program:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x3000080, &(0x7f0000000280)=ANY=[], 0x1, 0x2e0, &(0x7f0000000880)="$eJzs3c1qE10cx/HfmSRt+jT0mb48POCyWtCN1LoRNymSixAXojYRiqGiraBurOJKRPfuvQVvQXCjeAO6cuUFRBBGzpnJa+cljUmmod8PGCYz85/zP5m38x+wIwCn1rXat/eXf9h/RiqoIL26KnmSylJR0n/6v/xo72D3oNmop2ynFTg2yiiMNEdW2tlrxMWWFUVEfPutqErvPExGEATb3yXt550IcuXO/hieNB+dnW55eeqZpXs+YtzhmPOYNaallh5rKe88AAD5iu7/XnSfr0Tjd8+TNqLb/om8/4+qlXcCExekLu25/7sqKzB2//7rFnXrPVfC2eVeu0ocpuXSwPc5hUdW3wDTZFWVLhdv4e5us3Fx536z7umFqpGe1dbcZz08dNsysl2PqU1TDNF3Ez+iXHR9KNk+bCXkvzpiiyMzn8wXc9P4eqd6Z/xXDIzdTW5P+QN7Ksx/M3mLrpe+XUvRZaNarXp9qyy7Rs5ELUQyelmOr0jUPqKW1f+AwM/K00WtDESFvbuUEbUaRm0v9EVttb8lRK31tWV70zmak9ubNPPGXDfr+qkPqvWM/z2b34ZSz8zuWWM2wluB+8XD/szFN1d02/SP3DkOdaPSP6fzK84npf4r/Zp2OqX8Js9Swl7rjq5oaf/J03uFZrPx0E7cjpl4UOnMKb2UYtc55kT7JPqb7XjqztFhd9G8wgeRR6JKY2j0uBMXxrpBe/3IXNmeZVPp4FiOhFmdqH2ewoFkL5I59nSc1yicVN2dnrnqx6kkhGlz466w/uupVzbdYM9++Cnj9MwBWbTFwI6xOxVQuS9+xU39E1vBJT1uWEyu4Iatuc6el851Zv0OMqoRP8pzNgRpQz/L1PRVt3j+DwAAAAAAAAAAAAAAAAAAMGum8d8J8u4jAAAAAAAAAAAAAAAAAAAAAACzrvP+X7Xf/6vh3v87+Je/C+EbXsby/t+3e+L9v8Dk/QkAAP//TN6FzA==")
creat(&(0x7f0000000040)='./file1\x00', 0x82)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x8000)
r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r0)
socketpair(0x9, 0x3, 0x9, &(0x7f0000000080))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYRESOCT=r3, @ANYRESHEX=r0, @ANYBLOB="000000000000000000000000000083917130db15acff3b95605d9fc14a6d7ad909871a763aa9d737795f17ed5aeeb6a63154d29bfa7d00009158e0d77e8dea4982ccf41a6a50e8807e3693e6f8a0268c51bae3958c4f474e99ac541c96907fb3f475bce2fcc2fa", @ANYRES32=0x0, @ANYRES32=r0, @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net\x00')
fchdir(r6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x1, 0xff69, 0x0, 0x41000, 0x25, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000002c0)=[{0x6}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2000, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
write$binfmt_script(r4, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
ptrace$getregset(0x4205, r8, 0x202, &(0x7f0000000240)={0x0})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

[  148.127032][ T5328] Bluetooth: hci0: command tx timeout
[  148.214777][ T5348] loop0: detected capacity change from 0 to 64
[  148.295392][   T53] Buffer I/O error on dev loop0, logical block 8, lost async page write
[  148.300129][   T53] Buffer I/O error on dev loop0, logical block 9, lost async page write
[  148.304279][   T53] Buffer I/O error on dev loop0, logical block 10, lost async page write
[  148.307707][   T53] Buffer I/O error on dev loop0, logical block 11, lost async page write
[  148.311072][   T53] Buffer I/O error on dev loop0, logical block 16, lost async page write
[  148.315484][   T53] Buffer I/O error on dev loop0, logical block 17, lost async page write
[  148.318890][   T53] Buffer I/O error on dev loop0, logical block 18, lost async page write
[  148.324481][   T53] Buffer I/O error on dev loop0, logical block 19, lost async page write
[  148.329819][ T5348] Buffer I/O error on dev loop0, logical block 62, lost sync page write
[  148.335333][ T5348] getblk(): invalid block size 512 requested
