[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.162' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   38.896658] 
[   38.898419] ======================================================
[   38.904907] WARNING: possible circular locking dependency detected
[   38.911202] 4.19.211-syzkaller #0 Not tainted
[   38.915669] ------------------------------------------------------
[   38.921970] syz-executor234/8099 is trying to acquire lock:
[   38.927743] 00000000555464bb (&HFSPLUS_I(inode)->extents_lock){+.+.}, at: hfsplus_file_extend+0x1bb/0xf40
[   38.937435] 
[   38.937435] but task is already holding lock:
[   38.943381] 00000000080a29cf (&tree->tree_lock){+.+.}, at: hfsplus_find_init+0x1b7/0x220
[   38.951592] 
[   38.951592] which lock already depends on the new lock.
[   38.951592] 
[   38.959881] 
[   38.959881] the existing dependency chain (in reverse order) is:
[   38.967575] 
[   38.967575] -> #1 (&tree->tree_lock){+.+.}:
[   38.973372]        hfsplus_file_truncate+0xde7/0x1040
[   38.978537]        hfsplus_setattr+0x1e7/0x310
[   38.983096]        notify_change+0x70b/0xfc0
[   38.987481]        do_truncate+0x134/0x1f0
[   38.991780]        path_openat+0x2308/0x2df0
[   38.996181]        do_filp_open+0x18c/0x3f0
[   39.000477]        do_sys_open+0x3b3/0x520
[   39.004688]        do_syscall_64+0xf9/0x620
[   39.008983]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.014755] 
[   39.014755] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}:
[   39.021841]        __mutex_lock+0xd7/0x1190
[   39.026143]        hfsplus_file_extend+0x1bb/0xf40
[   39.031051]        hfsplus_bmap_reserve+0x298/0x440
[   39.036043]        hfsplus_rename_cat+0x272/0x1490
[   39.040945]        hfsplus_rename+0x119/0x200
[   39.045518]        vfs_rename+0x67e/0x1bc0
[   39.049746]        do_renameat2+0xb59/0xc70
[   39.054041]        __x64_sys_renameat2+0xba/0x150
[   39.058978]        do_syscall_64+0xf9/0x620
[   39.063279]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.069133] 
[   39.069133] other info that might help us debug this:
[   39.069133] 
[   39.077250]  Possible unsafe locking scenario:
[   39.077250] 
[   39.083287]        CPU0                    CPU1
[   39.087926]        ----                    ----
[   39.092570]   lock(&tree->tree_lock);
[   39.096353]                                lock(&HFSPLUS_I(inode)->extents_lock);
[   39.103956]                                lock(&tree->tree_lock);
[   39.110274]   lock(&HFSPLUS_I(inode)->extents_lock);
[   39.115353] 
[   39.115353]  *** DEADLOCK ***
[   39.115353] 
[   39.121391] 7 locks held by syz-executor234/8099:
[   39.126204]  #0: 00000000769a8d35 (sb_writers#11){.+.+}, at: mnt_want_write+0x3a/0xb0
[   39.134168]  #1: 000000003e83cdad (&type->s_vfs_rename_key){+.+.}, at: lock_rename+0x54/0x280
[   39.142994]  #2: 00000000a23554ee (&type->i_mutex_dir_key#7/1){+.+.}, at: lock_rename+0xa0/0x280
[   39.151988]  #3: 000000000b866afa (&sb->s_type->i_mutex_key#17/2){+.+.}, at: lock_rename+0xd4/0x280
[   39.161162]  #4: 00000000e1d3d9d7 (&sb->s_type->i_mutex_key#17){+.+.}, at: lock_two_nondirectories+0xec/0x110
[   39.171200]  #5: 00000000f8e11bf9 (&sb->s_type->i_mutex_key#17/4){+.+.}, at: lock_two_nondirectories+0xd1/0x110
[   39.181504]  #6: 00000000080a29cf (&tree->tree_lock){+.+.}, at: hfsplus_find_init+0x1b7/0x220
[   39.190166] 
[   39.190166] stack backtrace:
[   39.194653] CPU: 0 PID: 8099 Comm: syz-executor234 Not tainted 4.19.211-syzkaller #0
[   39.202593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   39.211921] Call Trace:
[   39.214496]  dump_stack+0x1fc/0x2ef
[   39.218108]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   39.223882]  __lock_acquire+0x30c9/0x3ff0
[   39.228007]  ? mark_held_locks+0xf0/0xf0
[   39.232046]  ? mark_held_locks+0xf0/0xf0
[   39.236081]  ? is_bpf_text_address+0xd5/0x1b0
[   39.240556]  ? __bfs.part.0+0x1ce/0x450
[   39.244509]  ? check_preemption_disabled+0x41/0x280
[   39.249501]  ? __lock_acquire+0x22f9/0x3ff0
[   39.253800]  lock_acquire+0x170/0x3c0
[   39.257626]  ? hfsplus_file_extend+0x1bb/0xf40
[   39.262187]  ? hfsplus_file_extend+0x1bb/0xf40
[   39.266747]  __mutex_lock+0xd7/0x1190
[   39.270525]  ? hfsplus_file_extend+0x1bb/0xf40
[   39.275085]  ? kasan_kmalloc+0x139/0x160
[   39.279141]  ? hfsplus_file_extend+0x1bb/0xf40
[   39.283796]  ? mutex_trylock+0x1a0/0x1a0
[   39.287836]  ? hfsplus_rename_cat+0x13f/0x1490
[   39.292430]  ? hfsplus_rename+0x119/0x200
[   39.296648]  ? do_renameat2+0xb59/0xc70
[   39.300596]  ? __x64_sys_renameat2+0xba/0x150
[   39.305077]  ? do_syscall_64+0xf9/0x620
[   39.309028]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.314392]  ? lock_downgrade+0x720/0x720
[   39.318523]  ? lock_acquire+0x170/0x3c0
[   39.322667]  ? hfsplus_find_init+0x1b7/0x220
[   39.327074]  hfsplus_file_extend+0x1bb/0xf40
[   39.331466]  ? hfsplus_free_fork+0x7e0/0x7e0
[   39.335852]  ? mutex_trylock+0x1a0/0x1a0
[   39.339892]  ? check_preemption_disabled+0x41/0x280
[   39.344886]  hfsplus_bmap_reserve+0x298/0x440
[   39.349360]  hfsplus_rename_cat+0x272/0x1490
[   39.353765]  ? hfsplus_delete_cat+0xe30/0xe30
[   39.358250]  ? vsnprintf+0x2cc/0x14f0
[   39.362036]  ? hfsplus_unlink+0x341/0x820
[   39.366176]  ? lock_downgrade+0x720/0x720
[   39.370306]  ? hfsplus_unlink+0x140/0x820
[   39.374519]  ? __mutex_unlock_slowpath+0xea/0x610
[   39.379339]  ? wait_for_completion_io+0x10/0x10
[   39.383989]  ? hfsplus_unlink+0x346/0x820
[   39.388114]  ? hfsplus_symlink+0x2e0/0x2e0
[   39.392329]  ? lock_acquire+0x170/0x3c0
[   39.396282]  ? lock_two_nondirectories+0xd1/0x110
[   39.401103]  hfsplus_rename+0x119/0x200
[   39.405063]  ? down_write_nested+0x36/0x90
[   39.409280]  ? lock_two_nondirectories+0xd1/0x110
[   39.414103]  vfs_rename+0x67e/0x1bc0
[   39.417885]  ? path_openat+0x2df0/0x2df0
[   39.421941]  ? security_path_rename+0x1ed/0x2e0
[   39.426587]  do_renameat2+0xb59/0xc70
[   39.430403]  ? do_mknodat.part.0+0x480/0x480
[   39.434797]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   39.439808]  ? do_sys_open+0x2bf/0x520
[   39.443688]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   39.449033]  __x64_sys_renameat2+0xba/0x150
[   39.453378]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[   39.457950]  do_syscall_64+0xf9/0x620
[   39.461775]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.467218] RIP: 0033:0x7f597a74aa19
[   39.471054] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   39.490114] RSP: 002b:00007ffe754e9738 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   39.497802] RA