo44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjpP69/+Lemn06hdS9H7/f6Lelrp+tJzf2+5PDioOAAAAAAAAADhE59eq4lRvvVNUf/N/pVo5Uz1+Ju/mQRaylMt5mPksZzlLmUky1dfRxMP55eWlmf4jJwcfeXXgkVd3CHSyLlv7Mm0AAAAAAAAA+LT5SW5s/P0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOgiIZ6xbVcqZXn0qjmeREkolyv0fJn3v14+zJqAMAAACAQ/DsWtbyMKd6652i+sz/QvW5/0Tezf0sZzHLaWcht6rvArqf+hurK7Pt1ZXZe+Wytd9v/HNPYVQ9pvvdw+CRz1V7tHI7i9WWy7mZt9POrTSqI0vnevEMjuvHZUzF12u7jOxWXZYz/7Aut/hgT5MdZo9fpkxVGRlfz8h0HVuZjee2z8Qez87mkWbSWA/2zKaRNk3iE+X8ZF2W8/nFsJyPxOZMXO27+l7YPufJF37/2+/dad+/e+f2g0tHZ0q7M1aXneqxtTUTs32ZePHTnIktpqtMnF1fv5Fv57u5lAt5I0tZzA8yn+Us5EK+VdXm6+u5fJysjxmSqetPrb2xUyQT9RXaPVl7i+mV6thTWcx38nZuZSGvVv+uZiZfybVcy1zfGT67i1faxpBnfeezA4O/+MW60kryy7o8Gsq8PteX1/7X3KmqrX/LRpZO7//9qPm5ulKO8dO6PBo2Z2KmLxPPb5+J31QvKw/a9+8u3Zl/Z3fDnf6wrpTPo58fqbtEeb2cLk9Wtfb01VG2PT+wbaZqO7Pe1tjSdrbX9tdf/+q1ap9hz9SJ+j1c82tzW+5YZduLA0eZrdrO9bUNer8FwJF38ksnJ1p/b/2p9VHrZ607rddPfHPyq5MvT2T8D+OvNafHPt94ufhdPsqPNj7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn9yD996/O99uLyxtqnQ6nQ+GNB1I5b+HM1bv58yG7jO+74O+9ExyQNMZ22mfiSSHdQa3r/yn0+nUW4qjEM/2lU5pMp0DH6uZZFDT+dEnYcQvTMCBu7J8750rD957/8uL9+bfWnhr4f7ctWtz03PXXp29cnuxvTDdfRx1lMBB2LjpjzoSAAAAAAAAAAAAYLcO478TDB/9xGFOFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADimblxK80mKzExfni7XV1dm2+XSq2/s2UzSSFL8MCk+Tq6nu2Sqr7ti2DiPF+feHH+qr2Zv/8Z2x+3Oo3rJhSRjdblf/d3csb+JHbor1mdYJuxiL3Ewav8LAAD//wVhAus=")

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone
detailed listing:
executing program 0:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
simplifying C reproducer
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-syz_clone
program crashed: KMSAN: uninit-value in hfsplus_lookup
reproducing took 42m43.204939687s
repro crashed as (corrupted=false):
hfsplus: can't free extent
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
=====================================================
BUG: KMSAN: uninit-value in hfsplus_lookup+0x66b/0xef0 fs/hfsplus/dir.c:83
 hfsplus_lookup+0x66b/0xef0 fs/hfsplus/dir.c:83
 __lookup_slow+0x538/0x710 fs/namei.c:1793
 lookup_slow+0x6a/0xd0 fs/namei.c:1810
 walk_component+0x467/0x650 fs/namei.c:2114
 lookup_last fs/namei.c:2612 [inline]
 path_lookupat+0x27d/0x6f0 fs/namei.c:2636
 filename_lookup+0x288/0x7c0 fs/namei.c:2665
 user_path_at+0x90/0x3e0 fs/namei.c:3072
 ksys_umount fs/namespace.c:2071 [inline]
 __do_sys_umount fs/namespace.c:2079 [inline]
 __se_sys_umount fs/namespace.c:2077 [inline]
 __x64_sys_umount+0x146/0x240 fs/namespace.c:2077
 x64_sys_call+0x265e/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:167
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4762
 alloc_pages_mpol+0x4cd/0x890 mm/mempolicy.c:2270
 alloc_frozen_pages_noprof+0x1bf/0x1e0 mm/mempolicy.c:2341
 alloc_slab_page mm/slub.c:2423 [inline]
 allocate_slab+0x23a/0x1110 mm/slub.c:2587
 new_slab mm/slub.c:2640 [inline]
 ___slab_alloc+0x1287/0x3540 mm/slub.c:3826
 __slab_alloc mm/slub.c:3916 [inline]
 __slab_alloc_node mm/slub.c:3991 [inline]
 slab_alloc_node mm/slub.c:4152 [inline]
