./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor803562923 <...> Warning: Permanently added '10.128.0.143' (ED25519) to the list of known hosts. execve("./syz-executor803562923", ["./syz-executor803562923"], 0x7ffdd6ea9e30 /* 10 vars */) = 0 brk(NULL) = 0x55558007c000 brk(0x55558007cd00) = 0x55558007cd00 arch_prctl(ARCH_SET_FS, 0x55558007c380) = 0 set_tid_address(0x55558007c650) = 5063 set_robust_list(0x55558007c660, 24) = 0 rseq(0x55558007cca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor803562923", 4096) = 27 getrandom("\xe9\x95\xc3\xd0\x19\x28\xe3\x05", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558007cd00 brk(0x55558009dd00) = 0x55558009dd00 brk(0x55558009e000) = 0x55558009e000 mprotect(0x7f8fc9e6c000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8fc1800000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7f8fc1800000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file0", 0777) = 0 [ 73.675326][ T5063] loop0: detected capacity change from 0 to 1024 mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) chdir("./file0") = 0 chdir("./file0") = 0 [ 73.771432][ T5063] [ 73.774629][ T5063] ============================================ [ 73.781157][ T5063] WARNING: possible recursive locking detected [ 73.788791][ T5063] 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted [ 73.796877][ T5063] -------------------------------------------- [ 73.803312][ T5063] syz-executor803/5063 is trying to acquire lock: [ 73.809743][ T5063] ffff888023cd9548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_get_block+0x383/0x14f0 [ 73.820970][ T5063] [ 73.820970][ T5063] but task is already holding lock: [ 73.828557][ T5063] ffff888023540e88 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2da/0xb50 [ 73.839724][ T5063] [ 73.839724][ T5063] other info that might help us debug this: [ 73.847811][ T5063] Possible unsafe locking scenario: [ 73.847811][ T5063] [ 73.855389][ T5063] CPU0 [ 73.858667][ T5063] ---- [ 73.862962][ T5063] lock(&HFSPLUS_I(inode)->extents_lock); [ 73.868974][ T5063] lock(&HFSPLUS_I(inode)->extents_lock); [ 73.875060][ T5063] [ 73.875060][ T5063] *** DEADLOCK *** [ 73.875060][ T5063] [ 73.884484][ T5063] May be due to missing lock nesting notation [ 73.884484][ T5063] [ 73.893227][ T5063] 4 locks held by syz-executor803/5063: [ 73.898777][ T5063] #0: ffff88802403c420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 73.908918][ T5063] #1: ffff888023541080 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: do_truncate+0x20c/0x310 [ 73.919656][ T5063] #2: ffff888023540e88 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2da/0xb50 [ 73.933258][ T5063] #3: ffff888019a888f8 (&sbi->alloc_mutex){+.+.}-{3:3}, at: hfsplus_block_free+0xbb/0x4e0 [ 73.944224][ T5063] [ 73.944224][ T5063] stack backtrace: [ 73.950232][ T5063] CPU: 1 PID: 5063 Comm: syz-executor803 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 73.960311][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 73.971430][ T5063] Call Trace: [ 73.974767][ T5063] [ 73.978195][ T5063] dump_stack_lvl+0x241/0x360 [ 73.982931][ T5063] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.989025][ T5063] ? print_deadlock_bug+0x479/0x620 [ 73.995021][ T5063] ? _find_first_zero_bit+0xd4/0x100 [ 74.000346][ T5063] validate_chain+0x15c1/0x58e0 [ 74.005323][ T5063] ? __pfx_stack_trace_save+0x10/0x10 [ 74.010813][ T5063] ? check_noncircular+0x259/0x4a0 [ 74.016307][ T5063] ? __pfx_validate_chain+0x10/0x10 [ 74.021709][ T5063] ? __pfx_check_noncircular+0x10/0x10 [ 74.028602][ T5063] ? lockdep_unlock+0x16a/0x300 [ 74.033506][ T5063] ? __pfx_lockdep_unlock+0x10/0x10 [ 74.038838][ T5063] ? add_lock_to_list+0x1de/0x2e0 [ 74.045102][ T5063] ? look_up_lock_class+0x77/0x160 [ 74.060325][ T5063] ? register_lock_class+0x102/0x980 [ 74.066074][ T5063] ? validate_chain+0x15a2/0x58e0 [ 74.071122][ T5063] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 