[  148.337819][ T5348] logical block size: 32768
[  148.340010][ T5348] CPU: 0 UID: 0 PID: 5348 Comm: syz.0.0 Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  148.340030][ T5348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.340039][ T5348] Call Trace:
[  148.340048][ T5348]  <TASK>
[  148.340055][ T5348]  dump_stack_lvl+0x189/0x250
[  148.340152][ T5348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.340165][ T5348]  ? __pfx__printk+0x10/0x10
[  148.340177][ T5348]  ? fs_reclaim_acquire+0x7d/0x100
[  148.340220][ T5348]  bdev_getblk+0x5b0/0x690
[  148.340236][ T5348]  ? __pfx_wake_up_bit+0x10/0x10
[  148.340258][ T5348]  __bread_gfp+0x89/0x3c0
[  148.340275][ T5348]  hfs_mdb_commit+0xc0a/0x1160
[  148.340297][ T5348]  hfs_sync_fs+0x15/0x20
[  148.340319][ T5348]  sync_filesystem+0xeb/0x230
[  148.340340][ T5348]  hfs_reconfigure+0x66/0x270
[  148.340356][ T5348]  reconfigure_super+0x224/0x890
[  148.340382][ T5348]  vfs_fsconfig_locked+0x171/0x320
[  148.340399][ T5348]  __se_sys_fsconfig+0x78e/0x8d0
[  148.340419][ T5348]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  148.340438][ T5348]  ? rcu_is_watching+0x15/0xb0
[  148.340460][ T5348]  ? do_syscall_64+0xbe/0x3b0
[  148.340511][ T5348]  ? __x64_sys_fsconfig+0x20/0xc0
[  148.340530][ T5348]  do_syscall_64+0xfa/0x3b0
[  148.340541][ T5348]  ? lockdep_hardirqs_on+0x9c/0x150
[  148.340560][ T5348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.340571][ T5348]  ? clear_bhb_loop+0x60/0xb0
[  148.340586][ T5348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.340597][ T5348] RIP: 0033:0x7f621bd8e929
[  148.340609][ T5348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.340619][ T5348] RSP: 002b:00007f621cc42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  148.340632][ T5348] RAX: ffffffffffffffda RBX: 00007f621bfb5fa0 RCX: 00007f621bd8e929
[  148.340641][ T5348] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008
[  148.340649][ T5348] RBP: 00007f621be10b39 R08: 0000000000000000 R09: 0000000000000000
[  148.340656][ T5348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.340662][ T5348] R13: 0000000000000000 R14: 00007f621bfb5fa0 R15: 00007ffc32056528
[  148.340681][ T5348]  </TASK>
[  148.340688][ T5348] hfs: unable to read volume bitmap
[  148.454955][   T26] audit: type=1326 audit(1750166285.977:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5347 comm="syz.0.0" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f621bd8e929 code=0x0
[  148.465902][ T5348] Buffer I/O error on dev loop0, logical block 2, lost async page write
[  148.474352][ T5348] ------------[ cut here ]------------
[  148.478067][ T5348] WARNING: CPU: 0 PID: 5348 at fs/buffer.c:1189 mark_buffer_dirty+0x2a9/0x410
[  148.482225][ T5348] Modules linked in:
[  148.484160][ T5348] CPU: 0 UID: 0 PID: 5348 Comm: syz.0.0 Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  148.488804][ T5348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.493501][ T5348] RIP: 0010:mark_buffer_dirty+0x2a9/0x410
[  148.496123][ T5348] Code: 4c 89 f7 e8 a9 bb dd ff 49 8b 3e be 20 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 94 33 fc ff e8 6f 3d 7a ff eb 8c e8 68 3d 7a ff 90 <0f> 0b 90 e9 95 fd ff ff e8 5a 3d 7a ff 90 0f 0b 90 e9 bf fd ff ff
