program:
syz_emit_ethernet(0x80, &(0x7f0000000700)=ANY=[@ANYBLOB="aaaaaaaaaa36aaaaaaaaaaaa8100240086dd60381f3400462f00fc000000000000000000000000000000ff020000000000000000000000000001042081000000892f008200000800000086dd88a888be00000000100000020100000000000000fffbffffffffffff200000000200000000000000000700000800655800000000"], 0x0)
syz_extract_tcp_res(&(0x7f0000000000), 0x3, 0x0)
syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x30000c8, &(0x7f0000000100)=ANY=[], 0x11, 0x2d1, &(0x7f0000000280)="$eJzs3b9u01AUx/HfddI2pVVxaRESY6ESLAjKgliCUCaegAkBTZAqoiKgiD9TQUwIwc7GwCvwECwgXgAmJh6gTEb32o6T2I7dqI0b+H6kRnbia58bX9vnRKquAPy3rrd+fLr8y/4Zqaaa9Oaq5ElqSHVJJ3Wq8WR7Z2un22mP2lHNtbB/RmFLk9pmc7uT1dS2cy0ivl2ra7H/vdDCeJ1EriAIrv2sOghUzl39GTxpTrPJemOCMZXxcsx2uwccx7Qxe9rTMy1VHQcAoFrR898LM3ktRvm750nr0WPf5QdH7fk/rr2qAzh0wchP+57/rsoKjD2/x91HSb3nSjj7uRdXiWWOPDO07tJHbyjBNEVVpYvFm7+31e1c2HzQbXt6pWakb7NV99oOh26sINq1jNp0hBJ9N9kZpatXvRnbh40w/qeSBuJfGfOIKWWvTPPFfDO3jK8Pavfyv3pg7GlyZ8ofOlNh/Bfz9+h66dutFN02ms2mN7DJsjvIafWXEkW9bGRXJIpH1LIGfyDwi+J0rU4MtQp7d6mg1Upmq414LafV6kAr25veaM4/3mEz78xNs6bf+qxWX/7v2fjWNfLKTK4asx4OOPeNh/2ZzT5c3e3TT43P9OXS+xbn8kL/M3xPu/ExGH2bQ563uqsrWnr8/MX9WrfbeWQX7mQsPFzsvTPzWsrcpuIF7SbvzClwUhvHD6VJBnb+QHdo7x+FG9ur7EiclH96ofX1sAbSfDRMq+9phfcmTExy0quOBBWxeZcJ67+kXqmHyZ598TPz9JLlRrTHwObYvQouaRuEGbmkY/uq4BbyK7h0zZWqGV3NdeacdLb8Ef0ozmlm+hL4lr7rNr//AwAAAAAAAAAAAAAAAAAATJtJ/DtB1X0EAAAAAAAAAAAAAAAAAAAAAGDa9eb/VTz/r8rN/zs878pBzv/7flvZ8//GcuaaAbAvfwMAAP//QTZ8Yw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_clone(0x14100800, &(0x7f0000000580)="803fd44855e7faea915faa5b4605e8b3c48407bb597bfafee69a7c76ae90843812bcb834574300ee459972cfb956e5adf37c9646037d659ca87ae82cbd12e9c8e89118d04a96c4d8139d", 0x4a, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)="3b8804ff33db4b34381e441f80014489999d3b24f5a205812deec15040b4a60d6a6e07580b8f61a33ce72f82a4e2a53240d3d1dbac98fe4c814479f6abd4784cc38b88271825e842c37efd6a2ede43776d1536b20a06230fd1fa4b1a6d02a9007ac5789d0b9f64149810aa6101cf7c5e")
open(&(0x7f0000000080)='./bus\x00', 0x14d27e, 0x0)
mmap(&(0x7f0000767000/0x4000)=nil, 0x4000, 0xb635773f07ebbee3, 0x1010, 0xffffffffffffffff, 0x61815000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000200)='./bus\x00', 0x11d)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe, 0x0, 0x2}, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe)
sendfile(r2, r3, 0x0, 0x80000001)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000002140)={'wg2\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000006800010000000000000000000a00000000000000060007000400000008000500", @ANYRES32=r5, @ANYBLOB="14000880"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newrule={0x1c, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x20}}, 0x1c}}, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c61)
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r6, 0x2007ffc)

[   75.202694][ T4666] Bluetooth: hci0: command tx timeout
[   75.275618][ T5317] loop0: detected capacity change from 0 to 64
[   75.300703][ T5317] =======================================================
[   75.300703][ T5317] WARNING: The mand mount option has been deprecated and
[   75.300703][ T5317]          and is ignored by this kernel. Remove the mand
[   75.300703][ T5317]          option from the mount to silence this warning.
