./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3328676100 <...> Warning: Permanently added '10.128.0.49' (ED25519) to the list of known hosts. execve("./syz-executor3328676100", ["./syz-executor3328676100"], 0x7ffcb45d7ab0 /* 10 vars */) = 0 brk(NULL) = 0x555564a68000 brk(0x555564a68d00) = 0x555564a68d00 arch_prctl(ARCH_SET_FS, 0x555564a68380) = 0 set_tid_address(0x555564a68650) = 5823 set_robust_list(0x555564a68660, 24) = 0 rseq(0x555564a68ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3328676100", 4096) = 28 getrandom("\x0b\x1d\x5c\x30\x2e\x74\x03\x76", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555564a68d00 brk(0x555564a89d00) = 0x555564a89d00 brk(0x555564a8a000) = 0x555564a8a000 mprotect(0x7fc55b0b4000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 executing program write(1, "executing program\n", 18) = 18 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc552a00000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768 munmap(0x7fc552a00000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file1", 0777) = 0 [ 63.950857][ T5823] loop0: detected capacity change from 0 to 64 [ 63.995559][ T5823] ======================================================= [ 63.995559][ T5823] WARNING: The mand mount option has been deprecated and [ 63.995559][ T5823] and is ignored by this kernel. Remove the mand [ 63.995559][ T5823] option from the mount to silence this warning. [ 63.995559][ T5823] ======================================================= [ 64.035189][ T5823] hfs: unable to locate alternate MDB mount("/dev/loop0", "./file1", "hfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_STRICTATIME|MS_LAZYTIME, "file_umask=00000000000000000007777,dir_umask=00000000000000000000000,iocharset=iso8859-6,codepage=cp"...) = 0 openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 chdir("./file1") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000) = 4 [ 64.040686][ T5823] hfs: continuing without an alternate MDB [ 64.096085][ T5823] [ 64.098434][ T5823] ============================================ [ 64.104561][ T5823] WARNING: possible recursive locking detected [ 64.110785][ T5823] 6.14.0-rc4-syzkaller-00278-gece144f151ac #0 Not tainted [ 64.117881][ T5823] -------------------------------------------- [ 64.124010][ T5823] syz-executor332/5823 is trying to acquire lock: [ 64.130422][ T5823] ffff888059e820b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x16e/0x1f0 [ 64.139758][ T5823] [ 64.139758][ T5823] but task is already holding lock: [ 64.147108][ T5823] ffff888059e820b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x16e/0x1f0 [ 64.156423][ T5823] [ 64.156423][ T5823] other info that might help us debug this: [ 64.164468][ T5823] Possible unsafe locking scenario: [ 64.164468][ T5823] [ 64.171903][ T5823] CPU0 [ 64.175167][ T5823] ---- [ 64.178458][ T5823] lock(&tree->tree_lock/1); [ 64.183134][ T5823] lock(&tree->tree_lock/1); [ 64.187812][ T5823] [ 64.187812][ T5823] *** DEADLOCK *** [ 64.187812][ T5823] [ 64.195944][ T5823] May be due to missing lock nesting notation [ 64.195944][ T5823] [ 64.204252][ T5823] 5 locks held by syz-executor332/5823: [ 64.209793][ T5823] #0: