Warning: Permanently added '10.128.1.188' (ED25519) to the list of known hosts. 1970/01/01 00:01:31 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:32 parsed 1 programs [ 95.177842][ T6921] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 109.338934][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 109.341920][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 109.344349][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 109.349383][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 109.352312][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 109.354489][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 109.552005][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.554188][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.565019][ T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.568119][ T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.725310][ T6992] chnl_net:caif_netlink_parms(): no params data found [ 109.859352][ T6992] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.861328][ T6992] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.863228][ T6992] bridge_slave_0: entered allmulticast mode [ 109.865329][ T6992] bridge_slave_0: entered promiscuous mode [ 109.868005][ T6992] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.869921][ T6992] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.871832][ T6992] bridge_slave_1: entered allmulticast mode [ 109.873830][ T6992] bridge_slave_1: entered promiscuous mode [ 109.885397][ T6992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.891148][ T6992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.905514][ T6992] team0: Port device team_slave_0 added [ 109.909649][ T6992] team0: Port device team_slave_1 added [ 109.919800][ T6992] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.921670][ T6992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.929074][ T6992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.933099][ T6992] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.934917][ T6992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.942183][ T6992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.973128][ T6992] hsr_slave_0: entered promiscuous mode [ 109.974973][ T6992] hsr_slave_1: entered promiscuous mode [ 110.803535][ T6992] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 110.810565][ T6992] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 110.814050][ T6992] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 110.823610][ T6992] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 110.864990][ T6992] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.873336][ T6992] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.879417][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.881393][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.891373][ T38] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.893265][ T38] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.912846][ T6992] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 110.915635][ T6992] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 110.992590][ T6992] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.017813][ T6992] veth0_vlan: entered promiscuous mode [ 111.022509][ T6992] veth1_vlan: entered promiscuous mode [ 111.038061][ T6992] veth0_macvtap: entered promiscuous mode [ 111.041321][ T6992] veth1_macvtap: entered promiscuous mode [ 111.050162][ T6992] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.055546][ T6992] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.059557][ T6992] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.061920][ T6992] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.064220][ T6992] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.067534][ T6992] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.477866][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.548118][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.636759][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.718483][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:52 executed programs: 0 [ 112.320421][ T6010] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 112.323214][ T6010] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 112.325557][ T6010] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 112.330545][ T6010] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 112.333046][ T6010] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 112.335161][ T6010] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 112.424216][ T7187] chnl_net:caif_netlink_parms(): no params data found [ 112.459071][ T7187] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.461003][ T7187] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.462953][ T7187] bridge_slave_0: entered allmulticast mode [ 112.465055][ T7187] bridge_slave_0: entered promiscuous mode [ 112.472304][ T7187] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.474261][ T7187] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.476884][ T7187] bridge_slave_1: entered allmulticast mode [ 112.478990][ T7187] bridge_slave_1: entered promiscuous mode [ 112.494423][ T7187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 112.502212][ T7187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 112.517816][ T7187] team0: Port device team_slave_0 added [ 112.520594][ T7187] team0: Port device team_slave_1 added [ 112.532592][ T7187] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.534416][ T7187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.542704][ T7187] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.548717][ T7187] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.550510][ T7187] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.557929][ T7187] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.576545][ T7187] hsr_slave_0: entered promiscuous mode [ 112.578482][ T7187] hsr_slave_1: entered promiscuous mode [ 112.580255][ T7187] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 112.582200][ T7187] Cannot create hsr debugfs directory [ 114.415914][ T6010] Bluetooth: hci0: command tx timeout [ 114.997232][ T11] bridge_slave_1: left allmulticast mode [ 114.998813][ T11] bridge_slave_1: left promiscuous mode [ 115.000469][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.003991][ T11] bridge_slave_0: left allmulticast mode [ 115.005474][ T11] bridge_slave_0: left promiscuous mode [ 115.007882][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.496236][ T6010] Bluetooth: hci0: command tx timeout [ 116.547583][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 116.587666][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 116.627188][ T11] bond0 (unregistering): Released all slaves [ 116.712175][ T11] hsr_slave_0: left promiscuous mode [ 116.714005][ T11] hsr_slave_1: left promiscuous mode [ 116.720725][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.722704][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.725203][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.728095][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.740126][ T11] veth1_macvtap: left promiscuous mode [ 116.741602][ T11] veth0_macvtap: left promiscuous mode [ 116.743137][ T11] veth1_vlan: left promiscuous mode [ 116.744515][ T11] veth0_vlan: left promiscuous mode [ 118.575817][ T6010] Bluetooth: hci0: command tx timeout [ 118.637943][ T11] team0 (unregistering): Port device team_slave_1 removed [ 118.846822][ T11] team0 (unregistering): Port device team_slave_0 removed [ 120.655866][ T6010] Bluetooth: hci0: command tx timeout [ 121.310600][ T7187] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 121.317755][ T7187] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 121.323043][ T7187] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 121.330939][ T7187] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 121.372996][ T7187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.381022][ T7187] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.388460][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.390455][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.426343][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.428357][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.439972][ T7187] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 121.442962][ T7187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 121.563365][ T7187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.580883][ T7187] veth0_vlan: entered promiscuous mode [ 121.585366][ T7187] veth1_vlan: entered promiscuous mode [ 121.612543][ T7187] veth0_macvtap: entered promiscuous mode [ 121.617016][ T7187] veth1_macvtap: entered promiscuous mode [ 121.623700][ T7187] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 121.631250][ T7187] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 121.635198][ T7187] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.638092][ T7187] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.640388][ T7187] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.642565][ T7187] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.683430][ T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.685455][ T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.701371][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.703485][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:02:01 executed programs: 2 [ 121.923443][ T7414] loop0: detected capacity change from 0 to 1024 [ 122.009353][ T7414] ================================================================== [ 122.011571][ T7414] BUG: KASAN: slab-out-of-bounds in hfsplus_bmap_alloc+0x150/0x538 [ 122.013590][ T7414] Read of size 8 at addr ffff0000cff18cc0 by task syz.0.16/7414 [ 122.015641][ T7414] [ 122.016282][ T7414] CPU: 1 UID: 0 PID: 7414 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-g77c95b8c7a16 #0 [ 122.016296][ T7414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 122.016303][ T7414] Call trace: [ 122.016307][ T7414] show_stack+0x2c/0x3c (C) [ 122.016326][ T7414] dump_stack_lvl+0xe4/0x150 [ 122.016341][ T7414] print_report+0x198/0x550 [ 122.016354][ T7414] kasan_report+0xd8/0x138 [ 122.016366][ T7414] __asan_report_load8_noabort+0x20/0x2c [ 122.016380][ T7414] hfsplus_bmap_alloc+0x150/0x538 [ 122.016392][ T7414] hfs_btree_inc_height+0xf8/0xa60 [ 122.016404][ T7414] hfsplus_brec_insert+0x11c/0xaa0 [ 122.016417][ T7414] __hfsplus_ext_write_extent+0x288/0x4ac [ 122.016428][ T7414] __hfsplus_ext_cache_extent+0x84/0xa84 [ 122.016440][ T7414] hfsplus_file_extend+0x39c/0x1544 [ 122.016451][ T7414] hfsplus_get_block+0x398/0x1168 [ 122.016462][ T7414] __block_write_begin_int+0x4c4/0x1610 [ 122.016476][ T7414] cont_write_begin+0x634/0x984 [ 122.016489][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.016503][ T7414] cont_write_begin+0x2b0/0x984 [ 122.016515][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.016526][ T7414] generic_perform_write+0x29c/0x868 [ 122.016538][ T7414] __generic_file_write_iter+0xfc/0x204 [ 122.016549][ T7414] generic_file_write_iter+0x108/0x4b4 [ 122.016566][ T7414] __kernel_write_iter+0x340/0x7a0 [ 122.016580][ T7414] dump_user_range+0x378/0x6c8 [ 122.016594][ T7414] elf_core_dump+0x336c/0x3c38 [ 122.016606][ T7414] do_coredump+0x1d28/0x29a0 [ 122.016619][ T7414] get_signal+0xf6c/0x1500 [ 122.016631][ T7414] do_signal+0x1a4/0x3a04 [ 122.016644][ T7414] do_notify_resume+0x74/0x1f4 [ 122.016655][ T7414] el0_da+0xbc/0x178 [ 122.016666][ T7414] el0t_64_sync_handler+0xcc/0x108 [ 122.016676][ T7414] el0t_64_sync+0x198/0x19c [ 122.016688][ T7414] [ 122.062180][ T7414] Allocated by task 7414: [ 122.063280][ T7414] kasan_save_track+0x40/0x78 [ 122.064513][ T7414] kasan_save_alloc_info+0x40/0x50 [ 122.065946][ T7414] __kasan_kmalloc+0xac/0xc4 [ 122.067148][ T7414] __kmalloc_noprof+0x32c/0x54c [ 122.068430][ T7414] __hfs_bnode_create+0xe4/0x6d4 [ 122.069739][ T7414] hfsplus_bnode_find+0x1f8/0xc04 [ 122.071074][ T7414] hfsplus_bmap_alloc+0xc8/0x538 [ 122.072496][ T7414] hfs_btree_inc_height+0xf8/0xa60 [ 122.073839][ T7414] hfsplus_brec_insert+0x11c/0xaa0 [ 122.075189][ T7414] __hfsplus_ext_write_extent+0x288/0x4ac [ 122.076742][ T7414] __hfsplus_ext_cache_extent+0x84/0xa84 [ 122.078220][ T7414] hfsplus_file_extend+0x39c/0x1544 [ 122.079658][ T7414] hfsplus_get_block+0x398/0x1168 [ 122.080998][ T7414] __block_write_begin_int+0x4c4/0x1610 [ 122.082485][ T7414] cont_write_begin+0x634/0x984 [ 122.083749][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.085022][ T7414] cont_write_begin+0x2b0/0x984 [ 122.086308][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.087588][ T7414] generic_perform_write+0x29c/0x868 [ 122.089005][ T7414] __generic_file_write_iter+0xfc/0x204 [ 122.090310][ T7414] generic_file_write_iter+0x108/0x4b4 [ 122.091538][ T7414] __kernel_write_iter+0x340/0x7a0 [ 122.092692][ T7414] dump_user_range+0x378/0x6c8 [ 122.093768][ T7414] elf_core_dump+0x336c/0x3c38 [ 122.094851][ T7414] do_coredump+0x1d28/0x29a0 [ 122.095890][ T7414] get_signal+0xf6c/0x1500 [ 122.096896][ T7414] do_signal+0x1a4/0x3a04 [ 122.097881][ T7414] do_notify_resume+0x74/0x1f4 [ 122.098957][ T7414] el0_da+0xbc/0x178 [ 122.099843][ T7414] el0t_64_sync_handler+0xcc/0x108 [ 122.101189][ T7414] el0t_64_sync+0x198/0x19c [ 122.102399][ T7414] [ 122.103004][ T7414] The buggy address belongs to the object at ffff0000cff18c00 [ 122.103004][ T7414] which belongs to the cache kmalloc-192 of size 192 [ 122.106690][ T7414] The buggy address is located 48 bytes to the right of [ 122.106690][ T7414] allocated 144-byte region [ffff0000cff18c00, ffff0000cff18c90) [ 122.110598][ T7414] [ 122.111175][ T7414] The buggy address belongs to the physical page: [ 122.112850][ T7414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ff18 [ 122.115234][ T7414] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff) [ 122.117187][ T7414] page_type: f5(slab) [ 122.118240][ T7414] raw: 05ffc00000000000 ffff0000c00013c0 fffffdffc3077780 dead000000000004 [ 122.120453][ T7414] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 122.122781][ T7414] page dumped because: kasan: bad access detected [ 122.124458][ T7414] [ 122.125083][ T7414] Memory state around the buggy address: [ 122.126555][ T7414] ffff0000cff18b80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 122.128683][ T7414] ffff0000cff18c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 122.130745][ T7414] >ffff0000cff18c80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 122.132835][ T7414] ^ [ 122.134468][ T7414] ffff0000cff18d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 122.136635][ T7414] ffff0000cff18d80: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 122.138744][ T7414] ================================================================== [ 122.143124][ T7414] Disabling lock debugging due to kernel taint [ 122.146045][ T7414] ------------[ cut here ]------------ [ 122.147438][ T7414] WARNING: CPU: 1 PID: 7414 at ./include/linux/mm.h:2250 kmap_local_page+0x388/0x500 [ 122.149904][ T7414] Modules linked in: [ 122.150877][ T7414] CPU: 1 UID: 0 PID: 7414 Comm: syz.0.16 Tainted: G B 6.14.0-rc5-syzkaller-g77c95b8c7a16 #0 [ 122.153783][ T7414] Tainted: [B]=BAD_PAGE [ 122.154872][ T7414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 122.157478][ T7414] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 122.159493][ T7414] pc : kmap_local_page+0x388/0x500 [ 122.160885][ T7414] lr : kmap_local_page+0x150/0x500 [ 122.162246][ T7414] sp : ffff80009cdb5bf0 [ 122.163307][ T7414] x29: ffff80009cdb5bf0 x28: ffff0000c8fce000 x27: 1ffff000139b6b8c [ 122.165396][ T7414] x26: 1fffe000191f9c03 x25: 000a481679040073 x24: ffff80008f4d5000 [ 122.167581][ T7414] x23: 1ffff00011e9aafd x22: 0000000000200000 x21: 00000014902cf208 [ 122.169622][ T7414] x20: 0000000000000000 x19: 0292059e41001cf6 x18: 1fffe000366f6086 [ 122.171770][ T7414] x17: ffff80008fbbd000 x16: ffff80008b7cc15c x15: 0000000000000001 [ 122.173878][ T7414] x14: 1ffff0001262e8f8 x13: 0000000000000000 x12: 0000000000000000 [ 122.176033][ T7414] x11: ffff70001262e8f9 x10: 0000000000ff0100 x9 : 0000000000000000 [ 122.178199][ T7414] x8 : ffff0000d1995b80 x7 : 1fffe000366f6087 x6 : ffff8000803d4bfc [ 122.180340][ T7414] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000802f88ec [ 122.182408][ T7414] x2 : 0000000000000001 x1 : 0000000000200000 x0 : 00000014902cf208 [ 122.184475][ T7414] Call trace: [ 122.185369][ T7414] kmap_local_page+0x388/0x500 (P) [ 122.186703][ T7414] hfsplus_bmap_alloc+0x158/0x538 [ 122.188072][ T7414] hfs_btree_inc_height+0xf8/0xa60 [ 122.189381][ T7414] hfsplus_brec_insert+0x11c/0xaa0 [ 122.190728][ T7414] __hfsplus_ext_write_extent+0x288/0x4ac [ 122.192310][ T7414] __hfsplus_ext_cache_extent+0x84/0xa84 [ 122.193784][ T7414] hfsplus_file_extend+0x39c/0x1544 [ 122.195173][ T7414] hfsplus_get_block+0x398/0x1168 [ 122.196512][ T7414] __block_write_begin_int+0x4c4/0x1610 [ 122.197971][ T7414] cont_write_begin+0x634/0x984 [ 122.199259][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.200501][ T7414] cont_write_begin+0x2b0/0x984 [ 122.201893][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.203212][ T7414] generic_perform_write+0x29c/0x868 [ 122.204619][ T7414] __generic_file_write_iter+0xfc/0x204 [ 122.206024][ T7414] generic_file_write_iter+0x108/0x4b4 [ 122.207465][ T7414] __kernel_write_iter+0x340/0x7a0 [ 122.208832][ T7414] dump_user_range+0x378/0x6c8 [ 122.210038][ T7414] elf_core_dump+0x336c/0x3c38 [ 122.211321][ T7414] do_coredump+0x1d28/0x29a0 [ 122.212490][ T7414] get_signal+0xf6c/0x1500 [ 122.213621][ T7414] do_signal+0x1a4/0x3a04 [ 122.214748][ T7414] do_notify_resume+0x74/0x1f4 [ 122.215983][ T7414] el0_da+0xbc/0x178 [ 122.216965][ T7414] el0t_64_sync_handler+0xcc/0x108 [ 122.218305][ T7414] el0t_64_sync+0x198/0x19c [ 122.219468][ T7414] irq event stamp: 11767 [ 122.220620][ T7414] hardirqs last enabled at (11767): [] finish_lock_switch+0xbc/0x1e4 [ 122.223180][ T7414] hardirqs last disabled at (11766): [] __schedule+0x2bc/0x257c [ 122.225586][ T7414] softirqs last enabled at (9596): [] handle_softirqs+0xb44/0xd34 [ 122.228054][ T7414] softirqs last disabled at (9585): [] __do_softirq+0x14/0x20 [ 122.230387][ T7414] ---[ end trace 0000000000000000 ]--- [ 122.232298][ T7414] Unable to handle kernel paging request at virtual address fffd8cf20000e990 [ 122.234624][ T7414] KASAN: maybe wild-memory-access in range [0xfff0679000074c80-0xfff0679000074c87] [ 122.237102][ T7414] Mem abort info: [ 122.238098][ T7414] ESR = 0x0000000096000004 [ 122.239284][ T7414] EC = 0x25: DABT (current EL), IL = 32 bits [ 122.240834][ T7414] SET = 0, FnV = 0 [ 122.241836][ T7414] EA = 0, S1PTW = 0 [ 122.242886][ T7414] FSC = 0x04: level 0 translation fault [ 122.244333][ T7414] Data abort info: [ 122.245279][ T7414] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 122.246960][ T7414] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 122.248584][ T7414] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 122.250238][ T7414] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001a50a7000 [ 122.252126][ T7414] [fffd8cf20000e990] pgd=0000000000000000, p4d=0000000000000000 [ 122.254169][ T7414] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 122.256014][ T7414] Modules linked in: [ 122.257023][ T7414] CPU: 1 UID: 0 PID: 7414 Comm: syz.0.16 Tainted: G B W 6.14.0-rc5-syzkaller-g77c95b8c7a16 #0 [ 122.260153][ T7414] Tainted: [B]=BAD_PAGE, [W]=WARN [ 122.261512][ T7414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 122.264309][ T7414] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 122.266338][ T7414] pc : hfsplus_bmap_alloc+0x180/0x538 [ 122.267806][ T7414] lr : hfsplus_bmap_alloc+0x16c/0x538 [ 122.269269][ T7414] sp : ffff80009cdb5c40 [ 122.270334][ T7414] x29: ffff80009cdb5cc0 x28: 0000000000000f00 x27: 1ffff000139b6b8c [ 122.272409][ T7414] x26: fff0679000073d80 x25: fff0679000074c80 x24: 00000000ffff90f8 [ 122.274619][ T7414] x23: ffff0000cff18cc0 x22: ffff80009cdb5c80 x21: dfff800000000000 [ 122.276762][ T7414] x20: ffff0000cff18c00 x19: 1ffe0cf20000e990 x18: 1fffe000366f6086 [ 122.278981][ T7414] x17: ffff80008fbbd000 x16: ffff80008b7cc15c x15: 0000000000000001 [ 122.281056][ T7414] x14: 1ffff0001262e8f8 x13: 0000000000000000 x12: 0000000000000000 [ 122.283214][ T7414] x11: ffff70001262e8f9 x10: 0000000000ff0100 x9 : 0000000000000000 [ 122.285370][ T7414] x8 : ffff0000d1995b80 x7 : 1fffe000366f6087 x6 : ffff8000803d4bfc [ 122.287572][ T7414] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000802f88ec [ 122.289737][ T7414] x2 : 0000000000000001 x1 : 00000000000090f8 x0 : 0000000000000000 [ 122.291899][ T7414] Call trace: [ 122.292761][ T7414] hfsplus_bmap_alloc+0x180/0x538 (P) [ 122.294112][ T7414] hfs_btree_inc_height+0xf8/0xa60 [ 122.295494][ T7414] hfsplus_brec_insert+0x11c/0xaa0 [ 122.296811][ T7414] __hfsplus_ext_write_extent+0x288/0x4ac [ 122.298293][ T7414] __hfsplus_ext_cache_extent+0x84/0xa84 [ 122.299815][ T7414] hfsplus_file_extend+0x39c/0x1544 [ 122.301134][ T7414] hfsplus_get_block+0x398/0x1168 [ 122.302466][ T7414] __block_write_begin_int+0x4c4/0x1610 [ 122.303945][ T7414] cont_write_begin+0x634/0x984 [ 122.305203][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.306517][ T7414] cont_write_begin+0x2b0/0x984 [ 122.307839][ T7414] hfsplus_write_begin+0x7c/0xc4 [ 122.309155][ T7414] generic_perform_write+0x29c/0x868 [ 122.310545][ T7414] __generic_file_write_iter+0xfc/0x204 [ 122.312007][ T7414] generic_file_write_iter+0x108/0x4b4 [ 122.313476][ T7414] __kernel_write_iter+0x340/0x7a0 [ 122.314863][ T7414] dump_user_range+0x378/0x6c8 [ 122.316171][ T7414] elf_core_dump+0x336c/0x3c38 [ 122.317414][ T7414] do_coredump+0x1d28/0x29a0 [ 122.318666][ T7414] get_signal+0xf6c/0x1500 [ 122.319902][ T7414] do_signal+0x1a4/0x3a04 [ 122.321060][ T7414] do_notify_resume+0x74/0x1f4 [ 122.322370][ T7414] el0_da+0xbc/0x178 [ 122.323393][ T7414] el0t_64_sync_handler+0xcc/0x108 [ 122.324717][ T7414] el0t_64_sync+0x198/0x19c [ 122.325964][ T7414] Code: 12002e7c 8b3c4359 d343ff33 12000b29 (38f56a68) [ 122.327738][ T7414] ---[ end trace 0000000000000000 ]--- [ 122.737253][ T7414] Kernel panic - not syncing: Oops: Fatal exception [ 122.739117][ T7414] SMP: stopping secondary CPUs [ 122.740452][ T7414] Kernel Offset: disabled [ 122.741626][ T7414] CPU features: 0x200,00002070,00800250,82017203 [ 122.743487][ T7414] Memory Limit: none [ 123.080709][ T7414] Rebooting in 86400 seconds..