program:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x2000010, &(0x7f00000001c0)=ANY=[], 0x1d, 0x6c2, &(0x7f0000000fc0)="$eJzs3c9vHGcdB+DPbNYbO62C0yZthIqIEqkgRSROrBTChYAQikSFqoLE2UqcxsrGqWwXuRUCFxCckDj0DyhIvnFC4h4ULlzKrTfkIwiJS8Qh4mI0s7P22rvOrn80duB5ovG8M+877/vOd96Z8czG2gD/t25eTPNhity8+OZyuby2Ot1eW50+Xme3k5TpRtLszFLMJ8Wj5EaZX3TW/6Coyxc7tfPR3PW3P328dnxzTbNbvvG07XoL79zGSj3lXJJj9bzf2JBWBtd3K8mLfUVao9a1pWAZtAvb9gcOzXqfld1sPuy8BY6w7t2p6Nw3+0wmJ5KM178HpL46NJ5dD/fhLzvfpHd1lQMAAICjrplkun/1Jw8OozMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfKu//7+op0Y9z7kU3e//b3XX1enn2sPD7gAAAAAAAAAAHIAvPsmTLOdkd3m9qD7zP18tnM5/1pMX8l4WM5uFXMpyZrKUpSzkSpLJnopayzNLSwtXNrYsDd7y6sAtrz6rPQYAAAAAAACA/0k/y83Nz/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAoKJJjnVk1ne6mJ9NoppPXKsutJH/tpp8TRd+a5qH0AwAAAPZlfA/bfO5JnmQ5J7vL60X1zP9K9bw8nvcyn6XMZSntzOZ2/QxdPvU31lan22ur0/fLqb/eb/5rV92oaqzfLwxu+WxVYiJ3MletuZRbVWdup1FtWTrb7c/gfn1Y9qn4Rm3EnjXrsJaN/WbgW4SD8nCX5SfrFxjdiEzVfSujcaoTgaJ6UZNsj8TQo9Pc3lIaGdto6UoaG29+Tn8GMT/RE/NffqYx362NSDRSReJqz+h75emRSL70x9//8G57/t7dO4sXj84uDXFs+4qJzWTvmJjuicSrz3UkdvtWcKqKxJmN5Zv5Tr6fizmXt7KQufwoM1nKbNbr/Jl6PJc/J58eqRtblt4a1pNWPUI7x2yUPp3Lt6vUTM5X257MXIo8yO3M5o3q39VcyVdzLddyvecIn9mx39W+VWd9Y/tZ3z3SfxrY+QtfrhPlAPvV5kC78bQ97hudB6xzHSrjeqonrp1R/3ij1Kme82CqJ0ovdaMzNrDyvVwbm5+vE2UbP6/nR8NkHYnyBOreJbq9e7kTiWZ1L+of57+tzo3F9vy9hbsz7+5Q/8q25dfreTmsVr8wai8HH4qDVY6XlzJeX0m2jo4y7+WNq8ypLXfVVv2JSyev0Zd3psoriu6Z+r0dz9RW/Ttcf01Xq7xXB+ZNV3lne/K2/L6VB2nn9jOIHwD7NJkTrYl/Tnwy8fHELybuTrw5/q3jXzv+Witjfx77enPq2OuN14o/5OP8ZPP5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2LvF9z+4N9Nuzy4MTjR2zhqSGFbztkRRf6HPnto6gonxJFvWjJUrRtr8Hy8kB9WNie3d6Eus/zQ52H1/PHRobXx71+B6fl0mmhmlrRvDyny4Y1bRzEhNjJD423ePyKjbS6I8GIOyDu+aBDwbl5fuv3t58f0PvjJ3f+ad2Xdm58euXbs+df3aG9OX78y1Z6c6P7dus35YnQUO1OZN/7B7AgAAAAAAAAAAAIxq0B8GnH9x2B+NjJJo+Z+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIG4eTHNhylyZerSVLm8tjrdLqduerNkM0mjkRQ/TopHyY10pkz2VFfkd4+yPqCdj+auv/3p47W/b9bV7JRPGvV8H1bqKeeSHKvnB1XfrX3XV/y7u4dlwC50AweH7b8BAAD//x4+7/w=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x81000)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x38, 0x1410, 0x1, 0x70bd29, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0xc0)
symlinkat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r0, &(0x7f0000000340)='./file0\x00')

[   86.749649][ T4678] Bluetooth: hci0: command tx timeout
[   86.852693][ T5337] loop0: detected capacity change from 0 to 1024
[   86.984243][ T5337] hfsplus: new node 0 already hashed?
