./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor245912878 <...> Warning: Permanently added '10.128.1.221' (ED25519) to the list of known hosts. execve("./syz-executor245912878", ["./syz-executor245912878"], 0x7ffcc8078050 /* 10 vars */) = 0 brk(NULL) = 0x55555c255000 brk(0x55555c255d00) = 0x55555c255d00 arch_prctl(ARCH_SET_FS, 0x55555c255380) = 0 set_tid_address(0x55555c255650) = 5839 set_robust_list(0x55555c255660, 24) = 0 rseq(0x55555c255ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor245912878", 4096) = 27 getrandom("\x57\x28\x2b\x61\x2e\xa7\x79\x2a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555c255d00 brk(0x55555c276d00) = 0x55555c276d00 brk(0x55555c277000) = 0x55555c277000 mprotect(0x7f97619da000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 executing program write(1, "executing program\n", 18) = 18 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9759400000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 munmap(0x7f9759400000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file1", 0777) = 0 syzkaller login: [ 97.260553][ T5839] loop0: detected capacity change from 0 to 1024 mount("/dev/loop0", "./file1", "hfsplus", MS_NOATIME|MS_SILENT|MS_STRICTATIME, "") = 0 openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 chdir("./file1") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 4 [ 97.336628][ T5839] [ 97.339173][ T5839] ============================================ [ 97.345432][ T5839] WARNING: possible recursive locking detected [ 97.351640][ T5839] 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 Not tainted [ 97.359419][ T5839] -------------------------------------------- [ 97.365590][ T5839] syz-executor245/5839 is trying to acquire lock: [ 97.372123][ T5839] ffff888024c60108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 97.383505][ T5839] [ 97.383505][ T5839] but task is already holding lock: [ 97.391121][ T5839] ffff88807a138108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 97.402596][ T5839] [ 97.402596][ T5839] other info that might help us debug this: [ 97.410884][ T5839] Possible unsafe locking scenario: [ 97.410884][ T5839] [ 97.418356][ T5839] CPU0 [ 97.421761][ T5839] ---- [ 97.425074][ T5839] lock(&HFSPLUS_I(inode)->extents_lock); [ 97.431108][ T5839] lock(&HFSPLUS_I(inode)->extents_lock); [ 97.436958][ T5839] [ 97.436958][ T5839] *** DEADLOCK *** [ 97.436958][ T5839] [ 97.445744][ T5839] May be due to missing lock nesting notation [ 97.445744][ T5839] [ 97.454283][ T5839] 4 locks held by syz-executor245/5839: [ 97.460048][ T5839] #0: ffff888033aa4428 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x211/0xa90 [ 97.469338][ T5839] #1: ffff88807a1382f8 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: generic_file_write_iter+0xe3/0x540 [ 97.480935][ T5839] #2: ffff88807a138108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1fc/0x1990 [ 97.492870][ T5839] #3: ffff888033aa60b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x15a/0x1d0 [ 97.503304][ T5839] [ 97.503304][ T5839] stack backtrace: [ 97.509438][ T5839] CPU: 0 UID: 0 PID: 5839 Comm: syz-executor245 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) [ 97.509462][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 97.509481][ T5839] Call Trace: [ 97.509508][ T5839] [ 97.509516][ T5839] dump_stack_lvl+0x189/0x250 [ 97.509621][ T5839] ? __pfx_dump_stack_lvl+0x10/0x10 [ 97.509641][ T5839] ? __pfx__printk+0x10/0x10 [ 97.509663][ T5839] ? print_lock_name+0xde/0x100 [ 97.509685][ T5839] print_deadlock_bug+0x28b/0x2a0 [ 97.509709][ T5839] validate_chain+0x1a3f/0x2140 [ 97.509730][ T5839] ? rcu_is_watching+0x15/0xb0 [ 97.509748][ T5839] ? __kasan_check_byte+0x12/0x40 [ 97.509767][ T5839] ? rcu_is_watching+0x15/0xb0 [ 97.509785][ T5839] ? look_up_lock_class+0x74/0x170 [ 97.509815][ T5839] ? register_lock_class+0x51/0x320 [ 97.509844][ T5839] __lock_acquire+0xab9/0xd20 [ 97.509862][ T5839] ? hfsplus_file_extend+0x1fc/0x1990 [ 97.509884][ T5839] lock_acquire+0x120/0x360 [ 97.509899][ T5839] ? hfsplus_file_extend+0x1fc/0x1990 [ 97.509927][ T5839] __mutex_lock+0x182/0xe80 [ 97.509947][ T5839] ? hfsplus_file_extend+0x1fc/0x1990 [ 97.509970][ T5839] ? check_path+0x21/0x40 [ 97.509991][ T5839] ? hfsplus_file_extend+0x1fc/0x1990 [ 97.510014][ T5839] ? __pfx___mutex_lock+0x10/0x10 [ 97.510041][ T5839] hfsplus_file_extend+0x1fc/0x1990 [ 97.510069][ T5839] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 97.510090][ T5839] ? __mutex_trylock_common+0x153/0x260 [ 97.510112][ T5839] ? __pfx___mutex_trylock_common+0x10/0x10 [ 97.510135][ T5839] ? rcu_is_watching+0x15/0xb0 [ 97.510153][ T5839] ? trace_contention_end+0x39/0x120 [ 97.510175][ T5839] ? __mutex_lock+0x330/0xe80 [ 97.510194][ T5839] ? hfsplus_brec_find+0x191/0x500 [ 97.510214][ T5839] hfsplus_bmap_reserve+0x122/0x500 [ 97.510248][ T5839] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 97.510276][ T5839] __hfsplus_ext_cache_extent+0x89/0xe30 [ 97.510306][ T5839] hfsplus_file_extend+0x444/0x1990 [ 97.510329][ T5839] ? __x64_sys_pwrite64+0x193/0x220 [ 97.510346][ T5839] ? do_syscall_64+0xfa/0x3b0 [ 97.510366][ T5839] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.510389][ T5839] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 97.510421][ T5839] ? __lock_acquire+0xab9/0xd20 [ 97.510437][ T5839] hfsplus_get_block+0x411/0x1530 [ 97.510465][ T5839] ? __pfx_hfsplus_get_block+0x10/0x10 [ 97.510489][ T5839] ? do_raw_spin_unlock+0x122/0x240 [ 97.510515][ T5839] ? _raw_spin_unlock+0x28/0x50 [ 97.510533][ T5839] __block_write_begin_int+0x6b2/0x1900 [ 97.510585][ T5839] ? folio_add_lru+0x106/0x220 [ 97.510602][ T5839] ? __pfx_hfsplus_get_block+0x10/0x10 [ 97.510625][ T5839] ? __pfx___block_write_begin_int+0x10/0x10 [ 97.510653][ T5839] cont_write_begin+0x789/0xb50 [ 97.510682][ T5839] ? __pfx_cont_write_begin+0x10/0x10 [ 97.510708][ T5839] ? folio_unlock+0x101/0x160 [ 97.510736][ T5839] hfsplus_write_begin+0x66/0xb0 [ 97.510756][ T5839] ? __pfx_hfsplus_get_block+0x10/0x10 [ 97.510779][ T5839] cont_write_begin+0x2fa/0xb50 [ 97.510807][ T5839] ? __pfx_cont_write_begin+0x10/0x10 [ 97.510836][ T5839] hfsplus_write_begin+0x66/0xb0 [ 97.510856][ T5839] ? __pfx_hfsplus_get_block+0x10/0x10 [ 97.510880][ T5839] generic_perform_write+0x2c7/0x910 [ 97.510904][ T5839] ? __pfx_generic_perform_write+0x10/0x10 [ 97.510923][ T5839] ? file_update_time+0x416/0x490 [ 97.510948][ T5839] ? __generic_file_write_iter+0xf9/0x230 [ 97.510966][ T5839] ? generic_file_write_iter+0xfb/0x540 [ 97.510985][ T5839] generic_file_write_iter+0x10f/0x540 [ 97.511004][ T5839] ? lockdep_hardirqs_on+0x9c/0x150 [ 97.511022][ T5839] ? __pfx_generic_file_write_iter+0x10/0x10 [ 97.511042][ T5839] ? rcu_is_watching+0x15/0xb0 [ 97.511061][ T5839] ? trace_sched_exit_tp+0x38/0x120 [ 97.511092][ T5839] ? __lock_acquire+0xab9/0xd20 [ 97.511111][ T5839] ? rcu_read_lock_any_held+0xb3/0x120 [ 97.511132][ T5839] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 97.511159][ T5839] vfs_write+0x548/0xa90 [ 97.511175][ T5839] ? __pfx_generic_file_write_iter+0x10/0x10 [ 97.511194][ T5839] ? __pfx_vfs_write+0x10/0x10 [ 97.511211][ T5839] ? _raw_spin_unlock_irq+0x23/0x50 [ 97.511228][ T5839] ? _raw_spin_unlock_irq+0x2e/0x50 [ 97.511247][ T5839] __x64_sys_pwrite64+0x193/0x220 [ 97.511266][ T5839] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 97.511282][ T5839] ? rcu_is_watching+0x15/0xb0 [ 97.511305][ T5839] do_syscall_64+0xfa/0x3b0 [ 97.511326][ T5839] ? lockdep_hardirqs_on+0x9c/0x150 [ 97.511343][ T5839] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.511360][ T5839] ? clear_bhb_loop+0x60/0xb0 [ 97.511378][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.511395][ T5839] RIP: 0033:0x7f97619666f9 [ 97.511421][ T5839] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 97.511436][ T5839] RSP: 002b:00007fffe323afa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 97.511455][ T5839] RAX: ffffffffffffffda RBX: 0000200000000000 RCX: 00007f97619666f9 [ 97.511468][ T5839] RDX: 0000000000000001 RSI: 00002000000005c0 RDI: 0000000000000004 [ 97.511480][ T5839] RBP: 0031656c69662f2e R08: 0000000000000000 R09: 00000000000b15f8 pwrite64(4, "\"", 1, 327376) = 1 exit_group(0) = ? +++ exited with 0 +++ [ 97.511491][ T5839] R10: 000000000004fed0 R11: