program:
r0 = syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x4800, &(0x7f0000000100)=ANY=[], 0x1, 0x6c0, &(0x7f00000002c0)="$eJzs3c1vHGcdB/DvrNcvm7aJmyZtQJVqNRIgoiZ2rBTMhYAQMlKFUDlwthKnsbJJi+Mit0LU4fXaQ/+AXnJBiAMSJy6RCgcucOsN+ViExKUXzGnR7M6uN+u3bV68Tvl8otnnmeeZ55nf/GZm3yJrA/zfWjyX+r0UWTz32nq5vnl3vrl5d/5mt55kMslGUk9SS1L8p9VqfZRcToreNMVAucMHKwuvf/zp5iedtXq1tLev7TduQLXdxkDzRrdtJslYVT6E++a78tDzFb3ILyc5W5UwcuNJWq3xtHp+/Nenez1l54lO2dht9NThBQo8NkXndbN8Ma71t08nx6obvXwf0H3lbW/zyj9/f3YUse5ncsjtBt9BAAAAwJNmmM/AJ7aylfXi+CGEAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8LG9u//19US61bn0nR/f3/iaotVf1oeemzbX7vccUBAAAAAAAAAIfopa1sZT3Hu+utov1//i+3V061H5/K27md5azmfNazlLWsZTVzSab7JppYX1pbW50bYuTFXUdePCDQyapsPJrjBgAAAAAAAIDPmZ9ncfv//wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CgokrFOkeJOX/N0avUkU0kmyoaN5O/d+hNrctQBAAAAwOE4sZWtrOd4d71V5FSS59vfAUzl7dzKWlaylmaWc7X9vUDnU39t8+58c/Pu/M1y2Tnvt/593+rUAWG0Z0znu4fd93ymvUUj17LSbjmfK3kzzVxNrT2ydKaKpzvrQFx3ypiKb1aGTNDVqiyP/P2q3OG9ISfb3+CXKY39v2CZbmdkvJeR2Sq2MhvPds/M7mdo4OwcZHBPc6n1Ajs1sKeBgB8o58eqsjyeX++V85EYzMTFvqvv+f1znnz5j7/70WxVPzqHNJyxqmy1Hxs7MzHfl4kXhsnE9eatG9ev3T73pGVih9l2Jk731hfz3fww5zKTH2Q1K/lJlrKW5czkO+3aUnXyi77be49MXe4U47vtdnE7cd28T1RX6FjV+llierk99nhW8v28matZzqvtfxczl6/lUi5loe8Mn97/DLfv+tp9d/32K0DrmV3TePYrVaV82vtNVe5qz47Hpczrs3157X/OnW739bdsZ+nkwVkq03Lfc+Of9g+l/sWqUu7jF33nfvQGMzHXl4nn9stE90K+3bx1Y/X60lvD7e7k+33Df3WknlLL6+VkebLSPUHbV0fZ91y3byBfZd+pXl9tR9/pXl/nTt3Y806dqN7D7ZzpYrvvhV375tt9Z/r6dnu/dfC7OQBG7NhXj000/tX4W+PDxi8b1xuvTX178uuTL05k/M/j36jPjn2p9mLxh3yYn21//gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7c7XfevbHUbC6vDlRardZ7e3Q1WyeSPboerFLbM4yyUj8g1B2VzPzjqXJAt6WVXlf358weYfAHVb7wdDL8qOoXeNJpqT/aPI+w8t9Wq1W1FHts89u/7EzUM0OlbmL4a+OAylR1hVeOROqqSv2QdzqiJyTg0FxYu/nWhdvvvPvKys2lN5bfWL61cOnSwuzCpVfnL1xbaS7Pdh5HHSXwOGy/6I86EgAAAAAAAAAAAGBYw/09QB7qzwlGfYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAk23xXOr3UmRu9vxsub55d75ZLt369pb1JLUkxU+T4qPkcjpLpvumK/bazwcrC69//OnmJ9tzlUu+d+WAccPZqJbMJBnrlHce1XxXqnJfxX6HUPSOsEzY2W7iYNT+FwAA//9QMP5S")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x9)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x7fffffffffffffff)
link(&(0x7f0000000280)='./file1\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
memfd_create(&(0x7f0000000080)='\b\x9dF\xd8\b\xb3~u\xa5\"\xbaal\n\xee\xf1\x8f\x02O\x0fKR\xed\f\xd2\x12\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe\xafm\xdf\xb6]\xc2\xaa\x86\xec)\xf7\xcd\xa6\xd9n^.\x13*\xd4\xc0\xe8\x03\x00\x00\x00\x00\x00\x00\x00\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97$\xee\x84\x14n,B\xd5?\xe5E:+\xc9h\\\x16\x85\x9c\xbe\xfe\x16\xa8\xf6Pm\x1d\xb4\xb0\xeb\xe8Op2\x82\xc7\x0e\x97\x03\xef\x1a\xa5\x00.\x89\xbc\xed\x80|l]\xe9\xca\xd3\xc9\xa3\x9e\x9cJI\xf1\xa2\xa0\xc4:\x00\x00\x00\x00\x00\x00\b\x00\x00o\xbf\xbe\xa5.b\x90l\x18G\xec\x85%\xc6\xee\x9c', 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r2, 0x227b, &(0x7f00000000c0)=0x1)
readv(r2, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r3, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000000), &(0x7f0000000040), 0x2, 0x0)

