hfsplus: b-tree write err: -5, ino 8 hfsplus: b-tree write err: -5, ino 8 hfsplus: b-tree write err: -5, ino 8 general protection fault, probably for non-canonical address 0xdffffc0000000255: 0000 [#1] PREEMPT SMP KASAN KASAN: probably user-memory-access in range [0x00000000000012a8-0x00000000000012af] CPU: 0 PID: 1370 Comm: kworker/u4:6 Not tainted 5.19.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 Workqueue: writeback wb_workfn (flush-7:4) RIP: 0010:mem_cgroup_track_foreign_dirty_slowpath+0xe5/0xa10 mm/memcontrol.c:4553 Code: 0b e8 af 6e a3 ff 85 c0 0f 84 67 06 00 00 65 ff 0d f8 e4 41 7e 0f 84 9f 06 00 00 49 8d 9c 24 a8 12 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 ec f5 fa ff 48 8b 2b 4c 89 e8 48 RSP: 0018:ffffc90005507020 EFLAGS: 00010006 RAX: 0000000000000255 RBX: 00000000000012a8 RCX: 0000000080000002 RDX: 0000000000000000 RSI: ffffffff89ca3ac0 RDI: ffffffff8a16cc40 RBP: ffff888146b665e0 R08: dffffc0000000000 R09: fffffbfff19e92ce R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 R13: ffff888146b66060 R14: 00000000ffffd875 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbbab47ec00 CR3: 0000000025e34000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: mem_cgroup_track_foreign_dirty include/linux/memcontrol.h:1631 [inline] folio_account_dirtied mm/page-writeback.c:2550 [inline] __folio_mark_dirty+0x6f5/0xc60 mm/page-writeback.c:2590 block_dirty_folio+0x123/0x1f0 fs/buffer.c:640 hfsplus_bnode_write+0xee/0x1e0 fs/hfsplus/bnode.c:86 hfsplus_cat_write_inode+0x9e6/0xf50 write_inode fs/fs-writeback.c:1434 [inline] __writeback_single_inode+0x4c8/0xbc0 fs/fs-writeback.c:1646 writeback_sb_inodes+0x891/0x15f0 fs/fs-writeback.c:1859 wb_writeback+0x39e/0xa00 fs/fs-writeback.c:2033 wb_do_writeback fs/fs-writeback.c:2176 [inline] wb_workfn+0x3ea/0xe40 fs/fs-writeback.c:2216 process_one_work+0x7b9/0xef0 kernel/workqueue.c:2289 worker_thread+0x8c9/0xfd0 kernel/workqueue.c:2436 kthread+0x232/0x2b0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:mem_cgroup_track_foreign_dirty_slowpath+0xe5/0xa10 mm/memcontrol.c:4553 Code: 0b e8 af 6e a3 ff 85 c0 0f 84 67 06 00 00 65 ff 0d f8 e4 41 7e 0f 84 9f 06 00 00 49 8d 9c 24 a8 12 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 ec f5 fa ff 48 8b 2b 4c 89 e8 48 RSP: 0018:ffffc90005507020 EFLAGS: 00010006 RAX: 0000000000000255 RBX: 00000000000012a8 RCX: 0000000080000002 RDX: 0000000000000000 RSI: ffffffff89ca3ac0 RDI: ffffffff8a16cc40 RBP: ffff888146b665e0 R08: dffffc0000000000 R09: fffffbfff19e92ce R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 R13: ffff888146b66060 R14: 00000000ffffd875 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbbab47ec00 CR3: 0000000025e34000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 0b e8 or %eax,%ebp 2: af scas %es:(%rdi),%eax 3: 6e outsb %ds:(%rsi),(%dx) 4: a3 ff 85 c0 0f 84 67 movabs %eax,0x667840fc085ff b: 06 00 d: 00 65 ff add %ah,-0x1(%rbp) 10: 0d f8 e4 41 7e or $0x7e41e4f8,%eax 15: 0f 84 9f 06 00 00 je 0x6ba 1b: 49 8d 9c 24 a8 12 00 lea 0x12a8(%r12),%rbx 22: 00 23: 48 89 d8 mov %rbx,%rax 26: 48 c1 e8 03 shr $0x3,%rax * 2a: 42 80 3c 38 00 cmpb $0x0,(%rax,%r15,1) <-- trapping instruction 2f: 74 08 je 0x39 31: 48 89 df mov %rbx,%rdi 34: e8 ec f5 fa ff callq 0xfffaf625 39: 48 8b 2b mov (%rbx),%rbp 3c: 4c 89 e8 mov %r13,%rax 3f: 48 rex.W