Extracting prog: 3m37.984947041s
Minimizing prog: 50m8.398100896s
Simplifying prog options: 0s
Extracting C: 29.226607603s
Simplifying C: 11m58.948907091s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program crashed: WARNING in hfs_bnode_create
single: successfully extracted reproducer
found reproducer with 5 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
detailed listing:
executing program 0:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='codepage=koi8-r,part=0x0000000000000006,quiet,iocharset=cp857,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0038ff4ab22ac1126a3319aea6729c1fb77e250aa3f3f3a514013df539dfc3ec70b40bf2cd9342fd15771ee81882b03759a2444d8600"], 0x1, 0x2de, &(0x7f0000000900)="$eJzs3T1vE0kcx/HfrO3EeVBuL8nppGsOBSJBExGgQDRGyC09FQJiR4qwgkiCBDQERIl4AfS8BV4EDYg3ABUVNUq3aGbHm117vY4DtuPk+5FsrWdndv7DzHhnViIWgDPrVv3r+6vf7ctIJZUk3ZACSVWpLOkf/Vt9sr23tddqNoouVHIl7MsoLmm68mxsN/OK2nKuhBfaT2XNp9MwHFEU3fw27iAwdm725wikaT8P3fnqiOMaln3p/3HHMGrpDjYHOtBTLYwxHADACeDv/4G/Tcy7JKMgkFb9bf+03P+79yWT71qrKykqLJC6/7vVXWRs//7lTh3u99w/lT0ftHeJRwmm0vF5SvHIyiwwTb9dpYslmNncKmtt46UagV6p5qWyLbv3Rjx02/pEuzLYGOh9tYpuz8atcSvKTu2QNrdazWl7UKvVflay8S8NVuPvMx/NZ3PXhHqnRrL+K0fGdpPrqbCjp4KKjf9y7yvOuVI2l/z0qtVqQSbL366S/3wNXp9WVvN3JOlrth8Q7CcRFMXp6l5U9rFC3Lr1PqWW8kqFyacepZYzpUp+JKxtPGoVPkoZjnYTzVtzx6zohz6onlr/Bza+VaVmZsdXfXrQyricfmTE7ZnKr7bscoZdd47D6XIuicCbPlb7zrzBnpa90QNd18Lus+cPS61Wc8ce3M85eDy/Y3xK5bWUm2f4ByUV5NH+YUpkvYiio1458gfLc0MI/tIfvaD9/khS7PTJy2xnWZISjLqbzspB/ZOKBuTkHESR1OPU0L6ncILsmnan+4SZMQeEUbPrLhPv/9xK3q/q3BbJvoUF6/TiTaYyV1xPdnDZpeCie58daAc313sHl6rxSo89o9tznb8oXUglGhXWGPo4TwlT1xfd4/k/AAAAAAAAAAAAAAAAAADApBnF/zQYdxsBAAAAAAAAAAAAAAAAAAAAAJh0x/r937y/Ee9+/zfk93+BCfIrAAD//2cud98=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0x10f)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
simplifying C reproducer
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfs-openat$cgroup_ro-write$binfmt_script-mmap-mkdirat
program crashed: WARNING in hfs_bnode_create
reproducing took 1h6m14.558586241s
repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 64
hfs: new node 0 already hashed?
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4042 at fs/hfs/bnode.c:432 hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
Modules linked in:
CPU: 0 PID: 4042 Comm: syz-executor425 Not tainted 5.15.177-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
lr : hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
sp : ffff800020297510
x29: ffff800020297520 x28: ffff0000dc3b1000 x27: 00000000000000f8
x26: ffff0000dc3b10f8 x25: dfff800000000000 x24: 1ffff00004052eb8
x23: 0000000000000000 x22: ffff0000cb8760e0 x21: ffff0000cb876000
x20: 0000000000000000 x19: ffff0000c084d400 x18: ffff800020296b40
x17: 1fffe0003682eb8e x16: ffff800011b4efd4 x15: 000000000000b65b
x14: 1ffff0000296e06c x13: dfff800000000000 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : 02e7c397f3209500
x8 : 02e7c397f3209500 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000aa0f0bc
x2 : ffff0001b4175d10 x1 : 0000000100000000 x0 : 000000000000001f
Call trace:
 hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
 hfs_bmap_alloc+0x5c0/0x6b4 fs/hfs/btree.c:288
 hfs_bnode_split+0xcc/0xd88 fs/hfsplus/brec.c:245
 hfs_brec_insert+0x2bc/0x97c fs/hfs/brec.c:102
 hfs_cat_create+0x340/0x844 fs/hfs/catalog.c:118
 hfs_mkdir+0x70/0xe4 fs/hfs/dir.c:232
 vfs_mkdir+0x334/0x4e4 fs/namei.c:4065
 do_mkdirat+0x20c/0x610 fs/namei.c:4090
 __do_sys_mkdirat fs/namei.c:4105 [inline]
 __se_sys_mkdirat fs/namei.c:4103 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4103
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 2412
hardirqs last  enabled at (2411): [<ffff80000826ac80>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1338 [inline]
hardirqs last  enabled at (2411): [<ffff80000826ac80>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4781
hardirqs last disabled at (2412): [<ffff800011b4a688>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last  enabled at (2302): [<ffff8000080309b8>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (2300): [<ffff800008030984>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace 7c5362280ebfef12 ]---
------------[ cut here ]------------
kernel BUG at fs/hfs/bnode.c:479!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 4042 Comm: syz-executor425 Tainted: G        W         5.15.177-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfs_bnode_put+0x414/0x420 fs/hfs/bnode.c:479
lr : hfs_bnode_put+0x414/0x420 fs/hfs/bnode.c:479
sp : ffff8000202977b0
x29: ffff8000202977b0 x28: 0000000000000036 x27: ffff0000c084d400
x26: ffff0000c084d400 x25: ffff0000cb876000 x24: 1fffe00018109a80
x23: dfff800000000000 x22: ffff0000cb876000 x21: ffff0000c084d480
x20: 0000000000000000 x19: ffff0000c084d400 x18: 0000000000000000
x17: 0000000000000000 x16: ffff800008fdf994 x15: 00000000000000ff
x14: ffff0000cbdb8000 x13: 0000000020000000 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : ffff0000cbdb8000
x8 : ffff800008fde2a0 x7 : 0000000000000008 x6 : 0000100000000025
x5 : ffff0000cd19f74d x4 : ffff0000dc3b1688 x3 : ffff800008fddee4
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 hfs_bnode_put+0x414/0x420 fs/hfs/bnode.c:479
 hfs_brec_insert+0x648/0x97c fs/hfs/brec.c:162
 hfs_cat_create+0x340/0x844 fs/hfs/catalog.c:118
 hfs_mkdir+0x70/0xe4 fs/hfs/dir.c:232
 vfs_mkdir+0x334/0x4e4 fs/namei.c:4065
 do_mkdirat+0x20c/0x610 fs/namei.c:4090
 __do_sys_mkdirat fs/namei.c:4105 [inline]
 __se_sys_mkdirat fs/namei.c:4103 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4103
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Code: aa1403e0 97e3dcbc 17ffffa5 97d39883 (d4210000) 
---[ end trace 7c5362280ebfef13 ]---

final repro crashed as (corrupted=false):
loop0: detected capacity change from 0 to 64
hfs: new node 0 already hashed?