 kmem_cache_alloc_lru_noprof+0x855/0xe20 mm/slub.c:4183
 hfsplus_alloc_inode+0x5a/0xd0 fs/hfsplus/super.c:627
 alloc_inode+0x86/0x460 fs/inode.c:336
 iget_locked+0x250/0x1290 fs/inode.c:1487
 hfsplus_iget+0x59/0xae0 fs/hfsplus/super.c:65
 hfsplus_btree_open+0x13e/0x1d00 fs/hfsplus/btree.c:150
 hfsplus_fill_super+0x1113/0x26e0 fs/hfsplus/super.c:474
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560
 path_mount+0x742/0x1f10 fs/namespace.c:3887
 do_mount fs/namespace.c:3900 [inline]
 __do_sys_mount fs/namespace.c:4111 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4088
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088
 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 0 UID: 0 PID: 5769 Comm: syz-executor226 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
=====================================================

final repro crashed as (corrupted=false):
hfsplus: can't free extent
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
=====================================================
BUG: KMSAN: uninit-value in hfsplus_lookup+0x66b/0xef0 fs/hfsplus/dir.c:83
 hfsplus_lookup+0x66b/0xef0 fs/hfsplus/dir.c:83
 __lookup_slow+0x538/0x710 fs/namei.c:1793
 lookup_slow+0x6a/0xd0 fs/namei.c:1810
 walk_component+0x467/0x650 fs/namei.c:2114
 lookup_last fs/namei.c:2612 [inline]
 path_lookupat+0x27d/0x6f0 fs/namei.c:2636
 filename_lookup+0x288/0x7c0 fs/namei.c:2665
 user_path_at+0x90/0x3e0 fs/namei.c:3072
 ksys_umount fs/namespace.c:2071 [inline]
 __do_sys_umount fs/namespace.c:2079 [inline]
 __se_sys_umount fs/namespace.c:2077 [inline]
 __x64_sys_umount+0x146/0x240 fs/namespace.c:2077
 x64_sys_call+0x265e/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:167
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4762
 alloc_pages_mpol+0x4cd/0x890 mm/mempolicy.c:2270
 alloc_frozen_pages_noprof+0x1bf/0x1e0 mm/mempolicy.c:2341
 alloc_slab_page mm/slub.c:2423 [inline]
 allocate_slab+0x23a/0x1110 mm/slub.c:2587
 new_slab mm/slub.c:2640 [inline]
 ___slab_alloc+0x1287/0x3540 mm/slub.c:3826
 __slab_alloc mm/slub.c:3916 [inline]
 __slab_alloc_node mm/slub.c:3991 [inline]
 slab_alloc_node mm/slub.c:4152 [inline]
 kmem_cache_alloc_lru_noprof+0x855/0xe20 mm/slub.c:4183
 hfsplus_alloc_inode+0x5a/0xd0 fs/hfsplus/super.c:627
 alloc_inode+0x86/0x460 fs/inode.c:336
 iget_locked+0x250/0x1290 fs/inode.c:1487
 hfsplus_iget+0x59/0xae0 fs/hfsplus/super.c:65
 hfsplus_btree_open+0x13e/0x1d00 fs/hfsplus/btree.c:150
 hfsplus_fill_super+0x1113/0x26e0 fs/hfsplus/super.c:474
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560
 path_mount+0x742/0x1f10 fs/namespace.c:3887
 do_mount fs/namespace.c:3900 [inline]
 __do_sys_mount fs/namespace.c:4111 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4088
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088
 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 0 UID: 0 PID: 5769 Comm: syz-executor226 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
=====================================================