./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1435890110 <...> Warning: Permanently added '10.128.10.60' (ED25519) to the list of known hosts. execve("./syz-executor1435890110", ["./syz-executor1435890110"], 0x7ffdc8c91710 /* 10 vars */) = 0 brk(NULL) = 0x555584b18000 brk(0x555584b18d00) = 0x555584b18d00 arch_prctl(ARCH_SET_FS, 0x555584b18380) = 0 set_tid_address(0x555584b18650) = 5080 set_robust_list(0x555584b18660, 24) = 0 rseq(0x555584b18ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1435890110", 4096) = 28 getrandom("\xee\x2e\xb5\x78\xc6\xe7\x7c\x4f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555584b18d00 brk(0x555584b39d00) = 0x555584b39d00 brk(0x555584b3a000) = 0x555584b3a000 mprotect(0x7f6a0e4b1000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 write(1, "executing program\n", 18executing program ) = 18 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6a05e00000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7f6a05e00000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./bus", 0777) = 0 [ 56.152133][ T5080] loop0: detected capacity change from 0 to 1024 [ 56.173726][ T5080] ======================================================= [ 56.173726][ T5080] WARNING: The mand mount option has been deprecated and [ 56.173726][ T5080] and is ignored by this kernel. Remove the mand [ 56.173726][ T5080] option from the mount to silence this warning. mount("/dev/loop0", "./bus", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_STRICTATIME, "") = 0 openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 chdir("./bus") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "memory.events", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 56.173726][ T5080] ======================================================= open("./file2", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000) = 5 [ 56.249720][ T29] audit: type=1800 audit(1716529839.410:2): pid=5080 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor143" name="file2" dev="loop0" ino=22 res=0 errno=0 [ 56.252369][ T5080] [ 56.272033][ T5080] ============================================ [ 56.278170][ T5080] WARNING: possible recursive locking detected [ 56.284304][ T5080] 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 Not tainted [ 56.291018][ T5080] -------------------------------------------- [ 56.297150][ T5080] syz-executor143/5080 is trying to acquire lock: [ 56.303541][ T5080] ffff888079211548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_get_block+0x383/0x14f0 [ 56.314443][ T5080] [ 56.314443][ T5080] but task is already holding lock: [ 56.321789][ T5080] ffff888079213048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x21b/0x1b70 [ 56.332831][ T5080] [ 56.332831][ T5080] other info that might help us debug this: [ 56.340862][ T5080] Possible unsafe locking scenario: [ 56.340862][ T5080] [ 56.348288][ T5080] CPU0 [ 56.351544][ T5080] ---- [ 56.354799][ T5080] lock(&HFSPLUS_I(inode)->extents_lock); [ 56.360579][ T5080] lock(&HFSPLUS_I(inode)->extents_lock); [ 56.366374][ T5080] [ 56.366374][ T5080] *** DEADLOCK *** [ 56.366374][ T5080] [ 56.374491][ T5080] May be due to missing lock nesting notation [ 56.374491][ T5080] [ 56.382781][ T5080] 4 locks held by syz-executor143/5080: [ 56.388316][ T5080] #0: ffff888023fe2420 (sb_writers#9){.+.+}-{0:0}, at: do_ftruncate+0x294/0x590 [ 56.397430][ T5080] #1: ffff888079213240 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: do_ftruncate+0x457/0x590 [ 56.407840][ T5080] #2: ffff888079213048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x21b/0x1b70 [ 56.419294][ T5080] #3: ffff88802e4330f8 (&sbi->alloc_mutex){+.+.}-{3:3}, at: hfsplus_block_allocate+0x9e/0x8c0 [ 56.429626][ T5080] [ 56.429626][ T5080] stack backtrace: [ 56.435511][ T5080] CPU: 0 PID: 5080 Comm: syz-executor143 Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 56.445556][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 56.455598][ T5080] Call Trace: [ 56.458864][ T5080] [ 56.461778][ T5080] dump_stack_lvl+0x241/0x360 [ 56.466437][ T5080] ? __pfx_dump_stack_lvl+0x10/0x10 [ 56.471610][ T5080] ? print_deadlock_bug+0x479/0x620 [ 56.476782][ T5080] ? _find_first_zero_bit+0xd4/0x100 [ 56.482048][ T5080] validate_chain+0x15c1/0x58e0 [ 56.486878][ T5080] ? __pfx_stack_trace_save+0x10/0x10 [ 56.492226][ T5080] ? check_noncircular+0x259/0x4a0 [ 56.497311][ T5080] ? __pfx_validate_chain+0x10/0x10 [ 56.502485][ T5080] ? __pfx_check_noncircular+0x10/0x10 [ 56.507929][ T5080] ? lockdep_unlock+0x16a/0x300 [ 56.512751][ T5080] ? __pfx_lockdep_unlock+0x10/0x10 [ 56.517919][ T5080] ? add_lock_to_list+0x1de/0x2e0 [ 56.522918][ T5080] ? look_up_lock_class+0x77/0x160 [ 56.528007][ T5080] ? register_lock_class+0x102/0x980 [ 56.533265][ T5080] ? validate_chain+0x15a2/0x58e0 [ 56.538263][ T5080] ? is_bpf_text_address+0x26/0x2a0 [ 56.543436][ T5080] ? __pfx_register_lock_class+0x10/0x10 [ 56.549044][ T5080] ? mark_lock+0x9a/0x350 [ 56.553347][ T5080] __lock_acquire+0x1346/0x1fd0 [ 56.558175][ T5080] lock_acquire+0x1ed/0x550 [ 56.562651][ T5080] ? hfsplus_get_block+0x383/0x14f0 [ 56.567832][ T5080] ? __pfx_lock_acquire+0x10/0x10 [ 56.572835][ T5080] ? __pfx___might_resched+0x10/0x10 [ 56.578095][ T5080] ? filemap_read_folio+0x1a0/0x790 [ 56.583275][ T5080] ? __pfx_register_lock_class+0x10/0x10 [ 56.588890][ T5080] ? hfsplus_file_extend+0xade/0x1b70 [ 56.594262][ T5080] ? __block_write_begin_int+0x50c/0x1a70 [ 56.599959][ T5080] ? block_write_begin+0x9b/0x1e0 [ 56.604963][ T5080] __mutex_lock+0x136/0xd70 [ 56.609451][ T5080] ? hfsplus_get_block+0x383/0x14f0 [ 56.614629][ T5080] ? hfsplus_get_block+0x383/0x14f0 [ 56.619805][ T5080] ? __pfx___mutex_lock+0x10/0x10 [ 56.624813][ T5080] hfsplus_get_block+0x383/0x14f0 [ 56.629828][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.635265][ T5080] ? _raw_spin_unlock+0x28/0x50 [ 56.640090][ T5080] ? create_empty_buffers+0x53e/0x740 [ 56.645439][ T5080] block_read_full_folio+0x42e/0xe10 [ 56.650705][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.656210][ T5080] ? __pfx_block_read_full_folio+0x10/0x10 [ 56.662012][ T5080] ? __pfx_lru_add_fn+0x10/0x10 [ 56.666885][ T5080] ? folio_add_lru+0x4b3/0x9e0 [ 56.671631][ T5080] ? folio_add_lru+0x27b/0x9e0 [ 56.676373][ T5080] filemap_read_folio+0x1a0/0x790 [ 56.681377][ T5080] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 56.686899][ T5080] ? __pfx_filemap_read_folio+0x10/0x10 [ 56.692418][ T5080] ? __filemap_get_folio+0x92d/0xbb0 [ 56.697676][ T5080] ? hfsplus_block_allocate+0x9e/0x8c0 [ 56.703111][ T5080] do_read_cache_folio+0x134/0x820 [ 56.708201][ T5080] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 56.713724][ T5080] do_read_cache_page+0x30/0x200 [ 56.718635][ T5080] hfsplus_block_allocate+0xee/0x8c0 [ 56.723900][ T5080] hfsplus_file_extend+0xade/0x1b70 [ 56.729077][ T5080] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 56.734691][ T5080] hfsplus_get_block+0x406/0x14f0 [ 56.739695][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.745133][ T5080] ? _raw_spin_unlock+0x28/0x50 [ 56.749959][ T5080] ? create_empty_buffers+0x53e/0x740 [ 56.755309][ T5080] ? folio_batch_add_and_move+0x165/0x2b0 [ 56.761003][ T5080] __block_write_begin_int+0x50c/0x1a70 [ 56.766529][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.771965][ T5080] ? __pfx___block_write_begin_int+0x10/0x10 [ 56.777926][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.783365][ T5080] block_write_begin+0x9b/0x1e0 [ 56.788197][ T5080] cont_write_begin+0x645/0x890 [ 56.793029][ T5080] ? __pfx_cont_write_begin+0x10/0x10 [ 56.798381][ T5080] hfsplus_write_begin+0x8a/0xd0 [ 56.803295][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.808735][ T5080] cont_write_begin+0x319/0x890 [ 56.813563][ T5080] ? __pfx_cont_write_begin+0x10/0x10 [ 56.818911][ T5080] ? smk_access+0x4ab/0x4e0 [ 56.823396][ T5080] ? smk_tskacc+0x300/0x370 [ 56.827880][ T5080] hfsplus_write_begin+0x8a/0xd0 [ 56.832797][ T5080] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.838239][ T5080] generic_cont_expand_simple+0x18f/0x2b0 [ 56.843950][ T5080] ? __pfx_generic_cont_expand_simple+0x10/0x10 [ 56.850167][ T5080] ? setattr_prepare+0x1f5/0xb20 [ 56.855084][ T5080] hfsplus_setattr+0x178/0x280 [ 56.859827][ T5080] ? __pfx_hfsplus_setattr+0x10/0x10 [ 56.865094][ T5080] notify_change+0xb9d/0xe70 [ 56.869665][ T5080] do_ftruncate+0x46b/0x590 [ 56.874146][ T5080] ? lockdep_hardirqs_on+0x99/0x150 [ 56.879325][ T5080] ? __pfx_do_ftruncate+0x10/0x10 [ 56.884328][ T5080] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 56.890634][ T5080] __x64_sys_ftruncate+0x95/0xf0 [ 56.895550][ T5080] do_syscall_64+0xf5/0x240 [ 56.900026][ T5080] ? clear_bhb_loop+0x35/0x90 [ 56.904689][ T5080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.910663][ T5080] RIP: 0033:0x7f6a0e43e679 [ 56.915074][ T5080] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.934656][ T5080] RSP: 002b:00007ffdd2a91128 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 56.943043][ T5080] RAX: ffffffffffffffda RBX: 00007ffdd2a912f8 RCX: 00007f6a0e43e679 ftruncate(5, 33587195) = -1 ENOSPC (No space left on device) exit_group(0) = ? +++ exited with 0 +++ [ 56.951001][ T5080