program:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000124d5240e316e9f958000000000109021b00010000000009047800018fa68d000905", @ANYRES16], 0x0)
close(0x3)
openat$mice(0xffffff9c, &(0x7f0000000040), 0x12bf03)
r0 = shmget$private(0x0, 0x3000, 0x80, &(0x7f0000ffd000/0x3000)=nil)
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x293, &(0x7f0000000140)="$eJzs3T9v004cx/HPOWmb/lrl5/5BSIipUIkJ9c+CWCqhPAMWJgRtglQRFQmKBEyFGTEj9j4FHgAjE2JGYuvEA+gWdGcnsRM7Tq0aJ+n7JSU4+L7n79ln7s6ojQBcWQ8av093z+zLSBVVJN2XPEk1qSrpmq7XXh8dHx63W81RFVVchH0ZBZFmqMzBUSsp1Ma5iJBvP1W1HP07FKP2Sydl54Dyubs/gScthHen21/755kVYfHKd3pzrnO9Ub3sPAAA5fL6f9hxfjmcv3uetBkO+/Hxf8oH0LmyEyjYt4z9kfHfrbI6xl7f/92u/nrPLeGqvZN1unuWJ5d5BT0rNsE0WatKl4u3+Oyw3bp78KLd9PRBe6HI1Vt3781eD3a6a1q7/X646o1wbTo/Xv7R2i5mybVhzrZhJ5p/pMja5R4xm/lufpjHxtcXNXvzv2rH2LPhTog/cKWC/LfSa3StnJcrldLKFXeQG/FTPrKVFaWsSNS9cCuKPyDws/J0UasDUUHrtjOi1hKjdjKi1gej+r05PbJo5pN5ZDb0R1/ViMz/PXu2NzXOnWnLuJJhzxjZnqor6bvxJHwidHIzsaSXt0XI4aP2dU/1V2/fPX/abrdeTtnG/uegGdmF7Z04GTlPzka3E0xCPvVZvjrjddECNrrjTv560v/p4LH87Ohf9AsG0glmhZ13mWD9F1mvbLnJmn3z4/P0hWhsJ6vySI3bKWuDVff+X/oKLsa4Rw9LCf+7OHzEkWuuW3ek2+McMeCHeU6evTxBpqGfesLzfwAAAAAAAAAAAAAAAAAAgGlzeT9yUFPaLrnfuAEAAAAAAAAAAAAAAAAAAAAAAPJK+P7fhVK///ehgk98/y9QuL8BAAD//+dabvs=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
ioctl$TIOCSCTTY(r1, 0x540e, 0x2)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x200001, 0x41)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={r3, r4, 0x8, 0x0, @void}, 0x10)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r6, &(0x7f0000000000), 0xfffffecc)
splice(r5, 0x0, r7, 0x0, 0x40004ffe6, 0x0)
shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x3000)
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mlockall(0x7)

[   74.448306][   T44] Bluetooth: hci0: command tx timeout
[   74.797317][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   74.957124][   T10] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[   74.969066][   T10] usb 5-1: config 0 has no interface number 0
[   74.972395][   T10] usb 5-1: config 0 interface 120 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   74.987315][   T10] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   74.992816][   T10] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   75.001956][   T10] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[   75.006892][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.022491][   T10] usb 5-1: config 0 descriptor??
[   75.051276][   T10] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.120/input/input5
[   75.262480][   T10] usb 5-1: USB disconnect, device number 2
[   75.385765][ T5322] loop0: detected capacity change from 0 to 64
[   75.456097][ T5322] hfs: new node 0 already hashed?
