./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4101881827

<...>
Warning: Permanently added '10.128.1.173' (ECDSA) to the list of known hosts.
execve("./syz-executor4101881827", ["./syz-executor4101881827"], 0x7ffe6dd868a0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555757000
brk(0x555555757c40)                     = 0x555555757c40
arch_prctl(ARCH_SET_FS, 0x555555757300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor4101881827", 4096) = 28
brk(0x555555778c40)                     = 0x555555778c40
brk(0x555555779000)                     = 0x555555779000
mprotect(0x7fb8ca759000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5004 attached
, child_tidptr=0x5555557575d0) = 5004
[pid  5004] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5004] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5004] setsid()                    = 1
[pid  5004] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5004] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5004] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5004] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5004] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5004] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5004] unshare(CLONE_NEWNS)        = 0
[pid  5004] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5004] unshare(CLONE_NEWIPC)       = 0
[pid  5004] unshare(CLONE_NEWCGROUP)    = 0
[pid  5004] unshare(CLONE_NEWUTS)       = 0
[pid  5004] unshare(CLONE_SYSVSEM)      = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "16777216", 8)     = 8
[pid  5004] close(3)                    = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "536870912", 9)    = 9
[pid  5004] close(3)                    = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "1024", 4)         = 4
[pid  5004] close(3)                    = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "8192", 4)         = 4
[pid  5004] close(3)                    = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "1024", 4)         = 4
[pid  5004] close(3)                    = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "1024", 4)         = 4
[pid  5004] close(3)                    = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5004] close(3)                    = 0
[pid  5004] getpid()                    = 1
[pid  5004] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5004] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5004] unshare(CLONE_NEWNET)       = 0
[pid  5004] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5004] write(3, "0 65535", 7)      = 7
[pid  5004] close(3)                    = 0
[pid  5004] mkdir("/dev/binderfs", 0777) = 0
[pid  5004] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5004] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5004] memfd_create("syzkaller", 0) = 3
[pid  5004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8c229e000
[pid  5004] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid  5004] munmap(0x7fb8c229e000, 524288) = 0
[pid  5004] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5004] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5004] close(3)                    = 0
[pid  5004] mkdir("./bus", 0777)        = 0
[   43.491641][ T5004] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5004 'syz-executor410'
[   43.508105][ T5004] loop0: detected capacity change from 0 to 1024
[   43.517496][ T5004] =======================================================
[   43.517496][ T5004] WARNING: The mand mount option has been deprecated and
[   43.517496][ T5004]          and is ignored by this kernel. Remove the mand
[pid  5004] mount("/dev/loop0", "./bus", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "") = 0
[pid  5004] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5004] chdir("./bus")              = 0
[pid  5004] ioctl(4, LOOP_CLR_FD)       = 0
[pid  5004] close(4)                    = 0
[pid  5004] creat("./bus", 000)         = 4
[pid  5004] write(4, "\x74\x68\x72\x65\x61\x64\x65\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 392007683) = 94208
[pid  5004] creat("./bus", 000)         = 5
[pid  5004] exit_group(1)               = ?
[   43.517496][ T5004]          option from the mount to silence this warning.
[   43.517496][ T5004] =======================================================
[   43.599576][   T52] 
[   43.601927][   T52] ============================================
[   43.608064][   T52] WARNING: possible recursive locking detected
[   43.614196][   T52] 6.4.0-rc6-syzkaller-00006-gfd37b884003c #0 Not tainted
[   43.621197][   T52] --------------------------------------------
[   43.627333][   T52] kworker/u4:3/52 is trying to acquire lock:
[   43.633285][   T52] ffff88807c4300b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfsplus_find_init+0x174/0x230
[   43.642931][   T52] 
[   43.642931][   T52] but task is already holding lock:
[   43.650265][   T52] ffff88807c4300b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfsplus_find_init+0x174/0x230
[   43.659894][   T52] 
