program:
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x3000080, &(0x7f0000000280)=ANY=[], 0x1, 0x2e0, &(0x7f0000000880)="$eJzs3c1qE10cx/HfmSRt+jT0mb48POCyWtCN1LoRNymSixAXojYRiqGiraBurOJKRPfuvQVvQXCjeAO6cuUFRBBGzpnJa+cljUmmod8PGCYz85/zP5m38x+wIwCn1rXat/eXf9h/RiqoIL26KnmSylJR0n/6v/xo72D3oNmop2ynFTg2yiiMNEdW2tlrxMWWFUVEfPutqErvPExGEATb3yXt550IcuXO/hieNB+dnW55eeqZpXs+YtzhmPOYNaallh5rKe88AAD5iu7/XnSfr0Tjd8+TNqLb/om8/4+qlXcCExekLu25/7sqKzB2//7rFnXrPVfC2eVeu0ocpuXSwPc5hUdW3wDTZFWVLhdv4e5us3Fx536z7umFqpGe1dbcZz08dNsysl2PqU1TDNF3Ez+iXHR9KNk+bCXkvzpiiyMzn8wXc9P4eqd6Z/xXDIzdTW5P+QN7Ksx/M3mLrpe+XUvRZaNarXp9qyy7Rs5ELUQyelmOr0jUPqKW1f+AwM/K00WtDESFvbuUEbUaRm0v9EVttb8lRK31tWV70zmak9ubNPPGXDfr+qkPqvWM/z2b34ZSz8zuWWM2wluB+8XD/szFN1d02/SP3DkOdaPSP6fzK84npf4r/Zp2OqX8Js9Swl7rjq5oaf/J03uFZrPx0E7cjpl4UOnMKb2UYtc55kT7JPqb7XjqztFhd9G8wgeRR6JKY2j0uBMXxrpBe/3IXNmeZVPp4FiOhFmdqH2ewoFkL5I59nSc1yicVN2dnrnqx6kkhGlz466w/uupVzbdYM9++Cnj9MwBWbTFwI6xOxVQuS9+xU39E1vBJT1uWEyu4Iatuc6el851Zv0OMqoRP8pzNgRpQz/L1PRVt3j+DwAAAAAAAAAAAAAAAAAAMGum8d8J8u4jAAAAAAAAAAAAAAAAAAAAAACzrvP+X7Xf/6vh3v87+Je/C+EbXsby/t+3e+L9v8Dk/QkAAP//TN6FzA==")
creat(&(0x7f0000000080)='./file1\x00', 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x8000)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000006060105ff0000000000000000c275ed45546024c197fbb89e1a002d50c5f115d87cabcf0ab9f5d489f5bad45b8b1de7463ac3fb6f60c2f1173c2e78ae959be3f673219aaa08fd10731bb26a3963574573d054deb473e56d25fc490277cfb2a4077a5105513e862ef65eefb1dcfa9bdaa3becb80c2932a404b088210890dce97a6df98e3736d8af3a372011d0a"], 0x1c}, 0x1, 0x0, 0x0, 0x24}, 0x14)
recvmmsg(0xffffffffffffffff, &(0x7f0000005ac0)=[{{0x0, 0x0, 0x0}, 0x800}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000016c0)=""/77, 0x4d}, {&(0x7f0000000600)=""/182, 0xb6}, {&(0x7f0000001940)=""/4118, 0x1016}, {&(0x7f00000002c0)=""/228, 0xe4}, {&(0x7f0000000540)=""/187, 0xbb}, {&(0x7f00000006c0)=""/224, 0xe0}, {&(0x7f00000000c0)=""/181, 0xb5}], 0x7}, 0x1}], 0x2, 0x40000002, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000012008f"], 0x20}, 0x1, 0x0, 0x0, 0x4081}, 0x4040800)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0)
fcntl$setstatus(r3, 0x4, 0x42400)
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setstatus(r5, 0x4, 0x2400)
dup3(r5, r3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0xf9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
recvmmsg(r2, &(0x7f0000005ac0)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001680)=""/27, 0x1b}, {&(0x7f0000001740)=""/180, 0xb4}, {&(0x7f0000001880)=""/178, 0xb2}, {&(0x7f0000001940)=""/59, 0x3b}, {&(0x7f0000001980)=""/4096, 0x1000}, {&(0x7f0000002980)=""/221, 0xdd}, {&(0x7f0000002ac0)=""/214, 0xd6}], 0x7}, 0x1}], 0x400000000000297, 0x40000002, 0x0)

[   75.676258][ T5320] Bluetooth: hci0: command tx timeout
[   75.745912][ T5340] loop0: detected capacity change from 0 to 64
[   75.798808][ T5315] Buffer I/O error on dev loop0, logical block 24, async page read
[   75.802738][ T5315] Buffer I/O error on dev loop0, logical block 25, async page read
[   75.807374][ T5315] Buffer I/O error on dev loop0, logical block 26, async page read
[   75.810922][ T5315] Buffer I/O error on dev loop0, logical block 27, async page read
