program: syz_mount_image$hfsplus(&(0x7f0000000280), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000004c0)={[{@part={'part', 0x3d, 0x1}}, {@nls={'nls', 0x3d, 'cp874'}}, {@gid}, {@part={'part', 0x3d, 0x4}}, {@creator={'creator', 0x3d, "dd049d83"}}, {@umask={'umask', 0x3d, 0x9}}, {@uid}, {@type={'type', 0x3d, "1eb672bc"}}, {@creator={'creator', 0x3d, "85f19471"}}]}, 0x1, 0x701, &(0x7f0000000580)="$eJzs3UtoHPcdB/DvrFbPgqM8bKclEBFDWmJqSxZO617qltL6EEpICz0LW46F13aQlCKbUit93HvIqaf0oJvpoaR3Q3tuCJRcdQwUcsnJN5WZnV2tpNVKsmxZbj8fMTv/mf9zfrMzs7uDmAD/t66cTfNhilw5+85Kuby+NtsaWpsdrbNbSUaSNJJme5bidqrcy/WUb5Yr6/LFbv18vHDpvS++Xv+yvdSsp6p8Y1C9PkZ2rlqtp0wlGarnOw3v0uKn27vf0t7VXdvbr6K7hWXAznQClz8fqlU4tI0dVrt5D/6d/CwPBlU/yHELHFNF+7q5w2QykYx2l+uzQ+PIBvZ0bGxs3H/WYwAAAICDGT94lRce5VFWcuJpDAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+V9XP/y/qqdFJT6WYSDKWZKRelzp9DO39IMTPR9vzh09/MAAAAAAAAADw1L3+KI+ykhOd5Y2iuuf/Rs89/m/kwyxlPos5l5XMZTnLWcxMksmehkZW5paXF2eqmskrA2peyGd9al7YfYyXn/A2AwAAAAAAAMAxN7ZH/s3hnet+lyub9/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA4KJKh9qyaXumkJ9NoJhlLMlKWW00+66SfE0W/lQ+PfhwAAABwKGNbF4uxfdR54X4eZSUnOssbRfWd/1T1fXksH+Z2lrOQ5bQyn2v1d+jyW39jfW22tb42e6ucemrXfvRV+drc79CrFtP+7aF/z69WJcZzPQvVmnO5miIblUbdyqvra7Pl/Nb2cbV9VI6p+GFtwGiGetLXypfTn1bpP239FWHfW3cYjV1zJqvc4W5EpuuxlTVe7ESgfyTae2eA5sCeZtLo/vLzyuCe+sf8o8G9T2wr1feXm2dieyQupNHdQ6cGRyL59t8fNNK6ffPG9aWzx2eT+rq/Z4ntkZjticTpfUTiVzeej0jsbbqKxMnu8pX8NL/I2Xw1+m4Ws5BfZy7LmZ/q5M/V7+fydXJwpD6f6F16d6+RlMfkVPf81W9MU9kypkzlJ1VqLm9U+/REFlLkTpL5vF39XchM92ywuYdP7uOob2w56lfbp+rdB3/mO9WsG6aM7172r3tF4skq4/piT1x7z7mTVV7vms0ovdQ3Sp1r3f6vRz2a36oTZQu/H3h9OGrbIzHTE4mXd3u/tEP6l+p9sdS6fXPxxtwH++zvzXpeHkd/PFZXiXIPv5SxeuNerF6L6piarvJe7l5ht8ZrpL7j0tbYkXeyW699pP48d3Jty5H6vVzMxVyqSp+qSg/vuGKVeae7LW09h5d55SetZvfGTu/nrTtptT8PAXC8Tbw1MTL+n/F/jX8y/ofxG+PvjP149Pujr41k+J/DP2hOD73ZeK34Wz7Jbze//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI9v6e69m3Ot1vxi/0Sjf1YxuNZca6PzILEBZbYkivpROfsoXCzdvbexZ4ODE6P18B6z+pNMdJ7WuLnml83ta9qJqQO1PJyDDKNY3b6/xvbeF52nPO2ji2JHwMvKjx26Ts+ba4aPwa7cnph6cg123rA9WQd/9473219DSfoV3uPEMXToUw/wjJ1fvvXB+aW79767cGvu/fn3528PX7x4afrSxbdnz19faM1Pt197KhzJw2+Bo9D7caJrJMnre9cd8KBWAAAAAAAAAAAA4Ck6iv+FeNbbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzfrpxN82GKzEyfmy6X19dmW+XUSW+WbCZpJCl+kxT/SC6nPWWyp7lit34+Xrj03hdfr3+52VazU76RrHbqrT3eVqzWU6aSDNXzQ9jS3tW92xvZTI72yS66kSkDdqYTuCRvbbQdbrjwmP4bAAD//7tZ+mk=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) [ 86.225206][ T5346] loop0: detected capacity change from 0 to 1024 [ 86.301596][ T5346] [ 86.302700][ T5346] ============================================ [ 86.305296][ T5346] WARNING: possible recursive locking detected [ 86.307903][ T5346] syzkaller #0 Not tainted [ 86.309751][ T5346] -------------------------------------------- [ 86.312335][ T5346] syz.0.0/5346 is trying to acquire lock: [ 86.314629][ T5346] ffff888032f780b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x2d0 [ 86.318720][ T5346] [ 86.318720][ T5346] but task is already holding