program:
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x8, 0x804, 0x80000006})
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x3000000, &(0x7f00000003c0)=ANY=[], 0x11, 0x2eb, &(0x7f0000001980)="$eJzs3c1u00oYxvFnnLRJT6Oe9OPoSCwLlWCDoGwQmyCUi0AsELQNUkVUBBQJ2JAiVgjBnj23wEWwAXEDsGKBuIB2ZTTjj9qJY4cqiRvx/0ltHMfjecf22O9EakcA/lo32t8+XPlhf4xUUUV6fU3yJNWlqhbCzfZ397udnbwdVVwJHfkysiXlXtO29zru9SC92pZzJUJN+66qRnIdJsP3/evf+9b99EoKBqWpux48yJNqYe+sKOqrp8jBCcv1xhzHrDGHOtRTLZUdBwCgXDb7PwgSf/ucb4T5u+dJG+Fj/1Q+/0/qsOwAJs7P/TTx/HejLN/Y8/uv+6j+ZC8c77khnP3ci0aJo9Q81/d+XkEimUowE7Vkc7F4C/d2u52L2w+6O55eqhVKbLYW1xCyV2hBtOsZY9McI7TdZGaUQVjenG3D5pD4V09Y459InRDzyXwxt01T77UT539V39hoXcDNvjMVxH9p+O4XXSm7lcLbRqvV8tyOIsuukjPpM1XQynr2iETRgV1W+guCZlGcrtRKX6mgdZczC9TiUquZpTajd0PqWkuVsq2Jr+bhUU6aeWtumnX90ke1E/m/Z+PbUG7PPO41ZiPoaO6IB+2Zz66u6vbZHHhy9HSrkV4TH8XasNCP8u9pGEF0Dt9oS1e19PjZ8/uVbrfzyC7czVh42IjXzL2SMrcpeUG94zU1+c7AxtE9cJqBXRjrDu39o3Bj28um0sDJXQnV8e5QGv9BaH+e1IXk18ruTdFCifcoTM3xSS87EpTE5l0mGP+5TD7M912iYH81c/L0woQs3KNvc+x4BFRPlV9xS/+k0+iCscHi8BFcog25Y66z56Vzo9fYDOOcDf6Lgg1MW191h+//AQAAAAAAAAAAAAAAAAAAZs00/pyg7DYCAAAAAAAAAAAAAAAAAAAAADDr4vl/Fc3/q+T8v9J/+j9zPpj+//wdzv9bV8H8v1uDMQzM//tuT6YnMf8vMFm/AwAA///dkYJ3")
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) (async)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0) (async)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0xe, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780860d1cbf7966d61fdcf335263bd9bffbcc26b96ec71038259ca171ce1a311ef54ec32d71e14ef3dc177e9dc8b000000000000000200", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x188)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x2138008, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@volatile}, {@upperdir={'upperdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00') (async)
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

[   84.608247][ T5330] loop0: detected capacity change from 0 to 64
[   84.626610][ T5306] Bluetooth: hci0: command tx timeout
[   84.886780][ T5331] loop0: detected capacity change from 64 to 0
[   84.928875][ T1041] Buffer I/O error on dev loop0, logical block 8, lost async page write
[   84.933521][ T1041] Buffer I/O error on dev loop0, logical block 9, lost async page write
[   84.940339][ T1041] Buffer I/O error on dev loop0, logical block 10, lost async page write
[   84.944973][ T1041] Buffer I/O error on dev loop0, logical block 11, lost async page write
[   84.948502][ T1041] Buffer I/O error on dev loop0, logical block 16, lost async page write
[   84.952006][ T1041] Buffer I/O error on dev loop0, logical block 17, lost async page write
[   84.956319][ T1041] Buffer I/O error on dev loop0, logical block 18, lost async page write
[   84.960239][ T1041] Buffer I/O error on dev loop0, logical block 19, lost async page write
[   84.966899][ T5331] Buffer I/O error on dev loop0, logical block 62, lost sync page write
[   84.971928][ T5331] hfs: unable to read volume bitmap
[   84.977071][ T1041] Buffer I/O error on dev loop0, logical block 8, lost async page write
[   84.986832][ T5330] ------------[ cut here ]------------
[   84.989178][ T5330] !buffer_uptodate(bh)
[   84.989190][ T5330] WARNING: fs/buffer.c:1180 at mark_buffer_dirty+0x299/0x440, CPU#0: syz.0.0/5330
[   84.997092][ T5330] Modules linked in:
[   84.999342][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.003142][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.008064][ T5330] RIP: 0010:mark_buffer_dirty+0x299/0x440
[   85.010994][ T5330] Code: 4c 89 f7 e8 b9 fd d9 ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 60 fb ff e8 6f 2d 6e ff eb 8c e8 68 2d 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 5a 2d 6e ff 90 0f 0b 90 e9 cf fd ff ff
[   85.020290][ T5330] RSP: 0018:ffffc9000de87bc8 EFLAGS: 00010293
[   85.022964][ T5330] RAX: ffffffff82578338 RBX: ffff888047c35828 RCX: ffff88803d830000
[   85.027036][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[   85.031358][ T5330] RBP: 1ffff11003fa7c01 R08: ffff888047c3582f R09: 1ffff11008f86b05
[   85.035130][ T5330] R10: dffffc0000000000 R11: ffffed1008f86b06 R12: dffffc0000000000
[   85.038819][ T5330] R13: ffff88801fd3e638 R14: ffff8880131d2c0b R15: ffff888013181492
[   85.043490][ T5330] FS:  00007f73d29866c0(0000) GS:ffff88808ca51000(0000) knlGS:0000000000000000
[   85.048280][ T5330] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.051269][ T5330] CR2: 0000559326336ee0 CR3: 0000000011846000 CR4: 0000000000352ef0
[   85.054889][ T5330] Call Trace:
[   85.056668][ T5330]  <TASK>
[   85.058094][ T5330]  hfs_mdb_commit+0x84b/0x1150
[   85.060445][ T5330]  hfs_sync_fs+0x1d/0x30
[   85.062558][ T5330]  sync_filesystem+0x1cf/0x230
[   85.065036][ T5330]  hfs_reconfigure+0x66/0x270
[   85.067381][ T5330]  reconfigure_super+0x227/0x8a0
[   85.069587][ T5330]  vfs_fsconfig_locked+0x171/0x320
[   85.071933][ T5330]  __se_sys_fsconfig+0x6c9/0x820
[   85.074904][ T5330]  ? __pfx___se_sys_fsconfig+0x10/0x10
[   85.078429][ T5330]  ? rcu_is_watching+0x15/0xb0
[   85.080672][ T5330]  ? __x64_sys_fsconfig+0x20/0xc0
[   85.083075][ T5330]  do_syscall_64+0x14d/0xf80
[   85.085854][ T5330]  ? trace_irq_disable+0x3b/0x150
[   85.088444][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.091584][ T5330]  ? clear_bhb_loop+0x40/0x90
[   85.093951][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.096905][ T5330] RIP: 0033:0x7f73d1b9c799
[   85.099328][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.109405][ T5330] RSP: 002b:00007f73d2985fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   85.113105][ T5330] RAX: ffffffffffffffda RBX: 00007f73d1e15fa0 RCX: 00007f73d1b9c799
[   85.116824][ T5330] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[   85.120877][ T5330] RBP: 00007f73d1c32c99 R08: 0000000000000000 R09: 0000000000000000
[   85.125085][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.128730][ T5330] R13: 00007f73d1e16038 R14: 00007f73d1e15fa0 R15: 00007fff492c7668
[   85.132277][ T5330]  </TASK>
[   85.133781][ T5330] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   85.137279][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.141950][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.146903][ T5330] Call Trace:
[   85.148425][ T5330]  <TASK>
[   85.149765][ T5330]  vpanic+0x56c/0xa60
[   85.151603][ T5330]  ? __pfx__printk+0x10/0x10
[   85.153671][ T5330]  ? __pfx_vpanic+0x10/0x10
[   85.155996][ T5330]  ? is_bpf_text_address+0x292/0x2b0
[   85.158756][ T5330]  ? is_bpf_text_address+0x26/0x2b0
[   85.162012][ T5330]  panic+0xc5/0xd0
