INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.32' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   34.696838] hfs: unable to locate alternate MDB
[   34.701651] hfs: continuing without an alternate MDB
[   34.708084] 
[   34.709704] ============================================
[   34.715126] WARNING: possible recursive locking detected
[   34.720551] 4.17.0-rc1+ #9 Not tainted
[   34.724413] --------------------------------------------
[   34.729836] syzkaller905163/4505 is trying to acquire lock:
[   34.735518] 00000000cf71528f (&tree->tree_lock){+.+.}, at: hfs_find_init+0x11c/0x180
[   34.743397] 
[   34.743397] but task is already holding lock:
[   34.749343] 000000007d108cde (&tree->tree_lock){+.+.}, at: hfs_find_init+0x11c/0x180
[   34.757207] 
[   34.757207] other info that might help us debug this:
[   34.763844]  Possible unsafe locking scenario:
[   34.763844] 
[   34.769876]        CPU0
[   34.772430]        ----
[   34.774983]   lock(&tree->tree_lock);
[   34.778756]   lock(&tree->tree_lock);
[   34.782546] 
[   34.782546]  *** DEADLOCK ***
[   34.782546] 
[   34.788585]  May be due to missing lock nesting notation
[   34.788585] 
[   34.795488] 3 locks held by syzkaller905163/4505:
[   34.800302]  #0: 000000005253f77a (&type->s_umount_key#36/1){+.+.}, at: sget_userns+0x2dd/0xf20
[   34.809134]  #1: 000000007d108cde (&tree->tree_lock){+.+.}, at: hfs_find_init+0x11c/0x180
[   34.817436]  #2: 00000000d9af4d52 (&HFS_I(tree->inode)->extents_lock){+.+.}, at: hfs_get_block+0x56c/0x850
[   34.827215] 
[   34.827215] stack backtrace:
[   34.831692] CPU: 1 PID: 4505 Comm: syzkaller905163 Not tainted 4.17.0-rc1+ #9
[   34.838945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.848273] Call Trace:
[   34.850844]  dump_stack+0x1b9/0x294
[   34.854450]  ? dump_stack_print_info.cold.2+0x52/0x52
[   34.859632]  ? print_lock+0xd1/0xd6
[   34.863258]  ? vprintk_func+0x81/0xe7
[   34.867046]  __lock_acquire.cold.62+0x18c/0x55b
[   34.871700]  ? trace_hardirqs_off+0x10/0x10
[   34.876015]  ? debug_check_no_locks_freed+0x310/0x310
[   34.881183]  ? debug_check_no_locks_freed+0x310/0x310
[   34.886350]  ? kasan_check_read+0x11/0x20
[   34.890476]  ? rcu_is_watching+0x85/0x140
[   34.894608]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   34.899780]  ? is_bpf_text_address+0xd7/0x170
[   34.904256]  ? kernel_text_address+0x79/0xf0
[   34.908642]  ? __unwind_start+0x166/0x330
[   34.912765]  ? __kernel_text_address+0xd/0x40
[   34.917238]  ? graph_lock+0x170/0x170
[   34.921016]  ? __save_stack_trace+0x7e/0xd0
[   34.925313]  ? graph_lock+0x170/0x170
[   34.929089]  ? graph_lock+0x170/0x170
[   34.932865]  ? find_held_lock+0x36/0x1c0
[   34.936918]  lock_acquire+0x1dc/0x520
[   34.940699]  ? hfs_find_init+0x11c/0x180
[   34.944744]  ? lock_release+0xa10/0xa10
[   34.948697]  ? check_same_owner+0x320/0x320
[   34.952999]  ? rcu_note_context_switch+0x710/0x710
[   34.957909]  ? __might_sleep+0x95/0x190
[   34.961862]  ? hfs_find_init+0x11c/0x180
[   34.965904]  __mutex_lock+0x16d/0x17f0
[   34.969766]  ? hfs_find_init+0x11c/0x180
[   34.973804]  ? mark_held_locks+0xc9/0x160
[   34.977937]  ? do_raw_spin_trylock+0x1b0/0x1b0
[   34.983129]  ? hfs_find_init+0x11c/0x180
[   34.987179]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   34.992173]  ? mutex_trylock+0x2a0/0x2a0
[   34.996209]  ? trace_hardirqs_on+0xd/0x10
[   35.000334]  ? depot_save_stack+0x26b/0x450
[   35.004631]  ? save_stack+0xa9/0xd0
[   35.008234]  ? save_stack+0x43/0xd0
[   35.011837]  ? kasan_kmalloc+0xc4/0xe0
[   35.015699]  ? __kmalloc+0x14e/0x760
[   35.019389]  ? hfs_find_init+0x99/0x180
[   35.023350]  ? hfs_ext_read_extent+0x1b9/0xc20
[   35.027907]  ? hfs_get_block+0x578/0x850