[   75.459156][ T5322] ------------[ cut here ]------------
[   75.461955][ T5322] 1
[   75.461967][ T5322] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create+0x461/0x4f0, CPU#0: syz.0.0/5322
[   75.466944][ T5322] Modules linked in:
[   75.469130][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.473201][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.479271][ T5322] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[   75.481760][ T5322] Code: e8 8b 89 ee e8 b0 24 76 fe e9 cf fc ff ff e8 a6 41 14 ff 4c 89 ef e8 7e 65 fb 08 48 c7 c7 e0 44 e8 8b 89 ee e8 90 24 76 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   75.490039][ T5322] RSP: 0018:ffffc9000dfd7320 EFLAGS: 00010246
[   75.492777][ T5322] RAX: 000000000000001f RBX: ffff88804181a000 RCX: 256badc0dd868300
[   75.496544][ T5322] RDX: ffffc9000ef82000 RSI: 0000000000000ecb RDI: 0000000000000ecc
[   75.500094][ T5322] RBP: 0000000000000000 R08: ffffc9000dfd70a7 R09: 1ffff92001bfae14
[   75.503470][ T5322] R10: dffffc0000000000 R11: fffff52001bfae15 R12: 0000000000000000
[   75.507341][ T5322] R13: ffff88804181a0d8 R14: ffff888032dfaf00 R15: dffffc0000000000
[   75.511804][ T5322] FS:  00007f701c9d46c0(0000) GS:ffff88808c885000(0000) knlGS:0000000000000000
[   75.515473][ T5322] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.518651][ T5322] CR2: 00005615ec69b768 CR3: 0000000012f6f000 CR4: 0000000000352ef0
[   75.522014][ T5322] Call Trace:
[   75.523504][ T5322]  <TASK>
[   75.524834][ T5322]  ? do_raw_spin_unlock+0x4d/0x210
[   75.527227][ T5322]  hfs_bmap_alloc+0x5c1/0x650
[   75.529304][ T5322]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[   75.531643][ T5322]  ? hfs_vbm_search_free+0x1d8/0x4b0
[   75.533766][ T5322]  ? __asan_memcpy+0x40/0x70
[   75.535639][ T5322]  hfs_bnode_split+0xd4/0x1090
[   75.537622][ T5322]  ? hfs_bnode_read+0x22d/0x7f0
[   75.539819][ T5322]  ? __asan_memcpy+0x40/0x70
[   75.541558][ T5322]  ? hfs_bnode_read+0x391/0x7f0
[   75.543387][ T5322]  ? hfs_bnode_read_u16+0x8d/0xe0
[   75.545201][ T5322]  ? __pfx_hfs_bnode_split+0x10/0x10
[   75.547324][ T5322]  ? __hfs_brec_find+0x32f/0x510
[   75.549234][ T5322]  hfs_brec_insert+0x3a1/0xc90
[   75.551072][ T5322]  ? __pfx_hfs_brec_insert+0x10/0x10
[   75.553175][ T5322]  ? __asan_memset+0x22/0x50
[   75.555077][ T5322]  ? hfs_cat_build_record+0x237/0x9f0
[   75.557325][ T5322]  hfs_cat_create+0x518/0x800
[   75.559236][ T5322]  ? __pfx_hfs_cat_create+0x10/0x10
[   75.561709][ T5322]  ? preempt_schedule_common+0x82/0xd0
[   75.564002][ T5322]  ? _raw_spin_unlock+0x3f/0x50
[   75.566153][ T5322]  ? hfs_new_inode+0x92d/0xc70
[   75.568265][ T5322]  hfs_create+0x75/0xe0
[   75.569821][ T5322]  ? __pfx_hfs_create+0x10/0x10
[   75.571614][ T5322]  path_openat+0x1395/0x3860
[   75.573444][ T5322]  ? __pfx_path_openat+0x10/0x10
[   75.575545][ T5322]  ? __x64_sys_openat+0x138/0x170
[   75.577521][ T5322]  do_file_open+0x23e/0x4a0
[   75.579403][ T5322]  ? __pfx_do_file_open+0x10/0x10
[   75.581771][ T5322]  ? _raw_spin_unlock+0x28/0x50
[   75.583997][ T5322]  ? alloc_fd+0x64b/0x6c0
[   75.586073][ T5322]  do_sys_openat2+0x113/0x200
[   75.588785][ T5322]  ? __se_sys_futex+0x3a8/0x450