[   75.300703][ T5317] =======================================================
[   75.378618][ T5317] netlink: 16 bytes leftover after parsing attributes in process `syz.0.0'.
[   75.385919][ T5317] 
[   75.386883][ T5317] ============================================
[   75.389078][ T5317] WARNING: possible recursive locking detected
[   75.391354][ T5317] syzkaller #0 Not tainted
[   75.393115][ T5317] --------------------------------------------
[   75.395489][ T5317] syz.0.0/5317 is trying to acquire lock:
[   75.397679][ T5317] ffff8880313380f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x14c0
[   75.403490][ T5317] 
[   75.403490][ T5317] but task is already holding lock:
[   75.406627][ T5317] ffff888031338778 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x14c0
[   75.411196][ T5317] 
[   75.411196][ T5317] other info that might help us debug this:
[   75.414329][ T5317]  Possible unsafe locking scenario:
[   75.414329][ T5317] 
[   75.417598][ T5317]        CPU0
[   75.419047][ T5317]        ----
[   75.420512][ T5317]   lock(&HFS_I(tree->inode)->extents_lock);
[   75.423103][ T5317]   lock(&HFS_I(tree->inode)->extents_lock);
[   75.425765][ T5317] 
[   75.425765][ T5317]  *** DEADLOCK ***
[   75.425765][ T5317] 
[   75.429337][ T5317]  May be due to missing lock nesting notation
[   75.429337][ T5317] 
[   75.432930][ T5317] 5 locks held by syz.0.0/5317:
[   75.435054][ T5317]  #0: ffff8880115e6420 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[   75.438978][ T5317]  #1: ffff888031338fa0 (&type->i_mutex_dir_key#8){+.+.}-{4:4}, at: path_openat+0x8da/0x3830
[   75.443430][ T5317]  #2: ffff88801e30e0b0 (&tree->tree_lock){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x2c0
[   75.447525][ T5317]  #3: ffff888031338778 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x14c0
[   75.452045][ T5317]  #4: ffff88801e3b60b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x2c0
[   75.455989][ T5317] 
[   75.455989][ T5317] stack backtrace:
[   75.458287][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.458303][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.458312][ T5317] Call Trace:
[   75.458319][ T5317]  <TASK>
[   75.458325][ T5317]  dump_stack_lvl+0x189/0x250
[   75.458344][ T5317]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.458357][ T5317]  ? __pfx__printk+0x10/0x10
[   75.458368][ T5317]  ? print_lock_name+0xde/0x100
[   75.458379][ T5317]  print_deadlock_bug+0x28b/0x2a0
[   75.458392][ T5317]  validate_chain+0x1a3f/0x2140
[   75.458400][ T5317]  ? rcu_is_watching+0x15/0xb0
[   75.458409][ T5317]  ? rcu_is_watching+0x15/0xb0
[   75.458419][ T5317]  ? lock_release+0x4b/0x3e0
[   75.458427][ T5317]  ? lock_release+0x4b/0x3e0
[   75.458435][ T5317]  ? look_up_lock_class+0x74/0x170
[   75.458488][ T5317]  ? register_lock_class+0x51/0x320
[   75.458500][ T5317]  __lock_acquire+0xab9/0xd20
[   75.458509][ T5317]  ? hfs_extend_file+0xda/0x14c0
[   75.458519][ T5317]  lock_acquire+0x120/0x360
[   75.458526][ T5317]  ? hfs_extend_file+0xda/0x14c0
[   75.458538][ T5317]  __mutex_lock+0x187/0x1350
