program:
r0 = syz_mount_image$hfs(&(0x7f0000000300), &(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10000, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES8, @ANYRESHEX=0x0, @ANYRES32, @ANYRES64, @ANYRES8], 0x3, 0x309, &(0x7f0000000340)="$eJzs3b1PFEEYx/Hf7N3BIQRXwJBYoiRWRrExNhjD32As1IjcmRAumAAmYiOxNsbOl87CztrYUNoTrY1WxsIeujUzuwuLty93B3fn6feTcFlvZ2af2V1mnyFZRwD+W9cXvr27/MP+GKmkkrRtJE9SVSpLOq3p6sPVjeWNRr2W11DJ1bA/RmFN01RmabWeVtXWczUivv1XWWPJ79AdQRAE37+U8suc7Fk46BP32x803weeNOyGg0i1t2F1zVa/A+gzs6c9PdJ4v+MAAPSXff5XwsTfJgFjUf7uedJs9Nh3ycHgPP/zs9a93gXSdZUO6iSe/26WFRh7fd0pMwfzPTeFs/u9eJaY02LmniGFieSh7NIUzSpdLN7I/eVG/cLSg0bN01PNRxLFptxnTckkVQXRzuQEm6K471lcj72K7cNcRvyTnRzxZfuh7NsNzI65Y3y9UW0//ysH7oy4K+W7uP39CmH8F932jbR7bdR+GONKZfTylDvImegI+vi+hV5WlTktHYraDG/dJ+GXfhzni6GcWhM6/GeFsHeXso4U1ZpMrTVXUGvqoNbPeOSM7ubsmp3L6PYfzHNz08zolz5oIZH/e/Zsz7oC8WnPCdK4ktGdkdufsivptxCY11L4aFX+Y+GZ7umKxtc3H68sNhr1tVY3tr+2Ufi4Nl6/DTdKR2kn7nnTrrKOGmEwHDbdrZPQYYR2yGmjVnzDdPuaStqKvomvSWbheExLa8c0X8pB2dCR2ylpWCvxmHlsgUVne2tlsRFupSdKI52OSfjLJIbH6VvFxYNexISesmOICed/LpMPs7prbp/99fddnl5RWp5eeD+4Fl/d3gmnD4m5wUGyOuE+T7Q1gxuVyZodJPqQO+c6e146l3PET4eb9aM4/xFmQZ91l7//AwAAAAAAAAAAAAAAAAAADJrCFwN2g7X1zej1lg7fDOlzFwEAAAAAAAAAAAAAAAAAAAAAGHjN6//qarz+r1sjs2D93/jNgOz1fxP/q3fx+r/ztqGM9X/zF6kF0LbfAQAA//+ceWvZ")
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000100)={{0x7, 0x619}, 0x100, './bus\x00'}) (async)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x68042, 0x62)
ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000080)={0x2, [0x0, 0x0]})
socket$inet_udp(0x2, 0x2, 0x0) (async)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x185102, 0x0)
ftruncate(r2, 0x2007ffb) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r3, &(0x7f00000002c0)="0083", 0x2, 0x1e7c) (async)
write$cgroup_subtree(r3, &(0x7f0000000240)={[{0x2b, 'memory'}, {0x2d, 'pids'}, {0x2d, 'devices'}, {0x2d, 'net_prio'}, {0x77, 'net_prio'}, {0x0, 'io'}]}, 0x2f)
[ 75.541544][ T5333] Bluetooth: hci0: command tx timeout
[ 75.567672][ T5354] loop0: detected capacity change from 0 to 64
[ 75.656625][ T5356] hfs: new node 0 already hashed?
