program: syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000080)={[{@part={'part', 0x3d, 0x40}}, {@nodecompose}, {@part={'part', 0x3d, 0x7}}, {@part={'part', 0x3d, 0xc}}, {@uid}, {@barrier}, {@nls={'nls', 0x3d, 'macinuit'}}, {@gid={'gid', 0x3d, 0xee00}}]}, 0x3, 0x5f4, &(0x7f0000000640)="$eJzs3c9rHOcZB/DvrNay5YKzSewkLS0V9qElprZWmzg6FOqWUnQIJdBLLjkIex0Lr5UgbYoSSpH789r/IClFPvfUQ+nBkJ577VHQQw6F3nVzmdlZaW0rshQr2lXy+cC77zv7zrzzzOOZVzuzmA3wtbX4dk49SJHFy2+ul8tbm53e1mbn7rCd5HSSRtIcVClWkuLT5HoGJd8s36yHKz5vP+98/MbCZ+3795KiORirOVy/sd92B7NRl8wmmarroxrvxjOPV+wcYZmwS8PEwbg9fMLGYTZ/xusWmGSt5GySM/XngNSzQ2PMYT2zQ81yAAAAcEI9t53trOfcuOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk6RIpgZVVRrD9myK4e//T9fvpW6faA/GHQAAAAAAAAAAHIHvbmc76zk3XH5YVN/5X6wWzlev38gHWUs3q7mS9Syln35W007SGhloen2p319tP3XLItl4NITBlvPHcLAAAAAAAAAA8NX1myzufv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACToEimBlVVzg/brTSaSc4kmS7X20j+MWyfZA/GHQAAAAAcg+e2s531nBsuPyyqe/6Xqvv+M/kgK+lnOf300s3N6lnA4K6/sbXZ6W1tdu6W5clxf/y/Q4VRjZjBs4e99zxXrXFhZ4vF/Cy/yOXM5q2sZjm/zFL66WY2P61aSynSqp9etIZx7h3v9UeW3nparK9UkczkVpar2K7kRt5LLzfTqI6hWmf/Pd4rs1P8qHbAHN2s6/KI/lTXk6FVZeTUTkbm6tyX2Xh+/0wc8jx5fE/tNHaeQZ3/99Hn/Gxdl7n+w0TnfH7k7Htp/5wnF//znb/d7q3cuX1r7fLkHNIX9HgmOiOZePlrlYnpOhuDWfRws+XFattzWc7P815uppvXs5DXM5/X8lrmspBrI3m9cID5rXG4a+3S9+vGTJI/1vVkKPP6/EheR2e6VtU3+s4gS+XJ9MLR/xVofqtulPv4bV1Phscz0R45X17cPxN/fli+rvVW7qzeXnr/gPv7Xl2Xmf79RM3N5fnyQvmPVS09enaUfS/u2deu+s7v9DWe6Luw0/e0K3W6/gz35EjzVd/Le/Z1qr5XRvr2+pQDwITa/U777Ktnp2f+O/OvmU9mfjdze+bNMz85vXD629M59c/m36f+2rjf+GHxaj7Jr3fv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9u7cOP7iz1hj8D0Ot1VwfvfMUaf8lEhKFx0hrN+sqYlHiOrzHGSQk4Flf7d9+/uvbhRz9Yvrv0bvfd7kqn0742v3BtYf7a1VvLve7c4HXcYQJfgt0/+uOOBAAAAAAAAAAAADio4/jvBOM+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBkW3w7px6kSHvuyly5vLXZ6ZVl2N5ds5mkkaT4VVJ8mlzPoKQ1Mlzxeft55+M3Fj5r37+3O1ZzuH5jv+0OZqMumU0yVddHNd6NZx6v2DnCMmGXhomDcft/AAAA//9Shwfb") r0 = creat(&(0x7f0000000300)='./file1\x00', 0x28) io_setup(0x202, &(0x7f0000000200)=0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x70000}]) ioctl$SNDCTL_TMR_TIMEBASE(r0, 0xc0045401, &(0x7f0000000000)=0x3ba) [ 73.252007][ T5318] syz.0.0 (5318) used greatest stack depth: 11008 bytes left [ 72.515598][ T4664] Bluetooth: hci0: command tx timeout [ 72.604473][ T5318] loop0: detected capacity change from 0 to 1024 [ 72.649742][ T5318] [ 72.650747][ T5318] ============================================ [ 72.653057][ T5318] WARNING: possible recursive locking detected [ 72.655209][ T5318] 6.13.0-rc2-syzkaller-00232-g4800575d8c0b #0 Not tainted [ 72.657796][ T5318] -------------------------------------------- [ 72.660223][ T5318] syz.0.0/5318 is trying to acquire lock: [ 72.662502][ T5318] ffff888043f21548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x383/0x14f0 [ 72.666794][ T5318] [ 72.666794][ T5318] but task is already holding lock: [ 72.669450][ T5318] ffff888043f22988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x30a/0xc70 [ 72.673408][ T5318] [ 72.673408][ T5318] other