program:
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x2200490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x2ab, &(0x7f0000000100)="$eJzs3cFqE0Ecx/HfbLZJakvd2oogPVULnqStF/FSkLyBF0+iNhGKoYKtoJ6iZ/EBvPcVfACPnsSz0JsnH6C3yMzONptkN4kxcdP4/UDCpjv/2ZnsbGf+24YIwH/rfu305M5P+zBSSSVJ96RAUlUKJV3Vteqrw+OD42ajPqiikouwD6M40vSV2T9sZIXaOBfhRfZVqOX0zzAd1R9qbSwV3QoUzV39GQKp4q9Ot7/6z1s2Ha2iG1Awc6YzvdZK0e0AABTLz/+Bn+eX/fo9CKQtP+3H83+yqr/IE+hi0Q2Yvi9D9qfmf5dltY09v5fdrk6+5052qIW/a0tZ8chyAyipywzLKl1bgsVnB83G7f0XzXqg99rzUg1ad8/1eOgmTk+My2nt9rv+qjd9bjpifplkyKOVTnOJVbBg+7Cbbn+qyNpkjzic+Wq+mUcm0ifVz9d/YdvY0+TOVNSTCsTt386v0fWyLFcqp5er7iDX/RG8gb0sKScjUTKiVntOYJTTzrArSqY7Ku7dTn7vXNSasqJ2h0St90Z1RnN+5LSZj+ah2dQvfVYttf4P7Lu9pVGuTFvGlfQjY2B/Qlcycm+8nztaG5klg3F7hDF80FPd1crRm7fPnzSbjZfztpHcqDiyV+IkKlzQTPRrIhvJIJiV9viNij1foxYOlLurfD7NFN0v24ZCjp7MO+PXk/+rg9vy86Nz0v8wkEEwL+y6y8T5Xypf2XaLNfsUda/TK+nY9rDKUzXu5OQGV9zzpd4MLic3MO7Ww1LGXxf7jzgw57pxS7o5yhFjkW/n7NkbJ8jU9F2Puf8PAAAAAAAAAAAAAAAAAABw0UzuIwdVdX/yYez/LAcAAAAAAAAAAAAAAAAAAAAAAD0yvv+3Uuj3/z5Q/Irv/wWm7ncAAAD//02SZNI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x147040, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x10000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x5, 0x11, r0, 0x0)
madvise(&(0x7f00007fe000/0x800000)=nil, 0x800000, 0x19)

[  181.542233][ T4672] Bluetooth: hci0: command tx timeout
[  181.626140][ T5345] loop0: detected capacity change from 0 to 64
[  181.687065][ T5345] hfs: new node 0 already hashed?
[  181.690426][ T5345] ------------[ cut here ]------------
[  181.693512][ T5345] 1
[  181.693523][ T5345] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create+0x461/0x4f0, CPU#0: syz.0.0/5345
[  181.698541][ T5345] Modules linked in:
[  181.700649][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  181.705031][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  181.710559][ T5345] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[  181.713190][ T5345] Code: e7 8b 89 ee e8 50 1b 77 fe e9 cf fc ff ff e8 b6 1d 15 ff 4c 89 ef e8 ae 1e 03 09 48 c7 c7 80 f7 e7 8b 89 ee e8 30 1b 77 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[  181.722904][ T5345] RSP: 0018:ffffc9000e3bf320 EFLAGS: 00010246
[  181.725763][ T5345] RAX: 000000000000001f RBX: ffff888042a08000 RCX: ef722de91efd8200
[  181.729096][ T5345] RDX: ffffc90020001000 RSI: 0000000000000d6f RDI: 0000000000000d70
[  181.733557][ T5345] RBP: 0000000000000000 R08: ffffc9000e3bf0a7 R09: 1ffff92001c77e14
[  181.737535][ T5345] R10: dffffc0000000000 R11: fffff52001c77e15 R12: 0000000000000000
[  181.741089][ T5345] R13: ffff888042a080e0 R14: ffff8880001b7200 R15: dffffc0000000000
[  181.744770][ T5345] FS:  00007f98f5ef06c0(0000) GS:ffff88808ca4e000(0000) knlGS:0000000000000000
