Extracting prog: 1m40.83117948s
Minimizing prog: 8m4.765329479s
Simplifying prog options: 0s
Extracting C: 36.117897212s
Simplifying C: 8m14.615212475s
1 programs, timeouts [30s 6m0s]
extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x65c, &(0x7f0000000a40)="$eJzs3U9oHNcdB/DvrFb/XHCUxE5MCdTEkJaa2pKF06oXu6UUH0IJ6aHXCluOhddOkJQi+9Co/6895FpID7r1VOi1GNpem1uuOgYK7SEnQQ9bZnZ2vSutVFmWvVLy+Zin996+N++9+c3MjnaFmQBfWjcupvkoRW5cfGu9rP90c761tTk/WTe3kpTlRtLsZCnuJ80/JNfTSRnvG67Ya56Plhfe+fTzrc86tWadyv6NI9iLjTrlfJKxOk/ak4Pdxvceod3ec7ybvfEOq+hFpgzYhTLfeKoB4Wi0d+memf89yOZ7Xu/AyVF07pu7zCSnkkzVvwekfnc4ipv2SLn/AgAAcNJNHqDPC9vZznpOP4flAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBdG/fz/ok6Nbvl8iu7z/yfq11KXT5hioPZoZOsAAAAAAAAAgKPzte1sZz2nu/V2Uf3N//Wqcqb6+ZV8kNUsZSWXsp7FrGUtK5lLMtM30MT64traytwBtrwydMsrz2d/AQAAAAAAAODkuPYknX+ZG4///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdBkYx1siqd6ZZn0mgmmUoyUfbbSD7plk+yR6NeAAAAADwHL2xnO+s53a23i+oz/yvV5/6pfJD7Wcty1tLKUm5V3wV0PvU3tjbnW1ub8/fKtHvc7/172Gxjey2jGrHXYdjM56oe07md5eqVS7mZ99LKrTSqLUvnuuup09TgJL8o11Rc6ygOGKBbdV72/32dHw8zVUTGexGZrddWRuPFHZHYcYSGH50DzzSXRu+bnzM7Zxo8xgMxv3bA+U7Vebk/vx2I+ai/b9oZiSv12fdJec3sH/Pk63/500/utO7fvXN79eL4aNZ/dOpIbDTrSMz3XYevPkkkjs8FlcMdlNkqEmd79Rv5YX6cizmft9sfJvlZFrOWpZzPD6rSYoreGT2zf6SuD9Te/n8rmaiPS+cS3GNNWcnykDW9Xm17Osv5Ud7LrSzlzerflczl27maq1noO8Jn9193ddU3nuyqv/CNujCd5Hd13q/dbrcPNtTRGq/i+mJfXPvfc2eqtv5XHkfppYEoTfYPWhzyvbH51bpQzvGrOj8eOpH4cOAu0V3dy/ufL3+sDuxq6/7dlTuL7x9wvjfqvAzlb47Vnbk8X14qD9Zfs+vsKNteLtuys22uajvTa2vsajvbaxt6pa5051+oer8ydKQrVdurQ9vmq7ZzfW3Dft8C4Ng79c1TE9P/mv7n9MfTv56+M/3W1PcnvzP52kTG/z7+3ebs2BuN14o/5+P8/PHnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PBWHzy8u9hqLa3sU+g+YGe/Pk9bKOoH+TzDKU5o4cFRjDOW5HjsTl8hU8diGc+y0MyDh3f/849RL+NQRwf4gru8du/9y6sPHn5r+d7iu0vvLt0fv3p1YXbh6pvzl28vt5ZmOz9HvUrgWXh80x/1SgAAAAAAAAAAAICDeh7/nWDU+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcbDcupvkoReZmL82W9a3N+VaZuuUkRYpu70YyVebF35Lr6aTM9A1X7DXPR8sL73z6+dZnnVqzTlX/xn7bDTW+84WNOuV8krE6fwoD49186vGK3h6WAbvQDRyM2v8CAAD//4dVDFg=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
program crashed: possible deadlock in hfsplus_get_block
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x65c, &(0x7f0000000a40)="$eJzs3U9oHNcdB/DvrFb/XHCUxE5MCdTEkJaa2pKF06oXu6UUH0IJ6aHXCluOhddOkJQi+9Co/6895FpID7r1VOi1GNpem1uuOgYK7SEnQQ9bZnZ2vSutVFmWvVLy+Zin996+N++9+c3MjnaFmQBfWjcupvkoRW5cfGu9rP90c761tTk/WTe3kpTlRtLsZCnuJ80/JNfTSRnvG67Ya56Plhfe+fTzrc86tWadyv6NI9iLjTrlfJKxOk/ak4Pdxvceod3ec7ybvfEOq+hFpgzYhTLfeKoB4Wi0d+memf89yOZ7Xu/AyVF07pu7zCSnkkzVvwekfnc4ipv2SLn/AgAAcNJNHqDPC9vZznpOP4flAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBdG/fz/ok6Nbvl8iu7z/yfq11KXT5hioPZoZOsAAAAAAAAAgKPzte1sZz2nu/V2Uf3N//Wqcqb6+ZV8kNUsZSWXsp7FrGUtK5lLMtM30MT64traytwBtrwydMsrz2d/AQAAAAAAAODkuPYknX+ZG4///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdBkYx1siqd6ZZn0mgmmUoyUfbbSD7plk+yR6NeAAAAADwHL2xnO+s53a23i+oz/yvV5/6pfJD7Wcty1tLKUm5V3wV0PvU3tjbnW1ub8/fKtHvc7/172Gxjey2jGrHXYdjM56oe07md5eqVS7mZ99LKrTSqLUvnuuup09TgJL8o11Rc6ygOGKBbdV72/32dHw8zVUTGexGZrddWRuPFHZHYcYSGH50DzzSXRu+bnzM7Zxo8xgMxv3bA+U7Vebk/vx2I+ai/b9oZiSv12fdJec3sH/Pk63/500/utO7fvXN79eL4aNZ/dOpIbDTrSMz3XYevPkkkjs8FlcMdlNkqEmd79Rv5YX6cizmft9sfJvlZFrOWpZzPD6rSYoreGT2zf6SuD9Te/n8rmaiPS+cS3GNNWcnykDW9Xm17Osv5Ud7LrSzlzerflczl27maq1noO8Jn9193ddU3nuyqv/CNujCd5Hd13q/dbrcPNtTRGq/i+mJfXPvfc2eqtv5XHkfppYEoTfYPWhzyvbH51bpQzvGrOj8eOpH4cOAu0V3dy/ufL3+sDuxq6/7dlTuL7x9wvjfqvAzlb47Vnbk8X14qD9Zfs+vsKNteLtuys22uajvTa2vsajvbaxt6pa5051+oer8ydKQrVdurQ9vmq7ZzfW3Dft8C4Ng79c1TE9P/mv7n9MfTv56+M/3W1PcnvzP52kTG/z7+3ebs2BuN14o/5+P8/PHnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PBWHzy8u9hqLa3sU+g+YGe/Pk9bKOoH+TzDKU5o4cFRjDOW5HjsTl8hU8diGc+y0MyDh3f/849RL+NQRwf4gru8du/9y6sPHn5r+d7iu0vvLt0fv3p1YXbh6pvzl28vt5ZmOz9HvUrgWXh80x/1SgAAAAAAAAAAAICDeh7/nWDU+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcbDcupvkoReZmL82W9a3N+VaZuuUkRYpu70YyVebF35Lr6aTM9A1X7DXPR8sL73z6+dZnnVqzTlX/xn7bDTW+84WNOuV8krE6fwoD49186vGK3h6WAbvQDRyM2v8CAAD//4dVDFg=")
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
program did not crash
testing program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-move_mount
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x65c, &(0x7f0000000a40)="$eJzs3U9oHNcdB/DvrFb/XHCUxE5MCdTEkJaa2pKF06oXu6UUH0IJ6aHXCluOhddOkJQi+9Co/6895FpID7r1VOi1GNpem1uuOgYK7SEnQQ9bZnZ2vSutVFmWvVLy+Zin996+N++9+c3MjnaFmQBfWjcupvkoRW5cfGu9rP90c761tTk/WTe3kpTlRtLsZCnuJ80/JNfTSRnvG67Ya56Plhfe+fTzrc86tWadyv6NI9iLjTrlfJKxOk/ak4Pdxvceod3ec7ybvfEOq+hFpgzYhTLfeKoB4Wi0d+memf89yOZ7Xu/AyVF07pu7zCSnkkzVvwekfnc4ipv2SLn/AgAAcNJNHqDPC9vZznpOP4flAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBdG/fz/ok6Nbvl8iu7z/yfq11KXT5hioPZoZOsAAAAAAAAAgKPzte1sZz2nu/V2Uf3N//Wqcqb6+ZV8kNUsZSWXsp7FrGUtK5lLMtM30MT64traytwBtrwydMsrz2d/AQAAAAAAAODkuPYknX+ZG4///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdBkYx1siqd6ZZn0mgmmUoyUfbbSD7plk+yR6NeAAAAADwHL2xnO+s53a23i+oz/yvV5/6pfJD7Wcty1tLKUm5V3wV0PvU3tjbnW1ub8/fKtHvc7/172Gxjey2jGrHXYdjM56oe07md5eqVS7mZ99LKrTSqLUvnuuup09TgJL8o11Rc6ygOGKBbdV72/32dHw8zVUTGexGZrddWRuPFHZHYcYSGH50DzzSXRu+bnzM7Zxo8xgMxv3bA+U7Vebk/vx2I+ai/b9oZiSv12fdJec3sH/Pk63/500/utO7fvXN79eL4aNZ/dOpIbDTrSMz3XYevPkkkjs8FlcMdlNkqEmd79Rv5YX6cizmft9sfJvlZFrOWpZzPD6rSYoreGT2zf6SuD9Te/n8rmaiPS+cS3GNNWcnykDW9Xm17Osv5Ud7LrSzlzerflczl27maq1noO8Jn9193ddU3nuyqv/CNujCd5Hd13q/dbrcPNtTRGq/i+mJfXPvfc2eqtv5XHkfppYEoTfYPWhzyvbH51bpQzvGrOj8eOpH4cOAu0V3dy/ufL3+sDuxq6/7dlTuL7x9wvjfqvAzlb47Vnbk8X14qD9Zfs+vsKNteLtuys22uajvTa2vsajvbaxt6pa5051+oer8ydKQrVdurQ9vmq7ZzfW3Dft8C4Ng79c