info that might help us debug this: [ 72.676247][ T5318] Possible unsafe locking scenario: [ 72.676247][ T5318] [ 72.678981][ T5318] CPU0 [ 72.680175][ T5318] ---- [ 72.681303][ T5318] lock(&HFSPLUS_I(inode)->extents_lock); [ 72.683340][ T5318] lock(&HFSPLUS_I(inode)->extents_lock); [ 72.685472][ T5318] [ 72.685472][ T5318] *** DEADLOCK *** [ 72.685472][ T5318] [ 72.688274][ T5318] May be due to missing lock nesting notation [ 72.688274][ T5318] [ 72.691021][ T5318] 4 locks held by syz.0.0/5318: [ 72.692692][ T5318] #0: ffff88801e1b6420 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 72.695613][ T5318] #1: ffff888043f22b78 (&sb->s_type->i_mutex_key#21){+.+.}-{4:4}, at: do_truncate+0x20c/0x310 [ 72.698838][ T5318] #2: ffff888043f22988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x30a/0xc70 [ 72.702282][ T5318] #3: ffff888043db20f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_free+0xbb/0x4e0 [ 72.705475][ T5318] [ 72.705475][ T5318] stack backtrace: [ 72.707450][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00232-g4800575d8c0b #0 [ 72.711288][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.715132][ T5318] Call Trace: [ 72.716305][ T5318] [ 72.717348][ T5318] dump_stack_lvl+0x241/0x360 [ 72.718998][ T5318] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.720845][ T5318] ? __pfx__printk+0x10/0x10 [ 72.722560][ T5318] ? lockdep_unlock+0x16a/0x300 [ 72.724356][ T5318] print_deadlock_bug+0x483/0x620 [ 72.726211][ T5318] validate_chain+0x15e2/0x5920 [ 72.728054][ T5318] ? kernel_text_address+0xa7/0xe0 [ 72.730062][ T5318] ? stack_trace_save+0x118/0x1d0 [ 72.731931][ T5318] ? __pfx_validate_chain+0x10/0x10 [ 72.733823][ T5318] ? __pfx_stack_trace_save+0x10/0x10 [ 72.735860][ T5318] ? check_noncircular+0x259/0x4a0 [ 72.737775][ T5318] ? __pfx_check_noncircular+0x10/0x10 [ 72.739571][ T5318] ? lockdep_unlock+0x16a/0x300 [ 72.741496][ T5318] ? look_up_lock_class+0x77/0x170 [ 72.743421][ T5318] ? register_lock_class+0x102/0x980 [ 72.745412][ T5318] ? add_lock_to_list+0x1e8/0x2f0 [ 72.747318][ T5318] ? __pfx_register_lock_class+0x10/0x10 [ 72.749441][ T5318] ? validate_chain+0x15c0/0x5920 [ 72.751276][ T5318] ? is_bpf_text_address+0x26/0x2a0 [ 72.753216][ T5318] ? mark_lock+0x9a/0x360 [ 72.754726][ T5318] __lock_acquire+0x1397/0x2100 [ 72.756527][ T5318] lock_acquire+0x1ed/0x550 [ 72.758128][ T5318] ? hfsplus_get_block+0x383/0x14f0 [ 72.760119][ T5318] ? __pfx_lock_acquire+0x10/0x10 [ 72.761859][ T5318] ? __pfx___might_resched+0x10/0x10 [ 72.763650][ T5318] ? register_lock_class+0x102/0x980 [ 72.765625][ T5318] ? __pfx_register_lock_class+0x10/0x10 [ 72.767735][ T5318] __mutex_lock+0x1ac/0xee0 [ 72.769303][ T5318] ? hfsplus_get_block+0x383/0x14f0 [ 72.771140][ T5318] ? __lock_acquire+0x1397/0x2100 [ 72.772988][ T5318] ? hfsplus_get_block+0x383/0x14f0 [ 72.774831][ T5318] ? __pfx___mutex_lock+0x10/0x10 [ 72.776637][ T5318] hfsplus_get_block+0x383/0x14f0 [ 72.778416][ T5318] ? __pfx_hfsplus_get_block+0x10/0x10 [ 72.780275][ T5318] ? _raw_spin_unlock+0x28/0x50 [ 72.781962][ T5318] ? create_empty_buffers+0x471/0x530 [ 72.783883][ T5318] block_read_full_folio+0x3ee/0xae0 [ 72.785995][ T5318] ? __pfx_hfsplus_get_block+0x10/0x10 [ 72.788037][ T5318] ? __pfx_block_read_full_folio+0x10/0x10 [ 72.790272][ T5318] filemap_read_folio+0x148/0x3b0 [ 72.792174][ T5318] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 72.794118][ T5318] ? __pfx_filemap_read_folio+0x10/0x10 [ 72.796086][ T5318] ? __filemap_get_folio+0x848/0x940 [ 72.797855][ T5318] do_read_cache_folio+0x373/0x5b0 [ 72.799463][ T5318] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 72.801428][ T5318] read_cache_page+0x5b/0x170 [ 72.802806][ T5318] hfsplus_block_free+0x128/0x4e0 [ 72.804845][ T5318] ? rcu_is_watching+0x15/0xb0 [ 72.806635][ T5318] hfsplus_free_extents+0x17a/0xae0 [ 72.808638][ T5318] hfsplus_file_truncate+0x86c/0xc70 [ 72.810812][ T5318] ? __pfx___up_read+0x10/0x10 [ 72.812571][ T5318] ? __pfx_hfsplus_file_truncate+0x10/0x10 [ 72.814753][ T5318] ? unmap_mapping_range+0xf8/0x290 [ 72.816797][ T5318] ? __pfx_unmap_mapping_range+0x10/0x10 [ 72.818956][ T5318] ? current_time+0x2a4/0x3c0 [ 72.820785][ T5318] ? truncate_setsize+0xcf/0xf0 [ 72.822654][ T5318] hfsplus_setattr+0x1bd/0x270 [ 72.824460][ T5318] ? __pfx_hfsplus_setattr+0x10/0x10 [ 72.826383][ T5318] notify_change+0xbca/0xe90 [ 72.828386][ T5318] do_truncate+0x220/0x310 [ 72.830535][ T5318] ? __pfx_do_truncate+0x10/0x10 [ 72.832855][ T5318] ? apparmor_file_truncate+0x297/0x350 [ 72.835419][ T5318] path_openat+0x2e1e/0x3590 [ 72.837091][ T5318] ? __pfx_path_openat+0x10/0x10 [ 72.838873][ T5318] do_filp_open+0x27f/0x4e0 [ 72.840503][ T5318] ? __pfx_do_filp_open+0x10/0x10 [ 72.842437][ T5318] ? do_raw_spin_lock+0x14f/0x370 [ 72.844282][ T5318] do_sys_openat2+0x13e/0x1d0 [ 72.845913][ T5318] ? __pfx_do_sys_openat2+0x10/0x10 [ 72.847762][ T5318] ? __rseq_handle_notify_resume+0x34d/0x14e0 [ 72.849933][ T5318] __x64_sys_creat+0x123/0x170 [ 72.851581][ T5318] ? __pfx___x64_sys_creat+0x10/0x10 [ 72.853300][ T5318] ? do_syscall_64+0x100/0x230 [ 72.854771][ T5318] ? do_syscall_64+0xb6/0x230 [ 72.856306][ T5318] do_syscall_64+0xf3/0x230 [ 72.857953][ T5318] ? clear_bhb_loop+0x35/0x90 [ 72.859463][ T5318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.861634][ T5318] RIP: 0033:0x7fdfc2385d19 [ 72.863249][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.869952][ T5318] RSP: 002b:00007fdfc3281038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 72.872945][ T5318] RAX: ffffffffffffffda RBX: 00007fdfc2575fa0 RCX: 00007fdfc2385d19 [ 72.875848][ T5318] RDX: 0000000000000000 RSI: 0000000000000028 RDI: 0000000020000300 [ 72.878724][ T5318] RBP: 00007fdfc2401a20 R08: 0000000000000000 R09: 0000000000000000 [ 72.881694][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.884685][ T5318] R13: 0000000000000000 R14: 00007fdfc2575fa0 R15: 00007ffd38cbc458 [ 72.887782][ T5318] [ 72.899491][ T5318] hfsplus: unable to mark blocks free: error -5 [ 72.902133][ T5318] hfsplus: can't free extent