[ 75.659114][ T5356] ------------[ cut here ]------------
[ 75.662021][ T5356] WARNING: CPU: 0 PID: 5356 at fs/hfs/bnode.c:520 hfs_bnode_create+0x461/0x4f0
[ 75.666328][ T5356] Modules linked in:
[ 75.668271][ T5356] CPU: 0 UID: 0 PID: 5356 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 75.673228][ T5356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 75.677874][ T5356] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[ 75.680341][ T5356] Code: a1 8b 89 ee e8 50 45 8c fe e9 cf fc ff ff e8 36 63 24 ff 4c 89 ef e8 de 32 e3 08 48 c7 c7 60 e0 a1 8b 89 ee e8 30 45 8c fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[ 75.689169][ T5356] RSP: 0018:ffffc9000d4fedc0 EFLAGS: 00010246
[ 75.692407][ T5356] RAX: 000000000000001f RBX: ffff888037066000 RCX: d30ccbc3d828f300
[ 75.695673][ T5356] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 75.699023][ T5356] RBP: 0000000000000000 R08: ffffc9000d4feae7 R09: 1ffff92001a9fd5c
[ 75.702739][ T5356] R10: dffffc0000000000 R11: fffff52001a9fd5d R12: 0000000000000000
[ 75.706263][ T5356] R13: ffff8880370660e0 R14: ffff888036acb200 R15: dffffc0000000000
[ 75.709985][ T5356] FS: 00007fe67895f6c0(0000) GS:ffff88808d20c000(0000) knlGS:0000000000000000
[ 75.714198][ T5356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 75.717393][ T5356] CR2: 00007fe67893ed58 CR3: 0000000036283000 CR4: 0000000000352ef0
[ 75.720963][ T5356] Call Trace:
[ 75.723057][ T5356]
[ 75.724365][ T5356] ? do_raw_spin_unlock+0x4d/0x240
[ 75.726559][ T5356] hfs_bmap_alloc+0x5bb/0x640
[ 75.728544][ T5356] ? __pfx_hfs_bmap_alloc+0x10/0x10
[ 75.730697][ T5356] ? __lock_acquire+0xab9/0xd20
[ 75.733209][ T5356] hfs_btree_inc_height+0xf6/0xac0
[ 75.735382][ T5356] ? _atomic_dec_and_lock+0xae/0x120
[ 75.737700][ T5356] ? __pfx_folio_mark_accessed+0x10/0x10
[ 75.740049][ T5356] ? __pfx_hfs_btree_inc_height+0x10/0x10
[ 75.742638][ T5356] ? do_raw_spin_unlock+0x4d/0x240
[ 75.744919][ T5356] hfs_brec_insert+0x743/0xbd0
[ 75.747138][ T5356] ? __pfx_hfs_brec_insert+0x10/0x10
[ 75.749753][ T5356] __hfs_ext_write_extent+0x2a1/0x470
[ 75.753156][ T5356] __hfs_ext_cache_extent+0x6b/0x9b0
[ 75.756371][ T5356] ? hfs_find_init+0x184/0x200
[ 75.759027][ T5356] hfs_extend_file+0x316/0x1230
[ 75.761359][ T5356] ? __pfx_hfs_extend_file+0x10/0x10
[ 75.763963][ T5356] ? percpu_ref_get_many+0x19/0x140
[ 75.766402][ T5356] ? percpu_ref_get_many+0x19/0x140
[ 75.768684][ T5356] ? __lock_acquire+0xab9/0xd20
[ 75.770809][ T5356] hfs_get_block+0x3d7/0xbd0
[ 75.773074][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 75.775294][ T5356] ? do_raw_spin_unlock+0x4d/0x240
[ 75.777554][ T5356] ? _raw_spin_unlock+0x28/0x50
[ 75.779524][ T5356] __block_write_begin_int+0x6b2/0x1900
[ 75.781948][ T5356] ? folio_add_lru+0x1b2/0x3d0
[ 75.783993][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 75.786144][ T5356] ? __pfx___block_write_begin_int+0x10/0x10
[ 75.788577][ T5356] cont_write_begin+0x789/0xb50
[ 75.790570][ T5356] ? __pfx_cont_write_begin+0x10/0x10
[ 75.793028][ T5356] ? folio_unlock+0x101/0x160
[ 75.795148][ T5356] hfs_write_begin+0x66/0xb0
[ 75.797200][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 75.799446][ T5356] cont_write_begin+0x2fa/0xb50
[ 75.801847][ T5356] ? __pfx_cont_write_begin+0x10/0x10
[ 75.804137][ T5356] hfs_write_begin+0x66/0xb0
[ 75.806170][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 75.808421][ T5356] hfs_file_truncate+0x190/0x9c0
[ 75.810657][ T5356] ? __up_read+0x280/0x680
[ 75.812780][ T5356] ? __pfx___up_read+0x10/0x10
[ 75.814803][ T5356] ? __pfx_hfs_file_truncate+0x10/0x10
[ 75.817161][ T5356] ? unmap_mapping_range+0xde/0x170
[ 75.819331][ T5356] ? __pfx_unmap_mapping_range+0x10/0x10