[   75.814665][ T5315] Buffer I/O error on dev loop0, logical block 28, async page read
[   75.821370][  T184] Buffer I/O error on dev loop0, logical block 8, lost async page write
[   75.825698][  T184] Buffer I/O error on dev loop0, logical block 9, lost async page write
[   75.832144][  T184] Buffer I/O error on dev loop0, logical block 10, lost async page write
[   75.835945][  T184] Buffer I/O error on dev loop0, logical block 11, lost async page write
[   75.841522][ T5315] Buffer I/O error on dev loop0, logical block 29, async page read
[   75.847908][ T5340] getblk(): invalid block size 512 requested
[   75.850999][ T5340] logical block size: 32768
[   75.853741][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[   75.853758][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.853767][ T5340] Call Trace:
[   75.853772][ T5340]  <TASK>
[   75.853778][ T5340]  dump_stack_lvl+0x189/0x250
[   75.853884][ T5340]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.853901][ T5340]  ? __pfx__printk+0x10/0x10
[   75.853924][ T5340]  ? fs_reclaim_acquire+0x7d/0x100
[   75.853977][ T5340]  bdev_getblk+0x5b0/0x690
[   75.853996][ T5340]  ? __pfx_wake_up_bit+0x10/0x10
[   75.854018][ T5340]  __bread_gfp+0x89/0x3c0
[   75.854038][ T5340]  hfs_mdb_commit+0xc0a/0x1160
[   75.854064][ T5340]  hfs_sync_fs+0x15/0x20
[   75.854080][ T5340]  sync_filesystem+0xeb/0x230
[   75.854099][ T5340]  hfs_reconfigure+0x66/0x270
[   75.854116][ T5340]  reconfigure_super+0x224/0x890
[   75.854134][ T5340]  vfs_fsconfig_locked+0x171/0x320
[   75.854148][ T5340]  __se_sys_fsconfig+0x78e/0x8d0
[   75.854166][ T5340]  ? __pfx___se_sys_fsconfig+0x10/0x10
[   75.854198][ T5340]  ? rcu_is_watching+0x15/0xb0
[   75.854218][ T5340]  ? do_syscall_64+0xbe/0x3b0
[   75.854267][ T5340]  ? __x64_sys_fsconfig+0x20/0xc0
[   75.854288][ T5340]  do_syscall_64+0xfa/0x3b0
[   75.854301][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.854313][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.854325][ T5340]  ? clear_bhb_loop+0x60/0xb0
[   75.854341][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.854354][ T5340] RIP: 0033:0x7f66f358e9a9
[   75.854366][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.854376][ T5340] RSP: 002b:00007f66f4344038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   75.854390][ T5340] RAX: ffffffffffffffda RBX: 00007f66f37b5fa0 RCX: 00007f66f358e9a9
[   75.854399][ T5340] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[   75.854407][ T5340] RBP: 00007f66f3610d69 R08: 0000000000000000 R09: 0000000000000000
[   75.854414][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.854422][ T5340] R13: 0000000000000000 R14: 00007f66f37b5fa0 R15: 00007ffc8abef918
[   75.854442][ T5340]  </TASK>
[   75.854449][ T5340] hfs: unable to read volume bitmap
[   75.985649][   T25] audit: type=1804 audit(1753404470.357:2): pid=5341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.0" name="/newroot/0/file0/file0" dev="loop0" ino=22 res=1 errno=0
[   76.005291][ T5340] ------------[ cut here ]------------
[   76.007959][ T5340] WARNING: CPU: 0 PID: 5340 at fs/buffer.c:1189 mark_buffer_dirty+0x2a9/0x410
[   76.011929][ T5340] Modules linked in:
[   76.013962][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[   76.020087][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.024810][ T5340] RIP: 0010:mark_buffer_dirty+0x2a9/0x410
[   76.027672][ T5340] Code: 4c 89 f7 e8 19 b3 dd ff 49 8b 3e be 20 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 84 33 fc ff e8 5f 32 7a ff eb 8c e8 58 32 7a ff 90 <0f> 0b 90 e9 95 fd ff ff e8 4a 32 7a ff 90 0f 0b 90 e9 bf fd ff ff
[   76.035590][ T5340] RSP: 0018:ffffc9000d3e7bc8 EFLAGS: 00010287
[   76.038719][ T5340] RAX: ffffffff8245fea8 RBX: ffff888043b60000 RCX: 0000000000100000
[   76.042002][ T5340] RDX: ffffc9000e1a2000 RSI: 0000000000010b52 RDI: 0000000000010b53
[   76.045433][ T5340] RBP: 1ffff110022e7801 R08: ffff888043b60007 R09: 1ffff1100876c000
[   76.049153][ T5340] R10: dffffc0000000000 R11: ffffed100876c001 R12: dffffc0000000000
[   76.053062][ T5340] R13: ffff88801173c640 R14: ffff88804d12345b R15: ffff88804d123400
[   76.057114][ T5340] FS:  00007f66f43446c0(0000) GS:ffff88808d218000(0000) knlGS:0000000000000000
[   76.060972][ T5340] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.063978][ T5340] CR2: 0000008000000002 CR3: 0000000042ac1000 CR4: 0000000000352ef0
[   76.067731][ T5340] Call Trace:
[   76.069152][ T5340]  <TASK>
[   76.070523][ T5340]  hfs_mdb_commit+0x489/0x1160
[   76.073073][ T5340]  hfs_sync_fs+0x15/0x20
[   76.075497][ T5340]  sync_filesystem+0x1cf/0x230
[   76.078444][ T5340]  hfs_reconfigure+0x66/0x270
[   76.081029][ T5340]  reconfigure_super+0x224/0x890
[   76.083741][ T5340]  vfs_fsconfig_locked+0x171/0x320
[   76.086555][ T5340]  __se_sys_fsconfig+0x78e/0x8d0
[   76.088992][ T5340]  ? __pfx___se_sys_fsconfig+0x10/0x10
[   76.091668][ T5340]  ? rcu_is_watching+0x15/0xb0
[   76.094259][ T5340]  ? do_syscall_64+0xbe/0x3b0
[   76.097477][ T5340]  ? __x64_sys_fsconfig+0x20/0xc0
[   76.099721][ T5340]  do_syscall_64+0xfa/0x3b0
[   76.101954][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.104508][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.107303][ T5340]  ? clear_bhb_loop+0x60/0xb0
[   76.109419][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.112055][ T5340] RIP: 0033:0x7f66f358e9a9
[   76.114365][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.123509][ T5340] RSP: 002b:00007f66f4344038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   76.127419][ T5340] RAX: ffffffffffffffda RBX: 00007f66f37b5fa0 RCX: 00007f66f358e9a9
[   76.131868][ T5340] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[   76.135332][ T5340] RBP: 00007f66f3610d69 R08: 0000000000000000 R09: 0000000000000000
[   76.139496][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.143174][ T5340] R13: 0000000000000000 R14: 00007f66f37b5fa0 R15: 00007ffc8abef918
[   76.146913][ T5340]  </TASK>
[   76.148381][ T5340] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.151414][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[   76.156431][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.161116][ T5340] Call Trace:
[   76.162581][ T5340]  <TASK>
[   76.163852][ T5340]  dump_stack_lvl+0x99/0x250
[   76.165891][ T5340]  ? __asan_memcpy+0x40/0x70
[   76.168020][ T5340]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.170291][ T5340]  ? __pfx__printk+0x10/0x10