[   43.659894][   T52] other info that might help us debug this:
[   43.667927][   T52]  Possible unsafe locking scenario:
[   43.667927][   T52] 
[   43.675360][   T52]        CPU0
[   43.678619][   T52]        ----
[   43.681876][   T52]   lock(&tree->tree_lock/1);
[   43.686542][   T52]   lock(&tree->tree_lock/1);
[   43.691229][   T52] 
[   43.691229][   T52]  *** DEADLOCK ***
[   43.691229][   T52] 
[   43.699351][   T52]  May be due to missing lock nesting notation
[   43.699351][   T52] 
[   43.707689][   T52] 5 locks held by kworker/u4:3/52:
[   43.712784][   T52]  #0: ffff888012ecb138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0
[   43.723393][   T52]  #1: ffffc90000bd7db0 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0
[   43.735212][   T52]  #2: ffff88807c41a988 (&hip->extents_lock){+.+.}-{3:3}, at: hfsplus_ext_write_extent+0x82/0x200
[   43.745812][   T52]  #3: ffff88807c4300b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfsplus_find_init+0x174/0x230
[   43.755897][   T52]  #4: ffff88807c418108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x1bf/0xf90
[   43.767274][   T52] 
[   43.767274][   T52] stack backtrace:
[   43.773141][   T52] CPU: 1 PID: 52 Comm: kworker/u4:3 Not tainted 6.4.0-rc6-syzkaller-00006-gfd37b884003c #0
[   43.783101][   T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   43.793140][   T52] Workqueue: writeback wb_workfn (flush-7:0)
[   43.799171][   T52] Call Trace:
[   43.802455][   T52]  <TASK>
[   43.805369][   T52]  dump_stack_lvl+0xd9/0x150
[   43.809954][   T52]  __lock_acquire+0x13eb/0x5f30
[   43.814818][   T52]  ? lockdep_hardirqs_on+0x7d/0x100
[   43.820032][   T52]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   43.826021][   T52]  ? __stack_depot_save+0x23b/0x510
[   43.831233][   T52]  lock_acquire+0x1b1/0x520
[   43.835733][   T52]  ? hfsplus_find_init+0x174/0x230
[   43.840842][   T52]  ? lock_sync+0x190/0x190
[   43.845274][   T52]  ? wb_writeback+0x294/0xa50
[   43.849944][   T52]  ? wb_workfn+0x2a5/0xfc0
[   43.854357][   T52]  __mutex_lock+0x12f/0x1350
[   43.858956][   T52]  ? hfsplus_find_init+0x174/0x230
[   43.864060][   T52]  ? __kmem_cache_alloc_node+0x48/0x320
[   43.869597][   T52]  ? hfsplus_find_init+0x174/0x230
[   43.874702][   T52]  ? mutex_lock_io_nested+0x11a0/0x11a0
[   43.880239][   T52]  ? __kmem_cache_alloc_node+0x1b0/0x320
[   43.885892][   T52]  ? hfsplus_find_init+0x95/0x230
[   43.890924][   T52]  ? rcu_is_watching+0x12/0xb0
[   43.895692][   T52]  hfsplus_find_init+0x174/0x230
[   43.900629][   T52]  hfsplus_ext_read_extent+0x185/0xae0
[   43.906115][   T52]  ? mutex_lock_io_nested+0x11a0/0x11a0
[   43.911665][   T52]  ? _raw_spin_unlock+0x28/0x40
[   43.916515][   T52]  ? hfsplus_free_extents+0x510/0x510
[   43.921885][   T52]  ? hfsplus_block_allocate+0x7e/0x8c0
[   43.927343][   T52]  ? rcu_is_watching+0x12/0xb0
[   43.932103][   T52]  ? __mark_inode_dirty+0x297/0xd60
[   43.937300][   T52]  hfsplus_file_extend+0x684/0xf90
[   43.942412][   T52]  ? hfsplus_free_fork+0x7d0/0x7d0
[   43.947513][   T52]  ? __mutex_lock+0x231/0x1350
[   43.952262][   T52]  ? hfsplus_find_init+0x174/0x230
[   43.957369][   T52]  ? hfsplus_brec_find+0x3ee/0x520
[   43.962478][   T52]  ? hfsplus_brec_remove+0x4f0/0x4f0
[   43.967758][   T52]  hfsplus_bmap_reserve+0x31c/0x410
[   43.972948][   T52]  __hfsplus_ext_write_extent+0x44b/0x5b0
[   43.978658][   T52]  hfsplus_ext_write_extent+0x1ba/0x200
[   43.984199][   T52]  ? hfsplus_ext_cmp_key+0x300/0x300
[   43.989477][   T52]  ? __writeback_single_inode+0x2e4/0xdb0
[   43.995190][   T52]  ? lock_downgrade+0x690/0x690
[   44.000120][   T52]  ? do_raw_spin_lock+0x124/0x2b0
[   44.005147][   T52]  hfsplus_write_inode+0x22/0x520
[   44.010165][   T52]  __writeback_single_inode+0x9f2/0xdb0
[   44.015705][   T52]  writeback_sb_inodes+0x54d/0xe70
[   44.020811][   T52]  ? sync_inode_metadata+0xe0/0xe0
[   44.025919][   T52]  ? rcu_is_watching+0x12/0xb0
[   44.030679][   T52]  ? queue_io+0x386/0x4e0
[   44.035004][   T52]  wb_writeback+0x294/0xa50
[   44.039503][   T52]  ? __writeback_inodes_wb+0x280/0x280
[   44.045125][   T52]  ? lock_downgrade+0x690/0x690
[   44.049968][   T52]  ? mark_held_locks+0x9f/0xe0
[   44.054721][   T52]  ? _raw_spin_unlock_irq+0x23/0x50
[   44.059922][   T52]  wb_workfn+0x2a5/0xfc0
[   44.064160][   T52]  ? inode_wait_for_writeback+0x40/0x40
[   44.069700][   T52]  ? lock_sync+0x190/0x190
[   44.074104][   T52]  ? lock_downgrade+0x690/0x690
[   44.078947][   T52]  ? _raw_spin_unlock_irq+0x23/0x50
[   44.084138][   T52]  process_one_work+0x99a/0x15e0
[   44.089068][   T52]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   44.094433][   T52]  ? spin_bug+0x1c0/0x1c0
[   44.098752][   T52]  ? _raw_spin_lock_irq+0x45/0x50
[   44.103770][   T52]  worker_thread+0x67d/0x10c0
[   44.108471][   T52]  ? process_one_work+0x15e0/0x15e0
[   44.113661][   T52]  kthread+0x344/0x440
[   44.117721][   T52]  ? kthread_complete_and_exit+0x40/0x40
[   44.123432][   T52]  ret_from_fork+0x1f/0x30
[   44.127846][   T52]  </TASK>