[   35.031943]  ? block_read_full_page+0x2c7/0xab0
[   35.036594]  ? hfs_readpage+0x1c/0x20
[   35.040373]  ? do_read_cache_page+0x778/0x13b0
[   35.044930]  ? read_cache_page+0x61/0x80
[   35.048963]  ? __hfs_bnode_create+0x601/0x9f0
[   35.053449]  ? hfs_bnode_find+0x2b8/0xb80
[   35.057573]  ? hfs_brec_find+0x2f3/0x5b0
[   35.061610]  ? hfs_brec_read+0x27/0x120
[   35.065567]  ? hfs_cat_find_brec+0x14a/0x400
[   35.069956]  ? hfs_fill_super+0x11f4/0x18c0
[   35.074262]  ? mount_bdev+0x30c/0x3e0
[   35.078046]  ? hfs_mount+0x34/0x40
[   35.081563]  ? mount_fs+0xae/0x328
[   35.085076]  ? vfs_kern_mount.part.34+0xd4/0x4d0
[   35.089807]  ? do_mount+0x564/0x3070
[   35.093494]  ? ksys_mount+0x12d/0x140
[   35.097268]  ? __x64_sys_mount+0xbe/0x150
[   35.101391]  ? do_syscall_64+0x1b1/0x800
[   35.105430]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   35.110771]  ? print_usage_bug+0xc0/0xc0
[   35.114814]  ? graph_lock+0x170/0x170
[   35.118597]  ? __lock_is_held+0xb5/0x140
[   35.122633]  ? __lock_is_held+0xb5/0x140
[   35.126677]  ? rcu_read_lock_sched_held+0x108/0x120
[   35.131668]  ? __kmalloc+0x5f9/0x760
[   35.135366]  mutex_lock_nested+0x16/0x20
[   35.139404]  ? mutex_lock_nested+0x16/0x20
[   35.143615]  hfs_find_init+0x11c/0x180
[   35.147479]  hfs_ext_read_extent+0x1b9/0xc20
[   35.151866]  ? __hfs_ext_write_extent+0x4f0/0x4f0
[   35.156687]  hfs_get_block+0x578/0x850
[   35.160555]  block_read_full_page+0x2c7/0xab0
[   35.165027]  ? hfs_extend_file+0xd10/0xd10
[   35.169242]  ? __bread_gfp+0x310/0x310
[   35.173108]  ? alloc_pages_current+0x114/0x210
[   35.177666]  ? __page_cache_alloc+0x161/0x5a0
[   35.182141]  ? graph_lock+0x170/0x170
[   35.185927]  ? __filemap_set_wb_err+0x3a0/0x3a0
[   35.190574]  hfs_readpage+0x1c/0x20
[   35.194193]  do_read_cache_page+0x778/0x13b0
[   35.198581]  ? hfs_bmap+0x30/0x30
[   35.202013]  ? pagecache_get_page+0xe20/0xe20
[   35.206484]  ? debug_check_no_locks_freed+0x310/0x310
[   35.211648]  ? mark_held_locks+0xc9/0x160
[   35.215784]  ? do_raw_spin_trylock+0x1b0/0x1b0
[   35.220356]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[   35.225435]  ? trace_hardirqs_on+0xd/0x10
[   35.229576]  ? depot_save_stack+0x26b/0x450
[   35.233876]  ? save_stack+0xa9/0xd0
[   35.237482]  ? save_stack+0x43/0xd0
[   35.241086]  ? kasan_kmalloc+0xc4/0xe0
[   35.244949]  ? __kmalloc+0x14e/0x760
[   35.248639]  ? __hfs_bnode_create+0x127/0x9f0
[   35.253113]  ? hfs_bnode_find+0x2b8/0xb80
[   35.257251]  ? hfs_brec_find+0x2f3/0x5b0
[   35.261287]  ? hfs_brec_read+0x27/0x120
[   35.265236]  ? hfs_cat_find_brec+0x14a/0x400
[   35.269619]  ? hfs_fill_super+0x11f4/0x18c0
[   35.273929]  ? mount_bdev+0x30c/0x3e0
[   35.277719]  ? print_usage_bug+0xc0/0xc0
[   35.281760]  ? do_mount+0x564/0x3070
[   35.285452]  ? ksys_mount+0x12d/0x140
[   35.289229]  ? graph_lock+0x170/0x170
[   35.293004]  ? find_held_lock+0x36/0x1c0
[   35.297040]  ? print_usage_bug+0xc0/0xc0
[   35.301074]  ? graph_lock+0x170/0x170
[   35.304848]  ? __lock_is_held+0xb5/0x140
[   35.308884]  ? find_held_lock+0x36/0x1c0
[   35.312924]  ? lock_downgrade+0x8e0/0x8e0
[   35.317056]  ? __lockdep_init_map+0x105/0x590
[   35.321529]  ? kasan_check_read+0x11/0x20
[   35.325655]  ? do_raw_spin_unlock+0x9e/0x2e0
[   35.330037]  ? do_raw_spin_trylock+0x1b0/0x1b0
[   35.334597]  ? kasan_check_write+0x14/0x20
[   35.338806]  ? hfs_bmap+0x30/0x30
[   35.342237]  read_cache_page+0x61/0x80
[   35.346105]  __hfs_bnode_create+0x601/0x9f0
[   35.350403]  ? hfs_bnode_findhash+0x1a0/0x1a0
[   35.354876]  ? lock_downgrade+0x8e0/0x8e0
[   35.359005]  ? kasan_check_read+0x11/0x20
[   35.363129]  ? do_raw_spin_unlock+0x9e/0x2e0