[   76.172479][ T5340]  panic+0x2db/0x790
[   76.174222][ T5340]  ? __pfx_panic+0x10/0x10
[   76.176181][ T5340]  ? show_trace_log_lvl+0x4fb/0x550
[   76.178438][ T5340]  __warn+0x31b/0x4b0
[   76.180016][ T5340]  ? mark_buffer_dirty+0x2a9/0x410
[   76.181915][ T5340]  ? mark_buffer_dirty+0x2a9/0x410
[   76.184188][ T5340]  report_bug+0x2be/0x4f0
[   76.186204][ T5340]  ? mark_buffer_dirty+0x2a9/0x410
[   76.188543][ T5340]  ? mark_buffer_dirty+0x2a9/0x410
[   76.190844][ T5340]  ? mark_buffer_dirty+0x2ab/0x410
[   76.192987][ T5340]  handle_bug+0x84/0x160
[   76.194615][ T5340]  exc_invalid_op+0x1a/0x50
[   76.196629][ T5340]  asm_exc_invalid_op+0x1a/0x20
[   76.198787][ T5340] RIP: 0010:mark_buffer_dirty+0x2a9/0x410
[   76.201317][ T5340] Code: 4c 89 f7 e8 19 b3 dd ff 49 8b 3e be 20 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 84 33 fc ff e8 5f 32 7a ff eb 8c e8 58 32 7a ff 90 <0f> 0b 90 e9 95 fd ff ff e8 4a 32 7a ff 90 0f 0b 90 e9 bf fd ff ff
[   76.209769][ T5340] RSP: 0018:ffffc9000d3e7bc8 EFLAGS: 00010287
[   76.212347][ T5340] RAX: ffffffff8245fea8 RBX: ffff888043b60000 RCX: 0000000000100000
[   76.215978][ T5340] RDX: ffffc9000e1a2000 RSI: 0000000000010b52 RDI: 0000000000010b53
[   76.219451][ T5340] RBP: 1ffff110022e7801 R08: ffff888043b60007 R09: 1ffff1100876c000
[   76.222737][ T5340] R10: dffffc0000000000 R11: ffffed100876c001 R12: dffffc0000000000
[   76.226132][ T5340] R13: ffff88801173c640 R14: ffff88804d12345b R15: ffff88804d123400
[   76.229354][ T5340]  ? mark_buffer_dirty+0x2a8/0x410
[   76.231728][ T5340]  ? mark_buffer_dirty+0x2a8/0x410
[   76.234242][ T5340]  hfs_mdb_commit+0x489/0x1160
[   76.236314][ T5340]  hfs_sync_fs+0x15/0x20
[   76.238258][ T5340]  sync_filesystem+0x1cf/0x230
[   76.240395][ T5340]  hfs_reconfigure+0x66/0x270
[   76.242471][ T5340]  reconfigure_super+0x224/0x890
[   76.244790][ T5340]  vfs_fsconfig_locked+0x171/0x320
[   76.247118][ T5340]  __se_sys_fsconfig+0x78e/0x8d0
[   76.249391][ T5340]  ? __pfx___se_sys_fsconfig+0x10/0x10
[   76.251984][ T5340]  ? rcu_is_watching+0x15/0xb0
[   76.254290][ T5340]  ? do_syscall_64+0xbe/0x3b0
[   76.256467][ T5340]  ? __x64_sys_fsconfig+0x20/0xc0
[   76.258706][ T5340]  do_syscall_64+0xfa/0x3b0
[   76.260732][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.263218][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.266114][ T5340]  ? clear_bhb_loop+0x60/0xb0
[   76.268289][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.270763][ T5340] RIP: 0033:0x7f66f358e9a9
[   76.272829][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.281331][ T5340] RSP: 002b:00007f66f4344038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   76.285716][ T5340] RAX: ffffffffffffffda RBX: 00007f66f37b5fa0 RCX: 00007f66f358e9a9
[   76.288904][ T5340] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[   76.292328][ T5340] RBP: 00007f66f3610d69 R08: 0000000000000000 R09: 0000000000000000
[   76.296196][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.299779][ T5340] R13: 0000000000000000 R14: 00007f66f37b5fa0 R15: 00007ffc8abef918
[   76.303118][ T5340]  </TASK>
[   76.304782][ T5340] Kernel Offset: disabled
[   76.306611][ T5340] Rebooting in 86400 seconds..