program: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x1008402, &(0x7f0000000080)=ANY=[], 0x85, 0x6b0, &(0x7f0000000d00)="$eJzs3c1vHGcZAPBn1uu1N7SxmyZtgirFaiRAWE38IRfMpQEh5EOFqnLgbCVOYmWTRvYWuRUC81G49pA/oBx844CQuKKIcoZbJU4+VkJw6aXmwqD52A+v7V07TrJ2+P2q8fvOvu+887zPzszO7jbaAP5vLU1H9VEksTT99ka2vr0139jemr/XqkfEWERUIqpFEcmXaZp+GnE9iiUuZQ+WwyW7R38w0ao9XF1897Mvtj8v1qrlkvX/88TxZ7FZLjEVESNl+aTGuzFovPFBwyXtzGQJu9JKHAzbaESkuX89zNb/EREvtFu61PfbeuCRD5wCSfG6ucdkxJnyRM/uA4pXxeJG4FTbHHYAAAAA8OQlve93J3ZiJzbi7JDiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFOp/P3/pFwqrfpUJK3f/6+Vj0VZP1kuH637o6cVBwAAAAAAAAA8bROd6uWd2ImNONtaT5P8O//X85Xz+d+vxPuxHiuxFldjI5ajGc1Yi9mImOwas7ax3Gyuzba3bP2fAXu3nNt3y7kBMY+VZf1YMwcAAAAAAACAU+rLNE37dvhlLHW+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJMgiRgpinw536pPRqUaEeMRUcv6bUb8vVU/rS69EfFo2EEAAADAMaSH7DexEzuxEWfb2yX5e/5X8vf94/F+3I9mrEYzGrESN/PPAop3/ZXtrfnG9tb8vWzZO+53/32kcPMRo/jsYf89X8x71ONWrOaPXI0b8V4kyc2o5FtmLrbi2T+uX2QxJW8VRg8Z2c2yzGb+cVn2qh5prgc64ocpk3lGRtsZmSljy7LxUv9MHPHZ6d3TbFTawZ7v2VPPJHbl/K1D7u9MWWbz+c0BOR+O3kzMdR19r/TPecTX//T7H99p3L9759b69MmZ0uGMlGVxXanvzcR8VyZefZ4zscdMnokL7fWl+EH8KKZjKt6JtViNn8RyNGMlpuL7eW25PJ6TrlO+K1OVrqGv79rRO4MiqZVHaPFkFTH9N03TLKYYENPr+bZnYzV+GO/FzViJN/P/5mI2vhULsRCLXc/whUNcaSsHnPXpi/sGf+UbZaUeEb8ty9ztJ3R9fWxZXl/qymv3NXcyb+t+pJOlc0d4PWpl6Q/9Q6l+taxk+/hV7D5chqs3E7NdmXi5fyZ+l19W1hv3767dWX5wuN2d+7isZOfRRyfqVSI7Xs617wt2Hx1Z28tFW34P0p2vWvmNS7FdZU/bhXZbcaZuHnim1sp7uL0jzeVtr+7bNp+3Xexq673farTvh077lz8Az62PahFnvnmmVv9n/W/1T+q/rt+pvz3+vbFvj71Wi9G/jn6nOjPytcpryR/jk/hZ5/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw+NY/+PDucqOxstZTSdP05wc0ndhKOrhP6+fMnmFgl16IeCojvzh4FrWIOBnPzn/SNC0fSU5CPP0raWYs0sfc/C8R0afPSOeRakTs1+fycWfRe2yMH3mcPhcNPwAFz4VrzXsPrq1/8OEbq/eWb6/cXrm/uLCwOLO48Ob8tVurjZWZ4u+wowSehs6L/rAjAQAAAAAAAAAAAA7rWfybioP3Pv4spwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcUkvTUX0USczOXJ3J1re35hvZ0qp3elYjohIRyU8jkk8jrkexxGTXcMlB+3m4uvjuZ19sf94Zq9rqX+m3XX+Vstwsl5iKiJGyPIZd49049nhJe4ZZwq60EgfD9r8AAAD//xX/Do0=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101c42, 0x11) pwritev2(r0, &(0x7f0000000cc0)=[{&(0x7f0000000240)=';', 0xffffffbc}], 0x1, 0xfff, 0xc, 0x4) r1 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) preadv2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)=""/115, 0x73}], 0x1, 0x6, 0xfff, 0xa) [ 101.686748][ T4671] Bluetooth: hci0: command tx timeout [ 101.779534][ T5331] loop0: detected capacity change from 0 to 1024 [ 101.857162][ T5331] [ 101.858563][ T5331] ============================================ [ 101.861912][ T5331] WARNING: possible recursive locking detected [ 101.864850][ T5331] syzkaller #0 Not tainted [ 101.866883][ T5331] -------------------------------------------- [ 101.869680][ T5331] syz.0.0/5331 is trying to acquire lock: [ 101.873021][ T5331] ffff88801207f708 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1670 [ 101.879386][ T5331] [ 101.879386][ T5331] but task is already holding lock: [ 101.882732][ T5331] ffff88801207e988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x215/0x1d70 [ 101.887437][ T5331] [ 101.887437][ T5331] other info that might help us debug this: [ 101.890929][ T5331] Possible unsafe locking scenario: [ 101.890929][ T5331] [ 101.894412][ T5331] CPU0 [ 101.896266][ T5331] ---- [ 101.898007][ T5331] lock(&HFSPLUS_I(inode)->extents_lock); [ 101.900616][ T5331] lock(&HFSPLUS_I(inode)->extents_lock); [ 101.903113][ T5331] [ 101.903113][ T5331] *** DEADLOCK *** [ 101.903113][ T5331] [ 101.906662][ T5331] May be due to missing lock nesting notation [ 101.906662][ T5331] [ 101.910748][ T5331] 4 locks held by syz.0.0/5331: [ 101.913487][ T5331] #0: ffff888012258420 (sb_writers#12){.