[   75.247890][ T5311] Bluetooth: hci0: command tx timeout
[   75.280637][ T5334] loop0: detected capacity change from 0 to 1024
[   75.395864][ T5334] hfsplus: new node 0 already hashed?
[   75.398551][ T5334] ------------[ cut here ]------------
[   75.400957][ T5334] WARNING: fs/hfsplus/bnode.c:631 at hfsplus_bnode_create+0x461/0x4f0, CPU#0: syz.0.0/5334
[   75.405405][ T5334] Modules linked in:
[   75.407014][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.410932][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.415649][ T5334] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   75.418385][ T5334] Code: 82 8b 89 ee e8 20 c9 86 fe e9 cf fc ff ff e8 e6 27 20 ff 4c 89 ef e8 ee 57 bd 08 48 c7 c7 80 97 82 8b 89 ee e8 00 c9 86 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   75.426048][ T5334] RSP: 0018:ffffc9000b9af3a0 EFLAGS: 00010246
[   75.428400][ T5334] RAX: 0000000000000023 RBX: ffff888030be2000 RCX: d204f876c70fe100
[   75.431678][ T5334] RDX: ffffc90020822000 RSI: 00000000000059a0 RDI: 00000000000059a1
[   75.435345][ T5334] RBP: 0000000000000000 R08: ffffc9000b9af127 R09: 1ffff92001735e24
[   75.438989][ T5334] R10: dffffc0000000000 R11: fffff52001735e25 R12: 0000000000000000
[   75.442874][ T5334] R13: ffff888030be20e0 R14: ffff888035bcc000 R15: dffffc0000000000
[   75.446598][ T5334] FS:  00007fb30addb6c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[   75.450642][ T5334] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.453788][ T5334] CR2: 0000200000000280 CR3: 00000000116a2000 CR4: 0000000000352ef0
[   75.457267][ T5334] Call Trace:
[   75.458812][ T5334]  <TASK>
[   75.460104][ T5334]  ? do_raw_spin_unlock+0x4d/0x240
[   75.462593][ T5334]  hfsplus_bmap_alloc+0x746/0xaf0
[   75.465201][ T5334]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   75.467733][ T5334]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   75.470098][ T5334]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   75.472814][ T5334]  hfs_bnode_split+0xcc/0x1080
[   75.474816][ T5334]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   75.476905][ T5334]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   75.479077][ T5334]  ? __asan_memcpy+0x40/0x70
[   75.480961][ T5334]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   75.483307][ T5334]  ? hfsplus_bnode_read_u16+0x87/0xd0
[   75.485489][ T5334]  ? __pfx_hfs_bnode_split+0x10/0x10
[   75.488065][ T5334]  hfsplus_brec_insert+0x3b6/0xd70
[   75.490017][ T5334]  ? do_raw_spin_unlock+0x4d/0x240
[   75.492193][ T5334]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   75.494305][ T5334]  ? kfree+0x1c0/0x660
[   75.495789][ T5334]  hfsplus_create_cat+0x9a9/0x10d0
[   75.497765][ T5334]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   75.500001][ T5334]  ? put_dec_full8+0x11c/0x2e0
[   75.502101][ T5334]  ? __pfx_sprintf+0x10/0x10
[   75.504010][ T5334]  hfsplus_link+0x3eb/0x6a0
[   75.506019][ T5334]  ? __pfx_hfsplus_link+0x10/0x10
[   75.508322][ T5334]  ? down_write+0x162/0x1f0
[   75.510377][ T5334]  ? __pfx_down_write+0x10/0x10
[   75.512691][ T5334]  ? inode_permission+0x2fd/0x5f0