[   75.458548][ T5317]  ? hfs_extend_file+0xda/0x14c0
[   75.458558][ T5317]  ? lockdep_unlock+0x89/0x120
[   75.458568][ T5317]  ? hfs_extend_file+0xda/0x14c0
[   75.458581][ T5317]  ? __pfx___mutex_lock+0x10/0x10
[   75.458597][ T5317]  hfs_extend_file+0xda/0x14c0
[   75.458613][ T5317]  ? __pfx_hfs_extend_file+0x10/0x10
[   75.458627][ T5317]  ? __pfx___mutex_trylock_common+0x10/0x10
[   75.458639][ T5317]  ? rcu_is_watching+0x15/0xb0
[   75.458650][ T5317]  ? trace_contention_end+0x39/0x120
[   75.458662][ T5317]  ? __asan_memset+0x22/0x50
[   75.458674][ T5317]  ? hfs_brec_find+0x1a7/0x510
[   75.458688][ T5317]  hfs_bmap_reserve+0x107/0x430
[   75.458705][ T5317]  __hfs_ext_write_extent+0x1fa/0x470
[   75.458721][ T5317]  __hfs_ext_cache_extent+0x6b/0x9b0
[   75.458729][ T5317]  ? hfs_find_init+0x18e/0x2c0
[   75.458740][ T5317]  hfs_extend_file+0x31e/0x14c0
[   75.458754][ T5317]  ? __pfx_hfs_extend_file+0x10/0x10
[   75.458767][ T5317]  ? __mutex_lock+0x335/0x1350
[   75.458783][ T5317]  ? __pfx___mutex_lock+0x10/0x10
[   75.458799][ T5317]  hfs_bmap_reserve+0x107/0x430
[   75.458816][ T5317]  hfs_cat_create+0x1c5/0x730
[   75.458831][ T5317]  ? do_raw_spin_lock+0x121/0x290
[   75.458840][ T5317]  ? __pfx_hfs_cat_create+0x10/0x10
[   75.458850][ T5317]  ? _raw_spin_unlock+0x28/0x50
[   75.458857][ T5317]  ? hfs_new_inode+0x837/0xbd0
[   75.458865][ T5317]  hfs_create+0x66/0xe0
[   75.458878][ T5317]  ? __pfx_hfs_create+0x10/0x10
[   75.458890][ T5317]  path_openat+0x14f4/0x3830
[   75.458909][ T5317]  ? __pfx_path_openat+0x10/0x10
[   75.458924][ T5317]  do_filp_open+0x1fa/0x410
[   75.458934][ T5317]  ? __lock_acquire+0xab9/0xd20
[   75.458944][ T5317]  ? __pfx_do_filp_open+0x10/0x10
[   75.458958][ T5317]  ? _raw_spin_unlock+0x28/0x50
[   75.458965][ T5317]  ? alloc_fd+0x64c/0x6c0
[   75.458975][ T5317]  do_sys_openat2+0x121/0x1c0
[   75.458981][ T5317]  ? __se_sys_futex+0x36f/0x400
[   75.458990][ T5317]  ? __pfx_do_sys_openat2+0x10/0x10
[   75.458998][ T5317]  __x64_sys_open+0x11e/0x150
[   75.459004][ T5317]  do_syscall_64+0xfa/0xfa0
[   75.459013][ T5317]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.459021][ T5317]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.459028][ T5317]  ? clear_bhb_loop+0x60/0xb0
[   75.459035][ T5317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.459041][ T5317] RIP: 0033:0x7fd32f98f749
[   75.459050][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.459055][ T5317] RSP: 002b:00007fd32bded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   75.459063][ T5317] RAX: ffffffffffffffda RBX: 00007fd32fbe5fa0 RCX: 00007fd32f98f749
[   75.459068][ T5317] RDX: 0000000000000000 RSI: 000000000014927e RDI: 0000200000000180
[   75.459073][ T5317] RBP: 00007fd32fa13f91 R08: 0000000000000000 R09: 0000000000000000
[   75.459078][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.459082][ T5317] R13: 00007fd32fbe6038 R14: 00007fd32fbe5fa0 R15: 00007ffcd96a1a68
[   75.459092][ T5317]  </TASK>
[   76.013892][ T5318] hfs: request for non-existent node 8 in B*Tree
[   76.016918][ T5318] hfs: request for non-existent node 8 in B*Tree