program:
syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00b6df4b96c039b79e4891ca637d36aa326c0a8a6c8e79f63d63058985c2eeccaf7663588c2b83e9602510e625b278cf51ba2a5e075c0f3f751d8bd8b47a3d0b68e69927af4acf94e48980ab6d2461fc1903d274485eceef5f36395b214d6c832f94e9ffa02ee14cde865759de2291df7caf9d3f4880c70c1646764ad6d6332223f608f44a2bc7d3f5b9850727e5405416e1bbc10600000000000000f116fdd2fa0a26335ae3b04628c6860b22038a58c365a4b50f6576d5bf25fab4d83ea67b334b4d1d25bfd01b482a372898ce8c3dc570127e6121daea67d4f71da328f2dbb1e5adb25e4d220b54854bb2da63597949941647bec2d49662de4248723e7bd5591e42bd9c1eea66695f02dcfb00124c97a9b45cbbef477bff8ac617d5a03eff67746b52d1ff7cbc28acfc8ae8f46f756fdc520debb3251ee129bc0a761f83e8764fc96340ff6165a3176a83ce15e78de8ecf8267a89d9a39379a5d72297e2dd37a93741b269bc5efc746c9efbe8bae2cbfd1cbe9987c9d81167e791d2d510d6af908a0b39f06dc3691402c0e646bbd322a8c0e16a9ab16288c94012cb2577febab5a45a3ea5296762a2d5c4a381d3ff43d35dc684447be4742aa49fe2caaee94c56b2e30cba3b63bbf9eaf7a36ed25c7d"], 0xff, 0x277, &(0x7f0000000800)="$eJzs3U9PE0EYx/HfbIssQnD5Y0w8oiQejAG8GC8Y0hfhyai0JMQNJoqJejKejS/AO2/Ag4lvwZPxDeDJkwePPVkzswMsZdttK+20+v0k3Qx0nt1nOrvsPCVQAfhvbdUOD27+ajmqqCLprhRJiqWqpMu6Er/Y29/dTxv1bjuquAj7MMoizZk+23uNotD4t4/wEvtVVXP572E47Lx/D50EgjPuCj4rkqb91emej0ee2XC8CZ1AYKappl5qPnQeAICw/P0/8vf5Ob9+jyJp1d/2J/X+X1hFNEefx1jJ3f/d69Mydn4vuadO6j1Xwtnno8OD2z/sY5BjXVB2Zp1aYJqyqtLlEmtnN/1YkdJ6pLfa9HLdlt22np26R0qyXSmoTbsYfOyzdhNN7eymjY0O+S+d7xHLmS/mq3lgEn1Q/Xj9V20ZO01uppK2mcryX+u8RzfKJOvVYZQL7iBX/RG8klHGxRWJjs6ohbZLOynL00UttkVlo1sviVoqjNooiVpuj5qxUbe2n6Zd30oZLvPe3Dcr+qlPquXW/5F9tVfVy5Vp+7ie/szoOp6q65n0kFj+AtZML0NBv6aOW+/0WHc0//zV6yeP0rTxrM/GvYGigjbi8UiDRmFjczzS+IvGtKQxSOO8GkF/TmFETiY9dCYIxK67TFb/5eqVNVci2U3SZZ3eKtt5bo/rHWqDRbe92FcFN9u5guu15rp2Q7pecMRmy/829LTE5/mPMDV900Pe/wcAAAAAAAAAAAAAAAAAAJg0o/hzgtBjBAAAAAAAAAAAAAAAAAAAAABg0m3Vjv7vtfsEsDCf/6uePv/388CDBFDoTwAAAP//MhGL6g==")
r0 = msgget$private(0x0, 0x2)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000280)={{0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x40, 0x7}, 0x0, 0x0, 0x200, 0x6, 0xffffffff, 0x0, 0x100, 0x40, 0x7, 0x8001})
r1 = msgget(0x0, 0x2c4)
msgsnd(r1, &(0x7f0000000000)={0x3, "46e51f4d1e3c1ef83f32986e91d21c8e3d7f11d88b70f827ce836b3aaaddf33bbffc63d4ca90eeb54139235ddfb4bd7b605cac26a8ee591ca0741593f3626936a5ca45e03bbb1dd60319018fc25d651ee1e05e741c7c32ffd6acffd0ecfbfacf144acb18135c5944876949cd1c36c9014e042de6f40ec28e422b9d6fc23e269ce17475792fd55191e078702c28ff9176ba7f70f16332a88c93772c6a712e40ab2c4df2146a0472297a9c318a908886b651b0a3bb5ccd3f40fd443ef06c1a2c8a1d6bd871c3e9fa0d9cc027873cbf6a152d8f94b55e4da248e0f0976170810ef408a5581e6595547b67c18496683e0ee037a70e48793bcd99c22186f151b56c1ef185758b2a9742c92abcfca92178b232a78956035a467ef03d33c712aec9bf562da8b28f8b682b71ad47781917f03f30b94253d0901b1bef367191