[   75.515056][ T5334]  ? try_break_deleg+0x79/0x120
[   75.517342][ T5334]  vfs_link+0x518/0x6e0
[   75.519054][ T5334]  do_linkat+0x283/0x5a0
[   75.520689][ T5334]  ? __pfx_do_linkat+0x10/0x10
[   75.522701][ T5334]  ? strncpy_from_user+0x150/0x2c0
[   75.524931][ T5334]  ? getname_flags+0x1e5/0x540
[   75.526763][ T5334]  __x64_sys_link+0x82/0x90
[   75.528763][ T5334]  do_syscall_64+0xec/0xf80
[   75.530794][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.533633][ T5334]  ? trace_irq_disable+0x37/0x100
[   75.535853][ T5334]  ? clear_bhb_loop+0x60/0xb0
[   75.537921][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.540635][ T5334] RIP: 0033:0x7fb309f8f7c9
[   75.543252][ T5334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.550847][ T5334] RSP: 002b:00007fb30addb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[   75.553894][ T5334] RAX: ffffffffffffffda RBX: 00007fb30a1e5fa0 RCX: 00007fb309f8f7c9
[   75.557461][ T5334] RDX: 0000000000000000 RSI: 0000200000000bc0 RDI: 0000200000000280
[   75.560830][ T5334] RBP: 00007fb30a013f91 R08: 0000000000000000 R09: 0000000000000000
[   75.564205][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.568079][ T5334] R13: 00007fb30a1e6038 R14: 00007fb30a1e5fa0 R15: 00007ffe7d060048
[   75.571283][ T5334]  </TASK>
[   75.572964][ T5334] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.576140][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.579799][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.584121][ T5334] Call Trace:
[   75.585544][ T5334]  <TASK>
[   75.586708][ T5334]  vpanic+0x1e0/0x670
[   75.588259][ T5334]  panic+0xb9/0xc0
[   75.589852][ T5334]  ? __pfx_panic+0x10/0x10
[   75.591642][ T5334]  __warn+0x317/0x4b0
[   75.593361][ T5334]  ? hfsplus_bnode_create+0x461/0x4f0
[   75.595551][ T5334]  ? hfsplus_bnode_create+0x461/0x4f0
[   75.597977][ T5334]  __report_bug+0x288/0x500
[   75.599965][ T5334]  ? hfsplus_bnode_create+0x461/0x4f0
[   75.602166][ T5334]  ? __pfx___report_bug+0x10/0x10
[   75.604202][ T5334]  ? __wake_up_klogd+0xe6/0x120
[   75.606195][ T5334]  ? vprintk_emit+0x4e1/0x550
[   75.608277][ T5334]  ? __pfx_vprintk_emit+0x10/0x10
[   75.610499][ T5334]  ? hfsplus_bnode_create+0x461/0x4f0
[   75.612804][ T5334]  report_bug+0x16a/0x220
[   75.614669][ T5334]  ? hfsplus_bnode_create+0x461/0x4f0
[   75.616885][ T5334]  ? hfsplus_bnode_create+0x463/0x4f0
[   75.619288][ T5334]  handle_bug+0x98/0x200
[   75.620929][ T5334]  exc_invalid_op+0x1a/0x50
[   75.622745][ T5334]  asm_exc_invalid_op+0x1a/0x20
[   75.624492][ T5334] RIP: 0010:hfsplus_bnode_create+0x461/0x4f0
[   75.626712][ T5334] Code: 82 8b 89 ee e8 20 c9 86 fe e9 cf fc ff ff e8 e6 27 20 ff 4c 89 ef e8 ee 57 bd 08 48 c7 c7 80 97 82 8b 89 ee e8 00 c9 86 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[   75.635078][ T5334] RSP: 0018:ffffc9000b9af3a0 EFLAGS: 00010246
[   75.637773][ T5334] RAX: 0000000000000023 RBX: ffff888030be2000 RCX: d204f876c70fe100
[   75.641123][ T5334] RDX: ffffc90020822000 RSI: 00000000000059a0 RDI: 00000000000059a1