[   75.591022][ T5322]  ? __pfx_do_sys_openat2+0x10/0x10
[   75.593325][ T5322]  ? rcu_is_watching+0x15/0xb0
[   75.595153][ T5322]  __x64_sys_openat+0x138/0x170
[   75.596881][ T5322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.599569][ T5322]  do_syscall_64+0x15f/0xf80
[   75.601635][ T5322]  ? trace_irq_disable+0x3b/0x140
[   75.603848][ T5322]  ? clear_bhb_loop+0x40/0x90
[   75.605868][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.608850][ T5322] RIP: 0033:0x7f701bb9cdd9
[   75.611682][ T5322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   75.620434][ T5322] RSP: 002b:00007f701c9d3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   75.624244][ T5322] RAX: ffffffffffffffda RBX: 00007f701be15fa0 RCX: 00007f701bb9cdd9
[   75.627494][ T5322] RDX: 0000000000103042 RSI: 0000200000000100 RDI: ffffffffffffff9c
[   75.630809][ T5322] RBP: 00007f701bc32d69 R08: 0000000000000000 R09: 0000000000000000
[   75.634125][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.637949][ T5322] R13: 00007f701be16038 R14: 00007f701be15fa0 R15: 00007ffeb5b1eb48
[   75.641195][ T5322]  </TASK>
[   75.642554][ T5322] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.645409][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.648935][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.653045][ T5322] Call Trace:
[   75.654438][ T5322]  <TASK>
[   75.655637][ T5322]  vpanic+0x56c/0xa60
[   75.657169][ T5322]  ? __pfx__printk+0x10/0x10
[   75.658872][ T5322]  ? __pfx_vpanic+0x10/0x10
[   75.660770][ T5322]  ? is_bpf_text_address+0x292/0x2b0
[   75.663005][ T5322]  ? is_bpf_text_address+0x26/0x2b0
[   75.665667][ T5322]  panic+0xc5/0xd0
[   75.667170][ T5322]  ? __pfx_panic+0x10/0x10
[   75.668852][ T5322]  __warn+0x315/0x4c0
[   75.670423][ T5322]  ? hfs_bnode_create+0x461/0x4f0
[   75.672600][ T5322]  ? hfs_bnode_create+0x461/0x4f0
[   75.674740][ T5322]  __report_bug+0x29a/0x540
[   75.676642][ T5322]  ? preempt_schedule_thunk+0x16/0x30
[   75.678777][ T5322]  ? hfs_bnode_create+0x461/0x4f0
[   75.680802][ T5322]  ? __pfx___report_bug+0x10/0x10
[   75.682850][ T5322]  ? __wake_up_klogd+0xe6/0x120
[   75.684924][ T5322]  ? vprintk_emit+0x4eb/0x560
[   75.686826][ T5322]  ? __pfx_vprintk_emit+0x10/0x10
[   75.688810][ T5322]  ? __wake_up_common_lock+0x190/0x1f0
[   75.691048][ T5322]  ? hfs_bnode_create+0x461/0x4f0
[   75.693618][ T5322]  report_bug+0x16a/0x220
[   75.695366][ T5322]  ? hfs_bnode_create+0x461/0x4f0
[   75.697390][ T5322]  ? hfs_bnode_create+0x463/0x4f0
[   75.699480][ T5322]  handle_bug+0x9c/0x200
[   75.701258][ T5322]  exc_invalid_op+0x1a/0x50
[   75.703099][ T5322]  asm_exc_invalid_op+0x1a/0x20
[   75.705105][ T5322] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[   75.707373][ T5322] Code: e8 8b 89 ee e8 b0 24 76 fe e9 cf fc ff ff e8 a6 41 14 ff 4c 89 ef e8 7e 65 fb 08 48 c7 c7 e0 44 e8 8b 89 ee e8 90 24 76 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   75.715536][ T5322] RSP: 0018:ffffc9000dfd7320 EFLAGS: 00010246
[   75.718157][ T5322] RAX: 000000000000001f RBX: ffff88804181a000 RCX: 256badc0dd868300
[   75.721956][ T5322] RDX: ffffc9000ef82000 RSI: 0000000000000ecb RDI: 0000000000000ecc
