program: syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x3000080, &(0x7f0000000280)=ANY=[], 0x1, 0x2e0, &(0x7f0000000880)="$eJzs3c1qE10cx/HfmSRt+jT0mb48POCyWtCN1LoRNymSixAXojYRiqGiraBurOJKRPfuvQVvQXCjeAO6cuUFRBBGzpnJa+cljUmmod8PGCYz85/zP5m38x+wIwCn1rXat/eXf9h/RiqoIL26KnmSylJR0n/6v/xo72D3oNmop2ynFTg2yiiMNEdW2tlrxMWWFUVEfPutqErvPExGEATb3yXt550IcuXO/hieNB+dnW55eeqZpXs+YtzhmPOYNaallh5rKe88AAD5iu7/XnSfr0Tjd8+TNqLb/om8/4+qlXcCExekLu25/7sqKzB2//7rFnXrPVfC2eVeu0ocpuXSwPc5hUdW3wDTZFWVLhdv4e5us3Fx536z7umFqpGe1dbcZz08dNsysl2PqU1TDNF3Ez+iXHR9KNk+bCXkvzpiiyMzn8wXc9P4eqd6Z/xXDIzdTW5P+QN7Ksx/M3mLrpe+XUvRZaNarXp9qyy7Rs5ELUQyelmOr0jUPqKW1f+AwM/K00WtDESFvbuUEbUaRm0v9EVttb8lRK31tWV70zmak9ubNPPGXDfr+qkPqvWM/z2b34ZSz8zuWWM2wluB+8XD/szFN1d02/SP3DkOdaPSP6fzK84npf4r/Zp2OqX8Js9Swl7rjq5oaf/J03uFZrPx0E7cjpl4UOnMKb2UYtc55kT7JPqb7XjqztFhd9G8wgeRR6JKY2j0uBMXxrpBe/3IXNmeZVPp4FiOhFmdqH2ewoFkL5I59nSc1yicVN2dnrnqx6kkhGlz466w/uupVzbdYM9++Cnj9MwBWbTFwI6xOxVQuS9+xU39E1vBJT1uWEyu4Iatuc6el851Zv0OMqoRP8pzNgRpQz/L1PRVt3j+DwAAAAAAAAAAAAAAAAAAMGum8d8J8u4jAAAAAAAAAAAAAAAAAAAAAACzrvP+X7Xf/6vh3v87+Je/C+EbXsby/t+3e+L9v8Dk/QkAAP//TN6FzA==") r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0) io_setup(0x202, &(0x7f0000000200)) r1 = socket(0x40000000015, 0x5, 0x0) ioctl$BTRFS_IOC_SUBVOL_SYNC_WAIT(r0, 0x40109441, &(0x7f0000000140)={0x9, 0x0, 0xd8d}) syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file2\x00', 0x90, &(0x7f0000003280)=ANY=[], 0x4, 0xd9c, &(0x7f0000001dc0)="$eJzs3ctvXNX9APBzx544L35xiPnFTdPYJaW4j9gkWKW7GildoEqoEn8BSgMNNfQRugAFKWHRbSMh/oAiuu6izyyQIlap2LTqP4BYdZMiJNpGlcCV7XPG429memcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux9ri4OF2l9Patty7emxn/9+qUmVaO2bXH8Ty2lFJqtuZLaTIsb2liPf3sk2uX2tPPc1qlC6lKVWt6evZua94jKaXraTbdTpPpuY9P3nzpg2eW3ztx48TFN+bu7EzrAQBgtNz73rs//fPj3712/D+/ObOUJlrTy/b5Uh4/mrf7l6r18Zy0/gdUbWnVNl4cCPnG89AI+cY65GsvpxnyjXcp/0BYbrNLvoma8sfapnVqNwyzjf/xVWN+03ijMT+//p981YdjB6r5V64sv3B1QBUFtt2nM3kXn8FgGLlh5dig10AA6+Jxw/tcj3sWHkxraeO9lX/36Ubn+WEb7PbnX/nDVf67N6xx2D779dNU2lW+R0fzeDyOMB7m6/f7X5YXj0c0e6xnt+MIw3J8oVs9x3a5HlvVrf7xc7FffSmn5XU4E+Lt35/4ng7Lewx0ds/+f4NhZIeVQa+AgD0rnje3kpV4PK8vxidq4gdr4odq4odr4kdq4jDKfvvqL9PNauN/fvxP3+/+sLKf7aGc/l+f9Yn7I/stP573268HLT+eTwx72ty/Tn/689t/ief/fx7O/z+bf0sn8wqi7C+M+9Vb5/6HC4MbXfI9HKrzUIf8a8+nNuerpjaWk9rWM/fVY3rzfMe65Tu9Od9kyHc4b4scDPWN2yeHw3xl+6OsV8vrNR7a2wztOBDqUd6Z4zk9GNpzvFu7wo7sAyFfMw8nQrumQrseCfP9f2hXNb25XXH/eanPyTA9Hicp+cLbdt/vUnwv4nUZj+b0zZy+k9P3c/pRh3JHUfk8djv/v3w+p1OzeuHK8uUn8nj5nN4Za06sTj+/y/UGHlyv1/9Mp83X/xxtTW822tcLxzamV+3rhckw/UKX6U/m8fJ79sOxQ2vT5y/9ePkH2914GHFXX3v9R88vL1/+mSeeeOJJ68mg10zATlt49eWfLFx97fVzV15+/sXLL15+5fwT3/7Wk089tbiwtlW/0L5tD+wvGz/6g64JAAAAAAAAAAAA0LPqUOfJOa27v225nrxcnx6vj2c4lPetfBrKfQzK9Z/d7utSrt88vgt1ZPvtxuVEg24j0Nk/3P/XYBjZYWXFXfyBvWHQ/f+V+x6W9Oi5vx1fHUq2u09vXl/G+xfCg9jr/c8pf3/1/9fq/6rn9V/oMWtya+X+7t6hv7YVm071Wn5sf7kP7FR/5f