[   75.644251][ T5334] RBP: 0000000000000000 R08: ffffc9000b9af127 R09: 1ffff92001735e24
[   75.647700][ T5334] R10: dffffc0000000000 R11: fffff52001735e25 R12: 0000000000000000
[   75.651240][ T5334] R13: ffff888030be20e0 R14: ffff888035bcc000 R15: dffffc0000000000
[   75.655205][ T5334]  ? do_raw_spin_unlock+0x4d/0x240
[   75.658092][ T5334]  hfsplus_bmap_alloc+0x746/0xaf0
[   75.660924][ T5334]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[   75.664024][ T5334]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   75.666995][ T5334]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   75.669486][ T5334]  hfs_bnode_split+0xcc/0x1080
[   75.671638][ T5334]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   75.673866][ T5334]  ? hfsplus_bnode_read+0x1e5/0x7a0
[   75.676049][ T5334]  ? __asan_memcpy+0x40/0x70
[   75.678183][ T5334]  ? hfsplus_bnode_read+0x2f0/0x7a0
[   75.680322][ T5334]  ? hfsplus_bnode_read_u16+0x87/0xd0
[   75.682566][ T5334]  ? __pfx_hfs_bnode_split+0x10/0x10
[   75.684815][ T5334]  hfsplus_brec_insert+0x3b6/0xd70
[   75.686898][ T5334]  ? do_raw_spin_unlock+0x4d/0x240
[   75.689132][ T5334]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[   75.691374][ T5334]  ? kfree+0x1c0/0x660
[   75.693101][ T5334]  hfsplus_create_cat+0x9a9/0x10d0
[   75.695365][ T5334]  ? __pfx_hfsplus_create_cat+0x10/0x10
[   75.697761][ T5334]  ? put_dec_full8+0x11c/0x2e0
[   75.699862][ T5334]  ? __pfx_sprintf+0x10/0x10
[   75.701840][ T5334]  hfsplus_link+0x3eb/0x6a0
[   75.703869][ T5334]  ? __pfx_hfsplus_link+0x10/0x10
[   75.705857][ T5334]  ? down_write+0x162/0x1f0
[   75.707709][ T5334]  ? __pfx_down_write+0x10/0x10
[   75.709686][ T5334]  ? inode_permission+0x2fd/0x5f0
[   75.711781][ T5334]  ? try_break_deleg+0x79/0x120
[   75.713952][ T5334]  vfs_link+0x518/0x6e0
[   75.715885][ T5334]  do_linkat+0x283/0x5a0
[   75.718027][ T5334]  ? __pfx_do_linkat+0x10/0x10
[   75.720399][ T5334]  ? strncpy_from_user+0x150/0x2c0
[   75.723019][ T5334]  ? getname_flags+0x1e5/0x540
[   75.725145][ T5334]  __x64_sys_link+0x82/0x90
[   75.727209][ T5334]  do_syscall_64+0xec/0xf80
[   75.729210][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.731732][ T5334]  ? trace_irq_disable+0x37/0x100
[   75.733981][ T5334]  ? clear_bhb_loop+0x60/0xb0
[   75.736090][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.738591][ T5334] RIP: 0033:0x7fb309f8f7c9
[   75.740295][ T5334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.748035][ T5334] RSP: 002b:00007fb30addb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[   75.751444][ T5334] RAX: ffffffffffffffda RBX: 00007fb30a1e5fa0 RCX: 00007fb309f8f7c9
[   75.754513][ T5334] RDX: 0000000000000000 RSI: 0000200000000bc0 RDI: 0000200000000280
[   75.757706][ T5334] RBP: 00007fb30a013f91 R08: 0000000000000000 R09: 0000000000000000
[   75.760747][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.763929][ T5334] R13: 00007fb30a1e6038 R14: 00007fb30a1e5fa0 R15: 00007ffe7d060048
[   75.766978][ T5334]  </TASK>
[   75.768722][ T5334] Kernel Offset: disabled
[   75.770664][ T5334] Rebooting in 86400 seconds..