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4042 at fs/hfs/bnode.c:432 hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
Modules linked in:
CPU: 0 PID: 4042 Comm: syz-executor425 Not tainted 5.15.177-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
lr : hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
sp : ffff800020297510
x29: ffff800020297520 x28: ffff0000dc3b1000 x27: 00000000000000f8
x26: ffff0000dc3b10f8 x25: dfff800000000000 x24: 1ffff00004052eb8
x23: 0000000000000000 x22: ffff0000cb8760e0 x21: ffff0000cb876000
x20: 0000000000000000 x19: ffff0000c084d400 x18: ffff800020296b40
x17: 1fffe0003682eb8e x16: ffff800011b4efd4 x15: 000000000000b65b
x14: 1ffff0000296e06c x13: dfff800000000000 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : 02e7c397f3209500
x8 : 02e7c397f3209500 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000aa0f0bc
x2 : ffff0001b4175d10 x1 : 0000000100000000 x0 : 000000000000001f
Call trace:
 hfs_bnode_create+0x428/0x4ec fs/hfs/bnode.c:431
 hfs_bmap_alloc+0x5c0/0x6b4 fs/hfs/btree.c:288
 hfs_bnode_split+0xcc/0xd88 fs/hfsplus/brec.c:245
 hfs_brec_insert+0x2bc/0x97c fs/hfs/brec.c:102
 hfs_cat_create+0x340/0x844 fs/hfs/catalog.c:118
 hfs_mkdir+0x70/0xe4 fs/hfs/dir.c:232
 vfs_mkdir+0x334/0x4e4 fs/namei.c:4065
 do_mkdirat+0x20c/0x610 fs/namei.c:4090
 __do_sys_mkdirat fs/namei.c:4105 [inline]
 __se_sys_mkdirat fs/namei.c:4103 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4103
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 2412
hardirqs last  enabled at (2411): [<ffff80000826ac80>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1338 [inline]
hardirqs last  enabled at (2411): [<ffff80000826ac80>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4781
hardirqs last disabled at (2412): [<ffff800011b4a688>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last  enabled at (2302): [<ffff8000080309b8>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (2300): [<ffff800008030984>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace 7c5362280ebfef12 ]---
------------[ cut here ]------------
kernel BUG at fs/hfs/bnode.c:479!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 4042 Comm: syz-executor425 Tainted: G        W         5.15.177-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : hfs_bnode_put+0x414/0x420 fs/hfs/bnode.c:479
lr : hfs_bnode_put+0x414/0x420 fs/hfs/bnode.c:479
sp : ffff8000202977b0
x29: ffff8000202977b0 x28: 0000000000000036 x27: ffff0000c084d400
x26: ffff0000c084d400 x25: ffff0000cb876000 x24: 1fffe00018109a80
x23: dfff800000000000 x22: ffff0000cb876000 x21: ffff0000c084d480
x20: 0000000000000000 x19: ffff0000c084d400 x18: 0000000000000000
x17: 0000000000000000 x16: ffff800008fdf994 x15: 00000000000000ff
x14: ffff0000cbdb8000 x13: 0000000020000000 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : ffff0000cbdb8000
x8 : ffff800008fde2a0 x7 : 0000000000000008 x6 : 0000100000000025
x5 : ffff0000cd19f74d x4 : ffff0000dc3b1688 x3 : ffff800008fddee4
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 hfs_bnode_put+0x414/0x420 fs/hfs/bnode.c:479
 hfs_brec_insert+0x648/0x97c fs/hfs/brec.c:162
 hfs_cat_create+0x340/0x844 fs/hfs/catalog.c:118
 hfs_mkdir+0x70/0xe4 fs/hfs/dir.c:232
 vfs_mkdir+0x334/0x4e4 fs/namei.c:4065
 do_mkdirat+0x20c/0x610 fs/namei.c:4090
 __do_sys_mkdirat fs/namei.c:4105 [inline]
 __se_sys_mkdirat fs/namei.c:4103 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4103
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Code: aa1403e0 97e3dcbc 17ffffa5 97d39883 (d4210000) 
---[ end trace 7c5362280ebfef13 ]---