program:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="250000000000000071117a00000000008510000002000000850000000504000095000000000000009500a50500000000"], &(0x7f0000000200)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000080)={[{@part={'part', 0x3d, 0x40}}, {@nodecompose}, {@part={'part', 0x3d, 0x7}}, {@part={'part', 0x3d, 0xc}}, {@uid}, {@barrier}, {@nls={'nls', 0x3d, 'macinuit'}}, {@gid={'gid', 0x3d, 0xee00}}]}, 0x3, 0x5f4, &(0x7f0000000640)="$eJzs3c9rHOcZB/DvrNay5YKzSewkLS0V9qElprZWmzg6FOqWUnQIJdBLLjkIex0Lr5UgbYoSSpH789r/IClFPvfUQ+nBkJ577VHQQw6F3nVzmdlZaW0rshQr2lXy+cC77zv7zrzzzOOZVzuzmA3wtbX4dk49SJHFy2+ul8tbm53e1mbn7rCd5HSSRtIcVClWkuLT5HoGJd8s36yHKz5vP+98/MbCZ+3795KiORirOVy/sd92B7NRl8wmmarroxrvxjOPV+wcYZmwS8PEwbg9fMLGYTZ/xusWmGSt5GySM/XngNSzQ2PMYT2zQ81yAAAAcEI9t53trOfcuOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk6RIpgZVVRrD9myK4e//T9fvpW6faA/GHQAAAAAAAAAAHIHvbmc76zk3XH5YVN/5X6wWzlev38gHWUs3q7mS9Syln35W007SGhloen2p319tP3XLItl4NITBlvPHcLAAAAAAAAAA8NX1myzufv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACToEimBlVVzg/brTSaSc4kmS7X20j+MWyfZA/GHQAAAAAcg+e2s531nBsuPyyqe/6Xqvv+M/kgK+lnOf300s3N6lnA4K6/sbXZ6W1tdu6W5clxf/y/Q4VRjZjBs4e99zxXrXFhZ4vF/Cy/yOXM5q2sZjm/zFL66WY2P61aSynSqp9etIZx7h3v9UeW3nparK9UkczkVpar2K7kRt5LLzfTqI6hWmf/Pd4rs1P8qHbAHN2s6/KI/lTXk6FVZeTUTkbm6tyX2Xh+/0wc8jx5fE/tNHaeQZ3/99Hn/Gxdl7n+w0TnfH7k7Htp/5wnF//znb/d7q3cuX1r7fLkHNIX9HgmOiOZePlrlYnpOhuDWfRws+XFattzWc7P815uppvXs5DXM5/X8lrmspBrI3m9cID5rXG4a+3S9+vGTJI/1vVkKPP6/EheR2e6VtU3+s4gS+XJ9MLR/xVofqtulPv4bV1Phscz0R45X17cPxN/fli+rvVW7qzeXnr/gPv7Xl2Xmf79RM3N5fnyQvmPVS09enaUfS/u2deu+s7v9DWe6Luw0/e0K3W6/gz35EjzVd/Le/Z1qr5XRvr2+pQDwITa/U777Ktnp2f+O/OvmU9mfjdze+bNMz85vXD629M59c/m36f+2rjf+GHxaj7Jr3fv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9u7cOP7iz1hj8D0Ot1VwfvfMUaf8lEhKFx0hrN+sqYlHiOrzHGSQk4Flf7d9+/uvbhRz9Yvrv0bvfd7kqn0742v3BtYf7a1VvLve7c4HXcYQJfgt0/+uOOBAAAAAAAAAAAADio4/jvBOM+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBkW3w7px6kSHvuyly5vLXZ6ZVl2N5ds5mkkaT4VVJ8mlzPoKQ1Mlzxeft55+M3Fj5r37+3O1ZzuH5jv+0OZqMumU0yVddHNd6NZx6v2DnCMmGXhomDcft/AAAA//9Shwfb")
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x2000, 0x12)
r3 = creat(&(0x7f0000000240)='./file1\x00', 0xd)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000007c0)={0x0, 0x1, 0x7ffff, 0xf})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r3, 0x4020aed2, &(0x7f0000000cc0)={0xdddd1000, 0x1000})
getdents64(r2, &(0x7f0000000100)=""/154, 0x9a)
unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file2\x00', 0x0)
getresgid(&(0x7f00000029c0), &(0x7f0000002a00), &(0x7f0000002a40)=<r4=>0x0)
setfsgid(r4)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@user_xattr}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00')
r5 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
unlinkat(r6, &(0x7f00000002c0)='./bus\x00', 0x200)
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x100)
r8 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, r9, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1, {0x0, <r10=>0xffffffffffffffff}}, './file1\x00'})
stat(&(0x7f0000000500)='./file2\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
getgroups(0x3, &(0x7f00000005c0)=[0xee01, 0xffffffffffffffff, <r12=>0xee00])