1TE9P/mv7n9MfTv56+M/3W1PcnvzP52kTG/z7+3ebs2BuN14o/5+P8/PHnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PBWHzy8u9hqLa3sU+g+YGe/Pk9bKOoH+TzDKU5o4cFRjDOW5HjsTl8hU8diGc+y0MyDh3f/849RL+NQRwf4gru8du/9y6sPHn5r+d7iu0vvLt0fv3p1YXbh6pvzl28vt5ZmOz9HvUrgWXh80x/1SgAAAAAAAAAAAICDeh7/nWDU+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcbDcupvkoReZmL82W9a3N+VaZuuUkRYpu70YyVebF35Lr6aTM9A1X7DXPR8sL73z6+dZnnVqzTlX/xn7bDTW+84WNOuV8krE6fwoD49186vGK3h6WAbvQDRyM2v8CAAD//4dVDFg=")
move_mount(0xffffffffffffffff, &(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
program did not crash
testing program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): open_tree-move_mount
detailed listing:
executing program 0:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
program did not crash
testing program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x65c, &(0x7f0000000a40)="$eJzs3U9oHNcdB/DvrFb/XHCUxE5MCdTEkJaa2pKF06oXu6UUH0IJ6aHXCluOhddOkJQi+9Co/6895FpID7r1VOi1GNpem1uuOgYK7SEnQQ9bZnZ2vSutVFmWvVLy+Zin996+N++9+c3MjnaFmQBfWjcupvkoRW5cfGu9rP90c761tTk/WTe3kpTlRtLsZCnuJ80/JNfTSRnvG67Ya56Plhfe+fTzrc86tWadyv6NI9iLjTrlfJKxOk/ak4Pdxvceod3ec7ybvfEOq+hFpgzYhTLfeKoB4Wi0d+memf89yOZ7Xu/AyVF07pu7zCSnkkzVvwekfnc4ipv2SLn/AgAAcNJNHqDPC9vZznpOP4flAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBdG/fz/ok6Nbvl8iu7z/yfq11KXT5hioPZoZOsAAAAAAAAAgKPzte1sZz2nu/V2Uf3N//Wqcqb6+ZV8kNUsZSWXsp7FrGUtK5lLMtM30MT64traytwBtrwydMsrz2d/AQAAAAAAAODkuPYknX+ZG4///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdBkYx1siqd6ZZn0mgmmUoyUfbbSD7plk+yR6NeAAAAADwHL2xnO+s53a23i+oz/yvV5/6pfJD7Wcty1tLKUm5V3wV0PvU3tjbnW1ub8/fKtHvc7/172Gxjey2jGrHXYdjM56oe07md5eqVS7mZ99LKrTSqLUvnuuup09TgJL8o11Rc6ygOGKBbdV72/32dHw8zVUTGexGZrddWRuPFHZHYcYSGH50DzzSXRu+bnzM7Zxo8xgMxv3bA+U7Vebk/vx2I+ai/b9oZiSv12fdJec3sH/Pk63/500/utO7fvXN79eL4aNZ/dOpIbDTrSMz3XYevPkkkjs8FlcMdlNkqEmd79Rv5YX6cizmft9sfJvlZFrOWpZzPD6rSYoreGT2zf6SuD9Te/n8rmaiPS+cS3GNNWcnykDW9Xm17Osv5Ud7LrSzlzerflczl27maq1noO8Jn9193ddU3nuyqv/CNujCd5Hd13q/dbrcPNtTRGq/i+mJfXPvfc2eqtv5XHkfppYEoTfYPWhzyvbH51bpQzvGrOj8eOpH4cOAu0V3dy/ufL3+sDuxq6/7dlTuL7x9wvjfqvAzlb47Vnbk8X14qD9Zfs+vsKNteLtuys22uajvTa2vsajvbaxt6pa5051+oer8ydKQrVdurQ9vmq7ZzfW3Dft8C4Ng79c1TE9P/mv7n9MfTv56+M/3W1PcnvzP52kTG/z7+3ebs2BuN14o/5+P8/PHnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PBWHzy8u9hqLa3sU+g+YGe/Pk9bKOoH+TzDKU5o4cFRjDOW5HjsTl8hU8diGc+y0MyDh3f/849RL+NQRwf4gru8du/9y6sPHn5r+d7iu0vvLt0fv3p1YXbh6pvzl28vt5ZmOz9HvUrgWXh80x/1SgAAAAAAAAAAAICDeh7/nWDU+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcbDcupvkoReZmL82W9a3N+VaZuuUkRYpu70YyVebF35Lr6aTM9A1X7DXPR8sL73z6+dZnnVqzTlX/xn7bDTW+84WNOuV8krE6fwoD49186vGK3h6WAbvQDRyM2v8CAAD//4dVDFg=")
r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
move_mount(r0, &(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
