program:
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d4, &(0x7f0000000c00)="$eJzs3c9vHGcdB+DPrNeON1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitELgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXe/a8brxj8DzRLPzvvPO+84733lnZmed1Qb4v3XtfJoPU+Ta+dcflPn1tfn2+tr8sbq4naRMN5Jmd5biTlI8ShbK8qJvSt98yEfLV9/89PH6Z91cs56q9Sd2qjfCiHVX6ymzdXuzI2tO7nYTq3X38kKS6/V80NRu2xpYsQzauXoOh64zZHWc6uOct8AR07s7Fd375pCZ5HiS6fp9QOqrQ+Pgerg/xrrKAQAAwHPqk7uH3QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4/tS//1/UU6OeZzZF7/f/p3rL6vQRtLDrNR/uaz8AAAAAAAAA4GB8/Ume5EFO9PKdovqb/9kqcyqfd5Iv5b3cz1Lu5UIeZDErWcm9XEoy09fQ1IPFlZV7lzZqlkbXvDyy5uWD2mMAAAAAAAAA+J/0y7Q2//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABHQZFMdGfVdKqeZyaNZjbLspr8M8nUYfd3DMWIZY1D6AcAAAB8IdN7qPPlJ3mSBznRy3eK6pn/K9Xz8nTey52sZDkraWcpN+pn6PKpv7G+Nt9eX5u/XU7DT9Lf//dY3ZiqW5iocqO2fKZao5WbWa6WXMj1qjM30uhu+1xyptefvn71+bDsU/G92i571qzDWm7s99t8ivBsPBzI7fTJRGuzc8lGRObqvpU1T3YjUFQf1CRbI/HUo9McyM1UrU5ubOlSGhuf/Jzah5gfr+fl/vxmX2M+ro1INFJF4nJv9JXnzM6RSL7x1z+9dat9551bN++fPzq79BQTw4uqwbF1TMz3ReLl5zoSzTHXn6sicXojfy0/yk9yPrN5I/eynJ9mMStZSqcuX6zHc/k6s3OkFgZyb6T/3B9hqj4u3WO2mz7N5odVajFnq7onspwid3MjS3mt+nc5l/LtXMmVXO07wqe37Xe1b9VZ39h61veO9N9Gdv7cN+tEuYe/3dzThR12eNTofKa61/4yrif74tod9Y831jrZdx7M9UXpxV50Jkc2vpdrY/OrdaLcxq+O1CfYM3UkyhOod5fo9e6lbiSa1b1oeJz/oVPWS/tOp3Nr8d1t2l/dkn+1npfDau1rT1u7Z/SheLbK8fJipusryeDoKMte2rjK9JV1Nsdyt2zwjlvWO12VFUXvTP1x7lYDYPhMnarfww23dLkqe3lk2XxVdqavbOD9Vu6mnRsHED8A9uIfb20kZ3J8qvWv1ietj1u/bt1qvT79g2PfOfbKVCb/Pvnd5tzEq41Xir/k4/x88/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYu/vvf/DOYru9dG90orF90UCila1LntbylkRR/6DPeLWObmI6ycCS6neO9thg7zf3xq/eemqtzi+SA49Pb4dGr/O7MtEcGlGjEgsDS/483OCHY/aw2N15sY+JRg52oxMZPQAO6YIEHJiLK7ffvXj//Q++tXx78e2lt5fuTF65cnXu6pXX5i/eXG4vzXVfD7uXwH7YvOkfdk8AAAAAAAAAAACA3Rr1xYCzL+zlqyZD3/HwPwsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ+La+TQfpsiluQtzZX59bb5dTr305prNJI1GUvwsKR4lC+lOmelrrsgfH6UzsIWiev1o+eqbnz5e/2yzrWavsLGx0nZ2Lk2yWk+ZTTJRz3dhejftXd99e9so/tPbhzJgn3c6nYUv1B48I/8NAAD//5ce8Po=")
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c46057d0a08050000000000000003000600155eef2ef7000000380000000b030000bc000000090020000300010087000004000000000600000006000000fdfffffff9ffffffbfa10000f7ffffff59860000020000000600000003000000000001000900000006000000ffffff7f01000000ffffffff51e5746406000000ff0000000600000003000000070bfb5b38ca668922b8d9461ae5fc56000000f8ffffffe1000000"], 0x98)
close(r0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

[   88.740402][ T5323] Bluetooth: hci0: command tx timeout
[   88.846804][ T5346] loop0: detected capacity change from 0 to 1024
[   88.904299][ T5346] hfsplus: new node 0 already hashed?
