============================================ WARNING: possible recursive locking detected 4.14.304-syzkaller #0 Not tainted -------------------------------------------- syz-executor.5/10683 is trying to acquire lock: (&HFSPLUS_I(inode)->extents_lock){+.+.}, at: [] hfsplus_get_block+0x1f9/0x820 fs/hfsplus/extents.c:260 but task is already holding lock: (&HFSPLUS_I(inode)->extents_lock){+.+.}, at: [] hfsplus_file_extend+0x188/0xef0 fs/hfsplus/extents.c:452 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&HFSPLUS_I(inode)->extents_lock); lock(&HFSPLUS_I(inode)->extents_lock); *** DEADLOCK *** May be due to missing lock nesting notation 5 locks held by syz-executor.5/10683: #0: (&type->s_umount_key#54/1){+.+.}, at: [] alloc_super fs/super.c:251 [inline] #0: (&type->s_umount_key#54/1){+.+.}, at: [] sget_userns+0x556/0xc10 fs/super.c:516 #1: (&sbi->vh_mutex){+.+.}, at: [] hfsplus_fill_super+0x1314/0x1850 fs/hfsplus/super.c:553 #2: (&tree->tree_lock#2){+.+.}, at: [] hfsplus_find_init+0x1a8/0x220 fs/hfsplus/bfind.c:30 #3: (&HFSPLUS_I(inode)->extents_lock){+.+.}, at: [] hfsplus_file_extend+0x188/0xef0 fs/hfsplus/extents.c:452 #4: (&sbi->alloc_mutex){+.+.}, at: [] hfsplus_block_allocate+0xd2/0x910 fs/hfsplus/bitmap.c:35 stack backtrace: CPU: 1 PID: 10683 Comm: syz-executor.5 Not tainted 4.14.304-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 print_deadlock_bug kernel/locking/lockdep.c:1800 [inline] check_deadlock kernel/locking/lockdep.c:1847 [inline] validate_chain kernel/locking/lockdep.c:2448 [inline] __lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0xc4/0x1310 kernel/locking/mutex.c:893 hfsplus_get_block+0x1f9/0x820 fs/hfsplus/extents.c:260 block_read_full_page+0x25e/0x8d0 fs/buffer.c:2316 do_read_cache_page+0x38e/0xc10 mm/filemap.c:2713 read_mapping_page include/linux/pagemap.h:398 [inline] hfsplus_block_allocate+0x189/0x910 fs/hfsplus/bitmap.c:37 hfsplus_file_extend+0x421/0xef0 fs/hfsplus/extents.c:463 hfsplus_bmap_reserve+0x26e/0x410 fs/hfsplus/btree.c:357 hfsplus_create_cat+0x1af/0x10d0 fs/hfsplus/catalog.c:272 hfsplus_fill_super+0x1386/0x1850 fs/hfsplus/super.c:560 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2572 [inline] do_mount+0xe65/0x2a30 fs/namespace.c:2905 SYSC_mount fs/namespace.c:3121 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3098 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f2c545905fa RSP: 002b:00007f2c52b00f88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 000000000000061b RCX: 00007f2c545905fa RDX: 0000000020000600 RSI: 00000000200001c0 RDI: 00007f2c52b00fe0 RBP: 00007f2c52b01020 R08: 00007f2c52b01020 R09: 0000000001a00010 R10: 0000000001a00010 R11: 0000000000000202 R12: 0000000020000600 R13: 00000000200001c0 R14: 00007f2c52b00fe0 R15: 0000000020000140 print_req_error: I/O error, dev loop5, sector 0 EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue EXT4-fs error (device loop5): empty_inline_dir:1815: inode #12: block 4: comm syz-executor.5: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=46324, name_len=159, size=60 EXT4-fs warning (device loop5): empty_inline_dir:1818: bad inline directory (dir #12) - inode 13, rec_len 46324, name_len 159inline size 60 Zero length message leads to an empty skb netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. XFS (loop3): Mounting V4 Filesystem XFS (loop3): Ending clean mount netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. audit: type=1800 audit(1675539134.062:6): pid=10882 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.3" name=".log" dev="loop3" ino=41 res=0 XFS (loop3): Unmounting Filesystem netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.