program:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYBLOB="23341129bfb4fcc388a80c49b4f4d96254cb9356759776b03b581050240d2d9a5cf3440e76c886f1e5c860656a3648101223fc288fc5274f0e609cfed0fc738d84eb544791dd1cb959421db9fbcb634df876aa2133fd62e245fb6b1ead07ca04772d78564af8f42015e5be557ab3bd60824768691005cbd3d295402693d934226595deeba1ff748b7dde9c617749aa38096ef667700a6b3668cb7296b024fbcf9f74e50bf0f834159f51737baac184f94dd13a9793b76946208f290637d8def94e5f56f1181da3eed500440f", @ANYRES32=0x0, @ANYRES16, @ANYRES16], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3ctqFEscx/Ff9UySycmQ07kcDriMBnQjMW7EzQSZhxAXomZGCA4RTQR1YxQXIqJ7976CryC4UXwBXbnyAUYQWqq65pqe7jhkujP4/YChp7uq61/pS9V/wJQA/LWu1L++u/jd/jNSSSXp5WUpkPRCKkv6T/9XHuzu7+y3mo2U87QjRxXJKK5pDhXa3m0m1a3I1/BC+6msav8+TEYURVvfJO0VHQgK5Z7+BIE0559Od7ySe2Tpno5Z7+CY45g2pq22Hmqx6DgAAMXy43/gx/mqn78HgbTuh/0TOf6Pq110ABMXpR7tG/9dlhUZe33/dYd6+Z5L4ezxoJMlHqXlmaHPs4rvrIEJpsnKKl0swfztnVbz/PbdViPQM9W8vmKr7mcjvnU7MqJdS8hNUxyh7yZ5Rrng+jBj+7A5Iv6VMVscm/loPpvrJtRbNbrzv3Jk7GVyVyoculJx/Bujz+h6GdpS8q+NWq0WDBRZco2c8i14Gb2sJGck6txRSxr8giDMitPVWh6qFffuQkatlbjW1vxArc3OpxG1Vgfasr3p3s2j25s089pcNWv6ofeq983/AxvfulKfzN5TY9bjocD9xuP+zCY3V3bnDA+NHAe6Vh3c0/0tzo0K/Wf6Ow1DnqQce6VbuqTFvUeP75RareZ9u3EzYeNetbtn5rmUWKaAjUC9PTroHZpT/EXkoVqdQSnPUM8d6wnt+yOzsH3KcungibkTitiof8r3RipiI6d3FArVu+iZRT/kEhDy5uZdcf7Xl69suMme/RGmzNMzJ2T+jJGdY3czoMpA/WW39c8fZXALozO4o+Zcp89KZ7q7fkUZLYY+zukQpU39LFPXF93g+38AAAAAAAAAAAAAAAAAAIBpk8d/Jyi6jwAAAAAAAAAAAAAAAAAAAAAATLvu+r/qrP8rv/5vJX393+G//F2KV3g5lvV/3+yK9X+ByfsdAAD//y0Iis0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x8010}}, 0xffffff20)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)

[   73.087293][ T5295] Bluetooth: hci0: command tx timeout
[   73.148155][ T5314] loop0: detected capacity change from 0 to 64
[   73.701834][ T5314] 
[   73.702941][ T5314] ============================================
[   73.705662][ T5314] WARNING: possible recursive locking detected
[   73.708430][ T5314] syzkaller #0 Not tainted
[   73.710479][ T5314] --------------------------------------------
[   73.712954][ T5314] syz.0.0/5314 is trying to acquire lock:
[   73.715549][ T5314] ffff8880405180b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300
[   73.719988][ T5314] 
[   73.719988][ T5314] but task is already holding lock:
[   73.723121][ T5314] ffff8880405180b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300
[   73.727112][ T5314] 
[   73.727112][ T5314] other info that might help us debug this:
[   73.730535][ T5314]  Possible unsafe locking scenario:
[   73.730535][ T5314] 
[   73.733677][ T5314]        CPU0
[   73.734964][ T5314]        ----
[   73.736493][ T5314]   lock(&tree->tree_lock/1);
[   73.738524][ T5314]   lock(&tree->tree_lock/1);
[   73.740567][ T5314] 
[   73.740567][ T5314]  *** DEADLOCK ***
[   73.740567][ T5314] 
[   73.743975][ T5314]  May be due to missing lock nesting notation
[   73.743975][ T5314] 
[   73.746930][ T5314] 6 locks held by syz.0.0/5314:
[   73.748971][ T5314]  #0: ffff88801fb659b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x246/0x320
[   73.752648][ T5314]  #1: ffff88801f300420 (sb_writers#12){.+.+}-{0:0}, at: vfs_write+0x227/0xb90
[   73.756518][ T5314]  #2: ffff88804048b6a0 (&sb->s_type->i_mutex_key#25){+.+.}-{4:4}, at: generic_file_write_iter+0x11e/0x680
[   73.761433][ T5314]  #3: ffff88804048b4f8 (&HFS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0
[   73.766099][ T5314]  #4: ffff8880405180b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300
[   73.770378][ T5314]  #5: ffff88804048c878 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0
[   73.775423][ T5314] 