[  181.749297][ T5345] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  181.752949][ T5345] CR2: 00007f98f52027a8 CR3: 000000001aa55000 CR4: 0000000000352ef0
[  181.756759][ T5345] Call Trace:
[  181.758736][ T5345]  <TASK>
[  181.760776][ T5345]  ? do_raw_spin_unlock+0x4d/0x210
[  181.763346][ T5345]  hfs_bmap_alloc+0x5c1/0x650
[  181.765496][ T5345]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[  181.767731][ T5345]  ? hfsplus_listxattr+0x368/0xe70
[  181.770337][ T5345]  ? __asan_memcpy+0x40/0x70
[  181.772667][ T5345]  hfs_bnode_split+0xd4/0x1090
[  181.775009][ T5345]  ? hfs_bnode_read+0x22d/0x7f0
[  181.777322][ T5345]  ? __asan_memcpy+0x40/0x70
[  181.779579][ T5345]  ? hfs_bnode_read+0x391/0x7f0
[  181.782021][ T5345]  ? hfs_bnode_read_u16+0x8d/0xe0
[  181.784539][ T5345]  ? __pfx_hfs_bnode_split+0x10/0x10
[  181.787093][ T5345]  ? __hfs_brec_find+0x32f/0x510
[  181.789592][ T5345]  hfs_brec_insert+0x3a1/0xc90
[  181.792280][ T5345]  ? __pfx_hfs_brec_insert+0x10/0x10
[  181.794780][ T5345]  ? __asan_memset+0x22/0x50
[  181.796992][ T5345]  ? hfs_cat_build_record+0x237/0x9f0
[  181.799642][ T5345]  hfs_cat_create+0x518/0x800
[  181.802221][ T5345]  ? __pfx_hfs_cat_create+0x10/0x10
[  181.804627][ T5345]  ? _raw_spin_unlock+0x28/0x50
[  181.806854][ T5345]  ? hfs_new_inode+0x92d/0xc70
[  181.808847][ T5345]  hfs_create+0x75/0xe0
[  181.811213][ T5345]  ? __pfx_hfs_create+0x10/0x10
[  181.813840][ T5345]  path_openat+0x1395/0x3860
[  181.816109][ T5345]  ? __pfx_path_openat+0x10/0x10
[  181.818168][ T5345]  ? __x64_sys_openat+0x138/0x170
[  181.820296][ T5345]  ? __lock_acquire+0x6b5/0x2cf0
[  181.822475][ T5345]  do_file_open+0x23e/0x4a0
[  181.824764][ T5345]  ? __pfx_do_file_open+0x10/0x10
[  181.827543][ T5345]  ? _raw_spin_unlock+0x28/0x50
[  181.830167][ T5345]  ? alloc_fd+0x64b/0x6c0
[  181.832360][ T5345]  do_sys_openat2+0x113/0x200
[  181.834736][ T5345]  ? __se_sys_futex+0x3a8/0x450
[  181.837226][ T5345]  ? __pfx_do_sys_openat2+0x10/0x10
[  181.839503][ T5345]  ? rcu_is_watching+0x15/0xb0
[  181.841938][ T5345]  __x64_sys_openat+0x138/0x170
[  181.844353][ T5345]  do_syscall_64+0x14d/0xf80
[  181.846888][ T5345]  ? trace_irq_disable+0x3b/0x150
[  181.849597][ T5345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.852637][ T5345]  ? clear_bhb_loop+0x40/0x90
[  181.854791][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.857331][ T5345] RIP: 0033:0x7f98f4f9c819
[  181.859672][ T5345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  181.868038][ T5345] RSP: 002b:00007f98f5eeffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  181.871948][ T5345] RAX: ffffffffffffffda RBX: 00007f98f5215fa0 RCX: 00007f98f4f9c819
[  181.875580][ T5345] RDX: 0000000000147040 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  181.879896][ T5345] RBP: 00007f98f5032c91 R08: 0000000000000000 R09: 0000000000000000
[  181.884564][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  181.888468][ T5345] R13: 00007f98f5216038 R14: 00007f98f5215fa0 R15: 00007fffc828e6f8
[  181.892431][ T5345]  </TASK>
[  181.893812][ T5345] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  181.897027][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  181.901485][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  181.906153][ T5345] Call Trace:
[  181.907701][ T5345]  <TASK>
[  181.909189][ T5345]  vpanic+0x56c/0xa60
[  181.911073][ T5345]  ? __pfx__printk+0x10/0x10
[  181.913605][ T5345]  ? __pfx_vpanic+0x10/0x10
[  181.916832][ T5345]  ? is_bpf_text_address+0x292/0x2b0
[  181.919806][ T5345]  ? is_bpf_text_address+0x26/0x2b0
[  181.922221][ T5345]  panic+0xc5/0xd0
[  181.923927][ T5345]  ? __pfx_panic+0x10/0x10
[  181.926036][ T5345]  __warn+0x315/0x4f0
[  181.927790][ T5345]  ? hfs_bnode_create+0x461/0x4f0
[  181.929972][ T5345]  ? hfs_bnode_create+0x461/0x4f0
[  181.932186][ T5345]  __report_bug+0x29a/0x540
[  181.934134][ T5345]  ? hfs_bnode_create+0x461/0x4f0
[  181.936416][ T5345]  ? __pfx___report_bug+0x10/0x10
[  181.939006][ T5345]  ? __wake_up_klogd+0xe6/0x120
[  181.941815][ T5345]  ? vprintk_emit+0x4eb/0x560
[  181.943904][ T5345]  ? __pfx_vprintk_emit+0x10/0x10
[  181.946056][ T5345]  ? __wake_up_common_lock+0x190/0x1f0
[  181.948266][ T5345]  ? hfs_bnode_create+0x461/0x4f0
[  181.950729][ T5345]  report_bug+0x16a/0x220
[  181.953198][ T5345]  ? hfs_bnode_create+0x461/0x4f0
[  181.956377][ T5345]  ? hfs_bnode_create+0x463/0x4f0
[  181.959224][ T5345]  handle_bug+0x9c/0x200
[  181.961226][ T5345]  exc_invalid_op+0x1a/0x50
[  181.963209][ T5345]  asm_exc_invalid_op+0x1a/0x20
[  181.965445][ T5345] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[  181.968130][ T5345] Code: e7 8b 89 ee e8 50 1b 77 fe e9 cf fc ff ff e8 b6 1d 15 ff 4c 89 ef e8 ae 1e 03 09 48 c7 c7 80 f7 e7 8b 89 ee e8 30 1b 77 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[  181.976844][ T5345] RSP: 0018:ffffc9000e3bf320 EFLAGS: 00010246
[  181.980123][ T5345] RAX: 000000000000001f RBX: ffff888042a08000 RCX: ef722de91efd8200
[  181.983356][ T5345] RDX: ffffc90020001000 RSI: 0000000000000d6f RDI: 0000000000000d70
[  181.986879][ T5345] RBP: 0000000000000000 R08: ffffc9000e3bf0a7 R09: 1ffff92001c77e14
[  181.991217][ T5345] R10: dffffc0000000000 R11: fffff52001c77e15 R12: 0000000000000000
[  181.995596][ T5345] R13: ffff888042a080e0 R14: ffff8880001b7200 R15: dffffc0000000000
[  181.999074][ T5345]  ? do_raw_spin_unlock+0x4d/0x210
[  182.001281][ T5345]  hfs_bmap_alloc+0x5c1/0x650