842a605327b9e003c3b827338f8e8c6fff69d8446de91943547d52c56febad98e037aaaf99f5f335056c9493f82564cd5763f1349509ce7b8ff5689ed918c53e71f072b0b61c03f4fedf2ae0da9df32c69bf20240083771e8cc18444b9ba4cdd23d4747dfdf3d4682e2d6a09ad77e4ef8d8431483e3f444351a6661303477ab7d608908dec8b9b1b578419faae39ac1a9c6a4b2c0761ce2c593ec2db1ec3af608dd3e824d30bcce77543d34549dc28396fa38ed299740995b71cb9dc1a251eb3ab72462c4907c52db1a2ce99e2bc984aa0d7af87814559cb47145d356264ba70d7e2bbae2006bcda299c3a572bef1ca1b00aad4afcefb98f69a7c43ea37e51b43d0930df691d5088808cdc5557cef6dceed0d398e60cdd21eb1addccd2c8ca329a7aef998a53096661909b4a04a2831b29b35439ed1906cbc07565bc627c919f7835572df4926ca3451fe31ddf123c231e26aeed1112c82a9dec3947804eb38720cc2957c9cac8575a47de5a47d2bcdb9f8139925ede514884aa606adf5977b4dc887e015d880b5d57adffaa9a6c9147d30cd291dcf1b8810f6646a83ddad71cdddb90e70e7cd6485c2e8f54bc9634db898d645edf537cbd4aa8ec5fd8c10893aa9ee43affe7671e00bc8fe257b656a84334f9fd7df9ab80897fe10f9626fa89b7bb0439a4ed1ecb8f310e6bd1238b41ad964dd1dbaf9a7139773e82371c867e123119a252a148d8f4fefb40a56502e71d7b181117102b9802bc5976187954e82ea43cf1896c81684c835da7f68ec57353122d214014a90cc1a80e8c88386995caf373aa6796cb965729a1d669aaf4abb6687487e736e53d34613ad35450a4c14d7e7ad6a7f2168ce2c520c9d50dbeb3f1f9109741e20e1cd5ad0d4e45f56b9c134a30d388521456b4183e59904427ce18cebd140a2c049a53bf4cd8c35fab023746bd88aedfe5b6613a462046300740dbfeff906a859b630ae172480e08"}, 0x401, 0x0)
msgsnd(r1, &(0x7f0000001040)=ANY=[@ANYRESDEC=r1], 0x401, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000002840)={{0x1, 0x0, 0xee01, 0x0, 0x0, 0x88, 0x2}, 0x0, 0x0, 0x81, 0x1, 0x100, 0x200, 0x3, 0xff7d, 0x86e8, 0x3})
r2 = msgget(0x0, 0x8)
msgctl$MSG_STAT(r2, 0xb, &(0x7f0000000500)=""/191)
msgctl$MSG_STAT_ANY(r0, 0xd, &(0x7f0000000000)=""/93)

[   59.114763][ T5324] loop0: detected capacity change from 0 to 64
[   59.143731][ T5324] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   59.148541][ T5324] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
[   59.151598][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00289-gea1fda89f5b2 #0
[   59.155170][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.158731][ T5324] RIP: 0010:hfs_find_init+0x72/0x1f0
[   59.160697][ T5324] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 44 83 76 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0
[   59.167671][ T5324] RSP: 0018:ffffc9000d5df2c0 EFLAGS: 00010202
[   59.169771][ T5324] RAX: 1ffff92001abbe77 RBX: ffffc9000d5df3b8 RCX: 0000000000040000
[   59.172194][ T5324] RDX: ffffc9000d381000 RSI: 0000000000001533 RDI: ffffc9000d5df3b0
[   59.174703][ T5324] RBP: 0000000000000000 R08: ffffffff82894c8f R09: 0000000000000000
[   59.177909][ T5324] R10: ffffc9000d5df3a0 R11: fffff52001abbe7b R12: ffffc9000d5df3a0
