syzbot

 sign-in | mailing list | source | docs
🐞 Open [849]
🐞 Fixed [87]
🐞 Invalid [1277]
Missing Backports [132]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in hfs_extend_file (3)

Status: upstream: reported C repro on 2024/03/13 05:11
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+033048aa2a56eacb2789@syzkaller.appspotmail.com
First crash: 762d, last: 1d18h
Bug presence (1)
Date Name Commit Repro Result
2026/03/24 upstream (ToT) c369299895a5 C [report] possible deadlock in hfs_extend_file
Similar bugs (9)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 possible deadlock in hfs_extend_file hfs 4 1 1204d 1204d 0/1 upstream: reported on 2022/12/27 15:22
linux-5.15 possible deadlock in hfs_extend_file (2) 4 1 904d 904d 0/3 auto-obsoleted due to no activity on 2024/01/31 18:25
linux-6.1 possible deadlock in hfs_extend_file 4 7 942d 1128d 0/3 auto-obsoleted due to no activity on 2023/12/24 21:20
upstream possible deadlock in hfs_extend_file hfs 4 46 965d 1209d 0/29 auto-obsoleted due to no activity on 2023/11/06 09:48
linux-6.1 possible deadlock in hfs_extend_file (2) origin:upstream 4 C 225 1d16h 740d 0/3 upstream: reported C repro on 2024/04/04 03:11
upstream possible deadlock in hfs_extend_file (3) hfs 4 C unreliable 5104 7h11m 726d 0/29 upstream: reported C repro on 2024/04/18 14:41
linux-6.6 possible deadlock in hfs_extend_file origin:upstream missing-backport 4 C error 119 5d22h 301d 0/2 upstream: reported C repro on 2025/06/17 13:12
upstream possible deadlock in hfs_extend_file (2) hfs 4 C done done 4 833d 854d 0/29 auto-obsoleted due to no activity on 2024/04/11 05:11
linux-5.15 possible deadlock in hfs_extend_file 4 5 1029d 1093d 0/3 auto-obsoleted due to no activity on 2023/09/28 05:53
Last patch testing requests (1)
Created Duration User Patch Repo Result
2026/04/07 02:24 11m retest repro linux-5.15.y report log

Sample crash report:
loop0: detected capacity change from 0 to 64
======================================================
WARNING: possible circular locking dependency detected
syzkaller #0 Not tainted
------------------------------------------------------
syz.0.17/4345 is trying to acquire lock:
ffff88807aad80f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 fs/hfs/extent.c:397

but task is already holding lock:
ffff88802b3f40b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&tree->tree_lock/1){+.+.}-{3:3}:
       __mutex_lock_common+0x1e3/0x2400 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1
       hfs_ext_read_extent fs/hfs/extent.c:200 [inline]
       hfs_extend_file+0x35d/0x13f0 fs/hfs/extent.c:401
       hfs_bmap_reserve+0x103/0x420 fs/hfs/btree.c:231
       hfs_cat_create+0x204/0x8e0 fs/hfs/catalog.c:104
       hfs_create+0x62/0xd0 fs/hfs/dir.c:202
       lookup_open fs/namei.c:3470 [inline]
       open_last_lookups fs/namei.c:3540 [inline]
       path_openat+0x11db/0x2fa0 fs/namei.c:3747
       do_filp_open+0x1e2/0x410 fs/namei.c:3777
       do_sys_openat2+0x150/0x4b0 fs/open.c:1255
       do_sys_open fs/open.c:1271 [inline]
       __do_sys_open fs/open.c:1279 [inline]
       __se_sys_open fs/open.c:1275 [inline]
       __x64_sys_open+0x11b/0x140 fs/open.c:1275
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain kernel/locking/lockdep.c:3788 [inline]
       __lock_acquire+0x2c42/0x7d10 kernel/locking/lockdep.c:5012
       lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
       __mutex_lock_common+0x1e3/0x2400 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       hfs_extend_file+0xfb/0x13f0 fs/hfs/extent.c:397
       hfs_bmap_reserve+0x103/0x420 fs/hfs/btree.c:231
       __hfs_ext_write_extent+0x1fa/0x470 fs/hfs/extent.c:121
       __hfs_ext_cache_extent+0x6b/0x9b0 fs/hfs/extent.c:174
       hfs_ext_read_extent fs/hfs/extent.c:202 [inline]
       hfs_extend_file+0x39c/0x13f0 fs/hfs/extent.c:401
       hfs_get_block+0x40f/0xc50 fs/hfs/extent.c:353
       __block_write_begin_int+0x565/0x15d0 fs/buffer.c:2012
       __block_write_begin fs/buffer.c:2062 [inline]
       block_write_begin fs/buffer.c:2122 [inline]
       cont_write_begin+0x598/0x7b0 fs/buffer.c:2471
       hfs_write_begin+0x92/0xe0 fs/hfs/inode.c:59
       cont_expand_zero fs/buffer.c:2398 [inline]
       cont_write_begin+0x263/0x7b0 fs/buffer.c:2461
       hfs_write_begin+0x92/0xe0 fs/hfs/inode.c:59
       hfs_file_truncate+0x1c2/0xa10 fs/hfs/extent.c:494
       hfs_inode_setattr+0x4ab/0x6f0 fs/hfs/inode.c:657
       notify_change+0xbcd/0xee0 fs/attr.c:505
       do_truncate+0x1ac/0x240 fs/open.c:65
       vfs_truncate+0x262/0x2f0 fs/open.c:111
       do_sys_truncate+0xf2/0x1c0 fs/open.c:134
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&tree->tree_lock/1);
                               lock(&HFS_I(tree->inode)->extents_lock);
                               lock(&tree->tree_lock/1);
  lock(&HFS_I(tree->inode)->extents_lock);

 *** DEADLOCK ***

4 locks held by syz.0.17/4345:
 #0: ffff88802b3f0460 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 fs/namespace.c:386
 #1: ffff88807aad9628 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff88807aad9628 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: do_truncate+0x198/0x240 fs/open.c:63
 #2: ffff88807aad9478 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 fs/hfs/extent.c:397
 #3: ffff88802b3f40b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1

stack backtrace:
CPU: 0 PID: 4345 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 check_noncircular+0x296/0x330 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain kernel/locking/lockdep.c:3788 [inline]
 __lock_acquire+0x2c42/0x7d10 kernel/locking/lockdep.c:5012
 lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
 __mutex_lock_common+0x1e3/0x2400 kernel/locking/mutex.c:596
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
 hfs_extend_file+0xfb/0x13f0 fs/hfs/extent.c:397
 hfs_bmap_reserve+0x103/0x420 fs/hfs/btree.c:231
 __hfs_ext_write_extent+0x1fa/0x470 fs/hfs/extent.c:121
 __hfs_ext_cache_extent+0x6b/0x9b0 fs/hfs/extent.c:174
 hfs_ext_read_extent fs/hfs/extent.c:202 [inline]
 hfs_extend_file+0x39c/0x13f0 fs/hfs/extent.c:401
 hfs_get_block+0x40f/0xc50 fs/hfs/extent.c:353
 __block_write_begin_int+0x565/0x15d0 fs/buffer.c:2012
 __block_write_begin fs/buffer.c:2062 [inline]
 block_write_begin fs/buffer.c:2122 [inline]
 cont_write_begin+0x598/0x7b0 fs/buffer.c:2471
 hfs_write_begin+0x92/0xe0 fs/hfs/inode.c:59
 cont_expand_zero fs/buffer.c:2398 [inline]
 cont_write_begin+0x263/0x7b0 fs/buffer.c:2461
 hfs_write_begin+0x92/0xe0 fs/hfs/inode.c:59
 hfs_file_truncate+0x1c2/0xa10 fs/hfs/extent.c:494
 hfs_inode_setattr+0x4ab/0x6f0 fs/hfs/inode.c:657
 notify_change+0xbcd/0xee0 fs/attr.c:505
 do_truncate+0x1ac/0x240 fs/open.c:65
 vfs_truncate+0x262/0x2f0 fs/open.c:111
 do_sys_truncate+0xf2/0x1c0 fs/open.c:134
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f25cac83799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f25ca2e5028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
RAX: ffffffffffffffda RBX: 00007f25caefcfa0 RCX: 00007f25cac83799
RDX: 0000000000000000 RSI: 0000000003000000 RDI: 0000200000000900
RBP: 00007f25cad19c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f25caefd038 R14: 00007f25caefcfa0 R15: 00007ffc61ef08d8
 </TASK>