[   88.906987][ T5346] ------------[ cut here ]------------
[   88.909346][ T5346] WARNING: fs/hfsplus/bnode.c:631 at hfsplus_bnode_create+0x461/0x4f0, CPU#0: syz.0.0/5346
[   88.913941][ T5346] Modules linked in:
[   88.915756][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   88.919741][ T5346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.924566][ T5346] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   88.927387][ T5346] Code: a2 8b 89 ee e8 20 c4 85 fe e9 cf fc ff ff e8 b6 db 1f ff 4c 89 ef e8 ee 67 be 08 48 c7 c7 c0 96 a2 8b 89 ee e8 00 c4 85 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   88.936024][ T5346] RSP: 0018:ffffc9000b996f80 EFLAGS: 00010246
[   88.938870][ T5346] RAX: 0000000000000023 RBX: ffff8880304a0000 RCX: 80818b5dee9f0100
[   88.942554][ T5346] RDX: ffffc90020b02000 RSI: 000000000000471c RDI: 000000000000471d
[   88.946058][ T5346] RBP: 0000000000000000 R08: ffffc9000b996ca7 R09: 1ffff92001732d94
[   88.949604][ T5346] R10: dffffc0000000000 R11: fffff52001732d95 R12: 0000000000000000
[   88.953389][ T5346] R13: ffff8880304a00e0 R14: ffff8880332d4100 R15: dffffc0000000000
[   88.956937][ T5346] FS:  00007fdf997fa6c0(0000) GS:ffff88808d22a000(0000) knlGS:0000000000000000
[   88.960775][ T5346] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.963524][ T5346] CR2: 0000557f95848048 CR3: 0000000011b69000 CR4: 0000000000352ef0
[   88.966579][ T5346] Call Trace:
[   88.967966][ T5346]  <TASK>
[   88.969178][ T5346]  ? do_raw_spin_unlock+0x4d/0x240
[   88.971463][ T5346]  hfsplus_bmap_alloc+0x746/0xaf0
[   88.973502][ T5346]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   88.975705][ T5346]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   88.978125][ T5346]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   88.980826][ T5346]  hfs_bnode_split+0xcc/0x1080
[   88.982998][ T5346]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   88.985277][ T5346]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   88.987570][ T5346]  ? __asan_memcpy+0x40/0x70
[   88.989653][ T5346]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   88.992378][ T5346]  ? hfsplus_bnode_read_u16+0x87/0xd0
[   88.994741][ T5346]  ? __pfx_hfs_bnode_split+0x10/0x10
[   88.997015][ T5346]  hfsplus_brec_insert+0x3b6/0xd70
[   88.999286][ T5346]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   89.001962][ T5346]  hfsplus_create_cat+0x3b1/0x10d0
[   89.004275][ T5346]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   89.006668][ T5346]  ? do_raw_spin_unlock+0x4d/0x240
[   89.008949][ T5346]  ? do_raw_spin_unlock+0x4d/0x240
[   89.011387][ T5346]  ? _raw_spin_unlock+0x28/0x50
[   89.013638][ T5346]  ? hfsplus_new_inode+0x643/0x820
[   89.015884][ T5346]  hfsplus_fill_super+0x120e/0x1930
[   89.018158][ T5346]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   89.020619][ T5346]  ? string+0x279/0x2b0
[   89.022523][ T5346]  ? snprintf+0xda/0x120
[   89.024419][ T5346]  ? sb_set_blocksize+0x155/0x240
[   89.026620][ T5346]  ? setup_bdev_super+0x4c1/0x5b0
[   89.028810][ T5346]  get_tree_bdev_flags+0x40e/0x4d0
[   89.031249][ T5346]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   89.033614][ T5346]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   89.036156][ T5346]  vfs_get_tree+0x92/0x2a0
[   89.038183][ T5346]  do_new_mount+0x302/0xa10
[   89.040299][ T5346]  ? apparmor_capable+0x137/0x1a0
[   89.042652][ T5346]  ? __pfx_do_new_mount+0x10/0x10
