program: sendmmsg$inet(0xffffffffffffffff, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000140)="f1a0fa9090d465b080d9209c8845fdcaef275aaa15abcd5cd1153a72ef30f13819e7e8929f54ba0f61cab747ec572e7721478ce702eaa7b41015c3215e1643c7ec", 0x41}], 0x1}}], 0x1, 0x4000) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000cc0)={[{@part={'part', 0x3d, 0x500f}}, {@nodecompose}, {}, {@part={'part', 0x3d, 0xc}}, {@uid}, {@barrier}, {@nls={'nls', 0x3d, 'cp949'}}, {@part={'part', 0x3d, 0x8}}]}, 0x3, 0x5f4, &(0x7f0000000640)="$eJzs3c9rHOcZB/DvrNay5YKzSewkLS0V9qElprZWmzg6FOqWUnQIJdBLLjkIex0Lr5UgbYoSSpH789r/IClFPvfUQ+nBkJ577VHQQw6F3nVzmdlZaW0rshQr2lXy+cC77zv7zrzzzOOZVzuzmA3wtbX4dk49SJHFy2+ul8tbm53e1mbn7rCd5HSSRtIcVClWkuLT5HoGJd8s36yHKz5vP+98/MbCZ+3795KiORirOVy/sd92B7NRl8wmmarroxrvxjOPV+wcYZmwS8PEwbg9fMLGYTZ/xusWmGSt5GySM/XngNSzQ2PMYT2zQ81yAAAAcEI9t53trOfcuOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk6RIpgZVVRrD9myK4e//T9fvpW6faA/GHQAAAAAAAAAAHIHvbmc76zk3XH5YVN/5X6wWzlev38gHWUs3q7mS9Syln35W007SGhloen2p319tP3XLItl4NITBlvPHcLAAAAAAAAAA8NX1myzufv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACToEimBlVVzg/brTSaSc4kmS7X20j+MWyfZA/GHQAAAAAcg+e2s531nBsuPyyqe/6Xqvv+M/kgK+lnOf300s3N6lnA4K6/sbXZ6W1tdu6W5clxf/y/Q4VRjZjBs4e99zxXrXFhZ4vF/Cy/yOXM5q2sZjm/zFL66WY2P61aSynSqp9etIZx7h3v9UeW3nparK9UkczkVpar2K7kRt5LLzfTqI6hWmf/Pd4rs1P8qHbAHN2s6/KI/lTXk6FVZeTUTkbm6tyX2Xh+/0wc8jx5fE/tNHaeQZ3/99Hn/Gxdl7n+w0TnfH7k7Htp/5wnF//znb/d7q3cuX1r7fLkHNIX9HgmOiOZePlrlYnpOhuDWfRws+XFattzWc7P815uppvXs5DXM5/X8lrmspBrI3m9cID5rXG4a+3S9+vGTJI/1vVkKPP6/EheR2e6VtU3+s4gS+XJ9MLR/xVofqtulPv4bV1Phscz0R45X17cPxN/fli+rvVW7qzeXnr/gPv7Xl2Xmf79RM3N5fnyQvmPVS09enaUfS/u2deu+s7v9DWe6Luw0/e0K3W6/gz35EjzVd/Le/Z1qr5XRvr2+pQDwITa/U777Ktnp2f+O/OvmU9mfjdze+bNMz85vXD629M59c/m36f+2rjf+GHxaj7Jr3fv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC9u7cOP7iz1hj8D0Ot1VwfvfMUaf8lEhKFx0hrN+sqYlHiOrzHGSQk4Flf7d9+/uvbhRz9Yvrv0bvfd7kqn0742v3BtYf7a1VvLve7c4HXcYQJfgt0/+uOOBAAAAAAAAAAAADio4/jvBOM+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBkW3w7px6kSHvuyly5vLXZ6ZVl2N5ds5mkkaT4VVJ8mlzPoKQ1Mlzxeft55+M3Fj5r37+3O1ZzuH5jv+0OZqMumU0yVddHNd6NZx6v2DnCMmGXhomDcft/AAAA//9Shwfb") openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x240, 0xa2) setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=ANY=[@ANYBLOB='osx.'], 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4, 0x0, @mcast2}, 0x1c) syz_mount_image$hfsplus(&(0x7f0000000c80), &(0x7f0000000080)='./file1\x00', 0xa08800, &(0x7f0000000900)=ANY=[], 0x41, 0x69b, &(0x7f0000000200)="$eJzs3ctvHHcdAPDvzK433iClTpu0ASHVakRBWCR+yAVzqeGAfIhQFQ4VEpdV4jRWNm5lu8itEJj3gQuH/gHl4AMSJyTukYrEiXLr1SdUCYlLTr4ZzezMPrLZza7jeGP6+Viz+5v5ze/1ndfOrqwJ4AtrbS6qDyKJtbkbu9n8wf5S82B/6VyR3YyILJ1GVFtvkWxGJJ9ErEZrii9nC4v1k0HtfLSxcvOzhweft+aqxZSvnw4rN5q9YorZiKgU7/2memeT6kj13RpY33CNTkPtEWYBu1oGDibtqM/eOMWf8rgFngdJ67rZZybifERMF58Dojg7pKfbu5M31lkOAAAAzqgXDuMwduPCpPsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZ0nx/P+kmNIyPRtJ+fz/WrEsivTNdMJ9fhoPJt0BAAAAAAAAADgBrx7GYezGhXL+qPXL/mv566X89UvxfmzHemzFtdiNRuzETmzFQkTMdFVU223s7GwtjFBy8bElF09jtAAAAAAAAADwf+tXsdb5/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4HSUSl9ZZPl8r0TKTViJiOiFq23l7Ev8r0GZF0kqvt1IPJ9AUAAACObfoYeS8cxmHsxoVy/ijJ7/lfzu+Xp+P92Iyd2IidaMZ63C7uobO7/vRgf6l5sL90/2B/Ka/8J0ctrXq+99+xup7XGK3vHh7f8pV8jXrciY18ybW4lXfmdqR5ycyVoj/tqbeRX2Z9qr9ZGLFnt4v3rLE/9n6LcLLSnlY/fXKBmbzQVDsi80XfsoouDo/E47dOvZOsfq0ypKWFSNvf/Fwa0lI5pKQI+Y0nDyp3viwXEb97JOZv/vvPPx6xmmegHYk08kgsdu19Lw+PecTX//aXt+82N+/dvbM998x2o9Py6D6x1BWJV850JKpjrj+fR+Jye34tfhA/irmYjbdiKzbip9GInViP4swYjWJ/zl5nuqIU0Rep1Z65t57Uk1qxXVrH7ih9mo1zeaoRr+VlL8RGJPFu3I71eCP/W4yF+HYsx3KsdG3hywO3cD62/EybjnemvfqN6Bzqv+89HQ33j1FXHF/rspnF9WJXXLvPuTN5XveSTpReHOF6lIwXpepXikTWxq+fqy/gi0j8ofsqUUbipeGR+FN+bGw3N+9t3W28N6D+vUfmX5/qpH97kgM5tnKPzTbKizFdnEl6944s76X2WeZiz1W1Vvzi0spL+/Iu53lJUh6pPxx4pNaKz3D9NS3mea/051XKnl/pyuv5vBXv/vP0YwrAMZz/5vla/T/1T+sf139Tv1u/Mf39c98599VaTP196rvV+crraZr8NT6On3fu/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOPb/uDDe41mc33r8Yl0cNbJJpLiGVCD1qlGPUau8BdHR0en0OenH/Leidcckx/XCIny6VVPW8/bq8+6q+noe11PovJcxHmURCUiyiWV6GQVm2jYw0WBM+36zv33rm9/8OG3Nu433ll/Z31zanl5ZX5l+Y2l63c2muvzrddJ9xJ4FjqfBybdEwAAAAAAAAAAAGBU4/7PwKsx/n8adDU3O8GhAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfU2lxUpyKJhflr89n8wf5SM5vKdGfNakSkaUTys4jkk4jVaE0x01VdMqidjzZWbn728ODzTl3Vcv10WLnR7BVTzEZEpXjvUztefbcG1TeypD3CLGBXy8DBpP0vAAD//xnpB0E=") r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev}}, 0x1e) connect$pptp(r1, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e) connect$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x3, @multicast1}}, 0x1e) r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r2, &(0x7f0000001fc0)=""/184, 0x20002078) listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) [ 83.924388][ T4671] Bluetooth: hci0: command tx timeout [ 84.007529][ T5330] loop0: detected capacity change from 0 to 1024 [ 84.077993][ T5330] [ 84.079135][ T5330] ============================================ [ 84.081899][ T5330] WARNING: possible recursive locking detected [ 84.084669][ T5330] syzkaller #0 Not tainted [ 84.086698][ T5330] -------------------------------------------- [ 84.089497][ T5330] syz.0.0/5330 is trying to acquire lock: [ 84.091988][ T5330] ffff888032f55548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1670 [ 