8+l19a81jqrfyVX4Xy441Ke/SHUP7hHsu/r/2nt1b+H3P55WWbO9tr+es1rhqb6xH3G5f7AMb9xsWfQvvLvf36bv8WO2q7lcuHUTYs/Uz2a1j6/+ymLLesB/PquXWcrtx/O/Z30G/9y32/y+/AI2H5Vc3vm/4/h1td/5/l87eg/0/Ydz50/M9gGNlhZWVloF2fjGq/K3vFoF//QW9DDrr8Qb/+dWL/n/H/Uuz/M8Zj/58xHvv/jPHYv1aMx/4/4+sZ+/+M8ZNhubF/0Oma+Bdq4qdq4l+siZ+uiV/59f+Oz9bMf6YmPlMTf7gm/mhN/GxN/Cs18cdq4o/XxOdq4vvdl3M6qu2HURb7jfT9h9FRjv90+/5P1cSB4RX7dY7f76/WxIHhVc7z8P2GEVR1vmNH3N9e9uO+mdN3cvp+Tj/asQqyG76W06/n9Bs5/WZOz+V0PqcLOdU35HD7xd9PnblZbZzndyzEez2fNF4PEO8Tc77H+sTjc/2ez3qyx3J2qvwtXg4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDQaa4+Li9NVSm/feuviP6e+8/3VKTOtHLNrj+N5bCml1EwpVXl8PCzv+sR6+tkn1y51Sqt0Ye2xjKdn77bmPbI6f5pNt9Nkeu7jkzdf+uCZ5fdO3Dhx8Y25OzvTegAAABgN/w0AAP//Wabmsg==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101441, 0x134) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) truncate(&(0x7f0000000040)='./file1\x00', 0x1001bfc) r2 = syz_open_dev$loop(&(0x7f0000000640), 0x0, 0x22400) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x127042, 0x144) sendfile(r3, r2, 0x0, 0x80000002) syz_usb_connect(0x2, 0x0, 0x0, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4) r4 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000004c0)="0000000000303e97380e90231bdbdaf6a4bd77eabcd3866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9d00000c0a498396b28c7d1784d04aa38922721cb781608144284d90a72d7d2e3152d201ed78ffb6e711b889cda0346ce9bca2e6e9e46b15980456c43a659f427e3e6e9e16e0de93100734d409ca57c27d3bde66b2791c1b2f7032f3cc02c85c43e8652f13258bd412174ea931f1d39a9830e593761d91c56f637f0e1568ea66a15d9f0eba504ab3eb205fda13d1068e7692f8d00a2d92d2fb48887b6f71c6de43a923bbcaa9e3ac5bd82ac0ec00000000000000000000000000000000e48251271d0ed111d9ed7f4d18ee4aa30240843ed560aeebee209d8c557e60e69e634b37c43235e062634e8f0932582eb91d27c5c81911c5a4d57ea2813573aec3a6909f30f29c535a", 0x142}, {&(0x7f0000000d00)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fbc84589ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe953054720185010000f1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe0", 0x33f}], 0x2}, 0x0) syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x800) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r5, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {}, @result}], 0x1c) write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40) sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, 0x0}, 0x4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000cc0), r6) [ 87.306487][ T5288] Bluetooth: hci0: command tx timeout [ 87.412699][ T5326] loop0: detected capacity change from 0 to 64 [ 88.061740][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.061740][ T177] loop0: rw=1, sector=65, nr_sectors = 1 limit=64 [ 88.085337][ T177] Buffer I/O error on dev loop0, logical block 65, lost async page write [ 