Extracting prog: 3m7.850121526s
Minimizing prog: 7m6.617419244s
Simplifying prog options: 0s
Extracting C: 36.450725499s
Simplifying C: 10m54.340140344s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 1m40s
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

program crashed: kernel BUG in hfs_write_inode
single: successfully extracted reproducer
found reproducer with 2 syscalls
minimizing guilty program
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$cgroup_ro
detailed listing:
executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
simplifying C reproducer
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
program crashed: kernel BUG in hfs_write_inode
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

program crashed: kernel BUG in hfs_write_inode
validation run: crashed=true
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

program crashed: kernel BUG in hfs_write_inode
validation run: crashed=true
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000380), &(0x7f0000000100)='./file1\x00', 0x2210084, &(0x7f000000f3c0)=ANY=[@ANYBLOB="636f6465706167653d63703433372c696f636861727365743d6575632d6a702c00a26550b3bd2e70a4031d010695e18635faa8d6f06a91de4f295559ef9ce2a9773ed0f3a0fea8c90cb62bbe6d0294488fa60accd3b7aae7a6a67b20a0afd180825526b7c21ab1886d1ec9ccaf41379d12b7c9afd7fad169fa393a32f203fd201aa07e4872b0de9111e8f6ab4ad957f255f931fd5bf27748a5ae293163e016b964853fe3026aadd32200fec25398e608b6"], 0x4, 0x33c, &(0x7f00000003c0)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikeBHvHqRY2y2UxgpaQQti9SziTRA8evMs+hb0Ir4BPfUgnvRSPBiZycNOwkw3u103rf1+wN1tMg+/yWSSmZY1IKIj69LCl9dnd+Q/UQPgArgAOAB8wJMpRLmC3OyTzOAZMy5vtExZfSQ5EoH8ycOwvo3+jiiKoq8dU/0YSCxUHaGPYI0DNJLRqfb7A49sfxqW7dv2Xf8urYfFLnZxHyNVhkNERNVL7v9OcpcYTubvjgNMJfPwQ3n/1+TmN7vVxXEgZPd/J/45EvL4/K92+fc2Ntc2w9ZKvISTve+kq0RTWcZzImof7jriM8sd0qZcWi1mKhanuboWtqa3VQFPcDGhJRtXrytIG6LYoq3Hb5NlF7Uyqb20DhrAkGpDTbZhzhL/WPw2k8ua1mhcAL//hhfmGhc/lghLfBCfxKII8BIr2fzPi4Q8OOr4BIWhEsc/Yy9RtTKIU+Va2Q7/mKrkRNoD7960W9m0HVcfrozFRJYiivP3II3zed2eC6PI/1ohbt2svXUq1xjgCbVq0HPNZYl+GXONF+tqrtbC1vTy7dB20veXcUUnnolrYhLf8RYL2vzfkamnYB+ZuVEuVMrkzNizPZ5KaenHHDWAb5UemZS5bOzovT3FTZzHyN0HW+tLYdi6U/2HdKj0mP1kn+OJT8TkdJRb5LuWBr78UAPQt0p/R1Fk3OVhEF1QU00996rd5K31JZFc88qUc9Wx9aC8chYSz1vLkUXMA0i2pFeEXtr1KMvVaBdYKvtP2dtqi/mETKMawABJq8rtctEoNVKaPVR65eH6Utj9JYUOn3anY+J61cFQFeRFW8TrP229MqOuOvIl2GP9E3UqXCtx1rICGlWv/5VbwWXFWueJQ+mHDmuuU2eA04UaHaQ1Pi4WGyRx4iD+VbL7P2WIBXzGDf7+n4iIiIiIiIiIiIiIiIiIiIiIiIjosOn22wi9fJ0gX+POEfyPN4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiI9kd7/i/gqifG1HPP/z2OiU5PalLc+Akxfj+e/+t2eP6vLFlsd9lSIir6EwAA//+rOFqF")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