[   75.725238][ T5322] RBP: 0000000000000000 R08: ffffc9000dfd70a7 R09: 1ffff92001bfae14
[   75.728632][ T5322] R10: dffffc0000000000 R11: fffff52001bfae15 R12: 0000000000000000
[   75.732033][ T5322] R13: ffff88804181a0d8 R14: ffff888032dfaf00 R15: dffffc0000000000
[   75.735352][ T5322]  ? do_raw_spin_unlock+0x4d/0x210
[   75.737637][ T5322]  hfs_bmap_alloc+0x5c1/0x650
[   75.739681][ T5322]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[   75.741951][ T5322]  ? hfs_vbm_search_free+0x1d8/0x4b0
[   75.743799][ T5322]  ? __asan_memcpy+0x40/0x70
[   75.745646][ T5322]  hfs_bnode_split+0xd4/0x1090
[   75.747540][ T5322]  ? hfs_bnode_read+0x22d/0x7f0
[   75.749465][ T5322]  ? __asan_memcpy+0x40/0x70
[   75.751627][ T5322]  ? hfs_bnode_read+0x391/0x7f0
[   75.753543][ T5322]  ? hfs_bnode_read_u16+0x8d/0xe0
[   75.755546][ T5322]  ? __pfx_hfs_bnode_split+0x10/0x10
[   75.757624][ T5322]  ? __hfs_brec_find+0x32f/0x510
[   75.759760][ T5322]  hfs_brec_insert+0x3a1/0xc90
[   75.761823][ T5322]  ? __pfx_hfs_brec_insert+0x10/0x10
[   75.764082][ T5322]  ? __asan_memset+0x22/0x50
[   75.766026][ T5322]  ? hfs_cat_build_record+0x237/0x9f0
[   75.768172][ T5322]  hfs_cat_create+0x518/0x800
[   75.770253][ T5322]  ? __pfx_hfs_cat_create+0x10/0x10
[   75.772498][ T5322]  ? preempt_schedule_common+0x82/0xd0
[   75.774872][ T5322]  ? _raw_spin_unlock+0x3f/0x50
[   75.777009][ T5322]  ? hfs_new_inode+0x92d/0xc70
[   75.779073][ T5322]  hfs_create+0x75/0xe0
[   75.780872][ T5322]  ? __pfx_hfs_create+0x10/0x10
[   75.783290][ T5322]  path_openat+0x1395/0x3860
[   75.785314][ T5322]  ? __pfx_path_openat+0x10/0x10
[   75.787507][ T5322]  ? __x64_sys_openat+0x138/0x170
[   75.789312][ T5322]  do_file_open+0x23e/0x4a0
[   75.790961][ T5322]  ? __pfx_do_file_open+0x10/0x10
[   75.793016][ T5322]  ? _raw_spin_unlock+0x28/0x50
[   75.795010][ T5322]  ? alloc_fd+0x64b/0x6c0
[   75.796710][ T5322]  do_sys_openat2+0x113/0x200
[   75.798655][ T5322]  ? __se_sys_futex+0x3a8/0x450
[   75.800428][ T5322]  ? __pfx_do_sys_openat2+0x10/0x10
[   75.802648][ T5322]  ? rcu_is_watching+0x15/0xb0
[   75.804588][ T5322]  __x64_sys_openat+0x138/0x170
[   75.806695][ T5322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.809391][ T5322]  do_syscall_64+0x15f/0xf80
[   75.811303][ T5322]  ? trace_irq_disable+0x3b/0x140
[   75.813255][ T5322]  ? clear_bhb_loop+0x40/0x90
[   75.815709][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.818180][ T5322] RIP: 0033:0x7f701bb9cdd9
[   75.820112][ T5322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   75.828489][ T5322] RSP: 002b:00007f701c9d3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   75.831981][ T5322] RAX: ffffffffffffffda RBX: 00007f701be15fa0 RCX: 00007f701bb9cdd9
[   75.835578][ T5322] RDX: 0000000000103042 RSI: 0000200000000100 RDI: ffffffffffffff9c
[   75.839227][ T5322] RBP: 00007f701bc32d69 R08: 0000000000000000 R09: 0000000000000000
[   75.842632][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.846171][ T5322] R13: 00007f701be16038 R14: 00007f701be15fa0 R15: 00007ffeb5b1eb48
[   75.850028][ T5322]  </TASK>
[   75.851739][ T5322] Kernel Offset: disabled
[   75.853540][ T5322] Rebooting in 86400 seconds..