program:
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000000, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d8, &(0x7f0000000c00)="$eJzs3c1vHGcdB/DvrNeON1Sp0yY0QkVYiVSQIhInVgrhgkEI5VChqhx6thKnsbpJKsdFboXABQQnJA79AwqSbxwQEvegcOFSbr36WAmJS8Qh6oFFMztr79rr1/glgc8nGs/z7DPPM7/9zTMz3nVWG+D/1o2LaT5MkRsX31gq66sr0+3VlekTdXM7SVluJM3uKsW9pHiUzJTtRd+SvvUmH89ff+uzx6ufd2vNeqm2H9mu3xBDtl2ul0zW400O7Tm6210s1+HlhSQ36/Wgsd2ONbBhmbQL9RqOXWeT5b1038t5Czxjenenonvf3GQiOZlkvP49IPXVoXF0ER6OPV3lAAAA4Dn16f3jjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeP/X3/xf10qjXmUzR+/7/sd5jdfkZNLPrLR8eahwAAAAAAAAAcDS+9iRPspRTvXqnqP7mf76qnMkXneRLeT8PMpeFXMpSZrOYxSzkSpKJvoHGlmYXFxeurPUsDe95dWjPq0f1jAEAAAAAAADgf9Iv0lr/+z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwLimSku6qWM/U6E2k0s96W5eQfScaOO949KAar/3nvuAIBAACApzG+jz4vPsmTLOVUr94pqtf8X65eL4/n/dzLYuazmHbmcqt+DV2+6m+srky3V1em75ZLWR8c93v/2lMYY/UII1Vt2J7PVVu0cjvz1SOXcrMK5lYa3X1fSM714umLq89HZUzFd2u7jKxZp7Xc2e82v4twgB4O1BrbbNlaDy5Zy8hUHVvZ83Q3A0X1Rk2yMRM7Hp3mQG2iGnV0bU9X0lh75+fMIeT8ZL0un8+vDzXnOyq2yEQjVSau9mZfec5sn4nk63/549t32vfevXP7wcVjfEp7M7LF4xvnxHRfJl55rjPR3OP2U1Umzq7Vb+SH+XEuZjJvZiHz+Ulms5i5dOr22Xo+lz8nts/UzEDtzZ0iGauPS/eY7SamyfygKs3mfNX3VOZT5H5uZS6vV/+u5kq+lWu5lut9R/jslnFXz6066xsbz/rekf7r0OAvfKMulFe336xf5Wa2e8Zbzc6D0r32l3k93ZfX7qx/vLbV6b7zYKovSy/1sjM6dPD9XBubX6kL5T5+ucN94mhN1JkoT6DeXaIX3cvdTDSre9Hmef77Ttkv7Xudzp3Zrd6XX95Qf61el9Nq5as7bd0z/FAcrHK+vJTx+koyODvKtpfXrjJ9bZ31udxtG7zjlv3OVm1F0TtTf5T71QTYfKaO1b/D9UaaqEcu71hl2ytD9zJdtZ3raxv4fSv3086tI8gfAPvx97fXihM5Odb6Z+vT1ietX7XutN4Y//6Jb594dSyjfxv9TnNq5LXGq8Wf80l+tv76HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L8HH3z47my7PbcwvNDYummg0MrGR3YaeUOhSKfT+fmO8Tw3hfEkA49U33N05GG0NoaxqVAm/cjz0/sSweHb/LYsNDfNqGGFmYFH/rR5wI/2GGGxu/PiEAuN7KNX58Vu2PvY6UiGT4DjuiIBR+Xy4t33Lj/44MNvzt+dfWfunbl7o9euXZ+6fu316cu359tzU92fxx0lcBjWb/rHHQkAAAAAAAAAAACwW8M+GHD+hZ0+NLKrz3j4n4UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAgbhxMc2HKXJl6tJUWV9dmW6XS6+8vmUzSaORFD9NikfJTLpLJvqGK/KHR+kM2c/H89ff+uzx6ufrYzW72yeNer217VuTLNdLJpOM1OunMDDezacer/h37zmUCfui0+nMPF18cDD+GwAA//9CKvWn")
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf64(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="7f454c4650070506070000000000000002003e0007000000fa010000000000004000000000000000c400000000000000ff0700000004380004000a000001fcff0000007002000000010400459d2248abcc14fc34f1d92f622bf87400000000000400000000000000020000000000000000080000000000000300000000000000e40c00000000000002000000ff030000020000000000000007000000000000000400000000000000030000000000000004000000000000000700000000000000ad9d75a0e40000000100000000000000af06000000000000010000480000000081000000000000000800000000000000020000000000000000000070040000000800000000000000000000000000000081000000000000000700000000000000e9b4d068eb4a4f55a6c630f3c3369d9850d5ddc1d56b1aceb4d5852b7c"], 0x120) (async)
write(r0, &(0x7f00000002c0)="6be1defe0a1fd8571eb8b7dd22512d40d2ccb9645a8dce8a263ae889f50a056370edc061321c655fdd4e7c77bd50e7ca865978f2b844a3a1c0a29aa3d627c25eddbcf3af0d226e44f7474924a53bae9c8d0bdb6e9a8fa59dad30457f7766895643db14db9278b4cbd87cc88cc1ff0c10f345bd2a87eb17915964b10ca832ce37e353ef7b14abe2f62caaf7d860e3f6211e26504b934287718986bd45bd385594a124930589944a69007ed040141573c479724e7070f6b8db008279d6915800f1197a053e8d7c59468ba7b496dc21b75843d0294b4ae3204310666e276f3d1a89fb3ba421b72daba70fcf001fff81589f", 0xf0) (async)
close(r0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