program did not crash
testing program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x65c, &(0x7f0000000a40)="$eJzs3U9oHNcdB/DvrFb/XHCUxE5MCdTEkJaa2pKF06oXu6UUH0IJ6aHXCluOhddOkJQi+9Co/6895FpID7r1VOi1GNpem1uuOgYK7SEnQQ9bZnZ2vSutVFmWvVLy+Zin996+N++9+c3MjnaFmQBfWjcupvkoRW5cfGu9rP90c761tTk/WTe3kpTlRtLsZCnuJ80/JNfTSRnvG67Ya56Plhfe+fTzrc86tWadyv6NI9iLjTrlfJKxOk/ak4Pdxvceod3ec7ybvfEOq+hFpgzYhTLfeKoB4Wi0d+memf89yOZ7Xu/AyVF07pu7zCSnkkzVvwekfnc4ipv2SLn/AgAAcNJNHqDPC9vZznpOP4flAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBdG/fz/ok6Nbvl8iu7z/yfq11KXT5hioPZoZOsAAAAAAAAAgKPzte1sZz2nu/V2Uf3N//Wqcqb6+ZV8kNUsZSWXsp7FrGUtK5lLMtM30MT64traytwBtrwydMsrz2d/AQAAAAAAAODkuPYknX+ZG4///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdBkYx1siqd6ZZn0mgmmUoyUfbbSD7plk+yR6NeAAAAADwHL2xnO+s53a23i+oz/yvV5/6pfJD7Wcty1tLKUm5V3wV0PvU3tjbnW1ub8/fKtHvc7/172Gxjey2jGrHXYdjM56oe07md5eqVS7mZ99LKrTSqLUvnuuup09TgJL8o11Rc6ygOGKBbdV72/32dHw8zVUTGexGZrddWRuPFHZHYcYSGH50DzzSXRu+bnzM7Zxo8xgMxv3bA+U7Vebk/vx2I+ai/b9oZiSv12fdJec3sH/Pk63/500/utO7fvXN79eL4aNZ/dOpIbDTrSMz3XYevPkkkjs8FlcMdlNkqEmd79Rv5YX6cizmft9sfJvlZFrOWpZzPD6rSYoreGT2zf6SuD9Te/n8rmaiPS+cS3GNNWcnykDW9Xm17Osv5Ud7LrSzlzerflczl27maq1noO8Jn9193ddU3nuyqv/CNujCd5Hd13q/dbrcPNtTRGq/i+mJfXPvfc2eqtv5XHkfppYEoTfYPWhzyvbH51bpQzvGrOj8eOpH4cOAu0V3dy/ufL3+sDuxq6/7dlTuL7x9wvjfqvAzlb47Vnbk8X14qD9Zfs+vsKNteLtuys22uajvTa2vsajvbaxt6pa5051+oer8ydKQrVdurQ9vmq7ZzfW3Dft8C4Ng79c1TE9P/mv7n9MfTv56+M/3W1PcnvzP52kTG/z7+3ebs2BuN14o/5+P8/PHnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PBWHzy8u9hqLa3sU+g+YGe/Pk9bKOoH+TzDKU5o4cFRjDOW5HjsTl8hU8diGc+y0MyDh3f/849RL+NQRwf4gru8du/9y6sPHn5r+d7iu0vvLt0fv3p1YXbh6pvzl28vt5ZmOz9HvUrgWXh80x/1SgAAAAAAAAAAAICDeh7/nWDU+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcbDcupvkoReZmL82W9a3N+VaZuuUkRYpu70YyVebF35Lr6aTM9A1X7DXPR8sL73z6+dZnnVqzTlX/xn7bDTW+84WNOuV8krE6fwoD49186vGK3h6WAbvQDRyM2v8CAAD//4dVDFg=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
program did not crash
testing program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
detailed listing:
executing program 0:
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x65c, &(0x7f0000000a40)="$eJzs3U9oHNcdB/DvrFb/XHCUxE5MCdTEkJaa2pKF06oXu6UUH0IJ6aHXCluOhddOkJQi+9Co/6895FpID7r1VOi1GNpem1uuOgYK7SEnQQ9bZnZ2vSutVFmWvVLy+Zin996+N++9+c3MjnaFmQBfWjcupvkoRW5cfGu9rP90c761tTk/WTe3kpTlRtLsZCnuJ80/JNfTSRnvG67Ya56Plhfe+fTzrc86tWadyv6NI9iLjTrlfJKxOk/ak4Pdxvceod3ec7ybvfEOq+hFpgzYhTLfeKoB4Wi0d+memf89yOZ7Xu/AyVF07pu7zCSnkkzVvwekfnc4ipv2SLn/AgAAcNJNHqDPC9vZznpOP4flAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBdG/fz/ok6Nbvl8iu7z/yfq11KXT5hioPZoZOsAAAAAAAAAgKPzte1sZz2nu/V2Uf3N//Wqcqb6+ZV8kNUsZSWXsp7FrGUtK5lLMtM30MT64traytwBtrwydMsrz2d/AQAAAAAAAODkuPYknX+ZG4///