[ 75.821838][ T5356] ? pagecache_isize_extended+0x11a/0x4f0
[ 75.824215][ T5356] ? truncate_setsize+0xcf/0xf0
[ 75.826710][ T5356] hfs_inode_setattr+0x4a9/0x670
[ 75.828872][ T5356] ? try_break_deleg+0x79/0x130
[ 75.831028][ T5356] ? __pfx_hfs_inode_setattr+0x10/0x10
[ 75.833864][ T5356] notify_change+0xb33/0xe40
[ 75.835889][ T5356] do_truncate+0x1a4/0x220
[ 75.837905][ T5356] ? __pfx_do_truncate+0x10/0x10
[ 75.840180][ T5356] do_ftruncate+0x489/0x540
[ 75.842307][ T5356] ? __pfx_do_ftruncate+0x10/0x10
[ 75.844478][ T5356] ? __fget_files+0x2a/0x420
[ 75.846467][ T5356] __x64_sys_ftruncate+0x92/0xf0
[ 75.848629][ T5356] do_syscall_64+0xfa/0x3b0
[ 75.850676][ T5356] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.853202][ T5356] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.855942][ T5356] ? clear_bhb_loop+0x60/0xb0
[ 75.858023][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.860559][ T5356] RIP: 0033:0x7fe677b8ebe9
[ 75.862653][ T5356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 75.870470][ T5356] RSP: 002b:00007fe67895f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 75.874342][ T5356] RAX: ffffffffffffffda RBX: 00007fe677dc6180 RCX: 00007fe677b8ebe9
[ 75.877894][ T5356] RDX: 0000000000000000 RSI: 0000000002007ffb RDI: 0000000000000005
[ 75.881664][ T5356] RBP: 00007fe677c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 75.885078][ T5356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 75.888476][ T5356] R13: 00007fe677dc6218 R14: 00007fe677dc6180 R15: 00007ffc0f283f08
[ 75.892083][ T5356]
[ 75.893460][ T5356] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 75.896577][ T5356] CPU: 0 UID: 0 PID: 5356 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 75.900385][ T5356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 75.904974][ T5356] Call Trace:
[ 75.906454][ T5356]
[ 75.907751][ T5356] dump_stack_lvl+0x99/0x250
[ 75.909882][ T5356] ? __asan_memcpy+0x40/0x70
[ 75.911914][ T5356] ? __pfx_dump_stack_lvl+0x10/0x10
[ 75.914122][ T5356] ? __pfx__printk+0x10/0x10
[ 75.916172][ T5356] vpanic+0x281/0x750
[ 75.917838][ T5356] ? __pfx__printk+0x10/0x10
[ 75.919802][ T5356] ? __pfx_vpanic+0x10/0x10
[ 75.921817][ T5356] ? is_bpf_text_address+0x26/0x2b0
[ 75.923955][ T5356] panic+0xb9/0xc0
[ 75.925549][ T5356] ? __pfx_panic+0x10/0x10
[ 75.927473][ T5356] __warn+0x31b/0x4b0
[ 75.929399][ T5356] ? hfs_bnode_create+0x461/0x4f0
[ 75.931598][ T5356] ? hfs_bnode_create+0x461/0x4f0
[ 75.933758][ T5356] report_bug+0x2be/0x4f0
[ 75.935608][ T5356] ? hfs_bnode_create+0x461/0x4f0
[ 75.937834][ T5356] ? hfs_bnode_create+0x461/0x4f0
[ 75.939910][ T5356] ? hfs_bnode_create+0x463/0x4f0
[ 75.942028][ T5356] handle_bug+0x84/0x160
[ 75.943848][ T5356] exc_invalid_op+0x1a/0x50
[ 75.945818][ T5356] asm_exc_invalid_op+0x1a/0x20
[ 75.947926][ T5356] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[ 75.950265][ T5356] Code: a1 8b 89 ee e8 50 45 8c fe e9 cf fc ff ff e8 36 63 24 ff 4c 89 ef e8 de 32 e3 08 48 c7 c7 60 e0 a1 8b 89 ee e8 30 45 8c fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[ 75.958159][ T5356] RSP: 0018:ffffc9000d4fedc0 EFLAGS: 00010246
[ 75.960733][ T5356] RAX: 000000000000001f RBX: ffff888037066000 RCX: d30ccbc3d828f300
[ 75.964090][ T5356] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 75.967436][ T5356] RBP: 0000000000000000 R08: ffffc9000d4feae7 R09: 1ffff92001a9fd5c
[ 75.970759][ T5356] R10: dffffc0000000000 R11: fffff52001a9fd5d R12: 0000000000000000
[ 75.974017][ T5356] R13: ffff8880370660e0 R14: ffff888036acb200 R15: dffffc0000000000
[ 75.977354][ T5356] ? do_raw_spin_unlock+0x4d/0x240
[ 75.979443][ T5356] hfs_bmap_alloc+0x5bb/0x640
[ 75.981563][ T5356] ? __pfx_hfs_bmap_alloc+0x10/0x10
