program: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xea) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000080)={[{@part={'part', 0x3d, 0x40}}, {@nodecompose}, {@part={'part', 0x3d, 0x7}}, {@part={'part', 0x3d, 0xc}}, {@uid}, {@barrier}, {@nls={'nls', 0x3d, 'macinuit'}}, {@gid={'gid', 0x3d, 0xee00}}]}, 0x3, 0x5f4, &(0x7f0000000640)="$eJzs3c9rHOcZB/DvrNay5YKzSewkLS0V9qElprZWmzg6FOqWUnQIJdBLLjkIex0Lr5UgbYoSSpH789r/IClFPvfUQ+nBkJ577VHQQw6F3nVzmdlZaW0rshQr2lXy+cC77zv7zrzzzOOZVzuzmA3wtbX4dk49SJHFy2+ul8tbm53e1mbn7rCd5HSSRtIcVClWkuLT5HoGJd8s36yHKz5vP+98/MbCZ+3795KiORirOVy/sd92B7NRl8wmmarroxrvxjOPV+wcYZmwS8PEwbg9fMLGYTZ/xusWmGSt5GySM/XngNSzQ2PMYT2zQ81yAAAAcEI9t53trOfcuOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk6RIpgZVVRrD9myK4e//T9fvpW6faA/GHQAAAAAAAAAAHIHvbmc76zk3XH5YVN/5X6wWzlev38gHWUs3q7mS9Syln35W007SGhloen2p319tP3XLItl4NITBlvPHcLAAAAAAAAAA8NX1myzufv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACToEimBlVVzg/brTSaSc4kmS7X20j+MWyfZA/GHQAAAAAcg+e2s531nBsuPyyqe/6Xqvv+M/kgK+lnOf300s3N6lnA4K6/sbXZ6W1tdu6W5clxf/y/Q4VRjZjBs4e99zxXrXFhZ4vF/Cy/yOXM5q2sZjm/zFL66WY2P61aSynSqp9etIZx7h3v9UeW3nparK9UkczkVpar2K7kRt5LLzfTqI6hWmf/Pd4rs1P8qHbAHN2s6/KI/lTXk6FVZeTUTkbm6tyX2Xh+/0wc8jx5fE/tNHaeQZ3/99Hn/Gxdl7n+w0TnfH7k7Htp/5wnF//znb/d7q3cuX1r7fLkHNIX9HgmOiOZePlrlYnpOhuDWfRws+XFattzWc7P815uppvXs5DXM5/X8lrmspBrI3m9cID5rXG4a+3S9+vGTJI/1vVkKPP6/EheR2e6VtU3+s4gS+XJ9MLR/xVofqtulPv4bV1Phscz0R45X17cPxN/fli+rvVW7qzeXnr/gPv7Xl2Xmf79RM3N5fnyQvmPVS09enaUfS/u2deu+s7v9DWe6Luw0/e0K3W6/gz35EjzVd/Le/Z1qr5XRvr2+pQDwITa/U777Ktnp2f+O/OvmU9mfjdze+bNMz85vXD629M59c/m36f+2rjf+GHxaj7Jr3fv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9u7cOP7iz1hj8D0Ot1VwfvfMUaf8lEhKFx0hrN+sqYlHiOrzHGSQk4Flf7d9+/uvbhRz9Yvrv0bvfd7kqn0742v3BtYf7a1VvLve7c4HXcYQJfgt0/+uOOBAAAAAAAAAAAADio4/jvBOM+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBkW3w7px6kSHvuyly5vLXZ6ZVl2N5ds5mkkaT4VVJ8mlzPoKQ1Mlzxeft55+M3Fj5r37+3O1ZzuH5jv+0OZqMumU0yVddHNd6NZx6v2DnCMmGXhomDcft/AAAA//9Shwfb") syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x8040, &(0x7f0000000b80)=ANY=[@ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRESHEX], 0xd3, 0x599, &(0x7f00000005c0)="$eJzs3cFvHFcZAPDvTbzOOk3abRISQgqyBBJREZHjpA7giBLqWkKKqNXEOXDCxE5qdWNHdoqSqoIcEFz4Hzj1AhKqBFyQOMCVA9wQqsQJccWgShUgEjST2Z3djcEO6429ze8nJTs7882bNyPb0vfem/cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj46qsXJ86k3a4FAAAAMEhfv/z6xGRP/j+2W5UBAAAABuKK/n8AAAAAAAAAGHYpsvh+pLhzaCMdLL4/VL+0vPLWnfmZ2c1PG0vFmfuK+Pxf/czk2XMvTZ3/Quvzf5+/007Ea5evXBx/ZfXmrbWl9fWlxfH5leVrq4tL2y6h3/N7vVg8gPGbb761eP36+vjk6bNdh+80/rL/mWON6S++evRSK3Z+Znb2ckfMSO3/vvojjPAAAAB4uo1GFucixZWTP02HIiKL/nPhLdoOBm0sGnn+XdzE/MxscSPN5YWV2/nBuVYi3OjOiUdbOfITyMX70og4nNd1VEYPAADA9tUii09FihP3N9KzEbGvlQd/rpgYcOsCGk+gkpsYiYgjEXEqhiBnBwAAgF22P7J4PVL8qtmI58q8usj/vxIxvduVAwAAAHbESGRxPlJ8ML2RGsV4gIh4cX5mdvzS1fGvrVxf7YidS2WP+rC/H/AkGZsAAADAHlCPLA4VPf4b6fnHPvsfDx48GEi1AAAAgB00Fln8M1J89uVvF/PKRTEv/XPTXzp4YbZzhrnjW5STx56OiJPbfCe/Vs41OJfmUsoeKe3ejtwcAAAAUKinLP4cKT78Y734fqrMzdPIbtcMAAAA2DEpi+9Fii