[   75.923732][ T4671] Bluetooth: hci0: command tx timeout
[   75.994789][ T5324] loop0: detected capacity change from 0 to 1024
[   76.072457][ T5324] hfsplus: new node 0 already hashed?
[   76.088733][ T5324] ------------[ cut here ]------------
[   76.091258][ T5324] 1
[   76.091293][ T5324] WARNING: fs/hfsplus/bnode.c:631 at hfsplus_bnode_create+0x461/0x4f0, CPU#0: syz.0.0/5324
[   76.097685][ T5324] Modules linked in:
[   76.099817][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.103951][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.108135][ T5324] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   76.110675][ T5324] Code: c7 8b 89 ee e8 20 58 7e fe e9 cf fc ff ff e8 c6 2d 1b ff 4c 89 ef e8 7e 40 f2 08 48 c7 c7 c0 6d c7 8b 89 ee e8 00 58 7e fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   76.118872][ T5324] RSP: 0018:ffffc9000a1aef40 EFLAGS: 00010246
[   76.121951][ T5324] RAX: 0000000000000023 RBX: ffff888034582000 RCX: b6c8478beddc9300
[   76.125395][ T5324] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   76.128632][ T5324] RBP: 0000000000000000 R08: ffffc9000a1aecc7 R09: 1ffff92001435d98
[   76.131583][ T5324] R10: dffffc0000000000 R11: fffff52001435d99 R12: 0000000000000000
[   76.135100][ T5324] R13: ffff8880345820e0 R14: ffff888033487d00 R15: dffffc0000000000
[   76.138464][ T5324] FS:  00007f1db76b46c0(0000) GS:ffff88808ccea000(0000) knlGS:0000000000000000
[   76.142281][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.145188][ T5324] CR2: 00007f7e7d7909c0 CR3: 000000001a636000 CR4: 0000000000352ef0
[   76.148584][ T5324] Call Trace:
[   76.149967][ T5324]  <TASK>
[   76.151322][ T5324]  ? do_raw_spin_unlock+0x4d/0x210
[   76.153596][ T5324]  hfsplus_bmap_alloc+0x747/0xb00
[   76.156101][ T5324]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   76.158316][ T5324]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   76.160596][ T5324]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   76.163305][ T5324]  hfs_bnode_split+0xd4/0x1090
[   76.165526][ T5324]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   76.167658][ T5324]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   76.169823][ T5324]  ? __asan_memcpy+0x40/0x70
[   76.171946][ T5324]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   76.174138][ T5324]  ? hfsplus_bnode_read_u16+0x8d/0xe0
[   76.176537][ T5324]  ? __pfx_hfs_bnode_split+0x10/0x10
[   76.178858][ T5324]  hfsplus_brec_insert+0x3bc/0xd70
[   76.180897][ T5324]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   76.183135][ T5324]  hfsplus_create_cat+0x426/0x11b0
[   76.185394][ T5324]  ? __lock_acquire+0x146e/0x2cf0
[   76.187335][ T5324]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   76.189534][ T5324]  ? do_raw_spin_unlock+0x4d/0x210
[   76.191675][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   76.193828][ T5324]  ? hfsplus_new_inode+0x643/0x820
[   76.196059][ T5324]  hfsplus_fill_super+0x1247/0x19e0
[   76.198370][ T5324]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   76.200874][ T5324]  ? string+0x279/0x2b0
[   76.202976][ T5324]  ? snprintf+0xe8/0x140
[   76.204902][ T5324]  ? sb_set_blocksize+0x155/0x240
[   76.207291][ T5324]  ? setup_bdev_super+0x4c1/0x5b0
[   76.209639][ T5324]  get_tree_bdev_flags+0x431/0x4f0