[  148.505240][ T5348] RSP: 0018:ffffc9000342fbc8 EFLAGS: 00010283
[  148.507768][ T5348] RAX: ffffffff82461ed8 RBX: ffff8880444d5740 RCX: 0000000000100000
[  148.510937][ T5348] RDX: ffffc9000ee51000 RSI: 0000000000011572 RDI: 0000000000011573
[  148.515447][ T5348] RBP: 1ffff11003d96c01 R08: ffff8880444d5747 R09: 1ffff1100889aae8
[  148.518662][ T5348] R10: dffffc0000000000 R11: ffffed100889aae9 R12: dffffc0000000000
[  148.521899][ T5348] R13: ffff88801ecb6640 R14: ffff88804d25945b R15: ffff88804d259400
[  148.525346][ T5348] FS:  00007f621cc426c0(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000
[  148.529958][ T5348] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  148.533953][ T5348] CR2: 0000000000000000 CR3: 00000000441e8000 CR4: 0000000000352ef0
[  148.537617][ T5348] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  148.540912][ T5348] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  148.544353][ T5348] Call Trace:
[  148.545864][ T5348]  <TASK>
[  148.547194][ T5348]  hfs_mdb_commit+0x489/0x1160
[  148.549301][ T5348]  hfs_sync_fs+0x15/0x20
[  148.551219][ T5348]  sync_filesystem+0x1cf/0x230
[  148.553566][ T5348]  hfs_reconfigure+0x66/0x270
[  148.556022][ T5348]  reconfigure_super+0x224/0x890
[  148.558623][ T5348]  vfs_fsconfig_locked+0x171/0x320
[  148.561220][ T5348]  __se_sys_fsconfig+0x78e/0x8d0
[  148.563771][ T5348]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  148.566184][ T5348]  ? rcu_is_watching+0x15/0xb0
[  148.568344][ T5348]  ? do_syscall_64+0xbe/0x3b0
[  148.570381][ T5348]  ? __x64_sys_fsconfig+0x20/0xc0
[  148.573024][ T5348]  do_syscall_64+0xfa/0x3b0
[  148.575485][ T5348]  ? lockdep_hardirqs_on+0x9c/0x150
[  148.578465][ T5348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.581389][ T5348]  ? clear_bhb_loop+0x60/0xb0
[  148.583656][ T5348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.586219][ T5348] RIP: 0033:0x7f621bd8e929
[  148.588217][ T5348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.598069][ T5348] RSP: 002b:00007f621cc42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  148.601684][ T5348] RAX: ffffffffffffffda RBX: 00007f621bfb5fa0 RCX: 00007f621bd8e929
[  148.605627][ T5348] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008
[  148.609151][ T5348] RBP: 00007f621be10b39 R08: 0000000000000000 R09: 0000000000000000
[  148.613506][ T5348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.616951][ T5348] R13: 0000000000000000 R14: 00007f621bfb5fa0 R15: 00007ffc32056528
[  148.620402][ T5348]  </TASK>
[  148.621837][ T5348] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  148.625212][ T5348] CPU: 0 UID: 0 PID: 5348 Comm: syz.0.0 Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  148.630946][ T5348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.635706][ T5348] Call Trace:
[  148.637453][ T5348]  <TASK>
[  148.638765][ T5348]  dump_stack_lvl+0x99/0x250
[  148.640799][ T5348]  ? __asan_memcpy+0x40/0x70
[  148.642730][ T5348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.645144][ T5348]  ? __pfx__printk+0x10/0x10
[  148.647460][ T5348]  panic+0x2db/0x790