[  182.003341][ T5345]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[  182.005816][ T5345]  ? hfsplus_listxattr+0x368/0xe70
[  182.008448][ T5345]  ? __asan_memcpy+0x40/0x70
[  182.010944][ T5345]  hfs_bnode_split+0xd4/0x1090
[  182.013028][ T5345]  ? hfs_bnode_read+0x22d/0x7f0
[  182.015149][ T5345]  ? __asan_memcpy+0x40/0x70
[  182.017083][ T5345]  ? hfs_bnode_read+0x391/0x7f0
[  182.019337][ T5345]  ? hfs_bnode_read_u16+0x8d/0xe0
[  182.021614][ T5345]  ? __pfx_hfs_bnode_split+0x10/0x10
[  182.023988][ T5345]  ? __hfs_brec_find+0x32f/0x510
[  182.026388][ T5345]  hfs_brec_insert+0x3a1/0xc90
[  182.029200][ T5345]  ? __pfx_hfs_brec_insert+0x10/0x10
[  182.032403][ T5345]  ? __asan_memset+0x22/0x50
[  182.034470][ T5345]  ? hfs_cat_build_record+0x237/0x9f0
[  182.036783][ T5345]  hfs_cat_create+0x518/0x800
[  182.038962][ T5345]  ? __pfx_hfs_cat_create+0x10/0x10
[  182.041480][ T5345]  ? _raw_spin_unlock+0x28/0x50
[  182.043777][ T5345]  ? hfs_new_inode+0x92d/0xc70
[  182.046081][ T5345]  hfs_create+0x75/0xe0
[  182.048056][ T5345]  ? __pfx_hfs_create+0x10/0x10
[  182.050480][ T5345]  path_openat+0x1395/0x3860
[  182.053049][ T5345]  ? __pfx_path_openat+0x10/0x10
[  182.055611][ T5345]  ? __x64_sys_openat+0x138/0x170
[  182.058057][ T5345]  ? __lock_acquire+0x6b5/0x2cf0
[  182.060475][ T5345]  do_file_open+0x23e/0x4a0
[  182.062489][ T5345]  ? __pfx_do_file_open+0x10/0x10
[  182.064986][ T5345]  ? _raw_spin_unlock+0x28/0x50
[  182.067468][ T5345]  ? alloc_fd+0x64b/0x6c0
[  182.069784][ T5345]  do_sys_openat2+0x113/0x200
[  182.071976][ T5345]  ? __se_sys_futex+0x3a8/0x450
[  182.074076][ T5345]  ? __pfx_do_sys_openat2+0x10/0x10
[  182.076197][ T5345]  ? rcu_is_watching+0x15/0xb0
[  182.078518][ T5345]  __x64_sys_openat+0x138/0x170
[  182.081038][ T5345]  do_syscall_64+0x14d/0xf80
[  182.083262][ T5345]  ? trace_irq_disable+0x3b/0x150
[  182.086069][ T5345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.088627][ T5345]  ? clear_bhb_loop+0x40/0x90
[  182.090932][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.093577][ T5345] RIP: 0033:0x7f98f4f9c819
[  182.095690][ T5345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  182.106483][ T5345] RSP: 002b:00007f98f5eeffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  182.110149][ T5345] RAX: ffffffffffffffda RBX: 00007f98f5215fa0 RCX: 00007f98f4f9c819
[  182.113680][ T5345] RDX: 0000000000147040 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  182.117098][ T5345] RBP: 00007f98f5032c91 R08: 0000000000000000 R09: 0000000000000000
[  182.120876][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.125193][ T5345] R13: 00007f98f5216038 R14: 00007f98f5215fa0 R15: 00007fffc828e6f8
[  182.129059][ T5345]  </TASK>
[  182.130945][ T5345] Kernel Offset: disabled
[  182.132969][ T5345] Rebooting in 86400 seconds..