./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2168638550 <...> Warning: Permanently added '10.128.0.143' (ED25519) to the list of known hosts. execve("./syz-executor2168638550", ["./syz-executor2168638550"], 0x7ffe0da84fa0 /* 10 vars */) = 0 brk(NULL) = 0x555593549000 brk(0x555593549d00) = 0x555593549d00 arch_prctl(ARCH_SET_FS, 0x555593549380) = 0 set_tid_address(0x555593549650) = 5785 set_robust_list(0x555593549660, 24) = 0 rseq(0x555593549ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2168638550", 4096) = 28 getrandom("\x03\x43\x9b\xae\x5c\x84\x8e\xfb", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555593549d00 brk(0x55559356ad00) = 0x55559356ad00 brk(0x55559356b000) = 0x55559356b000 mprotect(0x7fbaf3595000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555593549650) = 5786 ./strace-static-x86_64: Process 5786 attached [pid 5786] set_robust_list(0x555593549660, 24) = 0 [pid 5786] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5786] setpgid(0, 0) = 0 [pid 5786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5786] write(3, "1000", 4) = 4 [pid 5786] close(3) = 0 executing program [pid 5786] write(1, "executing program\n", 18) = 18 [pid 5786] memfd_create("syzkaller", 0) = 3 [pid 5786] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbaeb000000 [pid 5786] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768 [pid 5786] munmap(0x7fbaeb000000, 138412032) = 0 [pid 5786] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5786] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5786] close(3) = 0 [pid 5786] close(4) = 0 [pid 5786] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777) = 0 [pid 5786] mount("/dev/loop0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "hfs", MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_I_VERSION|MS_LAZYTIME, "") = 0 [ 219.824462][ T5786] loop0: detected capacity change from 0 to 64 [pid 5786] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY) = 3 [pid 5786] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5786] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5786] rename("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOMEM (Cannot allocate memory) [ 219.914738][ T5786] hfs: keylen 94 too large [ 219.919467][ T5786] hfs: request for non-existent node 1818584064 in B*Tree [ 219.927083][ T5786] hfs: request for non-existent node 1818584064 in B*Tree [ 219.946851][ T5786] hfs: keylen 94 too large [ 219.951759][ T5786] ===================================================== [ 219.959515][ T5786] BUG: KMSAN: uninit-value in hfs_brec_find+0x6ff/0x9f0 [ 219.967445][ T5786] hfs_brec_find+0x6ff/0x9f0 [ 219.972555][ T5786] hfs_brec_read+0x3f/0x1f0 [ 219.977578][ T5786] hfs_lookup+0x1cc/0x410 [ 219.982176][ T5786] lookup_one_qstr_excl_raw+0x207/0x5b0 [ 219.988215][ T5786] do_renameat2+0x869/0x1d70 [ 219.993464][ T5786] __x64_sys_renameat2+0x15d/0x210 [ 219.998891][ T5786] x64_sys_call+0x3733/0x3db0 [ 220.003959][ T5786] do_syscall_64+0xd9/0x1b0 [ 220.008973][ T5786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.015349][ T5786] [ 220.017877][ T5786] Local variable nd created at: [ 220.023422][ T5786] __filename_parentat+0x4c/0x990 [ 220.028888][ T5786] do_renameat2+0x2fb/0x1d70 [ 220.034289][ T5786] [ 220.036867][ T5786] CPU: 1 UID: 0 PID: 5786 Comm: syz-executor216 Not tainted 6.15.0-syzkaller #0 PREEMPT(undef) [ 