Extracting prog: 1m37.165521563s
Minimizing prog: 22m6.373042267s
Simplifying prog options: 0s
Extracting C: 48.416222553s
Simplifying C: 9m38.946896117s


extracting reproducer from 30 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone-syz_pidfd_open-set_mempolicy_home_node-ioctl$F2FS_IOC_COMPRESS_FILE-getdents64-socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
set_mempolicy_home_node(&(0x7f00007f5000/0x4000)=nil, 0x4000, 0x0, 0x0) (async)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0) (async, rerun: 64)
getdents64(r0, 0x0, 0x2e) (async, rerun: 64)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8066}, 0x20005081)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
single: successfully extracted reproducer
found reproducer with 13 syscalls
minimizing guilty program
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone-syz_pidfd_open-set_mempolicy_home_node-ioctl$F2FS_IOC_COMPRESS_FILE-getdents64-socket$nl_route
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
set_mempolicy_home_node(&(0x7f00007f5000/0x4000)=nil, 0x4000, 0x0, 0x0) (async)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0) (async, rerun: 64)
getdents64(r0, 0x0, 0x2e) (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone-syz_pidfd_open-set_mempolicy_home_node-ioctl$F2FS_IOC_COMPRESS_FILE-getdents64
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
set_mempolicy_home_node(&(0x7f00007f5000/0x4000)=nil, 0x4000, 0x0, 0x0) (async)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0) (async, rerun: 64)
getdents64(r0, 0x0, 0x2e) (async, rerun: 64)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone-syz_pidfd_open-set_mempolicy_home_node-ioctl$F2FS_IOC_COMPRESS_FILE
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
set_mempolicy_home_node(&(0x7f00007f5000/0x4000)=nil, 0x4000, 0x0, 0x0) (async)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0) (async, rerun: 64)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone-syz_pidfd_open-set_mempolicy_home_node
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r1, 0x0)
set_mempolicy_home_node(&(0x7f00007f5000/0x4000)=nil, 0x4000, 0x0, 0x0) (async)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone-syz_pidfd_open
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r1, 0x0)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise-syz_clone
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise-madvise
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise-madvise
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16) (async)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64-madvise
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat-getdents64
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/50, 0x32) (async)

program crashed: BUG: unable to handle kernel paging request in corrupted
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)

program did not crash
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat
detailed listing:
executing program 0:
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

program did not crash
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ")
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

program did not crash
testing program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000000600)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70de640bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a000000000000002aaa70aab01fd5b798ffc080975b803acbfccf66f252"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") (async)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program crashed: BUG: unable to handle kernel paging request in hfs_find_init
simplifying C reproducer
testing compiled C program (duration=45.483555292s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program did not crash
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program did not crash
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program did not crash
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program crashed: BUG: unable to handle kernel paging request in hfs_find_init
testing compiled C program (duration=45.483555292s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat
program crashed: BUG: unable to handle kernel paging request in hfs_find_init
reproducing took 34m10.90171264s
repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 64
hfs: unable to locate alternate MDB
hfs: continuing without an alternate MDB
Unable to handle kernel paging request at virtual address dfff800000000008
KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
Mem abort info:
  ESR = 0x0000000096000006
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x06: level 2 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000006
  CM = 0, WnR = 0
[dfff800000000008] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 4295 Comm: syz-executor373 Not tainted 6.1.141-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfs_find_init+0x6c/0x1c8 fs/hfs/bfind.c:21
lr : hfs_find_init+0x30/0x1c8 fs/hfs/bfind.c:16
sp : ffff8000206c70b0
x29: ffff8000206c70b0 x28: ffff7000040d8e2c x27: 0000000000000000
x26: ffff0000d6210180 x25: 0000000000000008 x24: dfff800000000000
x23: 0000000000000000 x22: ffff8000206c7198 x21: 0000000000000040
x20: ffff8000206c7180 x19: 0000000000000000 x18: ffff800011a7bce0
x17: 1fffe00033ee7176 x16: ffff8000082d1c00 x15: ffff80001506d000
x14: 0000000000000100 x13: 1ffff00002a0e0b1 x12: 0000000000ff0100
x11: ff00800008f7cce0 x10: 0000000000000000 x9 : ffff800008f7cce0
x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000030
x2 : 0000000000000008 x1 : ffff8000206c7180 x0 : ffff8000206c7190
Call trace:
 hfs_find_init+0x6c/0x1c8 fs/hfs/bfind.c:21
 hfs_ext_read_extent fs/hfs/extent.c:200 [inline]
 hfs_get_block+0x3d4/0x9cc fs/hfs/extent.c:366
 block_read_full_folio+0x2e4/0x97c fs/buffer.c:2271
 hfs_read_folio+0x28/0x38 fs/hfs/inode.c:39
 filemap_read_folio+0x130/0x37c mm/filemap.c:2490
 do_read_cache_folio+0x24c/0x544 mm/filemap.c:3627
 do_read_cache_page mm/filemap.c:3669 [inline]
 read_cache_page+0x6c/0x184 mm/filemap.c:3678
 read_mapping_page include/linux/pagemap.h:791 [inline]
 hfs_btree_open+0x404/0xfd4 fs/hfs/btree.c:78
 hfs_mdb_get+0xe78/0x19d0 fs/hfs/mdb.c:199
 hfs_fill_super+0xc0c/0x1188 fs/hfs/super.c:406
 mount_bdev+0x264/0x358 fs/super.c:1443
 hfs_mount+0x44/0x58 fs/hfs/super.c:458
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:632
 vfs_get_tree+0x90/0x274 fs/super.c:1573
 do_new_mount+0x228/0x810 fs/namespace.c:3054
 path_mount+0x5b4/0xe78 fs/namespace.c:3384
 do_mount fs/namespace.c:3397 [inline]
 __do_sys_mount fs/namespace.c:3605 [inline]
 __se_sys_mount fs/namespace.c:3582 [inline]
 __arm64_sys_mount+0x49c/0x584 fs/namespace.c:3582
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: 97e563d4 91010275 f90002df d343feb9 (38f86b28) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	97e563d4 	bl	0xffffffffff958f50
   4:	91010275 	add	x21, x19, #0x40
   8:	f90002df 	str	xzr, [x22]
   c:	d343feb9 	lsr	x25, x21, #3
* 10:	38f86b28 	ldrsb	w8, [x25, x24] <-- trapping instruction

final repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 64
hfs: unable to locate alternate MDB
hfs: continuing without an alternate MDB
Unable to handle kernel paging request at virtual address dfff800000000008
KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
Mem abort info:
  ESR = 0x0000000096000006
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x06: level 2 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000006
  CM = 0, WnR = 0
[dfff800000000008] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 4295 Comm: syz-executor373 Not tainted 6.1.141-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfs_find_init+0x6c/0x1c8 fs/hfs/bfind.c:21
lr : hfs_find_init+0x30/0x1c8 fs/hfs/bfind.c:16
sp : ffff8000206c70b0
x29: ffff8000206c70b0 x28: ffff7000040d8e2c x27: 0000000000000000
x26: ffff0000d6210180 x25: 0000000000000008 x24: dfff800000000000
x23: 0000000000000000 x22: ffff8000206c7198 x21: 0000000000000040
x20: ffff8000206c7180 x19: 0000000000000000 x18: ffff800011a7bce0
x17: 1fffe00033ee7176 x16: ffff8000082d1c00 x15: ffff80001506d000
x14: 0000000000000100 x13: 1ffff00002a0e0b1 x12: 0000000000ff0100
x11: ff00800008f7cce0 x10: 0000000000000000 x9 : ffff800008f7cce0
x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000030
x2 : 0000000000000008 x1 : ffff8000206c7180 x0 : ffff8000206c7190
Call trace:
 hfs_find_init+0x6c/0x1c8 fs/hfs/bfind.c:21
 hfs_ext_read_extent fs/hfs/extent.c:200 [inline]
 hfs_get_block+0x3d4/0x9cc fs/hfs/extent.c:366
 block_read_full_folio+0x2e4/0x97c fs/buffer.c:2271
 hfs_read_folio+0x28/0x38 fs/hfs/inode.c:39
 filemap_read_folio+0x130/0x37c mm/filemap.c:2490
 do_read_cache_folio+0x24c/0x544 mm/filemap.c:3627
 do_read_cache_page mm/filemap.c:3669 [inline]
 read_cache_page+0x6c/0x184 mm/filemap.c:3678
 read_mapping_page include/linux/pagemap.h:791 [inline]
 hfs_btree_open+0x404/0xfd4 fs/hfs/btree.c:78
 hfs_mdb_get+0xe78/0x19d0 fs/hfs/mdb.c:199
 hfs_fill_super+0xc0c/0x1188 fs/hfs/super.c:406
 mount_bdev+0x264/0x358 fs/super.c:1443
 hfs_mount+0x44/0x58 fs/hfs/super.c:458
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:632
 vfs_get_tree+0x90/0x274 fs/super.c:1573
 do_new_mount+0x228/0x810 fs/namespace.c:3054
 path_mount+0x5b4/0xe78 fs/namespace.c:3384
 do_mount fs/namespace.c:3397 [inline]
 __do_sys_mount fs/namespace.c:3605 [inline]
 __se_sys_mount fs/namespace.c:3582 [inline]
 __arm64_sys_mount+0x49c/0x584 fs/namespace.c:3582
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: 97e563d4 91010275 f90002df d343feb9 (38f86b28) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	97e563d4 	bl	0xffffffffff958f50
   4:	91010275 	add	x21, x19, #0x40
   8:	f90002df 	str	xzr, [x22]
   c:	d343feb9 	lsr	x25, x21, #3
* 10:	38f86b28 	ldrsb	w8, [x25, x24] <-- trapping instruction