./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor396225714
<...>
Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts.
execve("./syz-executor396225714", ["./syz-executor396225714"], 0x7fff7ab40cb0 /* 10 vars */) = 0
brk(NULL) = 0x55556d349000
brk(0x55556d349d00) = 0x55556d349d00
arch_prctl(ARCH_SET_FS, 0x55556d349380) = 0
set_tid_address(0x55556d349650) = 5088
set_robust_list(0x55556d349660, 24) = 0
rseq(0x55556d349ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor396225714", 4096) = 27
getrandom("\xc7\xbd\xcc\xe3\x2e\xdc\x4f\x08", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55556d349d00
brk(0x55556d36ad00) = 0x55556d36ad00
brk(0x55556d36b000) = 0x55556d36b000
mprotect(0x7fa9b3048000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5089 attached
, child_tidptr=0x55556d349650) = 5089
[pid 5089] set_robust_list(0x55556d349660, 24) = 0
[pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5089] setpgid(0, 0) = 0
[pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5089] write(3, "1000", 4) = 4
[pid 5089] close(3) = 0
[pid 5089] memfd_create("syzkaller", 0) = 3
[pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9aaa00000
[pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768
[pid 5089] munmap(0x7fa9aaa00000, 138412032) = 0
[pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5089] close(3) = 0
[pid 5089] close(4) = 0
[pid 5089] mkdir("./file2", 0777) = 0
[ 109.620703][ T5089] loop0: detected capacity change from 0 to 64
[pid 5089] mount("/dev/loop0", "./file2", "hfs", 0, "") = 0
[pid 5089] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY) = 3
[pid 5089] chdir("./file2") = 0
[pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5089] openat(AT_FDCWD, "./file2", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME|FASYNC, 000) = 4
[ 109.725082][ T5089]
[ 109.727431][ T5089] ============================================
[ 109.733573][ T5089] WARNING: possible recursive locking detected
[ 109.739739][ T5089] 6.9.0-rc6-syzkaller-00005-gb947cc5bf6d7 #0 Not tainted
[ 109.746777][ T5089] --------------------------------------------
[ 109.752919][ T5089] syz-executor396/5089 is trying to acquire lock:
[ 109.759325][ T5089] ffff8880234ce0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x183/0x220
[ 109.768724][ T5089]
[ 109.768724][ T5089] but task is already holding lock:
[ 109.776086][ T5089] ffff8880234ce0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x183/0x220
[ 109.785466][ T5089]
[ 109.785466][ T5089] other info that might help us debug this:
[ 109.793526][ T5089] Possible unsafe locking scenario:
[ 109.793526][ T5089]
[ 109.800974][ T5089] CPU0
[ 109.804278][ T5089] ----
[ 109.807555][ T5089] lock(&tree->tree_lock/1);
[ 109.812256][ T5089] lock(&tree->tree_lock/1);
[ 109.816954][ T5089]
[ 109.816954][ T5089] *** DEADLOCK ***
[ 109.816954][ T5089]
[ 109.825129][ T5089] May be due to missing lock nesting notation
[ 109.825129][ T5089]
[ 109.833532][ T5089] 5 locks held by syz-executor396/5089:
[ 109.839082][ T5089] #0: ffff8880234ca420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260
[ 109.848109][ T5089] #1: ffff88807c930fa8 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: generic_file_write_iter+0x92/0x350
[ 109.859496][ T5089] #2: ffff88807c930df8 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xa2/0xb10
[ 109.870179][ T5089] #3: ffff8880234ce0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x183/0x220
[ 109.879999][ T5089] #4: ffff8880233b80f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xa2/0xb10
[ 109.891212][ T5089]
[ 109.891212][ T5089] stack backtrace:
[ 109.897099][ T5089] CPU: 1 PID: 5089 Comm: syz-executor396 Not tainted 6.9.0-rc6-syzkaller-00005-gb947cc5bf6d7 #0
[ 109.907528][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 109.917597][ T5089] Call Trace:
[ 109.920884][ T5089]
[ 109.923820][ T5089] dump_stack_lvl+0x116/0x1f0
[ 109.928544][ T5089] __lock_acquire+0x20e6/0x3b30
[ 109.933427][ T5089] ? __pfx___lock_acquire+0x10/0x10
[ 109.938648][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 109.944315][ T5089] ? kasan_save_stack+0x42/0x60
[ 109.949193][ T5089] ? kasan_save_stack+0x33/0x60
[ 109.954065][ T5089] ? kasan_save_track+0x14/0x30
[ 109.959132][ T5089] ? __kasan_kmalloc+0xaa/0xb0
[ 109.963915][ T5089] ? __kmalloc+0x1f9/0x440
[ 109.968370][ T5089] lock_acquire+0x1b1/0x560
[ 109.972900][ T5089] ? hfs_find_init+0x183/0x220
[ 109.977694][ T5089] ? __pfx_lock_acquire+0x10/0x10
[ 109.982742][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 109.988400][ T5089] ? __pfx___might_resched+0x10/0x10
[ 109.993719][ T5089] __mutex_lock+0x175/0x9c0
[ 109.998343][ T5089] ? hfs_find_init+0x183/0x220
[ 110.003338][ T5089] ? hfs_find_init+0x183/0x220