220.047781][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 220.058805][ T5786] ===================================================== [ 220.066330][ T5786] Disabling lock debugging due to kernel taint [ 220.073107][ T5786] Kernel panic - not syncing: kmsan.panic set ... [ 220.080026][ T5786] CPU: 1 UID: 0 PID: 5786 Comm: syz-executor216 Tainted: G B 6.15.0-syzkaller #0 PREEMPT(undef) [ 220.092953][ T5786] Tainted: [B]=BAD_PAGE [ 220.097543][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 220.108271][ T5786] Call Trace: [ 220.111867][ T5786] [ 220.114937][ T5786] __dump_stack+0x26/0x30 [ 220.119702][ T5786] dump_stack_lvl+0x53/0x270 [ 220.124696][ T5786] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 220.131241][ T5786] dump_stack+0x1e/0x25 [ 220.135578][ T5786] panic+0x4bd/0xd50 [ 220.139840][ T5786] kmsan_report+0x29d/0x2a0 [ 220.144739][ T5786] ? vprintk_default+0x3f/0x50 [ 220.150036][ T5786] ? __msan_warning+0x96/0x120 [ 220.155083][ T5786] ? hfs_brec_find+0x6ff/0x9f0 [ 220.160008][ T5786] ? hfs_brec_read+0x3f/0x1f0 [ 220.164913][ T5786] ? hfs_lookup+0x1cc/0x410 [ 220.169574][ T5786] ? lookup_one_qstr_excl_raw+0x207/0x5b0 [ 220.175545][ T5786] ? do_renameat2+0x869/0x1d70 [ 220.180711][ T5786] ? __x64_sys_renameat2+0x15d/0x210 [ 220.186280][ T5786] ? x64_sys_call+0x3733/0x3db0 [ 220.191626][ T5786] ? do_syscall_64+0xd9/0x1b0 [ 220.196963][ T5786] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.203521][ T5786] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 220.209845][ T5786] ? hfs_brec_keylen+0x5eb/0x640 [ 220.215261][ T5786] ? __hfs_brec_find+0x483/0x8b0 [ 220.220452][ T5786] ? kmsan_get_metadata+0x105/0x1b0 [ 220.225876][ T5786] __msan_warning+0x96/0x120 [ 220.230811][ T5786] hfs_brec_find+0x6ff/0x9f0 [ 220.235774][ T5786] ? hfs_asc2mac+0xfb5/0x1030 [ 220.241057][ T5786] hfs_brec_read+0x3f/0x1f0 [ 220.245865][ T5786] hfs_lookup+0x1cc/0x410 [ 220.250383][ T5786] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 220.256880][ T5786] ? kmsan_get_metadata+0x105/0x1b0 [ 220.262668][ T5786] ? __pfx_hfs_lookup+0x10/0x10 [ 220.268145][ T5786] lookup_one_qstr_excl_raw+0x207/0x5b0 [ 220.274057][ T5786] do_renameat2+0x869/0x1d70 [ 220.279006][ T5786] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 220.285762][ T5786] ? getname_flags+0x5f4/0xac0 [ 220.290826][ T5786] __x64_sys_renameat2+0x15d/0x210 [ 220.296274][ T5786] x64_sys_call+0x3733/0x3db0 [ 220.301541][ T5786] do_syscall_64+0xd9/0x1b0 [ 220.306310][ T5786] ? irqentry_exit+0x16/0x60 [ 220.311233][ T5786] ? clear_bhb_loop+0x40/0x90 [ 220.316069][ T5786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.322321][ T5786] RIP: 0033:0x7fbaf3521b19 [ 220.327129][ T5786] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 220.347373][ T5786] RSP: 002b:00007ffd030f7a08 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 220.356059][ T5786] RAX: ffffffffffffffda RBX: 00007fbaf356a0c0 RCX: 00007fbaf3521b19 [ 220.364351][ T5786] RDX: 00000000ffffff9c RSI: 0000200000000580 RDI: 00000000ffffff9c [ 220.372567][ T5786] RBP: 0000000000000000 R08: 0000000000000000 R09: 000055559354a4c0 [ 220.380778][ T5786] R10: 00002000000005c0 R11: 0000000000000246 R12: 00007ffd030f7a30 [ 220.389045][ T5786] R13: 00007ffd030f7c58 R14: 431bde82d7b634db R15: 00007fbaf356a03b [ 220.397286][ T5786] [ 220.400890][ T5786] Kernel Offset: disabled [ 220.405314][ T5786] Rebooting in 86400 seconds..