setxattr$system_posix_acl(&(0x7f00000001c0)='./file2\x00', &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000000c40)={{}, {0x1, 0x3}, [], {0x4, 0x1}, [{0x8, 0x1, r4}, {0x8, 0x1}, {0x8, 0x4, r7}, {0x8, 0x2, r9}, {0x8, 0x5, r10}, {0x8, 0x6, r11}, {0x8, 0x0, 0xee01}, {0x8, 0x2, 0xee00}, {0x8, 0x1, r12}, {0x8, 0x4}], {0x10, 0x4}, {0x20, 0x7}}, 0x74, 0x1)
r13 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="01000000000000000000010000002400018006000500224e0000060001000200000008000300ac1414aa0800060001000000"], 0x38}}, 0x0)

[   75.161359][ T5335] Bluetooth: hci0: command tx timeout
[   75.198506][ T5354] loop0: detected capacity change from 0 to 1024
[   75.277898][ T5354] 
[   75.279074][ T5354] ============================================
[   75.281779][ T5354] WARNING: possible recursive locking detected
[   75.284337][ T5354] syzkaller #0 Not tainted
[   75.286304][ T5354] --------------------------------------------
[   75.288834][ T5354] syz.0.0/5354 is trying to acquire lock:
[   75.291410][ T5354] ffff888052be1548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1530
[   75.296170][ T5354] 
[   75.296170][ T5354] but task is already holding lock:
[   75.299297][ T5354] ffff888052be2988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x294/0xb40
[   75.303933][ T5354] 
[   75.303933][ T5354] other info that might help us debug this:
[   75.307406][ T5354]  Possible unsafe locking scenario:
[   75.307406][ T5354] 
[   75.310600][ T5354]        CPU0
[   75.312120][ T5354]        ----
[   75.313567][ T5354]   lock(&HFSPLUS_I(inode)->extents_lock);
[   75.315987][ T5354]   lock(&HFSPLUS_I(inode)->extents_lock);
[   75.318419][ T5354] 
[   75.318419][ T5354]  *** DEADLOCK ***
[   75.318419][ T5354] 
[   75.321859][ T5354]  May be due to missing lock nesting notation
[   75.321859][ T5354] 
[   75.325471][ T5354] 4 locks held by syz.0.0/5354:
[   75.327659][ T5354]  #0: ffff888011fee428 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[   75.331713][ T5354]  #1: ffff888052be2b78 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: do_truncate+0x171/0x220
[   75.336428][ T5354]  #2: ffff888052be2988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x294/0xb40
[   75.341229][ T5354]  #3: ffff888052bd98f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_free+0xbe/0x550
[   75.345077][ T5354] 
[   75.345077][ T5354] stack backtrace:
[   75.347302][ T5354] CPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.347319][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.347327][ T5354] Call Trace:
[   75.347337][ T5354]  <TASK>
[   75.347343][ T5354]  dump_stack_lvl+0x189/0x250
[   75.347362][ T5354]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.347377][ T5354]  ? __pfx__printk+0x10/0x10
[   75.347393][ T5354]  ? print_lock_name+0xde/0x100
[   75.347408][ T5354]  print_deadlock_bug+0x28b/0x2a0
[   75.347420][ T5354]  validate_chain+0x1a3f/0x2140
[   75.347432][ T5354]  ? lock_release+0x4b/0x3e0
[   75.347450][ T5354]  ? look_up_lock_class+0x74/0x170
[   75.347505][ T5354]  ? register_lock_class+0x51/0x320
[   75.347522][ T5354]  __lock_acquire+0xab9/0xd20
[   75.347541][ T5354]  ? hfsplus_get_block+0x39e/0x1530
[   75.347553][ T5354]  lock_acquire+0x120/0x360
[   75.347568][ T5354]  ? hfsplus_get_block+0x39e/0x1530
[   75.347579][ T5354]  ? stack_trace_save+0x9c/0xe0
[   75.347593][ T5354]  ? __pfx_hlock_conflict+0x10/0x10
[   75.347606][ T5354]  __mutex_lock+0x187/0x1350
[   75.347619][ T5354]  ? hfsplus_get_block+0x39e/0x1530