ffff888059ed6420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 64.218937][ T5823] #1: ffff888058799620 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: do_truncate+0x20c/0x310 [ 64.229294][ T5823] #2: ffff888058799478 (&HFS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xff/0x13e0 [ 64.239992][ T5823] #3: ffff888059e820b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x16e/0x1f0 [ 64.249741][ T5823] #4: ffff8880587980f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xff/0x13e0 [ 64.260956][ T5823] [ 64.260956][ T5823] stack backtrace: [ 64.266847][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: syz-executor332 Not tainted 6.14.0-rc4-syzkaller-00278-gece144f151ac #0 [ 64.266862][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 64.266874][ T5823] Call Trace: [ 64.266881][ T5823] [ 64.266887][ T5823] dump_stack_lvl+0x241/0x360 [ 64.266903][ T5823] ? __pfx_dump_stack_lvl+0x10/0x10 [ 64.266914][ T5823] ? __pfx__printk+0x10/0x10 [ 64.266931][ T5823] ? lockdep_unlock+0x16a/0x300 [ 64.266949][ T5823] print_deadlock_bug+0x483/0x620 [ 64.266963][ T5823] validate_chain+0x15e2/0x5920 [ 64.266980][ T5823] ? __lock_acquire+0x1397/0x2100 [ 64.266996][ T5823] ? __pfx_validate_chain+0x10/0x10 [ 64.267013][ T5823] ? mark_lock+0x9a/0x360 [ 64.267030][ T5823] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 64.267046][ T5823] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 64.267062][ T5823] ? mark_lock+0x9a/0x360 [ 64.267079][ T5823] __lock_acquire+0x1397/0x2100 [ 64.267099][ T5823] lock_acquire+0x1ed/0x550 [ 64.267114][ T5823] ? hfs_find_init+0x16e/0x1f0 [ 64.267131][ T5823] ? __pfx_lock_acquire+0x10/0x10 [ 64.267146][ T5823] ? hfs_bmap_reserve+0xd9/0x400 [ 64.267162][ T5823] ? __hfs_ext_write_extent+0x22e/0x4f0 [ 64.267174][ T5823] ? __pfx___might_resched+0x10/0x10 [ 64.267188][ T5823] ? cont_write_begin+0x77f/0xb40 [ 64.267200][ T5823] ? hfs_write_begin+0x68/0xb0 [ 64.267211][ T5823] ? cont_write_begin+0x32b/0xb40 [ 64.267222][ T5823] ? hfs_write_begin+0x68/0xb0 [ 64.267233][ T5823] ? hfs_file_truncate+0x1ed/0xa20 [ 64.267244][ T5823] ? hfs_inode_setattr+0x458/0x620 [ 64.267256][ T5823] ? notify_change+0xbca/0xe90 [ 64.267270][ T5823] ? do_truncate+0x220/0x310 [ 64.267284][ T5823] ? vfs_truncate+0x492/0x530 [ 64.267297][ T5823] ? do_syscall_64+0xf3/0x230 [ 64.267316][ T5823] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.267334][ T5823] __mutex_lock+0x19c/0x1010 [ 64.267350][ T5823] ? hfs_find_init+0x16e/0x1f0 [ 64.267367][ T5823] ? hfs_find_init+0x16e/0x1f0 [ 64.267382][ T5823] ? __pfx___mutex_lock+0x10/0x10 [ 64.267399][ T5823] ? rcu_is_watching+0x15/0xb0 [ 64.267411][ T5823] ? trace_kmalloc+0x1f/0xd0 [ 64.267421][ T5823] ? hfs_find_init+0x90/0x1f0 [ 64.267437][ T5823] hfs_find_init+0x16e/0x1f0 [ 64.267457][ T5823] hfs_extend_file+0x31b/0x13e0 [ 64.267471][ T5823] ? __pfx_hfs_extend_file+0x10/0x10 [ 64.267484][ T5823] ? rcu_is_watching+0x15/0xb0 [ 64.267497][ T5823] ? __mutex_lock+0x397/0x1010 [ 64.267512][ T5823] ? hfs_brec_find+0x197/0x580 [ 64.267529][ T5823] hfs_bmap_reserve+0xd9/0x400 [ 64.267548][ T5823] __hfs_ext_write_extent+0x22e/0x4f0 [ 64.267562][ T5823] __hfs_ext_cache_extent+0x6a/0x990 [ 64.267574][ T5823] ? hfs_find_init+0x16e/0x1f0 [ 64.267590][ T5823] hfs_extend_file+0x344/0x13e0 [ 64.267604][ T5823] ? __pfx_hfs_extend_file+0x10/0x10 [ 64.267617][ T5823] ? clean_bdev_aliases+0x6f8/0x890 [ 64.267632][ T5823] ? __pfx_clean_bdev_aliases+0x10/0x10 [ 64.267645][ T5823] hfs_get_block+0x3e4/0xb60 [ 64.267660][ T5823] ? __pfx_hfs_get_block+0x10/0x10 [ 64.267673][ T5823] ? _raw_spin_unlock+0x28/0x50 [ 64.267686][ T5823] ? create_empty_buffers+0x471/0x530 [ 64.267700][ T5823] __block_write_begin_int+0x692/0x19a0 [ 64.267714][ T5823] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 64.267734][ T5823] ? __pfx_hfs_get_block+0x10/0x10 [ 64.267745][ T5823] ? __pfx___block_write_begin_int+0x10/0x10 [ 64.267760][ T5823] cont_write_begin+0x77f/0xb40 [ 64.267777][ T5823] ? __pfx_cont_write_begin+0x10/0x10 [ 64.267789][ T5823] ? mark_buffer_dirty+0x244/0x440 [ 64.267809][ T5823] hfs_write_begin+0x68/0xb0 [ 64.267820][ T5823] ? __pfx_hfs_get_block+0x10/0x10 [ 64.267832][ T5823] cont_write_begin+0x32b/0xb40 [ 64.267849][ T5823] ? __pfx_cont_write_begin+0x10/0x10 [ 64.267865][ T5823] hfs_write_begin+0x68/0xb0 [ 64.267876][ T5823] ? __pfx_hfs_get_block+0x10/0x10 [ 64.267888][ T5823] hfs_file_truncate+0x1ed/0xa20 [ 64.267902][ T5823] ? __pfx___up_read+0x10/0x10 [ 64.267915][ T5823] ? __pfx_hfs_file_truncate+0x10/0x10 [ 64.267928][ T5823] ? unmap_mapping_range+0xf8/0x290 [ 64.267941][ T5823] ? __pfx_unmap_mapping_range+0x10/0x10 [ 64.267955][ T5823] ? truncate_setsize+0xcf/0xf0 [ 64.267967][ T5823] hfs_inode_setattr+0x458/0x620 [ 64.267981][ T5823] ? security_inode_setattr+0xdb/0x350 [ 64.267996][ T5823] ? __pfx_hfs_inode_setattr+0x10/0x10 [ 64.268009][ T5823] notify_change+0xbca/0xe90 [ 64.268028][ T5823] do_truncate+0x220/0x310 [ 64.268042][ T5823] ? __pfx_do_truncate+0x10/0x10 [ 64.268056][ T5823] ? rcu_read_lock_any_held+0xb7/0x160 [ 64.268071][ T5823] ? mnt_get_write_access+0x226/0x2b0 [ 64.268086][ T5823] ? bpf_lsm_path_truncate+0x9/0x10 [ 64.268099][ T5823] vfs_truncate+0x492/0x530 [ 64.268114][ T5823] ? __pfx_vfs_truncate+0x10/0x10 [ 64.268127][ T5823] ? kmem_cache_free+0x195/0x410 [ 64.268139][ T5823] ? user_path_at+0x44/0x60 [ 64.268154][ T5823] do_sys_truncate+0xdb/0x190 [ 64.268168][ T5823] ? __pfx_do_sys_truncate+0x10/0x10 [ 64.268182][ T5823] ? do_syscall_64+0x100/0x230 [ 64.268200][ T5823] do_syscall_64+0xf3/0x230 [ 64.268216][ T5823] ? clear_bhb_loop+0x35/0x90 [ 64.268232][ T5823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.268251][ T5823] RIP: 0033:0x7fc55b0419f9 [ 64.268266][ T5823] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 64.268277][ T5823] RSP: 002b:00007ffc8ccb0058 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 64.268291][ T5823] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007fc55b0419f9 [ 64.268300][ T5823] RDX: 00007fc55b0419f9 RSI: 00000000087ffffe RDI: 0000400000000080 [ 64.268308][ T5823] RBP: 00007fc55b08a05e R08: 0000000000000000 R09: 0000000000000000 [ 64.268316][ T5823] R10: 00000000000002f8 R11: 0000000000000246 R12: 0000000000000001 [ 64.268323][ T5823] R13: 00007ffc8ccb0238 R14: 0000000000000001 R15: 0000000000000001 [ 64.268336][ T5823]