program:
syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x4004, &(0x7f0000000240)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303031302c636f6465706167653d63703835352c696f636861727365743d6370313235302c0065fcfac35652d2119752177b83dd62bd1f7de553835128ed9475d69a7ff68815d149e3d770260f87adedaaa6166f2883a669eadf2fc703841d76d28addf20312d9c8fc5b9c22b6ded1166f95bc118305a3ee7ebad510e9785ba1b21c76ac0d23979366134009b2e8055dfdb125c12135913b94b66581"], 0x1, 0x313, &(0x7f0000000300)="$eJzs3U9v00gYx/HfOEmT/lHX23a10l521d1Ku5dqu8sBcUmFcuXOCQFJKlVErWiLBFwoiCPiBXBFvAVeBBcQbwBOnDhDTxjNZJLYje0kbdO05fuRGpzxzPhxxo7nsWgtAD+sq7UPr/7/ZH+MVFBB0hUpkFSRipJ+0a+Ve1t7m3utZiOvo4JrYX+M2i1NX536VjOtaWXat/BC+66ouXgZxiOKovWPkw4CE+fO/hSBVPbnoVtfOeW4xmVf+n3SMZy2+ACbAx3ovuYnGA4A4Azw1//AXybmXJFREEgr/rJ/oa7/BxdnV6xLrb6iKLdB7PrvZneRseP7k1vVy/dcCmfXB50scZhgSofeT6l9ZCUmmGZQVuliCaY3NotarT9WI9ATVb1YtSX32mgfuh0Dol1OyU1zZPdW0rWZ9t64GeVhnZA2NlvNsl1IiX9xtC0en3lj3pkbJtQLNbrzv2Jk7DC5kQoPjVRQsvH/m93jrGtla8mn/dVqNUhU+dlt5De/BW/AXlbSMxKXszq9mwb73Qjy4nTbXlDytkJ779YGtFpMaxV232W0Wkq0KvgjYbW+3cq9lTKSjM+oX2cXzXNz3Szrs16rFpv/B7anFcXOzErO/Rfjavojo76tb1E0lV6z6GqGfV+3vdPlj24EXnnYXULcaHfLnum2Lmt+98HDO4VWq7ljF26lLNyd2zG+pPRU6qvz5WW7v4zmJ7OwXlBOHe33StwXw6MoGrbn6BiBmf5PI7nwz+B+vg6/UXumd0vs6ZNW2Z5l3ZLgBIYgMmMa0+MslAd98mNeqL1V3gF5fhbsRTRj1Xi+pHC27JrOoPuC6QkHhNNm512mnf+5mbyf1bkUyb6EOfP0/CRTiR7Xuhlcciq44F5nRsrgZrMzuNgW/8vIGV3O9eff0l+xQqPcLYY+zgvC1PReN7n/DwAAAAAAAAAAAAAAAAAAcN74//Tf+ZXNsfymwYR3EQAAAAAAAAAAAAAAAAAAAACAc+9Iz/9N+xvx7vm/4UjP/133/7o/B3605/9GIz3ICUDC9wAAAP///LZ9pw==")
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000010000304000000000000000000007400", @ANYRES32=r2, @ANYBLOB="00000000000000001c001272ee2893931ca581800b00010062726964676500000c000280"], 0x3c}}, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000040)={{0x2, 0x0, @empty}, {0x0, @link_local}, 0x0, {0x2, 0x0, @loopback}, 'lo\x00'})
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)

[   57.448200][ T5324] loop0: detected capacity change from 0 to 64
[   57.505043][ T5324] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN NOPTI
[   57.509668][ T5324] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
[   57.512982][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-10514-g7f2ff7b62617 #0 PREEMPT(full) 
[   57.517390][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.521560][ T5324] RIP: 0010:hfs_find_init+0x72/0x1f0
[   57.523782][ T5324] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 e4 1d 81 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 15 01 00 00 41 8b 06 8d 3c 00 83 c7 04
[   57.530790][ T5324] RSP: 0018:ffffc9000d4e74e0 EFLAGS: 00010202
[   57.533265][ T5324] RAX: 1ffff92001a9cebb RBX: ffffc9000d4e75d8 RCX: 0000000000100000
[   57.536005][ T5324] RDX: ffffc9000e582000 RSI: 0000000000002124 RDI: ffffc9000d4e75d0
[   57.538757][ T5324] RBP: 0000000000000000 R08: ffffffff82abb77f R09: 0000000000000000
[   57.541458][ T5324] R10: ffffc9000d4e75c0 R11: fffff52001a9cebf R12: ffffc9000d4e75c0
[   57.544277][ T5324] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008
[   57.547020][ T5324] FS:  00007f3afba3b6c0(0000) GS:ffff88808c5b7000(0000) knlGS:0000000000000000
[   57.550108][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   57.552684][ T5324] CR2: 00007f3afab70f20 CR3: 0000000041102000 CR4: 0000000000352ef0
[   57.555253][ T5324] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   57.558217][ T5324] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   57.561379][ T5324] Call Trace:
[   57.562699][ T5324]  <TASK>
[   57.563849][ T5324]  ? __die_body+0x5f/0xb0
[   57.565373][ T5324]  ? die_addr+0xab/0xd0
[   57.566987][ T5324]  ? exc_general_protection+0x3e6/0x5d0
[   57.568943][ T5324]  ? asm_exc_general_protection+0x26/0x30
[   57.571472][ T5324]  ? hfs_get_block+0x3df/0xb80
[   57.573483][ T5324]  ? hfs_find_init+0x72/0x1f0
[   57.575415][ T5324]  hfs_get_block+0x522/0xb80
[   57.577234][ T5324]  ? __pfx_hfs_get_block+0x10/0x10
[   57.579416][ T5324]  block_read_full_folio+0x2d3/0x850
