./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2790507335 <...> Warning: Permanently added '10.128.15.202' (ED25519) to the list of known hosts. execve("./syz-executor2790507335", ["./syz-executor2790507335"], 0x7fff591a10e0 /* 10 vars */) = 0 brk(NULL) = 0x555592816000 brk(0x555592816d00) = 0x555592816d00 arch_prctl(ARCH_SET_FS, 0x555592816380) = 0 set_tid_address(0x555592816650) = 5831 set_robust_list(0x555592816660, 24) = 0 rseq(0x555592816ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2790507335", 4096) = 28 getrandom("\x4f\x7f\x11\x14\x02\x32\x45\x91", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555592816d00 brk(0x555592837d00) = 0x555592837d00 brk(0x555592838000) = 0x555592838000 mprotect(0x7f71f7771000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 write(1, "executing program\n", 18executing program ) = 18 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f71ef200000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7f71ef200000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file0", 0777) = 0 mount("/dev/loop0", "./file0", "hfsplus", MS_DIRSYNC|MS_STRICTATIME, "decompose,part=0x0000000010000003,decompose,barrier,force,gid=0x0000000000000000,nls=macroman") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) syzkaller login: [ 68.028748][ T5831] loop0: detected capacity change from 0 to 1024 [ 68.088043][ T5831] hfsplus: invalid extended attribute record [ 68.094738][ T5831] [ 68.097062][ T5831] ============================================ [ 68.103189][ T5831] WARNING: possible recursive locking detected [ 68.109324][ T5831] 6.12.0-syzkaller-01892-g8f7c8b88bda4 #0 Not tainted [ 68.116063][ T5831] -------------------------------------------- [ 68.122402][ T5831] syz-executor279/5831 is trying to acquire lock: [ 68.128903][ T5831] ffff8880340d9548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x383/0x14f0 [ 68.139821][ T5831] [ 68.139821][ T5831] but task is already holding lock: [ 68.147186][ T5831] ffff8880340da988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x30a/0xc70 [ 68.158311][ T5831] [ 68.158311][ T5831] other info that might help us debug this: [ 68.166530][ T5831] Possible unsafe locking scenario: [ 68.166530][ T5831] [ 68.174109][ T5831] CPU0 [ 68.177398][ T5831] ---- [ 68.180750][ T5831] lock(&HFSPLUS_I(inode)->extents_lock); [ 68.186543][ T5831] lock(&HFSPLUS_I(inode)->extents_lock); [ 68.192353][ T5831] [ 68.192353][ T5831] *** DEADLOCK *** [ 68.192353][ T5831] [ 68.200981][ T5831] May be due to missing lock nesting notation [ 68.200981][ T5831] [ 68.209466][ T5831] 6 locks held by syz-executor279/5831: [ 68.214998][ T5831] #0: ffff88807edf4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 68.224328][ T5831] #1: ffff8880340d9df8 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_unlinkat+0x26a/0x830 [ 68.234792][ T5831] #2: ffff8880340dab78 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: vfs_unlink+0xe4/0x650 [ 68.244983][ T5831] #3: ffff88802780d998 (&sbi->vh_mutex){+.+.}-{4:4}, at: hfsplus_unlink+0x161/0x790 [ 68.254452][ T5831] #4: ffff8880340da988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x30a/0xc70 [ 68.265991][ T5831] #5: ffff88802780d8f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_free+0xbb/0x4e0 [ 68.276077][ T5831] [ 68.276077][ T5831] stack backtrace: [ 68.282285][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor279 Not tainted 6.12.0-syzkaller-01892-g8f7c8b88bda4 #0 [ 68.293053][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 68.303111][ T5831] Call Trace: [ 68.306398][ T5831] [ 68.309328][ T5831] dump_stack_lvl+0x241/0x360 [ 68.314018][ T5831] ? __pfx_dump_stack_lvl+0x10/0x10 [ 68.319322][ T5831] ? __pfx__printk+0x10/0x10 [ 68.323910][ T5831] ? lockdep_unlock+0x16a/0x300 [ 68.328755][ T5831] print_deadlock_bug+0x483/0x620 [ 68.334140][ T5831] validate_chain+0x15e2/0x5920 [ 68.339344][ T5831] ? kernel_text_address+0xa7/0xe0 [ 68.344464][ T5831] ? stack_trace_save+0x118/0x1d0 [ 