[ 110.008133][ T5089] ? __pfx___mutex_lock+0x10/0x10
[ 110.013195][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.018851][ T5089] ? rcu_is_watching+0x12/0xc0
[ 110.023722][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.029377][ T5089] ? trace_kmalloc+0x2d/0xe0
[ 110.033985][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.039640][ T5089] ? __kmalloc+0x218/0x440
[ 110.044088][ T5089] ? hfs_find_init+0x183/0x220
[ 110.048878][ T5089] hfs_find_init+0x183/0x220
[ 110.053499][ T5089] hfs_ext_read_extent+0x19c/0x9e0
[ 110.058651][ T5089] ? __pfx___mutex_lock+0x10/0x10
[ 110.063712][ T5089] ? __pfx_hfs_ext_read_extent+0x10/0x10
[ 110.069386][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.075045][ T5089] ? do_raw_spin_unlock+0x172/0x230
[ 110.080280][ T5089] hfs_extend_file+0x4e4/0xb10
[ 110.085090][ T5089] ? __pfx_hfs_extend_file+0x10/0x10
[ 110.090410][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.096066][ T5089] ? __pfx___mutex_lock+0x10/0x10
[ 110.101129][ T5089] hfs_bmap_reserve+0x29c/0x380
[ 110.106019][ T5089] __hfs_ext_write_extent+0x3cf/0x520
[ 110.111430][ T5089] ? hfs_find_init+0x183/0x220
[ 110.116225][ T5089] hfs_ext_read_extent+0x809/0x9e0
[ 110.121387][ T5089] ? __pfx_hfs_ext_read_extent+0x10/0x10
[ 110.127065][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.132729][ T5089] hfs_extend_file+0x4e4/0xb10
[ 110.137535][ T5089] ? __pfx_hfs_extend_file+0x10/0x10
[ 110.142866][ T5089] hfs_get_block+0x17f/0x830
[ 110.147497][ T5089] ? __pfx_hfs_get_block+0x10/0x10
[ 110.152651][ T5089] __block_write_begin_int+0x4fe/0x16e0
[ 110.158246][ T5089] ? __pfx_hfs_get_block+0x10/0x10
[ 110.163398][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.169054][ T5089] ? __pfx___block_write_begin_int+0x10/0x10
[ 110.175168][ T5089] block_write_begin+0xb1/0x4a0
[ 110.180063][ T5089] ? __pfx_hfs_get_block+0x10/0x10
[ 110.185217][ T5089] cont_write_begin+0x53d/0x740
[ 110.190113][ T5089] ? __pfx_hfs_get_block+0x10/0x10
[ 110.195269][ T5089] ? __pfx_cont_write_begin+0x10/0x10
[ 110.200688][ T5089] ? fault_in_readable+0x150/0x200
[ 110.205847][ T5089] ? __pfx_fault_in_readable+0x10/0x10
[ 110.211331][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.216999][ T5089] hfs_write_begin+0x87/0x150
[ 110.221696][ T5089] ? __pfx_hfs_get_block+0x10/0x10
[ 110.226850][ T5089] generic_perform_write+0x275/0x620
[ 110.232163][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.237827][ T5089] ? __pfx_generic_perform_write+0x10/0x10
[ 110.243660][ T5089] ? __mark_inode_dirty+0x5c1/0xe70
[ 110.248881][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.254539][ T5089] ? generic_update_time+0xcf/0xf0
[ 110.259673][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.265328][ T5089] ? mnt_put_write_access_file+0x45/0xf0
[ 110.271003][ T5089] __generic_file_write_iter+0x1fd/0x240
[ 110.276674][ T5089] generic_file_write_iter+0xe7/0x350
[ 110.282084][ T5089] vfs_write+0x6de/0x1100
[ 110.286441][ T5089] ? __pfx_vfs_write+0x10/0x10
[ 110.291225][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.296883][ T5089] ? find_held_lock+0x2d/0x110
[ 110.301689][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.307348][ T5089] ? __fget_light+0x176/0x210
[ 110.312072][ T5089] ksys_write+0x12f/0x260
[ 110.316424][ T5089] ? __pfx_ksys_write+0x10/0x10
[ 110.321291][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.326955][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.332615][ T5089] ? _raw_spin_unlock_irq+0x2e/0x50
[ 110.337843][ T5089] ? srso_alias_return_thunk+0x5/0xfbef5
[ 110.343672][ T5089] ? ptrace_notify+0xf1/0x130
[ 110.348392][ T5089] do_syscall_64+0xcf/0x260
[ 110.352922][ T5089] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.358862][ T5089] RIP: 0033:0x7fa9b2fd4a99
[ 110.363288][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 110.382924][ T5089] RSP: 002b:00007fff5f96d858 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 110.391363][ T5089] RAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007fa9b2fd4a99
[ 110.399354][ T5089] RDX: 00000000000ffe00 RSI: 0000000020004200 RDI: 0000000000000004
[ 110.407337][ T5089] RBP: 00007fa9b30485f0 R08: 000055556d34a4c0 R09: 000055556d34a4c0
[ 110.415327][ T5089] R10: 00000000000002a0 R11: 0000000000000246 R12: 00007fff5f96d880
[ 110.423490][ T5089] R13: 00007fff5f96daa8 R14: 431bde82d7b634db R15: 00007fa9b301d03b
[ 110.431486][ T5089]
[pid 5089] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064
[pid 5088] kill(-5089, SIGKILL) = 0
[pid 5088] kill(5089, SIGKILL) = 0
[pid 5088] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid 5088] getdents64(3, 0x55556d34a6f0 /* 2 entries */, 32768) = 48
[pid 5088] getdents64(3, 0x55556d34a6f0 /* 0 entries */, 32768) = 0
[pid 5088] close(3) = 0