84.096672][ T5330] [ 84.096672][ T5330] but task is already holding lock: [ 84.099844][ T5330] ffff888032f56988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x2b3/0xc30 [ 84.104423][ T5330] [ 84.104423][ T5330] other info that might help us debug this: [ 84.107915][ T5330] Possible unsafe locking scenario: [ 84.107915][ T5330] [ 84.111050][ T5330] CPU0 [ 84.112511][ T5330] ---- [ 84.114065][ T5330] lock(&HFSPLUS_I(inode)->extents_lock); [ 84.116614][ T5330] lock(&HFSPLUS_I(inode)->extents_lock); [ 84.119192][ T5330] [ 84.119192][ T5330] *** DEADLOCK *** [ 84.119192][ T5330] [ 84.122854][ T5330] May be due to missing lock nesting notation [ 84.122854][ T5330] [ 84.126479][ T5330] 4 locks held by syz.0.0/5330: [ 84.128676][ T5330] #0: ffff8880119ac420 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 84.133079][ T5330] #1: ffff888032f56b78 (&sb->s_type->i_mutex_key#24){+.+.}-{4:4}, at: do_truncate+0x18f/0x250 [ 84.137276][ T5330] #2: ffff888032f56988 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_truncate+0x2b3/0xc30 [ 84.142045][ T5330] #3: ffff888012e398f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_free+0xc7/0x630 [ 84.146295][ T5330] [ 84.146295][ T5330] stack backtrace: [ 84.148831][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 84.148852][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.148883][ T5330] Call Trace: [ 84.148892][ T5330] [ 84.148919][ T5330] dump_stack_lvl+0xe8/0x150 [ 84.148964][ T5330] print_deadlock_bug+0x279/0x290 [ 84.148978][ T5330] __lock_acquire+0x253f/0x2cf0 [ 84.148995][ T5330] ? lock_release+0x4b/0x3a0 [ 84.149031][ T5330] ? is_bpf_text_address+0x292/0x2b0 [ 84.149045][ T5330] ? is_bpf_text_address+0x26/0x2b0 [ 84.149059][ T5330] ? kernel_text_address+0xa5/0xe0 [ 84.149074][ T5330] ? hfsplus_get_block+0x39e/0x1670 [ 84.149089][ T5330] lock_acquire+0x106/0x330 [ 84.149104][ T5330] ? hfsplus_get_block+0x39e/0x1670 [ 84.149123][ T5330] __mutex_lock+0x19f/0x1300 [ 84.149185][ T5330] ? hfsplus_get_block+0x39e/0x1670 [ 84.149203][ T5330] ? check_path+0x21/0x40 [ 84.149215][ T5330] ? hfsplus_get_block+0x39e/0x1670 [ 84.149231][ T5330] ? add_lock_to_list+0xc7/0x100 [ 84.149243][ T5330] ? __pfx___mutex_lock+0x10/0x10 [ 84.149260][ T5330] hfsplus_get_block+0x39e/0x1670 [ 84.149279][ T5330] ? __pfx_hfsplus_get_block+0x10/0x10 [ 84.149297][ T5330] ? block_read_full_folio+0x672/0x830 [ 84.149312][ T5330] block_read_full_folio+0x29f/0x830 [ 84.149327][ T5330] ? __pfx_hfsplus_get_block+0x10/0x10 [ 84.149343][ T5330] filemap_read_folio+0x137/0x3b0 [ 84.149355][ T5330] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 84.149370][ T5330] ? __pfx_filemap_read_folio+0x10/0x10 [ 84.149380][ T5330] ? filemap_add_folio+0x356/0x530 [ 84.149395][ T5330] do_read_cache_folio+0x358/0x590 [ 84.149407][ T5330] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 84.149422][ T5330] read_cache_page+0x5d/0x170 [ 84.149433][ T5330] hfsplus_block_free+0x134/0x630 [ 84.149448][ T5330] ? trace_kmalloc+0x1f/0xb0 [ 84.149464][ T5330] hfsplus_free_extents+0x121/0xa50 [ 84.149482][ T5330] hfsplus_file_truncate+0x762/0xc30 [ 84.149500][ T5330] ? __pfx___up_read+0x10/0x10 [ 84.149512][ T5330] ? __pfx_hfsplus_file_truncate+0x10/0x10 [ 84.149529][ T5330] ? unmap_mapping_range+0xe6/0x180 [ 84.149542][ T5330] ? __pfx_unmap_mapping_range+0x10/0x10 [ 84.149556][ T5330] ? truncate_setsize+0xcf/0xf0 [ 84.149570][ T5330] hfsplus_setattr+0x1c4/0x270 [ 84.149585][ T5330] ? __pfx_hfsplus_setattr+0x10/0x10 [ 84.149601][ T5330] notify_change+0xc1a/0xf40 [ 84.149617][ T5330] do_truncate+0x1c2/0x250 [ 84.149632][ T5330] ? __pfx_do_truncate+0x10/0x10 [ 84.149645][ T5330] ? apparmor_file_truncate+0x3b1/0x4a0 [ 84.149700][ T5330] path_openat+0x360c/0x3e20 [ 84.149721][ T5330] ? __pfx_path_openat+0x10/0x10 [ 84.149739][ T5330] do_filp_open+0x22d/0x490 [ 84.149752][ T5330] ? __pfx_do_filp_open+0x10/0x10 [ 84.149767][ T5330] ? _raw_spin_unlock+0x28/0x50 [ 84.149783][ T5330] ? alloc_fd+0x64b/0x6c0 [ 84.149827][ T5330] do_sys_openat2+0x12f/0x220 [ 84.149846][ T5330] ? __se_sys_futex+0x3a8/0x450 [ 84.149863][ T5330] ? __pfx_do_sys_openat2+0x10/0x10 [ 84.149874][ T5330] ? rcu_is_watching+0x15/0xb0 [ 84.149885][ T5330] __x64_sys_openat+0x138/0x170 [ 84.149898][ T5330] do_syscall_64+0xe2/0xf80 [ 84.149909][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.149920][ T5330] ? trace_irq_disable+0x37/0x100 [ 84.149931][ T5330] ? clear_bhb_loop+0x60/0xb0 [ 84.149943][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.149954][ T5330] RIP: 0033:0x7f7ba099aeb9 [ 84.149987][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 84.149997][ T5330] RSP: 002b:00007f7ba17b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 84.150011][ T5330] RAX: ffffffffffffffda RBX: 00007f7ba0c15fa0 RCX: 00007f7ba099aeb9 [ 84.150019][ T5330] RDX: 0000000000000240 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 84.150027][ T5330] RBP: 00007f7ba0a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 84.150034][ T5330] R10: 00000000000000a2 R11: 0000000000000246 R12: 0000000000000000 [ 84.150040][ T5330] R13: 00007f7ba0c16038 R14: 00007f7ba0c15fa0 R15: 00007fff02925848 [ 84.150052][ T5330] [ 84.351586][ T5330] hfsplus: unable to mark blocks free: error -5 [ 84.355182][ T5330] hfsplus: can't free extent: start 134, count 1