[   57.581599][ T5324]  ? __pfx_hfs_get_block+0x10/0x10
[   57.583883][ T5324]  filemap_read_folio+0x14a/0x3b0
[   57.585959][ T5324]  ? __pfx_hfs_read_folio+0x10/0x10
[   57.588103][ T5324]  ? __pfx_filemap_read_folio+0x10/0x10
[   57.590506][ T5324]  ? __filemap_get_folio+0x9d2/0xb40
[   57.592720][ T5324]  do_read_cache_folio+0x373/0x5b0
[   57.594884][ T5324]  ? __pfx_hfs_read_folio+0x10/0x10
[   57.597089][ T5324]  ? do_raw_spin_unlock+0x58/0x8b0
[   57.599170][ T5324]  read_cache_page+0x5b/0x170
[   57.601080][ T5324]  hfs_btree_open+0x506/0xf40
[   57.603097][ T5324]  hfs_mdb_get+0x14a1/0x2210
[   57.605034][ T5324]  ? __pfx_hfs_mdb_get+0x10/0x10
[   57.607134][ T5324]  ? __pfx___debug_object_init+0x10/0x10
[   57.609580][ T5324]  ? vsnprintf+0x1156/0x1230
[   57.611652][ T5324]  ? __raw_spin_lock_init+0x45/0x100
[   57.613953][ T5324]  hfs_fill_super+0x391/0x710
[   57.615957][ T5324]  ? __pfx_hfs_fill_super+0x10/0x10
[   57.618101][ T5324]  ? do_raw_spin_lock+0x151/0x370
[   57.620173][ T5324]  ? sb_set_blocksize+0x109/0x180
[   57.622324][ T5324]  ? setup_bdev_super+0x4e6/0x5d0
[   57.624475][ T5324]  get_tree_bdev_flags+0x490/0x5c0
[   57.626485][ T5324]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[   57.628662][ T5324]  ? __pfx_hfs_fill_super+0x10/0x10
[   57.630701][ T5324]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   57.632913][ T5324]  ? apparmor_capable+0x13b/0x1b0
[   57.634868][ T5324]  vfs_get_tree+0x90/0x2b0
[   57.636865][ T5324]  do_new_mount+0x2cf/0xb70
[   57.638652][ T5324]  ? __pfx_do_new_mount+0x10/0x10
[   57.640485][ T5324]  __se_sys_mount+0x38c/0x400
[   57.642217][ T5324]  ? __pfx___se_sys_mount+0x10/0x10
[   57.644204][ T5324]  ? __x64_sys_mount+0x20/0xc0
[   57.646097][ T5324]  do_syscall_64+0xf3/0x230
[   57.647789][ T5324]  ? clear_bhb_loop+0x45/0xa0
[   57.649517][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.651775][ T5324] RIP: 0033:0x7f3afab8e90a
[   57.653641][ T5324] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.660872][ T5324] RSP: 002b:00007f3afba3ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   57.664262][ T5324] RAX: ffffffffffffffda RBX: 00007f3afba3aef0 RCX: 00007f3afab8e90a
[   57.667376][ T5324] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 00007f3afba3aeb0
[   57.670504][ T5324] RBP: 0000200000000100 R08: 00007f3afba3aef0 R09: 0000000000004004
[   57.673568][ T5324] R10: 0000000000004004 R11: 0000000000000246 R12: 0000200000000040
[   57.676696][ T5324] R13: 00007f3afba3aeb0 R14: 0000000000000313 R15: 0000200000000240
[   57.679651][ T5324]  </TASK>
[   57.680899][ T5324] Modules linked in:
[   57.683268][ T5324] ---[ end trace 0000000000000000 ]---
[   57.694000][ T5309] Bluetooth: hci0: command tx timeout
[   57.699498][ T5324] RIP: 0010:hfs_find_init+0x72/0x1f0
[   57.701634][ T5324] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 e4 1d 81 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 15 01 00 00 41 8b 06 8d 3c 00 83 c7 04
[   57.711210][ T5324] RSP: 0018:ffffc9000d4e74e0 EFLAGS: 00010202
[   57.714345][ T5324] RAX: 1ffff92001a9cebb RBX: ffffc9000d4e75d8 RCX: 0000000000100000
[   57.717482][ T5324] RDX: ffffc9000e582000 RSI: 0000000000002124 RDI: ffffc9000d4e75d0
[   57.720489][ T5324] RBP: 0000000000000000 R08: ffffffff82abb77f R09: 0000000000000000
[   57.724530][ T5324] R10: ffffc9000d4e75c0 R11: fffff52001a9cebf R12: ffffc9000d4e75c0
[   57.727759][ T5324] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008
[   57.731027][ T5324] FS:  00007f3afba3b6c0(0000) GS:ffff88808c5b7000(0000) knlGS:0000000000000000
[   57.737098][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   57.739725][ T5324] CR2: 00007fbfb5fdbed8 CR3: 0000000041102000 CR4: 0000000000352ef0
[   57.743573][ T5324] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   57.746754][ T5324] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   57.750575][ T5324] Kernel panic - not syncing: Fatal exception
[   57.753537][ T5324] Kernel Offset: disabled
[   57.755246][ T5324] Rebooting in 86400 seconds..