[   86.998885][ T5337] ------------[ cut here ]------------
[   87.001355][ T5337] WARNING: fs/hfsplus/bnode.c:631 at hfsplus_bnode_create+0x461/0x4f0, CPU#0: syz.0.0/5337
[   87.009411][ T5337] Modules linked in:
[   87.011284][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.015167][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.020072][ T5337] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   87.022750][ T5337] Code: 82 8b 89 ee e8 40 cb 86 fe e9 cf fc ff ff e8 c6 27 20 ff 4c 89 ef e8 ce 49 bd 08 48 c7 c7 80 97 82 8b 89 ee e8 20 cb 86 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   87.031409][ T5337] RSP: 0018:ffffc9000e0cef80 EFLAGS: 00010246
[   87.034044][ T5337] RAX: 0000000000000023 RBX: ffff88804218a000 RCX: ace562d66042ab00
[   87.037646][ T5337] RDX: ffffc90020dc2000 RSI: 0000000000004ad4 RDI: 0000000000004ad5
[   87.041415][ T5337] RBP: 0000000000000000 R08: ffffc9000e0ced07 R09: 1ffff92001c19da0
[   87.044937][ T5337] R10: dffffc0000000000 R11: fffff52001c19da1 R12: 0000000000000000
[   87.048406][ T5337] R13: ffff88804218a0e0 R14: ffff88803738ce00 R15: dffffc0000000000
[   87.052000][ T5337] FS:  00007f1ce5df56c0(0000) GS:ffff88808d416000(0000) knlGS:0000000000000000
[   87.056040][ T5337] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.059316][ T5337] CR2: 00007f1c4b1ae000 CR3: 000000001a048000 CR4: 0000000000352ef0
[   87.062902][ T5337] Call Trace:
[   87.064375][ T5337]  <TASK>
[   87.065804][ T5337]  ? do_raw_spin_unlock+0x4d/0x240
[   87.068008][ T5337]  hfsplus_bmap_alloc+0x746/0xaf0
[   87.070117][ T5337]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   87.072415][ T5337]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   87.074531][ T5337]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   87.076749][ T5337]  hfs_bnode_split+0xcc/0x1080
[   87.079127][ T5337]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   87.081397][ T5337]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   87.083700][ T5337]  ? __asan_memcpy+0x40/0x70
[   87.085717][ T5337]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   87.088049][ T5337]  ? hfsplus_bnode_read_u16+0x87/0xd0
[   87.090568][ T5337]  ? __pfx_hfs_bnode_split+0x10/0x10
[   87.092983][ T5337]  hfsplus_brec_insert+0x3b6/0xd70
[   87.095085][ T5337]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   87.097347][ T5337]  hfsplus_create_cat+0x3b1/0x10d0
[   87.099684][ T5337]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   87.102132][ T5337]  ? do_raw_spin_unlock+0x4d/0x240
[   87.104274][ T5337]  ? _raw_spin_unlock+0x28/0x50
[   87.106488][ T5337]  ? hfsplus_new_inode+0x643/0x820
[   87.108813][ T5337]  hfsplus_fill_super+0x120e/0x1930
[   87.111398][ T5337]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   87.113703][ T5337]  ? string+0x279/0x2b0
[   87.115476][ T5337]  ? snprintf+0xda/0x120
[   87.117306][ T5337]  ? sb_set_blocksize+0x155/0x240
[   87.119623][ T5337]  ? setup_bdev_super+0x4c1/0x5b0
[   87.121882][ T5337]  get_tree_bdev_flags+0x40e/0x4d0
[   87.124056][ T5337]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   87.126440][ T5337]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   87.129386][ T5337]  vfs_get_tree+0x92/0x2a0
[   87.131436][ T5337]  do_new_mount+0x302/0xa10
[   87.134125][ T5337]  ? apparmor_capable+0x137/0x1a0