[   85.164084][ T5330]  ? __pfx_panic+0x10/0x10
[   85.166352][ T5330]  __warn+0x315/0x4f0
[   85.168165][ T5330]  ? mark_buffer_dirty+0x299/0x440
[   85.170516][ T5330]  ? mark_buffer_dirty+0x299/0x440
[   85.172862][ T5330]  __report_bug+0x29a/0x540
[   85.174912][ T5330]  ? mark_buffer_dirty+0x299/0x440
[   85.177241][ T5330]  ? __pfx___report_bug+0x10/0x10
[   85.179680][ T5330]  ? sync_inodes_sb+0xb52/0xbd0
[   85.181834][ T5330]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[   85.184365][ T5330]  ? mark_buffer_dirty+0x299/0x440
[   85.186916][ T5330]  report_bug+0x16a/0x220
[   85.189164][ T5330]  ? mark_buffer_dirty+0x299/0x440
[   85.191937][ T5330]  ? mark_buffer_dirty+0x29b/0x440
[   85.194352][ T5330]  handle_bug+0x9c/0x200
[   85.196270][ T5330]  exc_invalid_op+0x1a/0x50
[   85.198214][ T5330]  asm_exc_invalid_op+0x1a/0x20
[   85.200148][ T5330] RIP: 0010:mark_buffer_dirty+0x299/0x440
[   85.202819][ T5330] Code: 4c 89 f7 e8 b9 fd d9 ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 e4 60 fb ff e8 6f 2d 6e ff eb 8c e8 68 2d 6e ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 5a 2d 6e ff 90 0f 0b 90 e9 cf fd ff ff
[   85.212066][ T5330] RSP: 0018:ffffc9000de87bc8 EFLAGS: 00010293
[   85.215071][ T5330] RAX: ffffffff82578338 RBX: ffff888047c35828 RCX: ffff88803d830000
[   85.218685][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[   85.222841][ T5330] RBP: 1ffff11003fa7c01 R08: ffff888047c3582f R09: 1ffff11008f86b05
[   85.226980][ T5330] R10: dffffc0000000000 R11: ffffed1008f86b06 R12: dffffc0000000000
[   85.230457][ T5330] R13: ffff88801fd3e638 R14: ffff8880131d2c0b R15: ffff888013181492
[   85.234441][ T5330]  ? mark_buffer_dirty+0x298/0x440
[   85.237463][ T5330]  ? mark_buffer_dirty+0x298/0x440
[   85.240021][ T5330]  hfs_mdb_commit+0x84b/0x1150
[   85.242096][ T5330]  hfs_sync_fs+0x1d/0x30
[   85.244083][ T5330]  sync_filesystem+0x1cf/0x230
[   85.246071][ T5330]  hfs_reconfigure+0x66/0x270
[   85.248162][ T5330]  reconfigure_super+0x227/0x8a0
[   85.250587][ T5330]  vfs_fsconfig_locked+0x171/0x320
[   85.253677][ T5330]  __se_sys_fsconfig+0x6c9/0x820
[   85.256149][ T5330]  ? __pfx___se_sys_fsconfig+0x10/0x10
[   85.258412][ T5330]  ? rcu_is_watching+0x15/0xb0
[   85.260586][ T5330]  ? __x64_sys_fsconfig+0x20/0xc0
[   85.262687][ T5330]  do_syscall_64+0x14d/0xf80
[   85.264764][ T5330]  ? trace_irq_disable+0x3b/0x150
[   85.267176][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.270696][ T5330]  ? clear_bhb_loop+0x40/0x90
[   85.273053][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.275694][ T5330] RIP: 0033:0x7f73d1b9c799
[   85.277554][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.287165][ T5330] RSP: 002b:00007f73d2985fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   85.291127][ T5330] RAX: ffffffffffffffda RBX: 00007f73d1e15fa0 RCX: 00007f73d1b9c799
[   85.294751][ T5330] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[   85.298748][ T5330] RBP: 00007f73d1c32c99 R08: 0000000000000000 R09: 0000000000000000
[   85.303155][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.306888][ T5330] R13: 00007f73d1e16038 R14: 00007f73d1e15fa0 R15: 00007fff492c7668
[   85.310541][ T5330]  </TASK>
[   85.312392][ T5330] Kernel Offset: disabled
[   85.314684][ T5330] Rebooting in 86400 seconds..