[   35.367523]  ? do_raw_spin_trylock+0x1b0/0x1b0
[   35.372081]  ? kasan_check_write+0x14/0x20
[   35.376292]  ? do_raw_spin_lock+0xc1/0x200
[   35.380507]  hfs_bnode_find+0x2b8/0xb80
[   35.384461]  ? mutex_trylock+0x2a0/0x2a0
[   35.388501]  ? trace_hardirqs_on+0xd/0x10
[   35.392632]  ? hfs_bnode_put.part.3+0x340/0x340
[   35.397286]  ? save_stack+0xa9/0xd0
[   35.400889]  ? save_stack+0x43/0xd0
[   35.404507]  ? kasan_kmalloc+0xc4/0xe0
[   35.408371]  ? __kmalloc+0x14e/0x760
[   35.412062]  ? hfs_find_init+0x99/0x180
[   35.416023]  ? hfs_fill_super+0x11ce/0x18c0
[   35.420333]  ? mount_bdev+0x30c/0x3e0
[   35.424111]  ? mount_fs+0xae/0x328
[   35.427634]  ? vfs_kern_mount.part.34+0xd4/0x4d0
[   35.432379]  ? do_mount+0x564/0x3070
[   35.436074]  ? ksys_mount+0x12d/0x140
[   35.439856]  ? __x64_sys_mount+0xbe/0x150
[   35.443980]  ? do_syscall_64+0x1b1/0x800
[   35.448018]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   35.453356]  ? find_held_lock+0x36/0x1c0
[   35.457395]  ? print_usage_bug+0xc0/0xc0
[   35.461432]  hfs_brec_find+0x2f3/0x5b0
[   35.465297]  ? __hfs_brec_find+0x5b0/0x5b0
[   35.469510]  hfs_brec_read+0x27/0x120
[   35.473288]  hfs_cat_find_brec+0x14a/0x400
[   35.477517]  ? hfs_cat_keycmp+0x1c0/0x1c0
[   35.481643]  ? rcu_read_lock_sched_held+0x108/0x120
[   35.486637]  ? __kmalloc+0x5f9/0x760
[   35.490343]  ? __raw_spin_lock_init+0x1c/0x100
[   35.494909]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   35.499905]  ? mutex_lock_nested+0x16/0x20
[   35.504115]  ? mutex_lock_nested+0x16/0x20
[   35.508327]  hfs_fill_super+0x11f4/0x18c0
[   35.512458]  ? hfs_show_options+0x6e0/0x6e0
[   35.516843]  ? netdev_bits+0xb0/0xb0
[   35.520530]  ? format_decode+0x1a9/0xae0
[   35.524568]  ? set_precision+0xe0/0xe0
[   35.528437]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   35.533949]  ? vsnprintf+0x242/0x1b40
[   35.537724]  ? pointer+0xa20/0xa20
[   35.541242]  ? snprintf+0xa5/0xd0
[   35.544673]  ? vsprintf+0x40/0x40
[   35.548104]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   35.553097]  ? set_blocksize+0x2c4/0x350
[   35.557135]  mount_bdev+0x30c/0x3e0
[   35.560846]  ? hfs_show_options+0x6e0/0x6e0
[   35.565157]  hfs_mount+0x34/0x40
[   35.568504]  mount_fs+0xae/0x328
[   35.571847]  vfs_kern_mount.part.34+0xd4/0x4d0
[   35.576404]  ? may_umount+0xb0/0xb0
[   35.580009]  ? _raw_read_unlock+0x22/0x30
[   35.584133]  ? __get_fs_type+0x97/0xc0
[   35.587996]  do_mount+0x564/0x3070
[   35.591513]  ? copy_mount_string+0x40/0x40
[   35.595724]  ? rcu_pm_notify+0xc0/0xc0
[   35.599589]  ? copy_mount_options+0x5f/0x380
[   35.603977]  ? rcu_read_lock_sched_held+0x108/0x120
[   35.608971]  ? kmem_cache_alloc_trace+0x616/0x780
[   35.613793]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   35.619316]  ? _copy_from_user+0xdf/0x150
[   35.623443]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.628957]  ? copy_mount_options+0x285/0x380
[   35.633435]  ksys_mount+0x12d/0x140
[   35.637038]  __x64_sys_mount+0xbe/0x150
[   35.640988]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   35.645978]  do_syscall_64+0x1b1/0x800
[   35.649845]  ? syscall_return_slowpath+0x5c0/0x5c0
[   35.654754]  ? syscall_return_slowpath+0x30f/0x5c0
[   35.659659]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[   35.664998]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   35.669817]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   35.674981] RIP: 0033:0x442e4a
[   35.678148] RSP: 002b:00007ffe9b4269d8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a5
[   35.685830] RAX: ffffffffffffffda RBX: 0000000020000258 RCX: 0000000000442e4a
[   35.693083] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe9b4269e0
[   35.700