/PbaTUsy79vo71/duG/d3/wdZ/rP7K6q27a8s33ri96fED9YvfWr+9tnBt88MP1y7sGg6x1TqGAAAAsA21lMXfI8Vvm++1885yDYByBECVaL57ocpN66nnaNFu8GzRbtB+h+CZycnO7U1T1seYH69RXndf/7cNAAAAT5WUshiNFJ/5zcfLtf8PxCN90GXc7yLFhdUXyrhsNBrVXPqN4v/69eXm0kQeOxMpft5sxUYeG/vL2CNV7Jk89td5uQvdsfUy9mgRGnnsZB57P1K8sbZ57Meqcs/msWuR4ic/Gm/FHshjD5axx6rY09dWm4sDe8AAAACwB9RSFr+IFD/813j7lf/u/v+qt/3dd6r+/kcm6Psvff799v83OvbdK9sh9pftFSNbtFe8FilOPP9C636KtoLWsIKHax1U7RV/ixRr3+iOHS1jD1exZ7b9YAEAAGAPaY3///3VX7aH3Jc5cPl18/z/E73zAw4o/+9ckzC/5vrdt99caDaX1oZp47sR0bUn7ZGK2XisjfyHcA9UY2c2yl+qe3ulPv1u9PVnEAAAngp5/n81Utz54P12f3eZ/5dD5av8/8PvVPn/dG9BA8r/D3fsmy7nG6iNRNRv37xVOx5RX7/79ueXby7cWLqxtHJ26qWpiamp8+cma6Otzv1qq+9nBQAAAMMqz/8nIsVff/Dj9vv52+n/P9Bb0IDy/yMd+/JrVp1++Z4/9Xv7AAAA8FTI8/+fRYo/nHyvPY9ed/7fMf//O9V79qc+/XC0QLt1YED5/9GOfY3iulFNOggAAAAAAAAAAAAAAAAAAAAfEbWUxb8jxfv1kVRO+L+t+f8Wewsa0Pv/xzr2LcaTWf+v74cKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQyqLLJYjxSePb6SX8x3fjDjY+QkAAAAMvf8EAAD//1T3HVY=") io_setup(0x1, &(0x7f00000004c0)=0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0) quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@filename='./file1\x00', 0xee01, &(0x7f0000000100)={0x15, 0x5, 0x10, 0x7, 0x9, 0x1, 0xffffffff7fffffff, 0x7fffffff}) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0xfffd, r2, &(0x7f00000000c0)='k', 0x1, 0x400a00}]) [ 85.540207][ T5338] Bluetooth: hci0: command tx timeout [ 85.615095][ T5362] loop0: detected capacity change from 0 to 1024 [ 85.693268][ T5362] [ 85.694406][ T5362] ============================================ [ 85.697044][ T5362] WARNING: possible recursive locking detected [ 85.699768][ T5362] syzkaller #0 Not tainted [ 85.701691][ T5362] -------------------------------------------- [ 85.704312][ T5362] syz.0.0/5362 is trying to acquire lock: [ 85.706774][ T5362] ffff888052df1548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1530 [ 85.711071][ T5362] [ 85.711071][ T5362] but task is already holding lock: [ 85.713942][ T5362] ffff888052df2988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 85.719001][ T5362] [ 85.719001][ T5362] other info that might help us debug this: [ 85.722280][ T5362] Possible unsafe locking scenario: [ 85.722280][ T5362] [ 85.725423][ T5362] CPU0 [ 85.726857][ T5362] ---- [ 85.728338][ T5362] lock(&HFSPLUS_I(inode)->extents_lock); [ 85.730830][ T5362] lock(&HFSPLUS_I(inode)->extents_lock); [ 85.733201][ T5362] [ 85.733201][ T5362] *** DEADLOCK *** [ 85.733201][ T5362] [ 85.736513][ T5362] May be due to missing lock nesting notation [ 85.736513][ T5362] [ 85.739889][ T5362] 3 locks held by syz.0.0/5362: [ 85.741789][ T5362] #0: ffff888052df2b78 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550 [ 85.746246][ T5362] #1: ffff888052df2988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 85.751170][ T5362] #2: ffff888052de28f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_allocate+0x94/0x9b0 [ 85.755593][ T5362] [ 85.755593][ T5362] stack backtrace: [ 85.758210][ T5362] CPU: 0 UID: 0 PID: 5362 