[   89.044955][ T5346]  ? ns_capable+0x8a/0xf0
[   89.046979][ T5346]  ? kmem_cache_free+0x197/0x620
[   89.049201][ T5346]  __se_sys_mount+0x313/0x410
[   89.051470][ T5346]  ? __pfx___se_sys_mount+0x10/0x10
[   89.053754][ T5346]  ? do_syscall_64+0xbe/0xf80
[   89.055922][ T5346]  ? __x64_sys_mount+0x20/0xc0
[   89.058108][ T5346]  do_syscall_64+0xfa/0xf80
[   89.060212][ T5346]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.062992][ T5346]  ? clear_bhb_loop+0x60/0xb0
[   89.065128][ T5346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.067829][ T5346] RIP: 0033:0x7fdf98990f6a
[   89.069973][ T5346] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.078496][ T5346] RSP: 002b:00007fdf997f9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   89.082529][ T5346] RAX: ffffffffffffffda RBX: 00007fdf997f9ef0 RCX: 00007fdf98990f6a
[   89.086556][ T5346] RDX: 0000200000000000 RSI: 0000200000002900 RDI: 00007fdf997f9eb0
[   89.090486][ T5346] RBP: 0000200000000000 R08: 00007fdf997f9ef0 R09: 0000000002000010
[   89.094064][ T5346] R10: 0000000002000010 R11: 0000000000000246 R12: 0000200000002900
[   89.097737][ T5346] R13: 00007fdf997f9eb0 R14: 00000000000006d4 R15: 00002000000022c0
[   89.101427][ T5346]  </TASK>
[   89.102863][ T5346] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   89.106080][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   89.110006][ T5346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.114785][ T5346] Call Trace:
[   89.116299][ T5346]  <TASK>
[   89.117596][ T5346]  dump_stack_lvl+0x99/0x250
[   89.119674][ T5346]  ? __asan_memcpy+0x40/0x70
[   89.121748][ T5346]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.124094][ T5346]  ? __pfx__printk+0x10/0x10
[   89.126184][ T5346]  vpanic+0x237/0x6d0
[   89.127968][ T5346]  ? __pfx_vpanic+0x10/0x10
[   89.129965][ T5346]  ? is_bpf_text_address+0x292/0x2b0
[   89.132282][ T5346]  ? is_bpf_text_address+0x26/0x2b0
[   89.134601][ T5346]  panic+0xb9/0xc0
[   89.136312][ T5346]  ? __pfx_panic+0x10/0x10
[   89.138417][ T5346]  __warn+0x317/0x4b0
[   89.140095][ T5346]  ? hfsplus_bnode_create+0x461/0x4f0
[   89.142288][ T5346]  ? hfsplus_bnode_create+0x461/0x4f0
[   89.144456][ T5346]  __report_bug+0x288/0x500
[   89.146359][ T5346]  ? irq_work_queue+0xbc/0x140
[   89.148375][ T5346]  ? hfsplus_bnode_create+0x461/0x4f0
[   89.150662][ T5346]  ? __pfx___report_bug+0x10/0x10
[   89.152906][ T5346]  ? __pfx_vprintk_emit+0x10/0x10
[   89.155282][ T5346]  ? hfsplus_bnode_create+0x461/0x4f0
[   89.157724][ T5346]  report_bug+0x16a/0x220
[   89.159761][ T5346]  ? hfsplus_bnode_create+0x461/0x4f0
[   89.162219][ T5346]  ? hfsplus_bnode_create+0x463/0x4f0
[   89.164600][ T5346]  handle_bug+0x98/0x200
[   89.166455][ T5346]  exc_invalid_op+0x1a/0x50
[   89.168412][ T5346]  asm_exc_invalid_op+0x1a/0x20
[   89.170584][ T5346] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   89.173242][ T5346] Code: a2 8b 89 ee e8 20 c4 85 fe e9 cf fc ff ff e8 b6 db 1f ff 4c 89 ef e8 ee 67 be 08 48 c7 c7 c0 96 a2 8b 89 ee e8 00 c4 85 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   89.181156][ T5346] RSP: 0018:ffffc9000b996f80 EFLAGS: 00010246
[   89.183760][ T5346] RAX: 0000000000000023 RBX: ffff8880304a0000 RCX: 80818b5dee9f0100
[   89.187199][ T5346] RDX: ffffc90020b02000 RSI: 000000000000471c RDI: 000000000000471d
[   89.190558][ T5346] RBP: 0000000000000000 R08: ffffc9000b996ca7 R09: 1ffff92001732d94