[   73.775423][ T5314] stack backtrace:
[   73.778042][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   73.778056][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   73.778077][ T5314] Call Trace:
[   73.778085][ T5314]  <TASK>
[   73.778104][ T5314]  dump_stack_lvl+0xe8/0x150
[   73.778124][ T5314]  print_deadlock_bug+0x279/0x290
[   73.778142][ T5314]  __lock_acquire+0x253f/0x2cf0
[   73.778158][ T5314]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[   73.778221][ T5314]  ? stack_depot_save_flags+0x3f3/0x810
[   73.778273][ T5314]  ? kasan_save_track+0x4f/0x80
[   73.778289][ T5314]  ? kasan_save_track+0x3e/0x80
[   73.778304][ T5314]  ? __kasan_kmalloc+0x93/0xb0
[   73.778320][ T5314]  ? __kmalloc_noprof+0x35c/0x760
[   73.778335][ T5314]  ? hfs_find_init+0xaa/0x300
[   73.778351][ T5314]  ? hfs_extend_file+0x35c/0x15e0
[   73.778392][ T5314]  ? hfs_bmap_reserve+0x107/0x430
[   73.778403][ T5314]  lock_acquire+0xf0/0x2e0
[   73.778417][ T5314]  ? hfs_find_init+0x18e/0x300
[   73.778434][ T5314]  __mutex_lock+0x19f/0x1300
[   73.778451][ T5314]  ? hfs_find_init+0x18e/0x300
[   73.778468][ T5314]  ? hfs_find_init+0x18e/0x300
[   73.778484][ T5314]  ? __pfx___mutex_lock+0x10/0x10
[   73.778501][ T5314]  ? rcu_is_watching+0x15/0xb0
[   73.778518][ T5314]  ? __kmalloc_noprof+0x37d/0x760
[   73.778534][ T5314]  ? hfs_find_init+0xaa/0x300
[   73.778548][ T5314]  ? __kmalloc_noprof+0x1b8/0x760
[   73.778564][ T5314]  hfs_find_init+0x18e/0x300
[   73.778580][ T5314]  hfs_extend_file+0x35c/0x15e0
[   73.778592][ T5314]  ? hfs_ext_keycmp+0x1c7/0x320
[   73.778605][ T5314]  ? __pfx_hfs_extend_file+0x10/0x10
[   73.778618][ T5314]  ? __pfx___hfs_brec_find+0x10/0x10
[   73.778636][ T5314]  ? hfs_brec_find+0x3cc/0x510
[   73.778652][ T5314]  hfs_bmap_reserve+0x107/0x430
[   73.778666][ T5314]  __hfs_ext_write_extent+0x1fa/0x470
[   73.778680][ T5314]  __hfs_ext_cache_extent+0x6b/0x9b0
[   73.778693][ T5314]  ? hfs_find_init+0x18e/0x300
[   73.778708][ T5314]  hfs_extend_file+0x39b/0x15e0
[   73.778720][ T5314]  ? __pfx_filemap_get_folios_tag+0x10/0x10
[   73.778739][ T5314]  ? __pfx_hfs_extend_file+0x10/0x10
[   73.778752][ T5314]  ? clean_bdev_aliases+0x62e/0x750
[   73.778772][ T5314]  ? __pfx_clean_bdev_aliases+0x10/0x10
[   73.778791][ T5314]  hfs_get_block+0x412/0xc50
[   73.778805][ T5314]  ? __pfx_hfs_get_block+0x10/0x10
[   73.778817][ T5314]  ? do_raw_spin_unlock+0x4d/0x210
[   73.778829][ T5314]  ? _raw_spin_unlock+0x28/0x50
[   73.778844][ T5314]  __block_write_begin_int+0x6c6/0x1910
[   73.778859][ T5314]  ? __pfx_hfs_get_block+0x10/0x10
[   73.778871][ T5314]  ? __pfx___block_write_begin_int+0x10/0x10
[   73.778884][ T5314]  cont_write_begin+0x737/0xae0
[   73.778895][ T5314]  ? irqentry_exit+0x59e/0x620
[   73.778914][ T5314]  ? __pfx_cont_write_begin+0x10/0x10
[   73.778926][ T5314]  hfs_write_begin+0x66/0xb0
[   73.778936][ T5314]  ? __pfx_hfs_get_block+0x10/0x10
[   73.778946][ T5314]  generic_perform_write+0x2e2/0x8f0
[   73.778961][ T5314]  ? __pfx_generic_perform_write+0x10/0x10
[   73.778972][ T5314]  ? file_update_time_flags+0x219/0x4a0
[   73.778990][ T5314]  ? __generic_file_write_iter+0xf9/0x230
[   73.778999][ T5314]  ? generic_file_write_iter+0x136/0x680
[   73.779093][ T5314]  generic_file_write_iter+0x14a/0x680
[   73.779108][ T5314]  ? __pfx_generic_file_write_iter+0x10/0x10
[   73.779119][ T5314]  ? add_lock_to_list+0xc7/0x100
[   73.779136][ T5314]  ? lockdep_unlock+0x5d/0xd0
[   73.779148][ T5314]  ? __lock_acquire+0x146e/0x2cf0
[   73.779172][ T5314]  vfs_write+0x61d/0xb90
[   73.779191][ T5314]  ? __pfx_vfs_write+0x10/0x10