88.102124][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.102124][ T177] loop0: rw=1, sector=66, nr_sectors = 1 limit=64 [ 88.122464][ T177] Buffer I/O error on dev loop0, logical block 66, lost async page write [ 88.142989][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.142989][ T177] loop0: rw=1, sector=67, nr_sectors = 1 limit=64 [ 88.171206][ T177] Buffer I/O error on dev loop0, logical block 67, lost async page write [ 88.184937][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.184937][ T177] loop0: rw=1, sector=68, nr_sectors = 1 limit=64 [ 88.206531][ T177] Buffer I/O error on dev loop0, logical block 68, lost async page write [ 88.219704][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.219704][ T177] loop0: rw=1, sector=72, nr_sectors = 1 limit=64 [ 88.237396][ T177] Buffer I/O error on dev loop0, logical block 72, lost async page write [ 88.250461][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.250461][ T177] loop0: rw=1, sector=73, nr_sectors = 1 limit=64 [ 88.269705][ T177] Buffer I/O error on dev loop0, logical block 73, lost async page write [ 88.281897][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.281897][ T177] loop0: rw=1, sector=76, nr_sectors = 1 limit=64 [ 88.307612][ T177] Buffer I/O error on dev loop0, logical block 76, lost async page write [ 88.324509][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.324509][ T177] loop0: rw=1, sector=77, nr_sectors = 1 limit=64 [ 88.349213][ T177] Buffer I/O error on dev loop0, logical block 77, lost async page write [ 88.384651][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.384651][ T177] loop0: rw=1, sector=78, nr_sectors = 2400 limit=64 [ 88.421825][ T177] kworker/u4:6: attempt to access beyond end of device [ 88.421825][ T177] loop0: rw=1, sector=2478, nr_sectors = 1688 limit=64 [ 88.438992][ T177] Buffer I/O error on dev loop0, logical block 4166, lost async page write [ 88.451685][ T177] Buffer I/O error on dev loop0, logical block 4167, lost async page write [ 89.215370][ T5326] [ 89.216571][ T5326] ============================================ [ 89.219316][ T5326] WARNING: possible recursive locking detected [ 89.222156][ T5326] syzkaller #0 Not tainted [ 89.224081][ T5326] -------------------------------------------- [ 89.226743][ T5326] syz.0.0/5326 is trying to acquire lock: [ 89.229182][ T5326] ffff888012cd00a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 89.233143][ T5326] [ 89.233143][ T5326] but task is already holding lock: [ 89.236261][ T5326] ffff888012cd00a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 89.240148][ T5326] [ 89.240148][ T5326] other info that might help us debug this: [ 89.243519][ T5326] Possible unsafe locking scenario: [ 89.243519][ T5326] [ 89.246828][ T5326] CPU0 [ 89.248352][ T5326] ---- [ 89.249821][ T5326] lock(&tree->tree_lock/1); [ 89.253120][ T5326] lock(&tree->tree_lock/1); [ 89.255115][ T5326] [ 89.255115][ T5326] *** DEADLOCK *** [ 89.255115][ T5326] [ 89.258722][ T5326] May be due to missing lock nesting notation [ 89.258722][ T5326] [ 89.262258][ T5326] 5 locks held by syz.0.0/5326: [ 89.264329][ T5326] #0: ffff888012440410 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 89.268175][ T5326] #1: ffff888012333490 (&sb->s_type->i_mutex_key#24){+.