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMdBkYx1siqd6ZZn0mgmmUoyUfbbSD7plk+yR6NeAAAAADwHL2xnO+s53a23i+oz/yvV5/6pfJD7Wcty1tLKUm5V3wV0PvU3tjbnW1ub8/fKtHvc7/172Gxjey2jGrHXYdjM56oe07md5eqVS7mZ99LKrTSqLUvnuuup09TgJL8o11Rc6ygOGKBbdV72/32dHw8zVUTGexGZrddWRuPFHZHYcYSGH50DzzSXRu+bnzM7Zxo8xgMxv3bA+U7Vebk/vx2I+ai/b9oZiSv12fdJec3sH/Pk63/500/utO7fvXN79eL4aNZ/dOpIbDTrSMz3XYevPkkkjs8FlcMdlNkqEmd79Rv5YX6cizmft9sfJvlZFrOWpZzPD6rSYoreGT2zf6SuD9Te/n8rmaiPS+cS3GNNWcnykDW9Xm17Osv5Ud7LrSzlzerflczl27maq1noO8Jn9193ddU3nuyqv/CNujCd5Hd13q/dbrcPNtTRGq/i+mJfXPvfc2eqtv5XHkfppYEoTfYPWhzyvbH51bpQzvGrOj8eOpH4cOAu0V3dy/ufL3+sDuxq6/7dlTuL7x9wvjfqvAzlb47Vnbk8X14qD9Zfs+vsKNteLtuys22uajvTa2vsajvbaxt6pa5051+oer8ydKQrVdurQ9vmq7ZzfW3Dft8C4Ng79c1TE9P/mv7n9MfTv56+M/3W1PcnvzP52kTG/z7+3ebs2BuN14o/5+P8/PHnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PBWHzy8u9hqLa3sU+g+YGe/Pk9bKOoH+TzDKU5o4cFRjDOW5HjsTl8hU8diGc+y0MyDh3f/849RL+NQRwf4gru8du/9y6sPHn5r+d7iu0vvLt0fv3p1YXbh6pvzl28vt5ZmOz9HvUrgWXh80x/1SgAAAAAAAAAAAICDeh7/nWDU+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcbDcupvkoReZmL82W9a3N+VaZuuUkRYpu70YyVebF35Lr6aTM9A1X7DXPR8sL73z6+dZnnVqzTlX/xn7bDTW+84WNOuV8krE6fwoD49186vGK3h6WAbvQDRyM2v8CAAD//4dVDFg=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
program did not crash
extracting C reproducer
testing compiled C program (duration=59.9485812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
simplifying C reproducer
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program did not crash
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program did not crash
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
testing compiled C program (duration=59.9485812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$hfsplus-open_tree-move_mount
program crashed: possible deadlock in hfsplus_get_block
reproducing took 18m36.329630687s
repro crashed as (corrupted=false):
============================================
WARNING: possible recursive locking detected
6.12.0-rc1-syzkaller-00349-g8f602276d390 #0 Not tainted
--------------------------------------------
syz-executor318/5211 is trying to acquire lock:
ffff88802d731548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_get_block+0x383/0x14f0 fs/hfsplus/extents.c:260
but task is already holding lock:
ffff88802d7c0108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x30a/0xc70 fs/hfsplus/extents.c:577
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&HFSPLUS_I(inode)->extents_lock);
lock(&HFSPLUS_I(inode)->extents_lock);
*** DEADLOCK ***
May be due to missing lock nesting notation
6 locks held by syz-executor318/5211:
#0: ffff88802a03e420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515
#1: ffff88802d731df8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]