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.758227][ T5362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.758235][ T5362] Call Trace: [ 85.758241][ T5362] [ 85.758248][ T5362] dump_stack_lvl+0x189/0x250 [ 85.758266][ T5362] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.758280][ T5362] ? __pfx__printk+0x10/0x10 [ 85.758295][ T5362] ? print_lock_name+0xde/0x100 [ 85.758312][ T5362] print_deadlock_bug+0x28b/0x2a0 [ 85.758325][ T5362] validate_chain+0x1a3f/0x2140 [ 85.758336][ T5362] ? lock_release+0x4b/0x3e0 [ 85.758352][ T5362] ? look_up_lock_class+0x74/0x170 [ 85.758411][ T5362] ? register_lock_class+0x51/0x320 [ 85.758428][ T5362] __lock_acquire+0xab9/0xd20 [ 85.758447][ T5362] ? hfsplus_get_block+0x39e/0x1530 [ 85.758458][ T5362] lock_acquire+0x120/0x360 [ 85.758472][ T5362] ? hfsplus_get_block+0x39e/0x1530 [ 85.758485][ T5362] ? stack_trace_save+0x9c/0xe0 [ 85.758499][ T5362] ? __pfx_hlock_conflict+0x10/0x10 [ 85.758512][ T5362] __mutex_lock+0x187/0x1350 [ 85.758526][ T5362] ? hfsplus_get_block+0x39e/0x1530 [ 85.758538][ T5362] ? lockdep_unlock+0x89/0x120 [ 85.758552][ T5362] ? validate_chain+0x897/0x2140 [ 85.758562][ T5362] ? hfsplus_get_block+0x39e/0x1530 [ 85.758575][ T5362] ? __pfx___mutex_lock+0x10/0x10 [ 85.758591][ T5362] hfsplus_get_block+0x39e/0x1530 [ 85.758607][ T5362] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.758619][ T5362] ? do_raw_spin_unlock+0x4d/0x240 [ 85.758659][ T5362] ? _raw_spin_unlock+0x28/0x50 [ 85.758684][ T5362] block_read_full_folio+0x29f/0x830 [ 85.758698][ T5362] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.758709][ T5362] filemap_read_folio+0x117/0x380 [ 85.758728][ T5362] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 85.758738][ T5362] ? __pfx_filemap_read_folio+0x10/0x10 [ 85.758754][ T5362] ? filemap_add_folio+0x1af/0x270 [ 85.758768][ T5362] do_read_cache_folio+0x350/0x590 [ 85.758778][ T5362] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 85.758789][ T5362] read_cache_page+0x5d/0x170 [ 85.758799][ T5362] hfsplus_block_allocate+0xe4/0x9b0 [ 85.758818][ T5362] hfsplus_file_extend+0xae3/0x1990 [ 85.758829][ T5362] ? __lock_acquire+0xab9/0xd20 [ 85.758847][ T5362] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 85.758858][ T5362] ? __lock_acquire+0xab9/0xd20 [ 85.758874][ T5362] ? unwind_next_frame+0xa5/0x2390 [ 85.758886][ T5362] ? rcu_is_watching+0x15/0xb0 [ 85.758895][ T5362] ? __kasan_check_byte+0x12/0x40 [ 85.758909][ T5362] ? unwind_next_frame+0xa5/0x2390 [ 85.758921][ T5362] ? unwind_next_frame+0xa5/0x2390 [ 85.758932][ T5362] ? rcu_is_watching+0x15/0xb0 [ 85.758941][ T5362] ? __kasan_check_byte+0x12/0x40 [ 85.758954][ T5362] ? rcu_is_watching+0x15/0xb0 [ 85.758963][ T5362] ? __kasan_check_byte+0x12/0x40 [ 85.758976][ T5362] hfsplus_get_block+0x411/0x1530 [ 85.758990][ T5362] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.758999][ T5362] ? folio_try_get+0x1c/0x340 [ 85.759015][ T5362] __block_write_begin_int+0x6b5/0x1900 [ 85.759028][ T5362] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.759040][ T5362] ? __pfx___block_write_begin_int+0x10/0x10 [ 85.759052][ T5362] cont_write_begin+0x789/0xb50 [ 85.759063][ T5362] ? ktime_get_coarse_real_ts64_mg+0x52/0x1e0 [ 85.759078][ T5362] ? __pfx_cont_write_begin+0x10/0x10 [ 85.759089][ T5362] ? set_normalized_timespec64+0xf0/0x1a0 [ 85.759105][ T5362] ? __pfx_set_normalized_timespec64+0x10/0x10 [ 85.759120][ T5362] hfsplus_write_begin+0x66/0xb0 [ 85.759130][ T5362] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.759141][ T5362] cont_write_begin+0x2fd/0xb50 [ 85.759154][ T5362] ? __pfx_cont_write_begin+0x10/0x10 [ 85.759163][ T5362] ? inode_set_ctime_current+0x277/0xb40 [ 85.759181][ T5362] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 85.759198][ T5362] hfsplus_write_begin+0x66/0xb0 [ 85.759207][ T5362] ? __pfx_hfsplus_get_block+0x10/0x10 [ 85.759217][ T5362] generic_perform_write+0x2c2/0x900 [ 85.759231][ T5362] ? __pfx_generic_perform_write+0x10/0x10 [ 85.759241][ T5362] ? file_update_time+0x416/0x490 [ 85.759252][ T5362] ? __generic_file_write_iter+0xf9/0x230 [ 85.759262][ T5362] ? generic_file_write_iter+0x103/0x550 [ 85.759273][ T5362] generic_file_write_iter+0x117/0x550 [ 85.759283][ T5362] ? __pfx_generic_file_write_iter+0x10/0x10 [ 85.759294][ T5362] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.759305][ T5362] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 85.759321][ T5362] ? __pfx_aa_file_perm+0x10/0x10 [ 85.759335][ T5362] ? __lock_acquire+0xab9/0xd20 [ 85.759354][ T5362] ? aio_write+0x4c4/0x7a0 [ 85.759371][ T5362] aio_write+0x535/0x7a0 [ 85.759387][ T5362] ? __pfx_aio_write+0x10/0x10 [ 85.759405][ T5362] ? __might_fault+0xb0/0x130 [ 85.759420][ T5362] io_submit_one+0x78b/0x1310 [ 85.759439][ T5362] ? __pfx_io_submit_one+0x10/0x10 [ 85.759454][ T5362] ? __might_fault+0xb0/0x130 [ 85.759468][ T5362] ? __might_fault+0xb0/0x130 [ 85.759480][ T5362] __se_sys_io_submit+0x185/0x2f0 [ 85.759495][ T5362] ? __pfx___se_sys_io_submit+0x10/0x10 [ 85.759511][ T5362] ? do_syscall_64+0xbe/0x3b0 [ 85.759523][ T5362] do_syscall_64+0xfa/0x3b0 [ 85.759534][ T5362] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.759543][ T5362] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.759554][ T5362] ? clear_bhb_loop+0x60/0xb0 [ 85.759565][ T5362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.759576][ T5362] RIP: 0033:0x7fc7e5b8eec9 [ 85.759588][ T5362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.759597][ T5362] RSP: 002b:00007fc7e6965038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 85.759609][ T5362] RAX: ffffffffffffffda RBX: 00007fc7e5de5fa0 RCX: 00007fc7e5b8eec9 [ 85.759617][ T5362] RDX: 0000200000000200 RSI: 0000000000000001 RDI: 00007fc7e6923000 [ 85.759625][ T5362] RBP: 00007fc7e5c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 85.759632][ T5362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.759640][ T5362] R13: 00007fc7e5de6038 R14: 00007fc7e5de5fa0 R15: 00007ffd6a7ecaa8 [ 85.759652][ T5362]