Crashes (210):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/03/23 22:46 linux-5.15.y 91d48252ad4b 4933dba2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/04/13 03:14 linux-5.15.y 91d48252ad4b 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/23 16:21 linux-5.15.y 91d48252ad4b 4933dba2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/11 17:16 linux-5.15.y 91d48252ad4b 2d88ab01 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/11 01:54 linux-5.15.y 91d48252ad4b 86914af9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/07 00:27 linux-5.15.y 91d48252ad4b 5cb44a80 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/07 00:27 linux-5.15.y 91d48252ad4b 5cb44a80 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/06 12:18 linux-5.15.y 91d48252ad4b 41d8037d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/04 23:52 linux-5.15.y 91d48252ad4b a9fe5c9e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/04 14:09 linux-5.15.y 91d48252ad4b e6b6b96b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/03 05:41 linux-5.15.y 3330a8d33e08 28b83e23 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/02 12:46 linux-5.15.y 3330a8d33e08 b9dd6534 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/02 08:09 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/03/02 07:58 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/02/22 04:14 linux-5.15.y 3330a8d33e08 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/02/13 17:39 linux-5.15.y e45d5d41c134 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/02/03 09:48 linux-5.15.y 9eec9a14ee10 6df4c87a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/02/01 20:16 linux-5.15.y 9eec9a14ee10 6b8752f2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/01/14 19:54 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/01/14 16:47 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/01/14 09:54 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2026/01/03 21:19 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/12/31 20:47 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/12/20 09:54 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/12/19 23:39 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/12/13 17:26 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/11/05 08:26 linux-5.15.y cc5ec8769306 a6c9c731 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/11/03 19:23 linux-5.15.y cc5ec8769306 2c50b6a9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/10/22 03:52 linux-5.15.y ac56c046adf4 252fbbad .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/09/26 10:46 linux-5.15.y 43bb85222e53 0abd0691 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/09/10 08:00 linux-5.15.y de9476bb4f1b fdeaa69b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/09/10 08:00 linux-5.15.y de9476bb4f1b fdeaa69b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/09/09 16:21 linux-5.15.y 7a6c2d093c45 d291dd2d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/08/31 12:50 linux-5.15.y 01879f56bdde 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/08/27 17:10 linux-5.15.y c79648372d02 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/08/22 10:00 linux-5.15.y c79648372d02 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/08/08 14:57 linux-5.15.y c79648372d02 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/07/28 22:14 linux-5.15.y c79648372d02 6654ea9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/07/27 09:00 linux-5.15.y c79648372d02 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/07/20 17:34 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/07/16 20:30 linux-5.15.y 89950c454265 44f8051e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/06/14 16:58 linux-5.15.y 1c700860e8bc 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/06/03 21:57 linux-5.15.y 98f47d0e9b8c a30356b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2024/03/13 05:10 linux-5.15.y 574362648507 db5b7ff0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in hfs_extend_file
2025/08/05 10:16 linux-5.15.y c79648372d02 37880f40 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in hfs_extend_file
2025/07/22 19:54 linux-5.15.y c79648372d02 8e9d1dc1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in hfs_extend_file
2025/07/19 00:55 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in hfs_extend_file
2025/06/18 14:25 linux-5.15.y 1c700860e8bc ed3e87f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in hfs_extend_file
2025/06/18 00:25 linux-5.15.y 1c700860e8bc e77fae15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in hfs_extend_file
* Struck through repros no longer work on HEAD.