#1: ffff88802d731df8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_unlinkat+0x26a/0x830 fs/namei.c:4520
#2: ffff88802d7c02f8 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:815 [inline]
#2: ffff88802d7c02f8 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: vfs_unlink+0xe4/0x650 fs/namei.c:4458
#3: ffff88807fd1e998 (&sbi->vh_mutex){+.+.}-{3:3}, at: hfsplus_unlink+0x161/0x790 fs/hfsplus/dir.c:370
#4: ffff88802d7c0108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x30a/0xc70 fs/hfsplus/extents.c:577
#5: ffff88807fd1e8f8 (&sbi->alloc_mutex){+.+.}-{3:3}, at: hfsplus_block_free+0xbb/0x4e0 fs/hfsplus/bitmap.c:182
stack backtrace:
CPU: 0 UID: 0 PID: 5211 Comm: syz-executor318 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037
check_deadlock kernel/locking/lockdep.c:3089 [inline]
validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891
__lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__mutex_lock_common kernel/locking/mutex.c:608 [inline]
__mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
hfsplus_get_block+0x383/0x14f0 fs/hfsplus/extents.c:260
block_read_full_folio+0x418/0xcd0 fs/buffer.c:2401
filemap_read_folio+0x14b/0x630 mm/filemap.c:2367
do_read_cache_folio+0x3f5/0x850 mm/filemap.c:3825
do_read_cache_page+0x30/0x200 mm/filemap.c:3891
read_mapping_page include/linux/pagemap.h:1005 [inline]
hfsplus_block_free+0x128/0x4e0 fs/hfsplus/bitmap.c:185
hfsplus_free_extents+0x17a/0xae0 fs/hfsplus/extents.c:363
hfsplus_file_truncate+0x86c/0xc70 fs/hfsplus/extents.c:592
hfsplus_delete_inode+0x174/0x220
hfsplus_unlink+0x512/0x790 fs/hfsplus/dir.c:405
vfs_unlink+0x365/0x650 fs/namei.c:4469
do_unlinkat+0x4ae/0x830 fs/namei.c:4533
__do_sys_unlink fs/namei.c:4581 [inline]
__se_sys_unlink fs/namei.c:4579 [inline]
__x64_sys_unlink+0x47/0x50 fs/namei.c:4579
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4918482b17
Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffdd7863688 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4918482b17
RDX: 00007ffdd78636b0 RSI: 00007ffdd7863740 RDI: 00007ffdd7863740
RBP: 00007ffdd7863740 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdd7864830
R13: 000055557649a700 R14: 0000000000000001 R15: 431bde82d7b634db
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
final repro crashed as (corrupted=false):
============================================
WARNING: possible recursive locking detected
6.12.0-rc1-syzkaller-00349-g8f602276d390 #0 Not tainted
--------------------------------------------
syz-executor318/5211 is trying to acquire lock:
ffff88802d731548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_get_block+0x383/0x14f0 fs/hfsplus/extents.c:260
but task is already holding lock:
ffff88802d7c0108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x30a/0xc70 fs/hfsplus/extents.c:577