[   87.136368][ T5337]  ? __pfx_do_new_mount+0x10/0x10
[   87.138693][ T5337]  ? ns_capable+0x8a/0xf0
[   87.140597][ T5337]  ? kmem_cache_free+0x197/0x620
[   87.142840][ T5337]  __se_sys_mount+0x313/0x410
[   87.144920][ T5337]  ? __pfx___se_sys_mount+0x10/0x10
[   87.147079][ T5337]  ? __x64_sys_mount+0x20/0xc0
[   87.148974][ T5337]  do_syscall_64+0xec/0xf80
[   87.151040][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.153705][ T5337]  ? trace_irq_disable+0x37/0x100
[   87.156008][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   87.158139][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.160948][ T5337] RIP: 0033:0x7f1ce9990f6a
[   87.162994][ T5337] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.171079][ T5337] RSP: 002b:00007f1ce5df4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   87.174573][ T5337] RAX: ffffffffffffffda RBX: 00007f1ce5df4ef0 RCX: 00007f1ce9990f6a
[   87.178099][ T5337] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 00007f1ce5df4eb0
[   87.181670][ T5337] RBP: 0000200000000000 R08: 00007f1ce5df4ef0 R09: 0000000002000010
[   87.185140][ T5337] R10: 0000000002000010 R11: 0000000000000246 R12: 0000200000000040
[   87.188703][ T5337] R13: 00007f1ce5df4eb0 R14: 00000000000006c2 R15: 00002000000001c0
[   87.192051][ T5337]  </TASK>
[   87.193694][ T5337] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   87.197337][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.201729][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.206783][ T5337] Call Trace:
[   87.208227][ T5337]  <TASK>
[   87.209569][ T5337]  vpanic+0x1e0/0x670
[   87.211267][ T5337]  panic+0xb9/0xc0
[   87.212870][ T5337]  ? __pfx_panic+0x10/0x10
[   87.214827][ T5337]  __warn+0x317/0x4b0
[   87.216557][ T5337]  ? hfsplus_bnode_create+0x461/0x4f0
[   87.218910][ T5337]  ? hfsplus_bnode_create+0x461/0x4f0
[   87.221184][ T5337]  __report_bug+0x288/0x500
[   87.223170][ T5337]  ? preempt_schedule_thunk+0x16/0x30
[   87.225376][ T5337]  ? hfsplus_bnode_create+0x461/0x4f0
[   87.227725][ T5337]  ? __pfx___report_bug+0x10/0x10
[   87.229948][ T5337]  ? __wake_up_klogd+0xe6/0x120
[   87.232053][ T5337]  ? vprintk_emit+0x4e1/0x550
[   87.234033][ T5337]  ? __pfx_vprintk_emit+0x10/0x10
[   87.236185][ T5337]  ? hfsplus_bnode_create+0x461/0x4f0
[   87.238485][ T5337]  report_bug+0x16a/0x220
[   87.240389][ T5337]  ? hfsplus_bnode_create+0x461/0x4f0
[   87.242767][ T5337]  ? hfsplus_bnode_create+0x463/0x4f0
[   87.245009][ T5337]  handle_bug+0x98/0x200
[   87.246853][ T5337]  exc_invalid_op+0x1a/0x50
[   87.248785][ T5337]  asm_exc_invalid_op+0x1a/0x20
[   87.250812][ T5337] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   87.253255][ T5337] Code: 82 8b 89 ee e8 40 cb 86 fe e9 cf fc ff ff e8 c6 27 20 ff 4c 89 ef e8 ce 49 bd 08 48 c7 c7 80 97 82 8b 89 ee e8 20 cb 86 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   87.260868][ T5337] RSP: 0018:ffffc9000e0cef80 EFLAGS: 00010246
[   87.263395][ T5337] RAX: 0000000000000023 RBX: ffff88804218a000 RCX: ace562d66042ab00
[   87.266774][ T5337] RDX: ffffc90020dc2000 RSI: 0000000000004ad4 RDI: 0000000000004ad5
[   87.270065][ T5337] RBP: 0000000000000000 R08: ffffc9000e0ced07 R09: 1ffff92001c19da0
[   87.273405][ T5337] R10: dffffc0000000000 R11: fffff52001c19da1 R12: 0000000000000000
