program:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r1)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f0000002600)=ANY=[], 0x1, 0x5f4, &(0x7f000001f6c0)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6")
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @multicast}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
chdir(&(0x7f0000000240)='./file0\x00')
socket$inet(0x2, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, &(0x7f00000001c0)={[{@init_itable_val={'init_itable', 0x3d, 0x1000000002}}, {@lazytime}]}, 0x1, 0x57f, &(0x7f0000000bc0)="$eJzs3c9rHOUfB/DPM9mkP9LvN6kIWntwoWALatKkFUUEW6w3D/4oeBKMSVpKt21oIthasYX6H+gfIHjzIh6LSFEvXr0J/gFSLFLjwVtkNjPpttnNj3bTqZ3XCyY7M88OzzNZ3nlmnszMBlBbzfxHFrEnIuZSxEhHWSOKwuby+/66dWl68dal6RRLS+/8mSIV68r3p+J1uNh4e0T88kOKxwZW1zt/4eLpqVZr9nyx3fjCmbnx+QsXnz91Zurk7MnZs5MTL068cPjQ5OGDfdvXn8aONa6eeG3vN9Nf7f70u6+vpTgSu4qyzv3ol2Y0V34nnfLf60v9rqwiA8X+dH7EqVFhg9iU8vMbjIgnYiQG4vaHNxKfvVVp44AttZQiloCaSvIPNVUeB+Tnv+VU7REJ8KDcPLo8AFCO7S2u5L+xPDYY29tjAzsXU3QO66SI6MfIXF7H3DNpJJ9ii8bhgO4uX4mIJ7v1/ymaWcTyKH6e/+yO/OdFbxav+fq377H+5l3L8g8Pzpr5j4jRNfL//vLrUL7+g3usX/4BAAAAAACgf64fjYjnuv3/L1u5/ie6XP8zHBFH+lD/+v//y270oRqgi5tHI16JiMVV1/9l5VtGB4ql/7WvBxhMJ061Zg9GxP8j4kAMbsuXJyL+7lVHc+/Pgz3LOq7/y6e8/vJawKIdNxrb7txmZmph6j53G8jzfyXiqUa3/KeV/j916f/zvwdzG6xj6dirP/YqWz//wFZZ+jJif9f+//aTK9Z5Psd4+3hgvDwqWO3j965926t++Yfq5P3/zrXzP5o6n9czv/k6Pvnjt/vIf/fj/6F0vP3ImaFi3UdTCwvnJyKG0hur109uvs3wKCrzUOYlz/+Bfd3P/9c6/t8REZc3WOfx71+/2qtM/w/VyfM/s6n+f/Mz+9794p9e9W+s/z/c7tMPFGuM/8HaNhrQqtsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9FWUTsipSNrcxn2dhYxHBEPB47s9a5+YVnT5z78OxMXtb+/v+s/KbfkeXlVHz/f4x2LE/etXwoInZHxOcDO9rLY9PnWjNV7zwAAAAAAAAAAAAAAAAAAAA8JIZ73P+f+32g6tYBW65RdQOAysg/1Jf8Q33JP9SX/EN9yT/Ul/xDfck/1Jf8Q33JPwAAAAAAPFJ2P3391xQRl1/e0Z5yQ0XZYKUtA7ZaVnUDgMp4xA/Ul0t/oL6c4wNpnfLt97wlAAAAAAAAAAAAANAv+/e4/x/qyv3/UF/u/4f6cv8/1JdzfMD9/wAAAAAAAAAAAADw8Ju/cPH0VKs1e77rTPQuMmPGzCM8U/VfJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoPRvAAAA//8h/vm9")
getresuid(&(0x7f00000002c0), &(0x7f0000000300)=<r6=>0x0, &(0x7f0000000340))
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='trans=virtio,access=', @ANYRESDEC=r6])
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x83)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
fstat(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setreuid(0x0, r7)
chdir(&(0x7f0000000100)='./file0\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, {{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20000004}}], 0x2, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={@multicast1, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)

[  110.695350][ T5340] syz.0.0 (5340) used greatest stack depth: 20056 bytes lef[  109.826365][ T5320] Bluetooth: hci0: command tx timeout
[  110.149523][ T5111] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  110.299836][ T5111] usb 5-1: Using ep0 maxpacket: 8
[  110.307715][ T5111] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  110.312139][ T5111] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  110.315543][ T5111] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  110.321096][ T5111] usb 5-1: config 250 has no interface number 0