[   76.212173][ T5324]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   76.214825][ T5324]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   76.217402][ T5324]  vfs_get_tree+0x92/0x2a0
[   76.219413][ T5324]  do_new_mount+0x329/0xa50
[   76.221460][ T5324]  ? apparmor_capable+0x137/0x1a0
[   76.223826][ T5324]  ? __pfx_do_new_mount+0x10/0x10
[   76.226106][ T5324]  ? ns_capable+0x89/0xe0
[   76.228101][ T5324]  __se_sys_mount+0x31d/0x420
[   76.230147][ T5324]  ? __pfx___se_sys_mount+0x10/0x10
[   76.232431][ T5324]  ? __x64_sys_mount+0x20/0xc0
[   76.234297][ T5324]  do_syscall_64+0xe2/0xf80
[   76.236355][ T5324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.239045][ T5324]  ? trace_irq_disable+0x37/0x100
[   76.241288][ T5324]  ? clear_bhb_loop+0x60/0xb0
[   76.243538][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.246244][ T5324] RIP: 0033:0x7f1db679c14a
[   76.248274][ T5324] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.256340][ T5324] RSP: 002b:00007f1db76b3e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   76.260041][ T5324] RAX: ffffffffffffffda RBX: 00007f1db76b3ee0 RCX: 00007f1db679c14a
[   76.263684][ T5324] RDX: 0000200000000100 RSI: 0000200000002900 RDI: 00007f1db76b3ea0
[   76.267113][ T5324] RBP: 0000200000000100 R08: 00007f1db76b3ee0 R09: 0000000002000000
[   76.270659][ T5324] R10: 0000000002000000 R11: 0000000000000246 R12: 0000200000002900
[   76.274107][ T5324] R13: 00007f1db76b3ea0 R14: 00000000000006d8 R15: 00002000000022c0
[   76.277589][ T5324]  </TASK>
[   76.279010][ T5324] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.282287][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.286324][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.290675][ T5324] Call Trace:
[   76.292166][ T5324]  <TASK>
[   76.293449][ T5324]  vpanic+0x1e0/0x670
[   76.295203][ T5324]  panic+0xc5/0xd0
[   76.296922][ T5324]  ? __pfx_panic+0x10/0x10
[   76.298949][ T5324]  __warn+0x315/0x4a0
[   76.300690][ T5324]  ? hfsplus_bnode_create+0x461/0x4f0
[   76.303024][ T5324]  ? hfsplus_bnode_create+0x461/0x4f0
[   76.305358][ T5324]  __report_bug+0x29a/0x540
[   76.307304][ T5324]  ? preempt_schedule_thunk+0x16/0x30
[   76.309661][ T5324]  ? hfsplus_bnode_create+0x461/0x4f0
[   76.312005][ T5324]  ? __pfx___report_bug+0x10/0x10
[   76.314158][ T5324]  ? __wake_up_klogd+0xe6/0x120
[   76.316314][ T5324]  ? vprintk_emit+0x4eb/0x560
[   76.318319][ T5324]  ? __pfx_vprintk_emit+0x10/0x10
[   76.320551][ T5324]  ? hfsplus_bnode_create+0x461/0x4f0
[   76.322874][ T5324]  report_bug+0x16a/0x220
[   76.324819][ T5324]  ? hfsplus_bnode_create+0x461/0x4f0
[   76.327164][ T5324]  ? hfsplus_bnode_create+0x463/0x4f0
[   76.329481][ T5324]  handle_bug+0x98/0x200
[   76.331329][ T5324]  exc_invalid_op+0x1a/0x50
[   76.333081][ T5324]  asm_exc_invalid_op+0x1a/0x20
[   76.335179][ T5324] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   76.337893][ T5324] Code: c7 8b 89 ee e8 20 58 7e fe e9 cf fc ff ff e8 c6 2d 1b ff 4c 89 ef e8 7e 40 f2 08 48 c7 c7 c0 6d c7 8b 89 ee e8 00 58 7e fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   76.346171][ T5324] RSP: 0018:ffffc9000a1aef40 EFLAGS: 00010246
[   76.348885][ T5324] RAX: 0000000000000023 RBX: ffff888034582000 RCX: b6c8478beddc9300
[   76.352203][ T5324] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   76.355669][ T5324] RBP: 0000000000000000 R08: ffffc9000a1aecc7 R09: 1ffff92001435d98
