program: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000100)=ANY=[], 0x1, 0x6b8, &(0x7f0000000e80)="$eJzs3c9vHGf9B/D3rNeON98qX6dNaISKsBKpIEUkTqwUwgWDEMqhQlU5cLYSp7GySSrHRW6FwAEEJyQO/QMKkm+ckLgHhXO59epjJSQuEYeol0UzO2uv7XXs9e/C6xWNn2f2eeaZz3z2mRnvOqsN8D/r1uU0n6bIrctvL5XrqyvT7dWV6VN1cztJWW8kzW6R4mFSPEtmyvaib0lfucXH8zff/ez56ufdTuVYzV7/kZdtN8CAvsv1ksl6vMmBW47udhfLdXh5JcntutxobLdjbehYJu1SXcKx62yxPMzmw5y3wAnTuzsV3fvmFhPJ6STj9e8Bqa8OjaOL8HAMdZUDAACAL6lPHx13BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDlU3//f1EvjbrMZIre9/+P9R6r6yfQzK57Pj3UOAAAAAAAAADgaHz9RV5kKWd6652i+pv/xWrlXL7oJP+XD/I4c1nIlSxlNotZzEKuJZnoG2hsaXZxceHa2palwVteH7jl9aM6YgAAAAAAAAD4r/SrtNb//g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdBkYx0i2o5V5eZSKOZ9bYsJ/9IMnbc8Q6hGPTg06OPAwAAAPZlfA/b/P+LvMhSzvTWO0X1mv8r1evl8XyQh1nMfBbTzlzu1K+hy1f9jdWV6fbqyvSDctk67vf/NVQY1Yj1+wuD93yh6tHK3cxXj1zJ7SqYO2lUW+ZScqEXz+C4npQxFd+r7TKyZp3Wcmd/2O5dhAMx7FsRE2VwyVpGpurYymyc7WagqN6oSTZnYsdnp7l5T2lkdG1P19JYe+fn3CHk/HRdlsfz20PN+bDWMtFIlYnrvdlXnjMvz0Tyjb/++af32g/v37v7+PLaIXU6nc6RHsI2Wts8PrLN45vnxHRfJl7fUyZOiuaQ/aeqTJxfW7+VH+UnuZzJvJOFzOdnmc1i5tJ7mmfr+Vz+nHh5pmY2rL2zUyRj9fPSfc52E9NkfljVZnOx2vZM5lPkUe5kLm9V/67nWr6dG7mRm33P8Plt466OrTrrG5vP+t4z/beBwV/6Zl0pZ+Lv1mfkzMuOeLvZeVC61/4yr2f78tqd9c/Xep3tOw+m+rL0ai87owMH38u1sfnVulLu49d1eTJM1JkoT6DeXaIX3WvdTDSre9HWef7HTrld2g/vL9ybfX+b8Zc3rb9Zl+W0WvnabqMcTZ4McVB7Us6XVzNeX0k2zo6y7bW1q8zZDXfVsfovLt22xpa281VbUfTO1B/nUTUBtp6pY/XvcFtHul61vT6wbbpqu9DXtuH3rTxKO3cOO3kA7N9ETo+1/tn6tPVJ6zete623x39w6jun3hjL6N9Hv9ucGnmz8Ubxl3ySX6y//gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbu8Ycf3Z9tt+cWBlca2zftUNlp5E2Vov5Cnz3t62gqZXi77jy+uXP1PUdHHnNrx5g7v0yOPJm9LxEc3Of3ZaWZ3Qw4s1OfJ8c+bU56ZSSDJ8AxX5iAQ3d18cH7Vx9/+NG35h/Mvjf33tzD0Rs3bk7dvPHW9NW78+25qe7P444SOAzrN/3jjgQAAAAAAAAAAADYrUEfDLj4yhAfdNn+Mx7+ZyEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwIG5dTvNpilybujJVrq+uTLfLpVdf79lM0mgkxc+T4lkyk+6Sib7hivzpWToD9vPx/M13P3u++vn6WM1u/6RRl/uwXC+ZTDJSlwc13u19j1f8u3eEZcK+6HQ6M/uLDw7GfwIAAP//Fa/5sQ==") r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x400000, {0x7, 0x7ff, 0x8, 0xfffd}}}]}, 0x38}}, 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) mount(0x0, &(0x7f00000003c0)='.\x00', 0x0, 0x2012024, 0x0) [ 85.518158][ T4708] Bluetooth: hci0: command tx timeout [ 85.591686][ T5360] loop0: detected capacity change from 0 to 1024 [ 85.655290][ T5360] [ 85.656392][ T5360] ============================================ [ 85.659164][ T5360] WARNING: possible recursive locking detected [ 85.661957][ T5360] syzkaller #0 Not tainted [ 85.663860][ T5360] -------------------------------------------- [ 85.666416][ T5360] syz.0.0/5360 is trying to acquire lock: [ 85.668958][ T5360] ffff888052df1548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1530 [ 85.673722][ T5360] [ 85.673722][ T5360] but task is already holding lock: [ 85.676649][ T5360] ffff888052df07c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 