[   87.276769][ T5337] R13: ffff88804218a0e0 R14: ffff88803738ce00 R15: dffffc0000000000
[   87.280175][ T5337]  ? do_raw_spin_unlock+0x4d/0x240
[   87.282164][ T5337]  hfsplus_bmap_alloc+0x746/0xaf0
[   87.284144][ T5337]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   87.286398][ T5337]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   87.288641][ T5337]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   87.290934][ T5337]  hfs_bnode_split+0xcc/0x1080
[   87.292984][ T5337]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   87.295571][ T5337]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   87.297646][ T5337]  ? __asan_memcpy+0x40/0x70
[   87.299580][ T5337]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   87.301577][ T5337]  ? hfsplus_bnode_read_u16+0x87/0xd0
[   87.303554][ T5337]  ? __pfx_hfs_bnode_split+0x10/0x10
[   87.305695][ T5337]  hfsplus_brec_insert+0x3b6/0xd70
[   87.307667][ T5337]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   87.310025][ T5337]  hfsplus_create_cat+0x3b1/0x10d0
[   87.312213][ T5337]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   87.314602][ T5337]  ? do_raw_spin_unlock+0x4d/0x240
[   87.316756][ T5337]  ? _raw_spin_unlock+0x28/0x50
[   87.318833][ T5337]  ? hfsplus_new_inode+0x643/0x820
[   87.320814][ T5337]  hfsplus_fill_super+0x120e/0x1930
[   87.322971][ T5337]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   87.325307][ T5337]  ? string+0x279/0x2b0
[   87.327069][ T5337]  ? snprintf+0xda/0x120
[   87.328950][ T5337]  ? sb_set_blocksize+0x155/0x240
[   87.331131][ T5337]  ? setup_bdev_super+0x4c1/0x5b0
[   87.333356][ T5337]  get_tree_bdev_flags+0x40e/0x4d0
[   87.335660][ T5337]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   87.338030][ T5337]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   87.340540][ T5337]  vfs_get_tree+0x92/0x2a0
[   87.342508][ T5337]  do_new_mount+0x302/0xa10
[   87.344511][ T5337]  ? apparmor_capable+0x137/0x1a0
[   87.346796][ T5337]  ? __pfx_do_new_mount+0x10/0x10
[   87.348951][ T5337]  ? ns_capable+0x8a/0xf0
[   87.350872][ T5337]  ? kmem_cache_free+0x197/0x620
[   87.353111][ T5337]  __se_sys_mount+0x313/0x410
[   87.355230][ T5337]  ? __pfx___se_sys_mount+0x10/0x10
[   87.357547][ T5337]  ? __x64_sys_mount+0x20/0xc0
[   87.359448][ T5337]  do_syscall_64+0xec/0xf80
[   87.361177][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.363677][ T5337]  ? trace_irq_disable+0x37/0x100
[   87.365690][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   87.367528][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.369923][ T5337] RIP: 0033:0x7f1ce9990f6a
[   87.371727][ T5337] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.379775][ T5337] RSP: 002b:00007f1ce5df4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   87.383370][ T5337] RAX: ffffffffffffffda RBX: 00007f1ce5df4ef0 RCX: 00007f1ce9990f6a
[   87.386881][ T5337] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 00007f1ce5df4eb0
[   87.391091][ T5337] RBP: 0000200000000000 R08: 00007f1ce5df4ef0 R09: 0000000002000010
[   87.394545][ T5337] R10: 0000000002000010 R11: 0000000000000246 R12: 0000200000000040
[   87.397925][ T5337] R13: 00007f1ce5df4eb0 R14: 00000000000006c2 R15: 00002000000001c0
[   87.401221][ T5337]  </TASK>
[   87.402918][ T5337] Kernel Offset: disabled
[   87.404772][ T5337] Rebooting in 86400 seconds..