[   75.347631][ T5354]  ? lockdep_unlock+0x89/0x120
[   75.347645][ T5354]  ? validate_chain+0x897/0x2140
[   75.347655][ T5354]  ? hfsplus_get_block+0x39e/0x1530
[   75.347667][ T5354]  ? __pfx___mutex_lock+0x10/0x10
[   75.347683][ T5354]  hfsplus_get_block+0x39e/0x1530
[   75.347697][ T5354]  ? __pfx_hfsplus_get_block+0x10/0x10
[   75.347707][ T5354]  ? do_raw_spin_unlock+0x4d/0x240
[   75.347720][ T5354]  ? _raw_spin_unlock+0x28/0x50
[   75.347737][ T5354]  block_read_full_folio+0x29c/0x830
[   75.347750][ T5354]  ? __pfx_hfsplus_get_block+0x10/0x10
[   75.347761][ T5354]  filemap_read_folio+0x114/0x380
[   75.347775][ T5354]  ? __pfx_hfsplus_read_folio+0x10/0x10
[   75.347783][ T5354]  ? __pfx_filemap_read_folio+0x10/0x10
[   75.347798][ T5354]  ? filemap_add_folio+0x1af/0x270
[   75.347818][ T5354]  do_read_cache_folio+0x350/0x590
[   75.347829][ T5354]  ? __pfx_hfsplus_read_folio+0x10/0x10
[   75.347839][ T5354]  read_cache_page+0x5d/0x170
[   75.347849][ T5354]  hfsplus_block_free+0x121/0x550
[   75.347864][ T5354]  hfsplus_free_extents+0x10d/0xa60
[   75.347875][ T5354]  hfsplus_file_truncate+0x736/0xb40
[   75.347887][ T5354]  ? __pfx_hfsplus_file_truncate+0x10/0x10
[   75.347898][ T5354]  ? unmap_mapping_range+0xde/0x170
[   75.347908][ T5354]  ? __pfx_unmap_mapping_range+0x10/0x10
[   75.347917][ T5354]  ? truncate_setsize+0xcf/0xf0
[   75.347928][ T5354]  hfsplus_setattr+0x1c4/0x270
[   75.347937][ T5354]  ? __pfx_hfsplus_setattr+0x10/0x10
[   75.347946][ T5354]  notify_change+0xb36/0xe40
[   75.347961][ T5354]  do_truncate+0x1a4/0x220
[   75.347972][ T5354]  ? __pfx_do_truncate+0x10/0x10
[   75.347984][ T5354]  ? apparmor_file_truncate+0x23e/0x2d0
[   75.348000][ T5354]  path_openat+0x306c/0x3830
[   75.348020][ T5354]  ? __pfx_path_openat+0x10/0x10
[   75.348030][ T5354]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.348043][ T5354]  do_filp_open+0x1fa/0x410
[   75.348052][ T5354]  ? __lock_acquire+0xab9/0xd20
[   75.348072][ T5354]  ? __pfx_do_filp_open+0x10/0x10
[   75.348086][ T5354]  ? _raw_spin_unlock+0x28/0x50
[   75.348101][ T5354]  ? alloc_fd+0x64c/0x6c0
[   75.348115][ T5354]  do_sys_openat2+0x121/0x1c0
[   75.348135][ T5354]  ? __pfx_do_sys_openat2+0x10/0x10
[   75.348151][ T5354]  ? rcu_is_watching+0x15/0xb0
[   75.348163][ T5354]  __x64_sys_creat+0x8f/0xc0
[   75.348173][ T5354]  do_syscall_64+0xfa/0x3b0
[   75.348184][ T5354]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.348196][ T5354]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.348211][ T5354]  ? clear_bhb_loop+0x60/0xb0
[   75.348228][ T5354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.348244][ T5354] RIP: 0033:0x7fcd1ad8eec9
[   75.348255][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.348263][ T5354] RSP: 002b:00007fcd1bb66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   75.348275][ T5354] RAX: ffffffffffffffda RBX: 00007fcd1afe5fa0 RCX: 00007fcd1ad8eec9
[   75.348282][ T5354] RDX: 0000000000000000 RSI: 000000000000000d RDI: 0000200000000240
[   75.348289][ T5354] RBP: 00007fcd1ae11f91 R08: 0000000000000000 R09: 0000000000000000
[   75.348295][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.348302][ T5354] R13: 00007fcd1afe6038 R14: 00007fcd1afe5fa0 R15: 00007ffcdba84178
[   75.348313][ T5354]  </TASK>
[   75.552366][ T5354] hfsplus: unable to mark blocks free: error -5
[   75.557444][ T5354] hfsplus: can't free extent