[   89.194068][ T5346] R10: dffffc0000000000 R11: fffff52001732d95 R12: 0000000000000000
[   89.197506][ T5346] R13: ffff8880304a00e0 R14: ffff8880332d4100 R15: dffffc0000000000
[   89.201152][ T5346]  ? do_raw_spin_unlock+0x4d/0x240
[   89.203363][ T5346]  hfsplus_bmap_alloc+0x746/0xaf0
[   89.205520][ T5346]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   89.207931][ T5346]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   89.210141][ T5346]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   89.212351][ T5346]  hfs_bnode_split+0xcc/0x1080
[   89.214508][ T5346]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   89.216850][ T5346]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   89.219183][ T5346]  ? __asan_memcpy+0x40/0x70
[   89.221199][ T5346]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   89.223492][ T5346]  ? hfsplus_bnode_read_u16+0x87/0xd0
[   89.225897][ T5346]  ? __pfx_hfs_bnode_split+0x10/0x10
[   89.228228][ T5346]  hfsplus_brec_insert+0x3b6/0xd70
[   89.230463][ T5346]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   89.232749][ T5346]  hfsplus_create_cat+0x3b1/0x10d0
[   89.235032][ T5346]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   89.237457][ T5346]  ? do_raw_spin_unlock+0x4d/0x240
[   89.239588][ T5346]  ? do_raw_spin_unlock+0x4d/0x240
[   89.241473][ T5346]  ? _raw_spin_unlock+0x28/0x50
[   89.243374][ T5346]  ? hfsplus_new_inode+0x643/0x820
[   89.245461][ T5346]  hfsplus_fill_super+0x120e/0x1930
[   89.247753][ T5346]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   89.250253][ T5346]  ? string+0x279/0x2b0
[   89.252162][ T5346]  ? snprintf+0xda/0x120
[   89.254252][ T5346]  ? sb_set_blocksize+0x155/0x240
[   89.256339][ T5346]  ? setup_bdev_super+0x4c1/0x5b0
[   89.258497][ T5346]  get_tree_bdev_flags+0x40e/0x4d0
[   89.260609][ T5346]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   89.263071][ T5346]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   89.265771][ T5346]  vfs_get_tree+0x92/0x2a0
[   89.267787][ T5346]  do_new_mount+0x302/0xa10
[   89.269866][ T5346]  ? apparmor_capable+0x137/0x1a0
[   89.272127][ T5346]  ? __pfx_do_new_mount+0x10/0x10
[   89.274508][ T5346]  ? ns_capable+0x8a/0xf0
[   89.276479][ T5346]  ? kmem_cache_free+0x197/0x620
[   89.278721][ T5346]  __se_sys_mount+0x313/0x410
[   89.280901][ T5346]  ? __pfx___se_sys_mount+0x10/0x10
[   89.283276][ T5346]  ? do_syscall_64+0xbe/0xf80
[   89.285411][ T5346]  ? __x64_sys_mount+0x20/0xc0
[   89.287630][ T5346]  do_syscall_64+0xfa/0xf80
[   89.289685][ T5346]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.292457][ T5346]  ? clear_bhb_loop+0x60/0xb0
[   89.294645][ T5346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.297235][ T5346] RIP: 0033:0x7fdf98990f6a
[   89.299247][ T5346] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.307881][ T5346] RSP: 002b:00007fdf997f9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   89.311498][ T5346] RAX: ffffffffffffffda RBX: 00007fdf997f9ef0 RCX: 00007fdf98990f6a
[   89.314602][ T5346] RDX: 0000200000000000 RSI: 0000200000002900 RDI: 00007fdf997f9eb0
[   89.317828][ T5346] RBP: 0000200000000000 R08: 00007fdf997f9ef0 R09: 0000000002000010
[   89.321068][ T5346] R10: 0000000002000010 R11: 0000000000000246 R12: 0000200000002900
[   89.324193][ T5346] R13: 00007fdf997f9eb0 R14: 00000000000006d4 R15: 00002000000022c0
[   89.327425][ T5346]  </TASK>
[   89.329046][ T5346] Kernel Offset: disabled
[   89.330991][ T5346] Rebooting in 86400 seconds..