program crashed: kernel BUG in hfs_write_inode
validation run: crashed=true
reproducing took 25m26.581540714s
repro crashed as (corrupted=false):
------------[ cut here ]------------
kernel BUG at fs/hfs/inode.c:474!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: writeback wb_workfn (flush-7:0)
RIP: 0010:hfs_write_inode+0x934/0x960 fs/hfs/inode.c:474
Code: 40 31 ff e8 5e 5a 15 ff 81 e3 00 00 00 40 75 1c e8 11 56 15 ff 48 bb f8 f8 f8 f8 f8 f8 f8 f8 e9 dc f7 ff ff e8 fd 55 15 ff 90 <0f> 0b e8 f5 55 15 ff e8 20 bc 82 fe eb dd 44 89 f1 80 e1 07 80 c1
RSP: 0018:ffffc900001171c0 EFLAGS: 00010293
RAX: ffffffff82b04373 RBX: ffff88807d193598 RCX: ffff88801d2e0000
RDX: 0000000000000000 RSI: ffffffff8e9c84c0 RDI: 0000000000000001
RBP: ffffc90000117348 R08: ffff88801d2e0000 R09: 0000000000000003
R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
R13: 1ffff92000022e3c R14: 0000000000000001 R15: ffff88807d193558
FS:  0000000000000000(0000) GS:ffff888125563000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005606b8ba5950 CR3: 0000000079e35000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 write_inode fs/fs-writeback.c:1582 [inline]
 __writeback_single_inode+0x75a/0x11a0 fs/fs-writeback.c:1813
 writeback_sb_inodes+0x992/0x1a20 fs/fs-writeback.c:2042
 wb_writeback+0x456/0xb70 fs/fs-writeback.c:2227
 wb_do_writeback fs/fs-writeback.c:2374 [inline]
 wb_workfn+0x414/0xf50 fs/fs-writeback.c:2414
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
 worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfs_write_inode+0x934/0x960 fs/hfs/inode.c:474
Code: 40 31 ff e8 5e 5a 15 ff 81 e3 00 00 00 40 75 1c e8 11 56 15 ff 48 bb f8 f8 f8 f8 f8 f8 f8 f8 e9 dc f7 ff ff e8 fd 55 15 ff 90 <0f> 0b e8 f5 55 15 ff e8 20 bc 82 fe eb dd 44 89 f1 80 e1 07 80 c1
RSP: 0018:ffffc900001171c0 EFLAGS: 00010293
RAX: ffffffff82b04373 RBX: ffff88807d193598 RCX: ffff88801d2e0000
RDX: 0000000000000000 RSI: ffffffff8e9c84c0 RDI: 0000000000000001
RBP: ffffc90000117348 R08: ffff88801d2e0000 R09: 0000000000000003
R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
R13: 1ffff92000022e3c R14: 0000000000000001 R15: ffff88807d193558
FS:  0000000000000000(0000) GS:ffff888125563000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005606b8ba5950 CR3: 0000000020376000 CR4: 0000000000350ef0

final repro crashed as (corrupted=false):
------------[ cut here ]------------
kernel BUG at fs/hfs/inode.c:474!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: writeback wb_workfn (flush-7:0)
RIP: 0010:hfs_write_inode+0x934/0x960 fs/hfs/inode.c:474
Code: 40 31 ff e8 5e 5a 15 ff 81 e3 00 00 00 40 75 1c e8 11 56 15 ff 48 bb f8 f8 f8 f8 f8 f8 f8 f8 e9 dc f7 ff ff e8 fd 55 15 ff 90 <0f> 0b e8 f5 55 15 ff e8 20 bc 82 fe eb dd 44 89 f1 80 e1 07 80 c1
RSP: 0018:ffffc900001171c0 EFLAGS: 00010293
RAX: ffffffff82b04373 RBX: ffff88807d193598 RCX: ffff88801d2e0000
RDX: 0000000000000000 RSI: ffffffff8e9c84c0 RDI: 0000000000000001
RBP: ffffc90000117348 R08: ffff88801d2e0000 R09: 0000000000000003
R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
R13: 1ffff92000022e3c R14: 0000000000000001 R15: ffff88807d193558
FS:  0000000000000000(0000) GS:ffff888125563000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005606b8ba5950 CR3: 0000000079e35000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 write_inode fs/fs-writeback.c:1582 [inline]
 __writeback_single_inode+0x75a/0x11a0 fs/fs-writeback.c:1813
 writeback_sb_inodes+0x992/0x1a20 fs/fs-writeback.c:2042
 wb_writeback+0x456/0xb70 fs/fs-writeback.c:2227
 wb_do_writeback fs/fs-writeback.c:2374 [inline]
 wb_workfn+0x414/0xf50 fs/fs-writeback.c:2414
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
 worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:hfs_write_inode+0x934/0x960 fs/hfs/inode.c:474
Code: 40 31 ff e8 5e 5a 15 ff 81 e3 00 00 00 40 75 1c e8 11 56 15 ff 48 bb f8 f8 f8 f8 f8 f8 f8 f8 e9 dc f7 ff ff e8 fd 55 15 ff 90 <0f> 0b e8 f5 55 15 ff e8 20 bc 82 fe eb dd 44 89 f1 80 e1 07 80 c1
RSP: 0018:ffffc900001171c0 EFLAGS: 00010293
RAX: ffffffff82b04373 RBX: ffff88807d193598 RCX: ffff88801d2e0000
RDX: 0000000000000000 RSI: ffffffff8e9c84c0 RDI: 0000000000000001
RBP: ffffc90000117348 R08: ffff88801d2e0000 R09: 0000000000000003
R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
R13: 1ffff92000022e3c R14: 0000000000000001 R15: ffff88807d193558
FS:  0000000000000000(0000) GS:ffff888125563000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005606b8ba5950 CR3: 0000000020376000 CR4: 0000000000350ef0