[   76.358987][ T5324] R10: dffffc0000000000 R11: fffff52001435d99 R12: 0000000000000000
[   76.362261][ T5324] R13: ffff8880345820e0 R14: ffff888033487d00 R15: dffffc0000000000
[   76.365364][ T5324]  ? do_raw_spin_unlock+0x4d/0x210
[   76.367492][ T5324]  hfsplus_bmap_alloc+0x747/0xb00
[   76.369536][ T5324]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   76.372096][ T5324]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   76.374382][ T5324]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   76.376753][ T5324]  hfs_bnode_split+0xd4/0x1090
[   76.378505][ T5324]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   76.380531][ T5324]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   76.382640][ T5324]  ? __asan_memcpy+0x40/0x70
[   76.385138][ T5324]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   76.388182][ T5324]  ? hfsplus_bnode_read_u16+0x8d/0xe0
[   76.390677][ T5324]  ? __pfx_hfs_bnode_split+0x10/0x10
[   76.393096][ T5324]  hfsplus_brec_insert+0x3bc/0xd70
[   76.395479][ T5324]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   76.397967][ T5324]  hfsplus_create_cat+0x426/0x11b0
[   76.400065][ T5324]  ? __lock_acquire+0x146e/0x2cf0
[   76.402245][ T5324]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   76.404652][ T5324]  ? do_raw_spin_unlock+0x4d/0x210
[   76.406855][ T5324]  ? _raw_spin_unlock+0x28/0x50
[   76.408900][ T5324]  ? hfsplus_new_inode+0x643/0x820
[   76.411101][ T5324]  hfsplus_fill_super+0x1247/0x19e0
[   76.413304][ T5324]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   76.415762][ T5324]  ? string+0x279/0x2b0
[   76.417355][ T5324]  ? snprintf+0xe8/0x140
[   76.419154][ T5324]  ? sb_set_blocksize+0x155/0x240
[   76.421263][ T5324]  ? setup_bdev_super+0x4c1/0x5b0
[   76.423297][ T5324]  get_tree_bdev_flags+0x431/0x4f0
[   76.425511][ T5324]  ? __pfx_hfsplus_fill_super+0x10/0x10
[   76.427971][ T5324]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   76.430397][ T5324]  vfs_get_tree+0x92/0x2a0
[   76.432462][ T5324]  do_new_mount+0x329/0xa50
[   76.434415][ T5324]  ? apparmor_capable+0x137/0x1a0
[   76.436542][ T5324]  ? __pfx_do_new_mount+0x10/0x10
[   76.438570][ T5324]  ? ns_capable+0x89/0xe0
[   76.440363][ T5324]  __se_sys_mount+0x31d/0x420
[   76.442283][ T5324]  ? __pfx___se_sys_mount+0x10/0x10
[   76.444264][ T5324]  ? __x64_sys_mount+0x20/0xc0
[   76.446023][ T5324]  do_syscall_64+0xe2/0xf80
[   76.447799][ T5324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.450444][ T5324]  ? trace_irq_disable+0x37/0x100
[   76.452606][ T5324]  ? clear_bhb_loop+0x60/0xb0
[   76.454497][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.456694][ T5324] RIP: 0033:0x7f1db679c14a
[   76.458440][ T5324] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.466880][ T5324] RSP: 002b:00007f1db76b3e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   76.470744][ T5324] RAX: ffffffffffffffda RBX: 00007f1db76b3ee0 RCX: 00007f1db679c14a
[   76.474168][ T5324] RDX: 0000200000000100 RSI: 0000200000002900 RDI: 00007f1db76b3ea0
[   76.477521][ T5324] RBP: 0000200000000100 R08: 00007f1db76b3ee0 R09: 0000000002000000
[   76.480925][ T5324] R10: 0000000002000000 R11: 0000000000000246 R12: 0000200000002900
[   76.484273][ T5324] R13: 00007f1db76b3ea0 R14: 00000000000006d8 R15: 00002000000022c0
[   76.487727][ T5324]  </TASK>
[   76.489438][ T5324] Kernel Offset: disabled
[   76.491360][ T5324] Rebooting in 86400 seconds..