[  148.649411][ T5348]  ? __pfx_panic+0x10/0x10
[  148.651829][ T5348]  ? show_trace_log_lvl+0x4fb/0x550
[  148.654205][ T5348]  __warn+0x31b/0x4b0
[  148.656018][ T5348]  ? mark_buffer_dirty+0x2a9/0x410
[  148.658543][ T5348]  ? mark_buffer_dirty+0x2a9/0x410
[  148.660835][ T5348]  report_bug+0x2be/0x4f0
[  148.662712][ T5348]  ? mark_buffer_dirty+0x2a9/0x410
[  148.665211][ T5348]  ? mark_buffer_dirty+0x2a9/0x410
[  148.667767][ T5348]  ? mark_buffer_dirty+0x2ab/0x410
[  148.670869][ T5348]  handle_bug+0x84/0x160
[  148.673212][ T5348]  exc_invalid_op+0x1a/0x50
[  148.675328][ T5348]  asm_exc_invalid_op+0x1a/0x20
[  148.677512][ T5348] RIP: 0010:mark_buffer_dirty+0x2a9/0x410
[  148.680033][ T5348] Code: 4c 89 f7 e8 a9 bb dd ff 49 8b 3e be 20 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 94 33 fc ff e8 6f 3d 7a ff eb 8c e8 68 3d 7a ff 90 <0f> 0b 90 e9 95 fd ff ff e8 5a 3d 7a ff 90 0f 0b 90 e9 bf fd ff ff
[  148.688709][ T5348] RSP: 0018:ffffc9000342fbc8 EFLAGS: 00010283
[  148.691579][ T5348] RAX: ffffffff82461ed8 RBX: ffff8880444d5740 RCX: 0000000000100000
[  148.695231][ T5348] RDX: ffffc9000ee51000 RSI: 0000000000011572 RDI: 0000000000011573
[  148.698707][ T5348] RBP: 1ffff11003d96c01 R08: ffff8880444d5747 R09: 1ffff1100889aae8
[  148.702066][ T5348] R10: dffffc0000000000 R11: ffffed100889aae9 R12: dffffc0000000000
[  148.705414][ T5348] R13: ffff88801ecb6640 R14: ffff88804d25945b R15: ffff88804d259400
[  148.709628][ T5348]  ? mark_buffer_dirty+0x2a8/0x410
[  148.713043][ T5348]  ? mark_buffer_dirty+0x2a8/0x410
[  148.716005][ T5348]  hfs_mdb_commit+0x489/0x1160
[  148.718177][ T5348]  hfs_sync_fs+0x15/0x20
[  148.720125][ T5348]  sync_filesystem+0x1cf/0x230
[  148.722125][ T5348]  hfs_reconfigure+0x66/0x270
[  148.724230][ T5348]  reconfigure_super+0x224/0x890
[  148.726411][ T5348]  vfs_fsconfig_locked+0x171/0x320
[  148.729172][ T5348]  __se_sys_fsconfig+0x78e/0x8d0
[  148.732223][ T5348]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  148.735241][ T5348]  ? rcu_is_watching+0x15/0xb0
[  148.737445][ T5348]  ? do_syscall_64+0xbe/0x3b0
[  148.739341][ T5348]  ? __x64_sys_fsconfig+0x20/0xc0
[  148.741766][ T5348]  do_syscall_64+0xfa/0x3b0
[  148.743829][ T5348]  ? lockdep_hardirqs_on+0x9c/0x150
[  148.745862][ T5348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.748433][ T5348]  ? clear_bhb_loop+0x60/0xb0
[  148.750573][ T5348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.753682][ T5348] RIP: 0033:0x7f621bd8e929
[  148.755965][ T5348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.764203][ T5348] RSP: 002b:00007f621cc42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  148.767739][ T5348] RAX: ffffffffffffffda RBX: 00007f621bfb5fa0 RCX: 00007f621bd8e929
[  148.771029][ T5348] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008
[  148.775480][ T5348] RBP: 00007f621be10b39 R08: 0000000000000000 R09: 0000000000000000
[  148.779883][ T5348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.783420][ T5348] R13: 0000000000000000 R14: 00007f621bfb5fa0 R15: 00007ffc32056528
[  148.786625][ T5348]  </TASK>
[  148.788360][ T5348] Kernel Offset: disabled
[  148.790211][ T5348] Rebooting in 86400 seconds..