[   73.779209][ T5314]  ? __fget_files+0x2a/0x420
[   73.779225][ T5314]  ksys_write+0x150/0x270
[   73.779242][ T5314]  ? __pfx_ksys_write+0x10/0x10
[   73.779260][ T5314]  do_syscall_64+0x14d/0xf80
[   73.779285][ T5314]  ? trace_irq_disable+0x3b/0x150
[   73.779301][ T5314]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.779313][ T5314]  ? clear_bhb_loop+0x40/0x90
[   73.779325][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.779338][ T5314] RIP: 0033:0x7f17b339c799
[   73.779365][ T5314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.779375][ T5314] RSP: 002b:00007f17b42fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   73.779390][ T5314] RAX: ffffffffffffffda RBX: 00007f17b3615fa0 RCX: 00007f17b339c799
[   73.779399][ T5314] RDX: 00000000ffffff20 RSI: 00002000000000c0 RDI: 0000000000000004
[   73.779406][ T5314] RBP: 00007f17b3432bd9 R08: 0000000000000000 R09: 0000000000000000
[   73.779413][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.779420][ T5314] R13: 00007f17b3616038 R14: 00007f17b3615fa0 R15: 00007ffd4fc4b698
[   73.779432][ T5314]  </TASK>
[   75.146712][ T5295] Bluetooth: hci0: command tx timeout
[   77.226825][ T5295] Bluetooth: hci0: command tx timeout
[   78.267573][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.267573][  T172] loop0: rw=9437185, sector=65, nr_sectors = 1 limit=64
[   78.274683][  T172] Buffer I/O error on dev loop0, logical block 65, lost async page write
[   78.280777][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.280777][  T172] loop0: rw=9437185, sector=66, nr_sectors = 1 limit=64
[   78.285982][  T172] Buffer I/O error on dev loop0, logical block 66, lost async page write
[   78.289614][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.289614][  T172] loop0: rw=9437185, sector=67, nr_sectors = 1 limit=64
[   78.295292][  T172] Buffer I/O error on dev loop0, logical block 67, lost async page write
[   78.299239][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.299239][  T172] loop0: rw=9437185, sector=68, nr_sectors = 1 limit=64
[   78.305341][  T172] Buffer I/O error on dev loop0, logical block 68, lost async page write
[   78.309760][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.309760][  T172] loop0: rw=9437185, sector=72, nr_sectors = 1 limit=64
[   78.316246][  T172] Buffer I/O error on dev loop0, logical block 72, lost async page write
[   78.320177][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.320177][  T172] loop0: rw=9437185, sector=73, nr_sectors = 1 limit=64
[   78.325960][  T172] Buffer I/O error on dev loop0, logical block 73, lost async page write
[   78.329908][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.329908][  T172] loop0: rw=9437185, sector=76, nr_sectors = 1 limit=64
[   78.335624][  T172] Buffer I/O error on dev loop0, logical block 76, lost async page write
[   78.339408][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.339408][  T172] loop0: rw=9437185, sector=77, nr_sectors = 1 limit=64
[   78.345183][  T172] Buffer I/O error on dev loop0, logical block 77, lost async page write
[   78.350099][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.350099][  T172] loop0: rw=1048577, sector=78, nr_sectors = 1624 limit=64
[   78.356696][  T172] kworker/u4:6: attempt to access beyond end of device
[   78.356696][  T172] loop0: rw=9437185, sector=1702, nr_sectors = 1 limit=64
[   78.362541][  T172] Buffer I/O error on dev loop0, logical block 1702, lost async page write
[   78.366220][  T172] Buffer I/O error on dev loop0, logical block 1703, lost async page write
[   79.306846][ T5295] Bluetooth: hci0: command tx timeout