Extracting prog: 2m21.638704727s
Minimizing prog: 5m27.255319s
Simplifying prog options: 0s
Extracting C: 26.631027347s
Simplifying C: 8m48.344607133s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro-fsetxattr$trusted_overlay_upper
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000300), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f00000021c0)=ANY=[], 0x1, 0x5f4, &(0x7f0000000780)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000001040), &(0x7f0000001180)=ANY=[@ANYBLOB], 0xd4, 0x2)

program crashed: kernel BUG in __hfsplus_setxattr
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=53.24506618s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000300), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f00000021c0)=ANY=[], 0x1, 0x5f4, &(0x7f0000000780)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

program crashed: kernel BUG in __hfsplus_setxattr
testing program (duration=53.24506618s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000300), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f00000021c0)=ANY=[], 0x1, 0x5f4, &(0x7f0000000780)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6")

program did not crash
testing program (duration=53.24506618s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$cgroup_ro
detailed listing:
executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

program did not crash
testing program (duration=53.24506618s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000300), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f00000021c0)=ANY=[], 0x1, 0x5f4, &(0x7f0000000780)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=53.24506618s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
simplifying C reproducer
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
testing compiled C program (duration=53.24506618s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-openat$cgroup_ro
program crashed: kernel BUG in __hfsplus_setxattr
reproducing took 17m3.869682459s
repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 1024
------------[ cut here ]------------
kernel BUG at fs/hfsplus/xattr.c:175!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 UID: 0 PID: 6437 Comm: syz-executor275 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
pc : __hfsplus_setxattr+0x22d0/0x2334 fs/hfsplus/xattr.c:331
lr : hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
lr : __hfsplus_setxattr+0x22d0/0x2334 fs/hfsplus/xattr.c:331
sp : ffff8000a3e670a0
x29: ffff8000a3e67500 x28: dfff800000000000 x27: ffff0000d97da800
x26: ffff8000a3e67240 x25: ffff0000d97da838 x24: 0000000000000000
x23: 0000000000010000 x22: 1fffe0001b2fb507 x21: ffff0000c2832a80
x20: ffff7000147cce2c x19: ffff0000c2832370 x18: ffff8000a3e66ac0
x17: 000000000000d81e x16: ffff8000803b975c x15: 0000000000000001
x14: 1fffe00018506550 x13: 0000000000000000 x12: 0000000000000000
x11: ffff600018506551 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c61d3d00 x7 : ffff800080d696b4 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000812e29c4
x2 : 0000000000000000 x1 : 0000000000010000 x0 : 0000000000000000
Call trace:
 hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline] (P)
 __hfsplus_setxattr+0x22d0/0x2334 fs/hfsplus/xattr.c:331 (P)
 hfsplus_initxattrs+0x194/0x250 fs/hfsplus/xattr_security.c:59
 security_inode_init_security+0x73c/0x908 security/security.c:1852
 hfsplus_init_security+0x40/0x54 fs/hfsplus/xattr_security.c:71
 hfsplus_mknod+0x190/0x268 fs/hfsplus/dir.c:498
 hfsplus_create+0x38/0x4c fs/hfsplus/dir.c:523
 lookup_open fs/namei.c:3651 [inline]
 open_last_lookups fs/namei.c:3750 [inline]
 path_openat+0x13ec/0x2b1c fs/namei.c:3986
 do_filp_open+0x1e8/0x404 fs/namei.c:4016
 do_sys_openat2+0x124/0x1b8 fs/open.c:1428
 do_sys_open fs/open.c:1443 [inline]
 __do_sys_openat fs/open.c:1459 [inline]
 __se_sys_openat fs/open.c:1454 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1454
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
Code: d4210000 97cef271 d4210000 97cef26f (d4210000) 
---[ end trace 0000000000000000 ]---

final repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 1024
------------[ cut here ]------------
kernel BUG at fs/hfsplus/xattr.c:175!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 UID: 0 PID: 6437 Comm: syz-executor275 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
pc : __hfsplus_setxattr+0x22d0/0x2334 fs/hfsplus/xattr.c:331
lr : hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline]
lr : __hfsplus_setxattr+0x22d0/0x2334 fs/hfsplus/xattr.c:331
sp : ffff8000a3e670a0
x29: ffff8000a3e67500 x28: dfff800000000000 x27: ffff0000d97da800
x26: ffff8000a3e67240 x25: ffff0000d97da838 x24: 0000000000000000
x23: 0000000000010000 x22: 1fffe0001b2fb507 x21: ffff0000c2832a80
x20: ffff7000147cce2c x19: ffff0000c2832370 x18: ffff8000a3e66ac0
x17: 000000000000d81e x16: ffff8000803b975c x15: 0000000000000001
x14: 1fffe00018506550 x13: 0000000000000000 x12: 0000000000000000
x11: ffff600018506551 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c61d3d00 x7 : ffff800080d696b4 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000812e29c4
x2 : 0000000000000000 x1 : 0000000000010000 x0 : 0000000000000000
Call trace:
 hfsplus_create_attributes_file fs/hfsplus/xattr.c:175 [inline] (P)
 __hfsplus_setxattr+0x22d0/0x2334 fs/hfsplus/xattr.c:331 (P)
 hfsplus_initxattrs+0x194/0x250 fs/hfsplus/xattr_security.c:59
 security_inode_init_security+0x73c/0x908 security/security.c:1852
 hfsplus_init_security+0x40/0x54 fs/hfsplus/xattr_security.c:71
 hfsplus_mknod+0x190/0x268 fs/hfsplus/dir.c:498
 hfsplus_create+0x38/0x4c fs/hfsplus/dir.c:523
 lookup_open fs/namei.c:3651 [inline]
 open_last_lookups fs/namei.c:3750 [inline]
 path_openat+0x13ec/0x2b1c fs/namei.c:3986
 do_filp_open+0x1e8/0x404 fs/namei.c:4016
 do_sys_openat2+0x124/0x1b8 fs/open.c:1428
 do_sys_open fs/open.c:1443 [inline]
 __do_sys_openat fs/open.c:1459 [inline]
 __se_sys_openat fs/open.c:1454 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1454
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
Code: d4210000 97cef271 d4210000 97cef26f (d4210000) 
---[ end trace 0000000000000000 ]---