74.077495][ T5063] ? __pfx_register_lock_class+0x10/0x10 [ 74.083348][ T5063] ? mark_lock+0x9a/0x350 [ 74.088245][ T5063] __lock_acquire+0x1346/0x1fd0 [ 74.093428][ T5063] lock_acquire+0x1e4/0x530 [ 74.097951][ T5063] ? hfsplus_get_block+0x383/0x14f0 [ 74.104402][ T5063] ? __pfx_lock_acquire+0x10/0x10 [ 74.109634][ T5063] ? __pfx___might_resched+0x10/0x10 [ 74.115716][ T5063] ? do_read_cache_page+0x30/0x200 [ 74.121036][ T5063] ? __pfx_register_lock_class+0x10/0x10 [ 74.126700][ T5063] ? hfsplus_setattr+0x1ce/0x280 [ 74.131768][ T5063] ? do_truncate+0x220/0x310 [ 74.136381][ T5063] ? path_openat+0x29fe/0x3240 [ 74.141354][ T5063] __mutex_lock+0x136/0xd70 [ 74.145968][ T5063] ? hfsplus_get_block+0x383/0x14f0 [ 74.151273][ T5063] ? hfsplus_get_block+0x383/0x14f0 [ 74.156513][ T5063] ? __pfx___mutex_lock+0x10/0x10 [ 74.161565][ T5063] hfsplus_get_block+0x383/0x14f0 [ 74.166646][ T5063] ? __pfx_hfsplus_get_block+0x10/0x10 [ 74.172163][ T5063] ? _raw_spin_unlock+0x28/0x50 [ 74.177054][ T5063] ? create_empty_buffers+0x53e/0x740 [ 74.182449][ T5063] block_read_full_folio+0x42e/0xe10 [ 74.187739][ T5063] ? __pfx_hfsplus_get_block+0x10/0x10 [ 74.193495][ T5063] ? __pfx_block_read_full_folio+0x10/0x10 [ 74.199390][ T5063] ? __pfx_lru_add_fn+0x10/0x10 [ 74.204285][ T5063] ? folio_add_lru+0x4b3/0x9e0 [ 74.209234][ T5063] ? folio_add_lru+0x27b/0x9e0 [ 74.214055][ T5063] filemap_read_folio+0x1a0/0x790 [ 74.219107][ T5063] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 74.224760][ T5063] ? __pfx_filemap_read_folio+0x10/0x10 [ 74.230805][ T5063] ? __filemap_get_folio+0x935/0xbc0 [ 74.236567][ T5063] do_read_cache_folio+0x134/0x820 [ 74.241771][ T5063] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 74.248127][ T5063] do_read_cache_page+0x30/0x200 [ 74.253186][ T5063] hfsplus_block_free+0x128/0x4e0 [ 74.258320][ T5063] ? __kmalloc+0x251/0x4a0 [ 74.263859][ T5063] hfsplus_free_extents+0x17a/0xae0 [ 74.269101][ T5063] hfsplus_file_truncate+0x7d0/0xb50 [ 74.275434][ T5063] ? __pfx_hfsplus_file_truncate+0x10/0x10 [ 74.281543][ T5063] ? unmap_mapping_range+0xf8/0x290 [ 74.286886][ T5063] ? __pfx_unmap_mapping_range+0x10/0x10 [ 74.293445][ T5063] ? setattr_prepare+0x1f5/0xb20 [ 74.298427][ T5063] ? truncate_setsize+0xcf/0xf0 [ 74.303484][ T5063] hfsplus_setattr+0x1ce/0x280 [ 74.308458][ T5063] ? __pfx_hfsplus_setattr+0x10/0x10 [ 74.314240][ T5063] notify_change+0xb9d/0xe70 [ 74.318945][ T5063] do_truncate+0x220/0x310 [ 74.323482][ T5063] ? __pfx_do_truncate+0x10/0x10 [ 74.328617][ T5063] path_openat+0x29fe/0x3240 [ 74.333334][ T5063] ? __pfx_path_openat+0x10/0x10 [ 74.338335][ T5063] do_filp_open+0x235/0x490 [ 74.342871][ T5063] ? __pfx_do_filp_open+0x10/0x10 [ 74.348008][ T5063] ? _raw_spin_unlock+0x28/0x50 [ 74.352978][ T5063] ? alloc_fd+0x59d/0x640 [ 74.357343][ T5063] do_sys_openat2+0x13e/0x1d0 [ 74.363520][ T5063] ? __pfx_do_sys_openat2+0x10/0x10 [ 74.369546][ T5063] ? _raw_spin_unlock_irq+0x2e/0x50 [ 74.375338][ T5063] ? ptrace_notify+0x279/0x380 [ 74.382075][ T5063] __x64_sys_creat+0x123/0x170 [ 74.388980][ T5063] ? __pfx___x64_sys_creat+0x10/0x10 [ 74.394663][ T5063] ? do_syscall_64+0x10a/0x240 [ 74.399943][ T5063] ? syscall_trace_enter+0x5f/0x150 [ 74.405470][ T5063] do_syscall_64+0xfb/0x240 [ 74.410200][ T5063] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 74.417001][ T5063] RIP: 0033:0x7f8fc9df9609 [ 74.421442][ T5063] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 74.441242][ T5063] RSP: 002b:00007ffccd6bdd58 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 74.449991][ T5063] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f8fc9df9609 [ 74.458262][ T5063] RDX: 00007f8fc9df9609 RSI: 000000000000010c RDI: 0000000020000000 [ 74.466621][ T5063] RBP: 00007f8fc9e6c610 R08: 0000000000000000 R09: 0000000000000000 creat("./file0", 0414) = 4 exit_group(0) = ? +++ exited with 0 +++ [ 74