[  110.324703][ T5111] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  110.339946][ T5111] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  110.346651][ T5111] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  110.359865][ T5111] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  110.369673][ T5111] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  110.377755][ T5111] usb 5-1: config 250 interface 228 has no altsetting 0
[  110.398349][ T5111] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  110.409242][ T5111] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  110.412848][ T5111] usb 5-1: Product: syz
[  110.419823][ T5111] usb 5-1: SerialNumber: syz
[  110.451578][ T5111] hub 5-1:250.228: bad descriptor, ignoring hub
[  110.454222][ T5111] hub 5-1:250.228: probe with driver hub failed with error -5
[  110.660855][ T5111] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  110.683245][ T5340] loop0: detected capacity change from 0 to 1024
[  110.861280][ T5340] hfsplus: new node 0 already hashed?
[  110.863805][ T5340] ------------[ cut here ]------------
[  110.866091][ T5340] WARNING: CPU: 0 PID: 5340 at fs/hfsplus/bnode.c:579 hfsplus_bnode_create+0x461/0x4f0
[  110.871643][ T5340] Modules linked in:
[  110.873881][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  110.878350][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.883414][ T5340] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[  110.886195][ T5340] Code: a1 8b 89 ee e8 40 8f 8f fe e9 cf fc ff ff e8 16 5f 28 ff 4c 89 ef e8 7e 8b d0 08 48 c7 c7 a0 b0 a1 8b 89 ee e8 20 8f 8f fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[  110.895297][ T5340] RSP: 0018:ffffc9000d49f500 EFLAGS: 00010246
[  110.897848][ T5340] RAX: 0000000000000023 RBX: ffff8880115e0000 RCX: 68ef5a33ee3ec400
[  110.901402][ T5340] RDX: ffffc9000e25a000 RSI: 0000000000003198 RDI: 0000000000003199
[  110.905266][ T5340] RBP: 0000000000000000 R08: ffffc9000d49f227 R09: 1ffff92001a93e44
[  110.910372][ T5340] R10: dffffc0000000000 R11: fffff52001a93e45 R12: 0000000000000000
[  110.913863][ T5340] R13: ffff8880115e00e0 R14: ffff8880119ab200 R15: dffffc0000000000
[  110.917350][ T5340] FS:  00007f5cac0056c0(0000) GS:ffff88808d252000(0000) knlGS:0000000000000000
[  110.923374][ T5340] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  110.927633][ T5340] CR2: 00007f5c9f00f000 CR3: 0000000043051000 CR4: 0000000000352ef0
[  110.931680][ T5340] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  110.935207][ T5340] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  110.938851][ T5340] Call Trace:
[  110.940642][ T5340]  <TASK>
[  110.942393][ T5340]  ? do_raw_spin_unlock+0x4d/0x240
[  110.945302][ T5340]  hfsplus_bmap_alloc+0x5af/0x640
[  110.947648][ T5340]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[  110.950211][ T5340]  ? hfsplus_bnode_read+0x135/0x2a0
[  110.952588][ T5340]  ? hfsplus_bnode_read+0x135/0x2a0
[  110.954932][ T5340]  hfs_bnode_split+0xcc/0xef0
[  110.957109][ T5340]  ? hfsplus_bnode_read+0x255/0x2a0
[  110.961497][ T5340]  ? hfsplus_bnode_read+0x135/0x2a0
[  110.963910][ T5340]  ? __asan_memcpy+0x40/0x70
[  110.966045][ T5340]  ? hfsplus_bnode_read_u16+0x87/0xd0