[   59.180694][ T5324] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008
[   59.183544][ T5324] FS:  00007f1743db06c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   59.186627][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.188873][ T5324] CR2: 00007f1742f62220 CR3: 000000004fbda000 CR4: 0000000000352ef0
[   59.191676][ T5324] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.194464][ T5324] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.197265][ T5324] Call Trace:
[   59.198479][ T5324]  <TASK>
[   59.199575][ T5324]  ? __die_body+0x5f/0xb0
[   59.201108][ T5324]  ? die_addr+0xb0/0xe0
[   59.202563][ T5324]  ? exc_general_protection+0x3dd/0x5d0
[   59.204485][ T5324]  ? asm_exc_general_protection+0x26/0x30
[   59.206486][ T5324]  ? hfs_get_block+0x3bf/0xb60
[   59.208031][ T5324]  ? hfs_find_init+0x72/0x1f0
[   59.209685][ T5324]  hfs_get_block+0x4f4/0xb60
[   59.211346][ T5324]  ? __pfx_hfs_get_block+0x10/0x10
[   59.213149][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   59.214837][ T5324]  ? create_empty_buffers+0x53e/0x740
[   59.216680][ T5324]  ? rcu_is_watching+0x15/0xb0
[   59.218378][ T5324]  block_read_full_folio+0x418/0xcd0
[   59.220225][ T5324]  ? __pfx_hfs_get_block+0x10/0x10
[   59.221999][ T5324]  ? __pfx_block_read_full_folio+0x10/0x10
[   59.224133][ T5324]  ? folio_add_lru+0x28f/0x870
[   59.226075][ T5324]  filemap_read_folio+0x14b/0x630
[   59.228011][ T5324]  ? __pfx_hfs_read_folio+0x10/0x10
[   59.229862][ T5324]  ? __pfx_filemap_read_folio+0x10/0x10
[   59.231833][ T5324]  ? __filemap_get_folio+0x949/0xbd0
[   59.233750][ T5324]  ? __pfx_lock_release+0x10/0x10
[   59.235737][ T5324]  do_read_cache_folio+0x3f5/0x850
[   59.237543][ T5324]  ? __pfx_hfs_read_folio+0x10/0x10
[   59.239377][ T5324]  do_read_cache_page+0x30/0x200
[   59.241157][ T5324]  hfs_btree_open+0x506/0xf40
[   59.242694][ T5324]  hfs_mdb_get+0x1443/0x21b0
[   59.244251][ T5324]  ? __pfx_hfs_mdb_get+0x10/0x10
[   59.246040][ T5324]  ? __pfx_lockdep_init_map_type+0x10/0x10
[   59.248053][ T5324]  ? __pfx_lockdep_init_map_type+0x10/0x10
[   59.250264][ T5324]  ? __raw_spin_lock_init+0x45/0x100
[   59.251953][ T5324]  hfs_fill_super+0x107e/0x1790
[   59.253632][ T5324]  ? __pfx_hfs_fill_super+0x10/0x10
[   59.255431][ T5324]  ? __pfx_vsnprintf+0x10/0x10
[   59.257068][ T5324]  ? do_raw_spin_lock+0x14f/0x370
[   59.258925][ T5324]  ? sb_set_blocksize+0x98/0xf0
[   59.260640][ T5324]  ? setup_bdev_super+0x4e6/0x5d0
[   59.262437][ T5324]  mount_bdev+0x20a/0x2d0
[   59.263959][ T5324]  ? __pfx_hfs_fill_super+0x10/0x10
[   59.265913][ T5324]  ? __pfx_mount_bdev+0x10/0x10
[   59.267490][ T5324]  ? vfs_parse_fs_string+0x190/0x230
[   59.269372][ T5324]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[   59.271228][ T5324]  legacy_get_tree+0xee/0x190