85.680440][ T5360] [ 85.680440][ T5360] other info that might help us debug this: [ 85.683270][ T5360] Possible unsafe locking scenario: [ 85.683270][ T5360] [ 85.685957][ T5360] CPU0 [ 85.687354][ T5360] ---- [ 85.688509][ T5360] lock(&HFSPLUS_I(inode)->extents_lock); [ 85.690611][ T5360] lock(&HFSPLUS_I(inode)->extents_lock); [ 85.692973][ T5360] [ 85.692973][ T5360] *** DEADLOCK *** [ 85.692973][ T5360] [ 85.696549][ T5360] May be due to missing lock nesting notation [ 85.696549][ T5360] [ 85.700297][ T5360] 5 locks held by syz.0.0/5360: [ 85.702159][ T5360] #0: ffff8880008ac0e0 (&type->s_umount_key#48/1){+.+.}-{4:4}, at: alloc_super+0x204/0x970 [ 85.705817][ T5360] #1: ffff888052de1198 (&sbi->vh_mutex){+.+.}-{4:4}, at: hfsplus_fill_super+0x1278/0x1b50 [ 85.709264][ T5360] #2: ffff888043c1e0b0 (&tree->tree_lock){+.+.}-{4:4}, at: hfsplus_find_init+0x15a/0x1d0 [ 85.712815][ T5360] #3: ffff888052df07c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 85.716903][ T5360] #4: ffff888052de10f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_allocate+0x94/0x9b0 [ 85.720538][ T5360] [ 85.720538][ T5360] stack backtrace: [ 85.722564][ T5360] CPU: 0 UID: 0 PID: 5360 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.722573][ T5360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.722578][ T5360] Call Trace: [ 85.722583][ T5360] [ 85.722588][ T5360] dump_stack_lvl+0x189/0x250 [ 85.722599][ T5360] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.722607][ T5360] ? __pfx__printk+0x10/0x10 [ 85.722618][ T5360] ? print_lock_name+0xde/0x100 [ 85.722628][ T5360] print_deadlock_bug+0x28b/0x2a0 [ 85.722636][ T5360] validate_chain+0x1a3f/0x2140 [ 85.722644][ T5360] ? lock_release+0x4b/0x3e0 [ 85.722654][ T5360] ? look_up_lock_class+0x74/0x170 [ 85.722695][ T5360] ? register_lock_class+0x51/0x320 [ 85.722704][ T5360] __lock_acquire+0xab9/0xd20 [ 85.722715][ T5360] ? hfsplus_get_block+0x39e/0x1530 [ 85.722723][ T5360] lock_acquire+0x120/0x360 [ 85.722732][ T5360] ? hfsplus_get_block+0x39e/0x1530 [ 85.722740][ T5360] ? stack_trace_save+0x9c/0xe0 [ 85.722748][ T5360] ? __pfx_hlock_conflict+0x10/0x10 [ 85.722756][ T5360] __mutex_lock+0x187/0x1350 [ 85.722764][ T5360] ? hfsplus_get_block+0x39e/0x1530 [ 85.722771][ T5360] ? lockdep_unlock+0x89/0x120 [ 85.722779][ T5360] ? validate_chain+0x897/0x2140 [ 85.722785][ T5360] ? hfsplus_get_block+0x39e/0x1530 [ 85.722791][ T5360] ? __pfx___mutex_lock+0x10/0x10 [ 85.722800][ T5360] hfsplus_get_block+0x39e/0x1530 [ 85.722808][ T5360] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.722814][ T5360] ? do_raw_spin_unlock+0x4d/0x240 [ 85.722822][ T5360] ? _raw_spin_unlock+0x28/0x50 [ 85.722831][ T5360] block_read_full_folio+0x29f/0x830 [ 85.722839][ T5360] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.722845][ T5360] filemap_read_folio+0x117/0x380 [ 85.722855][ T5360] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 85.722861][ T5360] ? __pfx_filemap_read_folio+0x10/0x10 [ 85.722870][ T5360] ? filemap_add_folio+0x1af/0x270 [ 85.722879][ T5360] do_read_cache_folio+0x350/0x590 [ 85.722884][ T5360] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 85.722891][ T5360] read_cache_page+0x5d/0x170 [ 85.722896][ T5360] hfsplus_block_allocate+0xe4/0x9b0 [ 85.722907][ T5360] hfsplus_file_extend+0xae3/0x1990 [ 85.722915][ T5360] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 85.722922][ T5360] ? hfsplus_find_init+0x15a/0x1d0 [ 85.722931][ T5360] ? __pfx___mutex_lock+0x10/0x10 [ 85.722938][ T5360] hfsplus_bmap_reserve+0x122/0x500 [ 85.722948][ T5360] hfsplus_create_cat+0x183/0x1000 [ 85.722956][ T5360] ? __pfx_hfsplus_create_cat+0x10/0x10 [ 85.722963][ T5360] ? do_raw_spin_unlock+0x4d/0x240 [ 85.722977][ T5360] ? do_raw_spin_unlock+0x4d/0x240 [ 85.722985][ T5360] ? _raw_spin_unlock+0x28/0x50 [ 85.722993][ T5360] ? hfsplus_new_inode+0x643/0x820 [ 85.723000][ T5360] hfsplus_fill_super+0x12f5/0x1b50 [ 85.723009][ T5360] ? __lock_acquire+0xab9/0xd20 [ 85.723019][ T5360] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 85.723027][ T5360] ? string+0x279/0x2b0 [ 85.723041][ T5360] ? snprintf+0xda/0x120 [ 85.723051][ T5360] ? sb_set_blocksize+0x104/0x180 [ 85.723060][ T5360] ? setup_bdev_super+0x4c1/0x5b0 [ 85.723068][ T5360] get_tree_bdev_flags+0x40e/0x4d0 [ 85.723075][ T5360] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 85.723084][ T5360] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 85.723093][ T5360] vfs_get_tree+0x92/0x2b0 [ 85.723100][ T5360] do_new_mount+0x2a2/0x9e0 [ 85.723114][ T5360] ? ns_capable+0x8a/0xf0 [ 85.723120][ T5360] ? __pfx_do_new_mount+0x10/0x10 [ 85.723127][ T5360] ? path_mount+0x61c/0xfe0 [ 85.723134][ T5360] ? user_path_at+0x44/0x60 [ 85.723141][ T5360] __se_sys_mount+0x317/0x410 [ 85.723150][ T5360] ? __pfx___se_sys_mount+0x10/0x10 [ 85.723158][ T5360] ? do_syscall_64+0xbe/0x3b0 [ 85.723165][ T5360] ? __x64_sys_mount+0x20/0xc0 [ 85.723174][ T5360] do_syscall_64+0xfa/0x3b0 [ 85.723181][ T5360] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.723187][ T5360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.723194][ T5360] ? clear_bhb_loop+0x60/0xb0 [ 85.723201][ T5360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.723209][ T5360] RIP: 0033:0x7f89c859066a [ 85.723217][ T5360] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.723223][ T5360] RSP: 002b:00007f89c9440e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 85.723231][ T5360] RAX: ffffffffffffffda RBX: 00007f89c9440ef0 RCX: 00007f89c859066a [ 85.723236][ T5360] RDX: 0000200000000000 RSI: 0000200000000140 RDI: 00007f89c9440eb0 [ 85.723240][ T5360] RBP: 0000200000000000 R08: 00007f89c9440ef0 R09: 0000000002000010 [ 85.723244][ T5360] R10: 0000000002000010 R11: 0000000000000246 R12: 0000200000000140 [ 85.723248][ T5360] R13: 00007f89c9440eb0 R14: 00000000000006b8 R15: 0000200000000100 [ 85.723254][ T5360]