68.349484][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 68.354669][ T5831] ? __pfx_stack_trace_save+0x10/0x10 [ 68.360020][ T5831] ? check_noncircular+0x259/0x4a0 [ 68.365112][ T5831] ? __pfx_check_noncircular+0x10/0x10 [ 68.370555][ T5831] ? lockdep_unlock+0x16a/0x300 [ 68.375386][ T5831] ? look_up_lock_class+0x77/0x170 [ 68.380476][ T5831] ? register_lock_class+0x102/0x980 [ 68.385738][ T5831] ? add_lock_to_list+0x1e8/0x2f0 [ 68.390746][ T5831] ? __pfx_register_lock_class+0x10/0x10 [ 68.396358][ T5831] ? validate_chain+0x15c0/0x5920 [ 68.401361][ T5831] ? is_bpf_text_address+0x26/0x2a0 [ 68.406642][ T5831] ? mark_lock+0x9a/0x360 [ 68.410967][ T5831] __lock_acquire+0x1397/0x2100 [ 68.415828][ T5831] lock_acquire+0x1ed/0x550 [ 68.420328][ T5831] ? hfsplus_get_block+0x383/0x14f0 [ 68.425533][ T5831] ? __pfx_lock_acquire+0x10/0x10 [ 68.431379][ T5831] ? __pfx___might_resched+0x10/0x10 [ 68.436662][ T5831] ? register_lock_class+0x102/0x980 [ 68.441946][ T5831] ? create_empty_buffers+0x3a/0x740 [ 68.447241][ T5831] ? __pfx_register_lock_class+0x10/0x10 [ 68.452877][ T5831] ? do_read_cache_page+0x30/0x200 [ 68.458119][ T5831] ? hfsplus_free_extents+0x17a/0xae0 [ 68.463532][ T5831] __mutex_lock+0x1ac/0xee0 [ 68.468120][ T5831] ? hfsplus_get_block+0x383/0x14f0 [ 68.473318][ T5831] ? __lock_acquire+0x1397/0x2100 [ 68.478345][ T5831] ? hfsplus_get_block+0x383/0x14f0 [ 68.483956][ T5831] ? __pfx___mutex_lock+0x10/0x10 [ 68.488966][ T5831] hfsplus_get_block+0x383/0x14f0 [ 68.493993][ T5831] ? __pfx_hfsplus_get_block+0x10/0x10 [ 68.499438][ T5831] ? _raw_spin_unlock+0x28/0x50 [ 68.504275][ T5831] ? create_empty_buffers+0x53e/0x740 [ 68.509629][ T5831] ? rcu_is_watching+0x15/0xb0 [ 68.514393][ T5831] block_read_full_folio+0x418/0xcd0 [ 68.519667][ T5831] ? __pfx_hfsplus_get_block+0x10/0x10 [ 68.525106][ T5831] ? __pfx_block_read_full_folio+0x10/0x10 [ 68.530899][ T5831] ? folio_add_lru+0x1cd/0x4f0 [ 68.535645][ T5831] filemap_read_folio+0x14b/0x630 [ 68.540773][ T5831] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 68.546325][ T5831] ? __pfx_filemap_read_folio+0x10/0x10 [ 68.551912][ T5831] do_read_cache_folio+0x3f5/0x850 [ 68.557010][ T5831] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 68.562572][ T5831] do_read_cache_page+0x30/0x200 [ 68.567702][ T5831] hfsplus_block_free+0x128/0x4e0 [ 68.573188][ T5831] ? hfsplus_find_init+0x85/0x1c0 [ 68.578218][ T5831] hfsplus_free_extents+0x17a/0xae0 [ 68.583407][ T5831] hfsplus_file_truncate+0x86c/0xc70 [ 68.588868][ T5831] ? __pfx_hfsplus_file_truncate+0x10/0x10 [ 68.594773][ T5831] ? __pfx___mutex_lock+0x10/0x10 [ 68.599871][ T5831] hfsplus_delete_inode+0x174/0x220 [ 68.605061][ T5831] hfsplus_unlink+0x512/0x790 [ 68.609826][ T5831] ? __pfx_smack_inode_unlink+0x10/0x10 [ 68.615410][ T5831] ? __pfx_hfsplus_unlink+0x10/0x10 [ 68.620709][ T5831] ? down_write+0x18c/0x220 [ 68.625215][ T5831] ? bpf_lsm_inode_unlink+0x9/0x10 [ 68.630596][ T5831] ? security_inode_unlink+0xd9/0x340 [ 68.636073][ T5831] vfs_unlink+0x365/0x650 [ 68.640684][ T5831] do_unlinkat+0x4ae/0x830 [ 68.645256][ T5831] ? __pfx_do_unlinkat+0x10/0x10 [ 68.650441][ T5831] ? __might_fault+0xaa/0x120 [ 68.655111][ T5831] ? __might_fault+0xc6/0x120 [ 68.659787][ T5831] ? strncpy_from_user+0x13a/0x260 [ 68.664907][ T5831] ? getname_flags+0x1e3/0x540 [ 68.669665][ T5831] __x64_sys_unlinkat+0xcc/0xf0 [ 68.674509][ T5831] do_syscall_64+0xf3/0x230 [ 68.678999][ T5831] ? clear_bhb_loop+0x35/0x90 [ 68.683669][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.689553][ T5831] RIP: 0033:0x7f71f76fd8f9 [ 68.693960][ T5831] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 68.713852][ T5831] RSP: 002b:00007ffffeb74da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 68.722273][ T5831] RAX: ffffffffffffffda RBX: 00007ffffeb74f88 RCX: 00007f71f76fd8f9 [ 68.730600][ T5831] RDX: 0000000000000000 RSI: 0000000020000c40 RDI: 00000000ffffff9c unlinkat(AT_FDCWD, "./file1", 0) = 0 exit_group(0) = ? +++ exited with 0 +++ [ 68.738565][ T5831] RBP: 000