[  110.968521][ T5340]  ? __pfx_hfs_bnode_split+0x10/0x10
[  110.971722][ T5340]  hfsplus_brec_insert+0x38f/0xcc0
[  110.974055][ T5340]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[  110.976598][ T5340]  ? hfsplus_find_init+0x8c/0x1d0
[  110.979664][ T5340]  hfsplus_create_cat+0x3b6/0x1000
[  110.982865][ T5340]  ? check_path+0x21/0x40
[  110.984990][ T5340]  ? __pfx_hfsplus_create_cat+0x10/0x10
[  110.987713][ T5340]  ? check_path+0x21/0x40
[  110.989811][ T5340]  ? do_raw_spin_unlock+0x4d/0x240
[  110.991984][ T5340]  ? _raw_spin_unlock+0x28/0x50
[  110.994092][ T5340]  ? hfsplus_new_inode+0x643/0x820
[  110.996327][ T5340]  hfsplus_mknod+0x16a/0x290
[  110.998594][ T5340]  vfs_create+0x24e/0x400
[  111.001226][ T5340]  do_mknodat+0x3c6/0x4d0
[  111.003630][ T5340]  ? __pfx_do_mknodat+0x10/0x10
[  111.005970][ T5340]  ? getname_flags+0x1e5/0x540
[  111.008445][ T5340]  __x64_sys_mknod+0x8c/0xa0
[  111.010649][ T5340]  do_syscall_64+0xfa/0x3b0
[  111.012736][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.015095][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.018213][ T5340]  ? clear_bhb_loop+0x60/0xb0
[  111.020825][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.023753][ T5340] RIP: 0033:0x7f5cab18e929
[  111.025666][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.033968][ T5340] RSP: 002b:00007f5cac005038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  111.038478][ T5340] RAX: ffffffffffffffda RBX: 00007f5cab3b5fa0 RCX: 00007f5cab18e929
[  111.042096][ T5340] RDX: 0000000000000701 RSI: 0000000000000000 RDI: 0000200000000000
[  111.045558][ T5340] RBP: 00007f5cab210b39 R08: 0000000000000000 R09: 0000000000000000
[  111.048813][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.052254][ T5340] R13: 0000000000000000 R14: 00007f5cab3b5fa0 R15: 00007ffec1a88998
[  111.056012][ T5340]  </TASK>
[  111.057491][ T5340] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  111.060880][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  111.065194][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.069475][ T5340] Call Trace:
[  111.071156][ T5340]  <TASK>
[  111.072694][ T5340]  dump_stack_lvl+0x99/0x250
[  111.074930][ T5340]  ? __asan_memcpy+0x40/0x70
[  111.077421][ T5340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.079542][ T5340]  ? __pfx__printk+0x10/0x10
[  111.081526][ T5340]  panic+0x2db/0x790
[  111.083348][ T5340]  ? __pfx_panic+0x10/0x10
[  111.085269][ T5340]  ? show_trace_log_lvl+0x4fb/0x550
[  111.087713][ T5340]  __warn+0x31b/0x4b0
[  111.089523][ T5340]  ? hfsplus_bnode_create+0x461/0x4f0
[  111.091945][ T5340]  ? hfsplus_bnode_create+0x461/0x4f0
[  111.094331][ T5340]  report_bug+0x2be/0x4f0
[  111.096156][ T5340]  ? hfsplus_bnode_create+0x461/0x4f0
[  111.098521][ T5340]  ? hfsplus_bnode_create+0x461/0x4f0
[  111.101025][ T5340]  ? hfsplus_bnode_create+0x463/0x4f0
[  111.103712][ T5340]  handle_bug+0x84/0x160
[  111.105916][ T5340]  exc_invalid_op+0x1a/0x50
[  111.108291][ T5340]  asm_exc_invalid_op+0x1a/0x20