+.}-{4:4}, at: do_truncate+0x18f/0x250 [ 89.272687][ T5326] #2: ffff8880123332f0 (&HFS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 89.277123][ T5326] #3: ffff888012cd00a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 89.281423][ T5326] #4: ffff888012ce4730 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 89.286064][ T5326] [ 89.286064][ T5326] stack backtrace: [ 89.288597][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 89.288613][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 89.288620][ T5326] Call Trace: [ 89.288627][ T5326] [ 89.288634][ T5326] dump_stack_lvl+0xe8/0x150 [ 89.288650][ T5326] print_deadlock_bug+0x279/0x290 [ 89.288668][ T5326] __lock_acquire+0x253f/0x2cf0 [ 89.288681][ T5326] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 89.288746][ T5326] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 89.288757][ T5326] ? stack_depot_save_flags+0x3f3/0x810 [ 89.288802][ T5326] ? kasan_save_track+0x4f/0x80 [ 89.288814][ T5326] ? kasan_save_track+0x3e/0x80 [ 89.288827][ T5326] ? hfs_find_init+0x18e/0x300 [ 89.288842][ T5326] lock_acquire+0x106/0x350 [ 89.288853][ T5326] ? hfs_find_init+0x18e/0x300 [ 89.288870][ T5326] __mutex_lock+0x1a3/0x1550 [ 89.288884][ T5326] ? hfs_find_init+0x18e/0x300 [ 89.288900][ T5326] ? hfs_find_init+0x18e/0x300 [ 89.288915][ T5326] ? __pfx___mutex_lock+0x10/0x10 [ 89.288928][ T5326] ? rcu_is_watching+0x15/0xb0 [ 89.288942][ T5326] ? __kmalloc_noprof+0x37d/0x760 [ 89.288957][ T5326] ? hfs_find_init+0xaa/0x300 [ 89.288970][ T5326] ? __kmalloc_noprof+0x1b8/0x760 [ 89.288983][ T5326] hfs_find_init+0x18e/0x300 [ 89.288998][ T5326] hfs_extend_file+0x35c/0x15e0 [ 89.289010][ T5326] ? hfs_ext_keycmp+0x1c7/0x320 [ 89.289021][ T5326] ? __pfx_hfs_extend_file+0x10/0x10 [ 89.289033][ T5326] ? __pfx___hfs_brec_find+0x10/0x10 [ 89.289050][ T5326] ? hfs_brec_find+0x3cc/0x510 [ 89.289066][ T5326] hfs_bmap_reserve+0x107/0x430 [ 89.289084][ T5326] __hfs_ext_write_extent+0x1fa/0x470 [ 89.289097][ T5326] __hfs_ext_cache_extent+0x6b/0x9b0 [ 89.289108][ T5326] ? hfs_find_init+0x18e/0x300 [ 89.289122][ T5326] hfs_extend_file+0x39b/0x15e0 [ 89.289133][ T5326] ? __pfx_filemap_get_folios_tag+0x10/0x10 [ 89.289148][ T5326] ? __pfx_hfs_extend_file+0x10/0x10 [ 89.289161][ T5326] ? clean_bdev_aliases+0x62e/0x750 [ 89.289178][ T5326] ? __pfx_clean_bdev_aliases+0x10/0x10 [ 89.289195][ T5326] hfs_get_block+0x412/0xc50 [ 89.289236][ T5326] ? __pfx_hfs_get_block+0x10/0x10 [ 89.289249][ T5326] ? do_raw_spin_unlock+0x4d/0x210 [ 89.289264][ T5326] ? _raw_spin_unlock+0x28/0x50 [ 89.289275][ T5326] __block_write_begin_int+0x6c6/0x1910 [ 89.289295][ T5326] ? __pfx_hfs_get_block+0x10/0x10 [ 89.289306][ T5326] ? __pfx___block_write_begin_int+0x10/0x10 [ 89.289323][ T5326] cont_write_begin+0x737/0xae0 [ 89.289347][ T5326] ? __pfx_cont_write_begin+0x10/0x10 [ 89.289363][ T5326] ? folio_unlock+0x101/0x160 [ 89.289374][ T5326] hfs_write_begin+0x66/0xb0 [ 89.289385][ T5326] ? __pfx_hfs_get_block+0x10/0x10 [ 89.289396][ T5326] cont_write_begin+0x2e7/0xae0 [ 89.289412][ T5326] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 89.289431][ T5326] ? __pfx_cont_write_begin+0x10/0x10 [ 89.289446][ T5326] hfs_write_begin+0x66/0xb0 [ 89.289456][ T5326] ? __pfx_hfs_get_block+0x10/0x10 [ 89.289467][ T5326] hfs_file_truncate+0x1cf/0xb70 [ 89.289478][ T5326] ? __up_read+0x291/0x6b0 [ 89.289494][ T5326] ? __pfx_hfs_file_truncate+0x10/0x10 [ 89.289505][ T5326] ? unmap_mapping_range+0xe6/0x180 [ 89.289523][ T5326] ? __pfx_unmap_mapping_range+0x10/0x10 [ 89.289539][ T5326] ? truncate_setsize+0xcf/0xf0 [ 89.289556][ T5326] hfs_inode_setattr+0x4a9/0x670 [ 89.289568][ T5326] ? try_break_deleg+0x5b/0x180 [ 89.289582][ T5326] ? __pfx_hfs_inode_setattr+0x10/0x10 [ 89.289593][ T5326] notify_change+0xc1a/0xf40 [ 89.289610][ T5326] do_truncate+0x1c2/0x250 [ 89.289626][ T5326] ? __pfx_do_truncate+0x10/0x10 [ 89.289639][ T5326] ? apparmor_path_truncate+0x245/0x2e0 [ 89.289654][ T5326] vfs_truncate+0x4b4/0x540 [ 89.289666][ T5326] ? __pfx_vfs_truncate+0x10/0x10 [ 89.289680][ T5326] ? do_getname+0x151/0x250 [ 89.289696][ T5326] ksys_truncate+0xf3/0x1c0 [ 89.289710][ T5326] ? __pfx_ksys_truncate+0x10/0x10 [ 89.289726][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.289737][ T5326] __x64_sys_truncate+0x5b/0x70 [ 89.289751][ T5326] do_syscall_64+0x15f/0xf80 [ 89.289765][ T5326] ? trace_irq_disable+0x3b/0x140 [ 89.289780][ T5326] ? clear_bhb_loop+0x40/0x90 [ 89.289793][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.289804][ T5326] RIP: 0033:0x7fc03539cdd9 [ 89.289817][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 89.289826][ T5326] RSP: 002b:00007fc0362b2fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 89.289839][ T5326] RAX: ffffffffffffffda RBX: 00007fc035615fa0 RCX: 00007fc03539cdd9 [ 89.289847][ T5326] RDX: 0000000000000000 RSI: 0000000001001bfc RDI: 0000200000000040 [ 89.289854][ T5326] RBP: 00007fc035432d69 R08: 0000000000000000 R09: 0000000000000000 [ 89.289861][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.289867][ T5326] R13: 00007fc035616038 R14: 00007fc035615fa0 R15: 00007ffc65da6be8 [ 89.289875][ T5326] [ 89.504867][ T5288] Bluetooth: hci0: command tx timeout [ 91.577873][ T5288] Bluetooth: hci0: command tx timeout