[ 75.983779][ T5356] ? __lock_acquire+0xab9/0xd20
[ 75.985873][ T5356] hfs_btree_inc_height+0xf6/0xac0
[ 75.987967][ T5356] ? _atomic_dec_and_lock+0xae/0x120
[ 75.990275][ T5356] ? __pfx_folio_mark_accessed+0x10/0x10
[ 75.992556][ T5356] ? __pfx_hfs_btree_inc_height+0x10/0x10
[ 75.994897][ T5356] ? do_raw_spin_unlock+0x4d/0x240
[ 75.997115][ T5356] hfs_brec_insert+0x743/0xbd0
[ 75.999184][ T5356] ? __pfx_hfs_brec_insert+0x10/0x10
[ 76.001573][ T5356] __hfs_ext_write_extent+0x2a1/0x470
[ 76.003733][ T5356] __hfs_ext_cache_extent+0x6b/0x9b0
[ 76.005920][ T5356] ? hfs_find_init+0x184/0x200
[ 76.007867][ T5356] hfs_extend_file+0x316/0x1230
[ 76.009888][ T5356] ? __pfx_hfs_extend_file+0x10/0x10
[ 76.012100][ T5356] ? percpu_ref_get_many+0x19/0x140
[ 76.014257][ T5356] ? percpu_ref_get_many+0x19/0x140
[ 76.016468][ T5356] ? __lock_acquire+0xab9/0xd20
[ 76.018786][ T5356] hfs_get_block+0x3d7/0xbd0
[ 76.020758][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 76.023046][ T5356] ? do_raw_spin_unlock+0x4d/0x240
[ 76.025228][ T5356] ? _raw_spin_unlock+0x28/0x50
[ 76.027393][ T5356] __block_write_begin_int+0x6b2/0x1900
[ 76.029712][ T5356] ? folio_add_lru+0x1b2/0x3d0
[ 76.031861][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 76.034048][ T5356] ? __pfx___block_write_begin_int+0x10/0x10
[ 76.036535][ T5356] cont_write_begin+0x789/0xb50
[ 76.038599][ T5356] ? __pfx_cont_write_begin+0x10/0x10
[ 76.040822][ T5356] ? folio_unlock+0x101/0x160
[ 76.042750][ T5356] hfs_write_begin+0x66/0xb0
[ 76.044930][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 76.047606][ T5356] cont_write_begin+0x2fa/0xb50
[ 76.049910][ T5356] ? __pfx_cont_write_begin+0x10/0x10
[ 76.052434][ T5356] hfs_write_begin+0x66/0xb0
[ 76.054429][ T5356] ? __pfx_hfs_get_block+0x10/0x10
[ 76.056450][ T5356] hfs_file_truncate+0x190/0x9c0
[ 76.058420][ T5356] ? __up_read+0x280/0x680
[ 76.060339][ T5356] ? __pfx___up_read+0x10/0x10
[ 76.062369][ T5356] ? __pfx_hfs_file_truncate+0x10/0x10
[ 76.064797][ T5356] ? unmap_mapping_range+0xde/0x170
[ 76.066901][ T5356] ? __pfx_unmap_mapping_range+0x10/0x10
[ 76.069465][ T5356] ? pagecache_isize_extended+0x11a/0x4f0
[ 76.072071][ T5356] ? truncate_setsize+0xcf/0xf0
[ 76.074334][ T5356] hfs_inode_setattr+0x4a9/0x670
[ 76.076446][ T5356] ? try_break_deleg+0x79/0x130
[ 76.078543][ T5356] ? __pfx_hfs_inode_setattr+0x10/0x10
[ 76.080732][ T5356] notify_change+0xb33/0xe40
[ 76.082777][ T5356] do_truncate+0x1a4/0x220
[ 76.084668][ T5356] ? __pfx_do_truncate+0x10/0x10
[ 76.086792][ T5356] do_ftruncate+0x489/0x540
[ 76.088704][ T5356] ? __pfx_do_ftruncate+0x10/0x10
[ 76.090720][ T5356] ? __fget_files+0x2a/0x420
[ 76.092698][ T5356] __x64_sys_ftruncate+0x92/0xf0
[ 76.094644][ T5356] do_syscall_64+0xfa/0x3b0
[ 76.096475][ T5356] ? lockdep_hardirqs_on+0x9c/0x150
[ 76.098432][ T5356] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.101261][ T5356] ? clear_bhb_loop+0x60/0xb0
[ 76.103297][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.105931][ T5356] RIP: 0033:0x7fe677b8ebe9
[ 76.107809][ T5356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 76.115849][ T5356] RSP: 002b:00007fe67895f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 76.119247][ T5356] RAX: ffffffffffffffda RBX: 00007fe677dc6180 RCX: 00007fe677b8ebe9
[ 76.122615][ T5356] RDX: 0000000000000000 RSI: 0000000002007ffb RDI: 0000000000000005
[ 76.125854][ T5356] RBP: 00007fe677c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 76.129234][ T5356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 76.132663][ T5356] R13: 00007fe677dc6218 R14: 00007fe677dc6180 R15: 00007ffc0f283f08
[ 76.136614][ T5356]
[ 76.138808][ T5356] Kernel Offset: disabled
[ 76.140926][ T5356] Rebooting in 86400 seconds..