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&HFSPLUS_I(inode)->extents_lock);
lock(&HFSPLUS_I(inode)->extents_lock);
*** DEADLOCK ***
May be due to missing lock nesting notation
6 locks held by syz-executor318/5211:
#0: ffff88802a03e420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515
#1: ffff88802d731df8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]
#1: ffff88802d731df8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_unlinkat+0x26a/0x830 fs/namei.c:4520
#2: ffff88802d7c02f8 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:815 [inline]
#2: ffff88802d7c02f8 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: vfs_unlink+0xe4/0x650 fs/namei.c:4458
#3: ffff88807fd1e998 (&sbi->vh_mutex){+.+.}-{3:3}, at: hfsplus_unlink+0x161/0x790 fs/hfsplus/dir.c:370
#4: ffff88802d7c0108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x30a/0xc70 fs/hfsplus/extents.c:577
#5: ffff88807fd1e8f8 (&sbi->alloc_mutex){+.+.}-{3:3}, at: hfsplus_block_free+0xbb/0x4e0 fs/hfsplus/bitmap.c:182
stack backtrace:
CPU: 0 UID: 0 PID: 5211 Comm: syz-executor318 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037
check_deadlock kernel/locking/lockdep.c:3089 [inline]
validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891
__lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__mutex_lock_common kernel/locking/mutex.c:608 [inline]
__mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
hfsplus_get_block+0x383/0x14f0 fs/hfsplus/extents.c:260
block_read_full_folio+0x418/0xcd0 fs/buffer.c:2401
filemap_read_folio+0x14b/0x630 mm/filemap.c:2367
do_read_cache_folio+0x3f5/0x850 mm/filemap.c:3825
do_read_cache_page+0x30/0x200 mm/filemap.c:3891
read_mapping_page include/linux/pagemap.h:1005 [inline]
hfsplus_block_free+0x128/0x4e0 fs/hfsplus/bitmap.c:185
hfsplus_free_extents+0x17a/0xae0 fs/hfsplus/extents.c:363
hfsplus_file_truncate+0x86c/0xc70 fs/hfsplus/extents.c:592
hfsplus_delete_inode+0x174/0x220
hfsplus_unlink+0x512/0x790 fs/hfsplus/dir.c:405
vfs_unlink+0x365/0x650 fs/namei.c:4469
do_unlinkat+0x4ae/0x830 fs/namei.c:4533
__do_sys_unlink fs/namei.c:4581 [inline]
__se_sys_unlink fs/namei.c:4579 [inline]
__x64_sys_unlink+0x47/0x50 fs/namei.c:4579
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4918482b17
Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffdd7863688 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4918482b17
RDX: 00007ffdd78636b0 RSI: 00007ffdd7863740 RDI: 00007ffdd7863740
RBP: 00007ffdd7863740 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdd7864830
R13: 000055557649a700 R14: 0000000000000001 R15: 431bde82d7b634db
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent
hfsplus: unable to mark blocks free: error -5
hfsplus: can't free extent