lock: [ 86.321860][ T5346] ffff888032f780b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x2d0 [ 86.326111][ T5346] [ 86.326111][ T5346] other info that might help us debug this: [ 86.329772][ T5346] Possible unsafe locking scenario: [ 86.329772][ T5346] [ 86.333211][ T5346] CPU0 [ 86.334648][ T5346] ---- [ 86.336017][ T5346] lock(&tree->tree_lock/1); [ 86.337768][ T5346] lock(&tree->tree_lock/1); [ 86.339593][ T5346] [ 86.339593][ T5346] *** DEADLOCK *** [ 86.339593][ T5346] [ 86.342406][ T5346] May be due to missing lock nesting notation [ 86.342406][ T5346] [ 86.345337][ T5346] 6 locks held by syz.0.0/5346: [ 86.347086][ T5346] #0: ffff8880114a3ef8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320 [ 86.350222][ T5346] #1: ffff888011e08420 (sb_writers#12){.+.+}-{0:0}, at: vfs_write+0x211/0xb30 [ 86.353629][ T5346] #2: ffff8880418eab78 (&sb->s_type->i_mutex_key#24){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550 [ 86.358514][ T5346] #3: ffff8880418ea988 (&hip->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1c30 [ 86.363065][ T5346] #4: ffff888032f780b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x2d0 [ 86.366976][ T5346] #5: ffff8880418e8108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1c30 [ 86.371695][ T5346] [ 86.371695][ T5346] stack backtrace: [ 86.374389][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.374401][ T5346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.374405][ T5346] Call Trace: [ 86.374411][ T5346] [ 86.374414][ T5346] dump_stack_lvl+0xe8/0x150 [ 86.374428][ T5346] print_deadlock_bug+0x279/0x290 [ 86.374443][ T5346] __lock_acquire+0x2540/0x2cf0 [ 86.374456][ T5346] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 86.374523][ T5346] ? lockdep_hardirqs_on+0x7b/0x110 [ 86.374533][ T5346] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 86.374547][ T5346] ? stack_depot_save_flags+0x3f3/0x810 [ 86.374584][ T5346] ? hfsplus_find_init+0x168/0x2d0 [ 86.374603][ T5346] lock_acquire+0x107/0x340 [ 86.374613][ T5346] ? hfsplus_find_init+0x168/0x2d0 [ 86.374630][ T5346] __mutex_lock+0x187/0x1350 [ 86.374640][ T5346] ? hfsplus_find_init+0x168/0x2d0 [ 86.374655][ T5346] ? hfsplus_find_init+0x168/0x2d0 [ 86.374669][ T5346] ? __pfx___mutex_lock+0x10/0x10 [ 86.374680][ T5346] ? rcu_is_watching+0x15/0xb0 [ 86.374695][ T5346] ? trace_kmalloc+0x1f/0xb0 [ 86.374707][ T5346] ? __kmalloc_noprof+0x43e/0x800 [ 86.374719][ T5346] ? hfsplus_find_init+0x8c/0x2d0 [ 86.374733][ T5346] hfsplus_find_init+0x168/0x2d0 [ 86.374749][ T5346] hfsplus_file_extend+0x40e/0x1c30 [ 86.374763][ T5346] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 86.374775][ T5346] ? __pfx___mutex_trylock_common+0x10/0x10 [ 86.374786][ T5346] ? rcu_is_watching+0x15/0xb0 [ 86.374794][ T5346] ? __asan_memset+0x22/0x50 [ 86.374803][ T5346] ? hfsplus_brec_find+0x1a9/0x510 [ 86.374812][ T5346] hfsplus_bmap_reserve+0x125/0x510 [ 86.374825][ T5346] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 86.374836][ T5346] __hfsplus_ext_cache_extent+0x89/0xe30 [ 86.374850][ T5346] hfsplus_file_extend+0x437/0x1c30 [ 86.374863][ T5346] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 86.374875][ T5346] ? clean_bdev_aliases+0x5c9/0x6b0 [ 86.374890][ T5346] ? __pfx_clean_bdev_aliases+0x10/0x10 [ 86.374905][ T5346] hfsplus_get_block+0x40a/0x1600 [ 86.374918][ T5346] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.374929][ T5346] ? do_raw_spin_unlock+0x4d/0x240 [ 86.374943][ T5346] ? _raw_spin_unlock+0x28/0x50 [ 86.374956][ T5346] __block_write_begin_int+0x6b5/0x1900 [ 86.374973][ T5346] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.374984][ T5346] ? __pfx___block_write_begin_int+0x10/0x10 [ 86.375002][ T5346] cont_write_begin+0x78c/0xb50 [ 86.375018][ T5346] ? __pfx_cont_write_begin+0x10/0x10 [ 86.375035][ T5346] hfsplus_write_begin+0x66/0xb0 [ 86.375045][ T5346] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.375056][ T5346] generic_perform_write+0x2c5/0x900 [ 86.375069][ T5346] ? __pfx_generic_perform_write+0x10/0x10 [ 86.375078][ T5346] ? file_update_time_flags+0x448/0x4e0 [ 86.375092][ T5346] ? __generic_file_write_iter+0xf9/0x230 [ 86.375100][ T5346] ? generic_file_write_iter+0x103/0x550 [ 86.375109][ T5346] generic_file_write_iter+0x117/0x550 [ 86.375118][ T5346] ? __pfx_generic_file_write_iter+0x10/0x10 [ 86.375128][ T5346] ? lockdep_unlock+0x6c/0xf0 [ 86.375136][ T5346] ? __lock_acquire+0x146f/0x2cf0 [ 86.375146][ T5346] ? __pfx_aa_file_perm+0x10/0x10 [ 86.375161][ T5346] ? vfs_write+0x211/0xb30 [ 86.375176][ T5346] ? vfs_write+0x211/0xb30 [ 86.375195][ T5346] vfs_write+0x5c9/0xb30 [ 86.375210][ T5346] ? __pfx_generic_file_write_iter+0x10/0x10 [ 86.375227][ T5346] ? __pfx_vfs_write+0x10/0x10 [ 86.375244][ T5346] ? __fget_files+0x2a/0x420 [ 86.375258][ T5346] ksys_write+0x145/0x250 [ 86.375275][ T5346] ? __pfx_ksys_write+0x10/0x10 [ 86.375292][ T5346] do_syscall_64+0xec/0xf80 [ 86.375301][ T5346] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.375307][ T5346] ? trace_irq_disable+0x37/0x100 [ 86.375315][ T5346] ? clear_bhb_loop+0x60/0xb0 [ 86.375322][ T5346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.375330][ T5346] RIP: 0033:0x7fe06398f7c9 [ 86.375341][ T5346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.375350][ T5346] RSP: 002b:00007fe0647aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 86.375364][ T5346] RAX: ffffffffffffffda RBX: 00007fe063be5fa0 RCX: 00007fe06398f7c9 [ 86.375372][ T5346] RDX: 000000000208e24b RSI: 0000200000000000 RDI: 0000000000000004 [ 86.375380][ T5346] RBP: 00007fe063a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 86.375387][ T5346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.375394][ T5346] R13: 00007fe063be6038 R14: 00007fe063be5fa0 R15: 00007ffc2f553258 [ 86.375406][ T5346] [ 86.572926][ T4685] Bluetooth: hci0: command tx timeout [ 88.638017][ T4685] Bluetooth: hci0: command tx timeout [ 90.717705][ T4685] Bluetooth: hci0: command tx timeout [ 91.759932][ T10] cfg80211: failed to load regulatory.db