[   59.272929][ T5324]  ? __pfx_hfs_mount+0x10/0x10
[   59.274666][ T5324]  vfs_get_tree+0x90/0x2b0
[   59.276251][ T5324]  do_new_mount+0x2be/0xb40
[   59.277963][ T5324]  ? __pfx_do_new_mount+0x10/0x10
[   59.279892][ T5324]  __se_sys_mount+0x2d6/0x3c0
[   59.281609][ T5324]  ? __pfx___se_sys_mount+0x10/0x10
[   59.283439][ T5324]  ? exc_page_fault+0x590/0x8c0
[   59.285152][ T5324]  ? __x64_sys_mount+0x20/0xc0
[   59.286917][ T5324]  do_syscall_64+0xf3/0x230
[   59.288610][ T5324]  ? clear_bhb_loop+0x35/0x90
[   59.290407][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.292672][ T5324] RIP: 0033:0x7f1742f7feba
[   59.294412][ T5324] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.301351][ T5324] RSP: 002b:00007f1743dafe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   59.304546][ T5324] RAX: ffffffffffffffda RBX: 00007f1743dafef0 RCX: 00007f1742f7feba
[   59.307561][ T5324] RDX: 0000000020000240 RSI: 0000000020000280 RDI: 00007f1743dafeb0
[   59.310603][ T5324] RBP: 0000000020000240 R08: 00007f1743dafef0 R09: 0000000000000000
[   59.313447][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000280
[   59.316328][ T5324] R13: 00007f1743dafeb0 R14: 0000000000000277 R15: 0000000020000600
[   59.319345][ T5324]  </TASK>
[   59.320544][ T5324] Modules linked in:
[   59.322566][ T5324] ---[ end trace 0000000000000000 ]---
[   59.328625][ T5309] Bluetooth: hci0: command tx timeout
[   59.338119][ T5324] RIP: 0010:hfs_find_init+0x72/0x1f0
[   59.340206][ T5324] Code: d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 44 83 76 ff 48 c7 03 00 00 00 00 48 89 2c 24 4c 8d 75 40 4d 89 f7 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 10 01 00 00 41 8b 06 8d 7c 00 04 be c0
[   59.347944][ T5324] RSP: 0018:ffffc9000d5df2c0 EFLAGS: 00010202
[   59.350115][ T5324] RAX: 1ffff92001abbe77 RBX: ffffc9000d5df3b8 RCX: 0000000000040000
[   59.353465][ T5324] RDX: ffffc9000d381000 RSI: 0000000000001533 RDI: ffffc9000d5df3b0
[   59.356374][ T5324] RBP: 0000000000000000 R08: ffffffff82894c8f R09: 0000000000000000
[   59.359232][ T5324] R10: ffffc9000d5df3a0 R11: fffff52001abbe7b R12: ffffc9000d5df3a0
[   59.363022][ T5324] R13: dffffc0000000000 R14: 0000000000000040 R15: 0000000000000008
[   59.366114][ T5324] FS:  00007f1743db06c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   59.369425][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.372416][ T5324] CR2: 00007fbee6b95ed8 CR3: 000000004fbda000 CR4: 0000000000352ef0
[   59.375161][ T5324] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.378128][ T5324] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.380972][ T5324] Kernel panic - not syncing: Fatal exception
[   59.383432][ T5324] Kernel Offset: disabled
[   59.384881][ T5324] Rebooting in 86400 seconds..