+.+}-{0:0}, at: vfs_writev+0x2aa/0x990 [ 101.917992][ T5331] #1: ffff88801207eb78 (&sb->s_type->i_mutex_key#25){+.+.}-{4:4}, at: generic_file_write_iter+0x11e/0x680 [ 101.922883][ T5331] #2: ffff88801207e988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x215/0x1d70 [ 101.928535][ T5331] #3: ffff88801f7530f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_allocate+0xa7/0xce0 [ 101.933645][ T5331] [ 101.933645][ T5331] stack backtrace: [ 101.936673][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 101.936696][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 101.936708][ T5331] Call Trace: [ 101.936716][ T5331] [ 101.936749][ T5331] dump_stack_lvl+0xe8/0x150 [ 101.936780][ T5331] print_deadlock_bug+0x279/0x290 [ 101.936804][ T5331] __lock_acquire+0x253f/0x2cf0 [ 101.936822][ T5331] ? lock_release+0x4b/0x3d0 [ 101.936859][ T5331] ? lock_release+0x4b/0x3d0 [ 101.936879][ T5331] ? is_bpf_text_address+0x292/0x2b0 [ 101.936896][ T5331] ? is_bpf_text_address+0x26/0x2b0 [ 101.936910][ T5331] lock_acquire+0xf0/0x2e0 [ 101.936926][ T5331] ? hfsplus_get_block+0x39e/0x1670 [ 101.936956][ T5331] __mutex_lock+0x19f/0x1300 [ 101.937022][ T5331] ? hfsplus_get_block+0x39e/0x1670 [ 101.937044][ T5331] ? stack_trace_save+0xa9/0x100 [ 101.937061][ T5331] ? __pfx_stack_trace_save+0x10/0x10 [ 101.937075][ T5331] ? check_path+0x21/0x40 [ 101.937092][ T5331] ? check_noncircular+0xda/0x150 [ 101.937110][ T5331] ? hfsplus_get_block+0x39e/0x1670 [ 101.937130][ T5331] ? __pfx___mutex_lock+0x10/0x10 [ 101.937143][ T5331] ? __lock_acquire+0x146e/0x2cf0 [ 101.937163][ T5331] hfsplus_get_block+0x39e/0x1670 [ 101.937184][ T5331] ? __pfx_hfsplus_get_block+0x10/0x10 [ 101.937203][ T5331] ? do_raw_spin_unlock+0x4d/0x210 [ 101.937218][ T5331] ? _raw_spin_unlock+0x28/0x50 [ 101.937237][ T5331] block_read_full_folio+0x29f/0x830 [ 101.937253][ T5331] ? __pfx_hfsplus_get_block+0x10/0x10 [ 101.937273][ T5331] filemap_read_folio+0x137/0x3b0 [ 101.937287][ T5331] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 101.937304][ T5331] ? __pfx_filemap_read_folio+0x10/0x10 [ 101.937317][ T5331] ? filemap_add_folio+0x356/0x530 [ 101.937338][ T5331] do_read_cache_folio+0x358/0x590 [ 101.937353][ T5331] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 101.937376][ T5331] read_cache_page+0x5d/0x170 [ 101.937391][ T5331] hfsplus_block_allocate+0xf3/0xce0 [ 101.937421][ T5331] hfsplus_file_extend+0xb2d/0x1d70 [ 101.937446][ T5331] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 101.937470][ T5331] ? __kernel_text_address+0xd/0x30 [ 101.937487][ T5331] ? unwind_get_return_address+0x4d/0x90 [ 101.937513][ T5331] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 101.937527][ T5331] ? arch_stack_walk+0xe3/0x150 [ 101.937548][ T5331] ? unwind_next_frame+0xa5/0x23c0 [ 101.937568][ T5331] ? rcu_is_watching+0x15/0xb0 [ 101.937587][ T5331] ? unwind_next_frame+0xa5/0x23c0 [ 101.937607][ T5331] ? lock_release+0x4b/0x3d0 [ 101.937625][ T5331] ? __lock_acquire+0x6b5/0x2cf0 [ 101.937645][ T5331] hfsplus_get_block+0x42c/0x1670 [ 101.937668][ T5331] ? is_bpf_text_address+0x292/0x2b0 [ 101.937685][ T5331] ? __pfx_hfsplus_get_block+0x10/0x10 [ 101.937706][ T5331] ? folio_try_get+0x1c/0x340 [ 101.937727][ T5331] ? filemap_get_entry+0xca/0x320 [ 101.937750][ T5331] __block_write_begin_int+0x6c6/0x1910 [ 101.937770][ T5331] ? __pfx_hfsplus_get_block+0x10/0x10 [ 101.937792][ T5331] ? __pfx___block_write_begin_int+0x10/0x10 [ 101.937809][ T5331] cont_write_begin+0x737/0xae0 [ 101.937827][ T5331] ? ktime_get_coarse_real_ts64_mg+0x1c5/0x1e0 [ 101.937846][ T5331] ? __pfx_cont_write_begin+0x10/0x10 [ 101.937861][ T5331] ? inode_set_ctime_current+0x277/0xba0 [ 101.937878][ T5331] hfsplus_write_begin+0x66/0xb0 [ 101.937897][ T5331] ? __pfx_hfsplus_get_block+0x10/0x10 [ 101.937917][ T5331] generic_perform_write+0x2e2/0x8f0 [ 101.937947][ T5331] ? __pfx_generic_perform_write+0x10/0x10 [ 101.937964][ T5331] ? file_update_time_flags+0x400/0x4a0 [ 101.937990][ T5331] ? __generic_file_write_iter+0xf9/0x230 [ 101.938007][ T5331] ? generic_file_write_iter+0x136/0x680 [ 101.938024][ T5331] generic_file_write_iter+0x14a/0x680 [ 101.938041][ T5331] ? __pfx_generic_file_write_iter+0x10/0x10 [ 101.938058][ T5331] ? aa_file_perm+0x192/0x15e0 [ 101.938140][ T5331] ? aa_file_perm+0x50e/0x15e0 [ 101.938160][ T5331] ? aa_file_perm+0x192/0x15e0 [ 101.938181][ T5331] ? __lock_acquire+0x6b5/0x2cf0 [ 101.938200][ T5331] ? preempt_schedule_thunk+0x16/0x30 [ 101.938219][ T5331] do_iter_readv_writev+0x619/0x8c0 [ 101.938235][ T5331] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 101.938252][ T5331] vfs_writev+0x33c/0x990 [ 101.938272][ T5331] ? __pfx_vfs_writev+0x10/0x10 [ 101.938292][ T5331] ? __fget_files+0x2a/0x420 [ 101.938310][ T5331] ? __fget_files+0x3a0/0x420 [ 101.938328][ T5331] ? __fget_files+0x2a/0x420 [ 101.938347][ T5331] __se_sys_pwritev2+0x184/0x2a0 [ 101.938363][ T5331] ? __pfx___se_sys_pwritev2+0x10/0x10 [ 101.938380][ T5331] ? __x64_sys_pwritev2+0x20/0xc0 [ 101.938394][ T5331] do_syscall_64+0x14d/0xf80 [ 101.938410][ T5331] ? trace_irq_disable+0x3b/0x150 [ 101.938431][ T5331] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.938446][ T5331] ? clear_bhb_loop+0x40/0x90 [ 101.938463][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.938478][ T5331] RIP: 0033:0x7ff02839c799 [ 101.938495][ T5331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 101.938507][ T5331] RSP: 002b:00007ff029316fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 101.938525][ T5331] RAX: ffffffffffffffda RBX: 00007ff028615fa0 RCX: 00007ff02839c799 [ 101.938536][ T5331] RDX: 0000000000000001 RSI: 0000200000000cc0 RDI: 0000000000000004 [ 101.938545][ T5331] RBP: 00007ff028432c99 R08: 000000000000000c R09: 0000000000000004 [ 101.938555][ T5331] R10: 0000000000000fff R11: 0000000000000246 R12: 0000000000000000 [ 101.938564][ T5331] R13: 00007ff028616038 R14: 00007ff028615fa0 R15: 00007ffe4331e918 [ 101.938580][ T5331]