[  111.110451][ T5340] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[  111.113186][ T5340] Code: a1 8b 89 ee e8 40 8f 8f fe e9 cf fc ff ff e8 16 5f 28 ff 4c 89 ef e8 7e 8b d0 08 48 c7 c7 a0 b0 a1 8b 89 ee e8 20 8f 8f fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[  111.121695][ T5340] RSP: 0018:ffffc9000d49f500 EFLAGS: 00010246
[  111.124757][ T5340] RAX: 0000000000000023 RBX: ffff8880115e0000 RCX: 68ef5a33ee3ec400
[  111.128740][ T5340] RDX: ffffc9000e25a000 RSI: 0000000000003198 RDI: 0000000000003199
[  111.132252][ T5340] RBP: 0000000000000000 R08: ffffc9000d49f227 R09: 1ffff92001a93e44
[  111.135723][ T5340] R10: dffffc0000000000 R11: fffff52001a93e45 R12: 0000000000000000
[  111.139460][ T5340] R13: ffff8880115e00e0 R14: ffff8880119ab200 R15: dffffc0000000000
[  111.143369][ T5340]  ? do_raw_spin_unlock+0x4d/0x240
[  111.146184][ T5340]  hfsplus_bmap_alloc+0x5af/0x640
[  111.148826][ T5340]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[  111.151250][ T5340]  ? hfsplus_bnode_read+0x135/0x2a0
[  111.153512][ T5340]  ? hfsplus_bnode_read+0x135/0x2a0
[  111.155837][ T5340]  hfs_bnode_split+0xcc/0xef0
[  111.157923][ T5340]  ? hfsplus_bnode_read+0x255/0x2a0
[  111.160193][ T5340]  ? hfsplus_bnode_read+0x135/0x2a0
[  111.162509][ T5340]  ? __asan_memcpy+0x40/0x70
[  111.164536][ T5340]  ? hfsplus_bnode_read_u16+0x87/0xd0
[  111.167372][ T5340]  ? __pfx_hfs_bnode_split+0x10/0x10
[  111.170269][ T5340]  hfsplus_brec_insert+0x38f/0xcc0
[  111.172666][ T5340]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[  111.175109][ T5340]  ? hfsplus_find_init+0x8c/0x1d0
[  111.177318][ T5340]  hfsplus_create_cat+0x3b6/0x1000
[  111.179731][ T5340]  ? check_path+0x21/0x40
[  111.181863][ T5340]  ? __pfx_hfsplus_create_cat+0x10/0x10
[  111.184658][ T5340]  ? check_path+0x21/0x40
[  111.186935][ T5340]  ? do_raw_spin_unlock+0x4d/0x240
[  111.189287][ T5340]  ? _raw_spin_unlock+0x28/0x50
[  111.191386][ T5340]  ? hfsplus_new_inode+0x643/0x820
[  111.193607][ T5340]  hfsplus_mknod+0x16a/0x290
[  111.198774][ T5340]  vfs_create+0x24e/0x400
[  111.201178][ T5340]  do_mknodat+0x3c6/0x4d0
[  111.203587][ T5340]  ? __pfx_do_mknodat+0x10/0x10
[  111.205732][ T5340]  ? getname_flags+0x1e5/0x540
[  111.207850][ T5340]  __x64_sys_mknod+0x8c/0xa0
[  111.209919][ T5340]  do_syscall_64+0xfa/0x3b0
[  111.211986][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.214326][ T5340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.217687][ T5340]  ? clear_bhb_loop+0x60/0xb0
[  111.220189][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.222859][ T5340] RIP: 0033:0x7f5cab18e929
[  111.224847][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.234213][ T5340] RSP: 002b:00007f5cac005038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  111.237838][ T5340] RAX: ffffffffffffffda RBX: 00007f5cab3b5fa0 RCX: 00007f5cab18e929
[  111.241261][ T5340] RDX: 0000000000000701 RSI: 0000000000000000 RDI: 0000200000000000
[  111.244889][ T5340] RBP: 00007f5cab210b39 R08: 0000000000000000 R09: 0000000000000000
[  111.249058][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.252890][ T5340] R13: 0000000000000000 R14: 00007f5cab3b5fa0 R15: 00007ffec1a88998
[  111.256301][ T5340]  </TASK>
[  111.258128][ T5340] Kernel Offset: disabled
[  111.260053][ T5340] Rebooting in 86400 seconds..