Warning: Permanently added '10.128.1.65' (ED25519) to the list of known hosts. executing program [ 50.810058][ T3542] loop0: detected capacity change from 0 to 1024 [ 50.837761][ T27] audit: type=1800 audit(1703746618.630:2): pid=3542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor680" name="bus" dev="loop0" ino=25 res=0 errno=0 [ 50.856354][ T3542] [ 50.860583][ T3542] ====================================================== [ 50.867585][ T3542] WARNING: possible circular locking dependency detected [ 50.874578][ T3542] 6.1.69-syzkaller #0 Not tainted [ 50.879580][ T3542] ------------------------------------------------------ [ 50.886573][ T3542] syz-executor680/3542 is trying to acquire lock: [ 50.892963][ T3542] ffff88807d2487c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x1d2/0x1b10 [ 50.904006][ T3542] [ 50.904006][ T3542] but task is already holding lock: [ 50.911346][ T3542] ffff8880772900b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x146/0x1c0 [ 50.920808][ T3542] [ 50.920808][ T3542] which lock already depends on the new lock. [ 50.920808][ T3542] [ 50.931189][ T3542] [ 50.931189][ T3542] the existing dependency chain (in reverse order) is: [ 50.940177][ T3542] [ 50.940177][ T3542] -> #1 (&tree->tree_lock){+.+.}-{3:3}: [ 50.947890][ T3542] lock_acquire+0x1f8/0x5a0 [ 50.952902][ T3542] __mutex_lock+0x132/0xd80 [ 50.957918][ T3542] hfsplus_file_truncate+0x80d/0xb40 [ 50.963707][ T3542] hfsplus_setattr+0x1b9/0x280 [ 50.968976][ T3542] notify_change+0xce3/0xfc0 [ 50.974074][ T3542] do_truncate+0x21c/0x300 [ 50.978994][ T3542] path_openat+0x27e2/0x2e60 [ 50.984090][ T3542] do_filp_open+0x230/0x480 [ 50.989095][ T3542] do_sys_openat2+0x13b/0x500 [ 50.994280][ T3542] __x64_sys_creat+0x11f/0x160 [ 50.999550][ T3542] do_syscall_64+0x3d/0xb0 [ 51.004473][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.010870][ T3542] [ 51.010870][ T3542] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 51.019882][ T3542] validate_chain+0x1661/0x5950 [ 51.025241][ T3542] __lock_acquire+0x125b/0x1f80 [ 51.030598][ T3542] lock_acquire+0x1f8/0x5a0 [ 51.035605][ T3542] __mutex_lock+0x132/0xd80 [ 51.040614][ T3542] hfsplus_file_extend+0x1d2/0x1b10 [ 51.046317][ T3542] hfsplus_bmap_reserve+0x101/0x4e0 [ 51.052020][ T3542] hfsplus_rename_cat+0x1cf/0x1090 [ 51.057633][ T3542] hfsplus_rename+0x12a/0x1b0 [ 51.062814][ T3542] vfs_rename+0xbfc/0xf90 [ 51.067646][ T3542] do_renameat2+0xcbd/0x1300 [ 51.072741][ T3542] __x64_sys_rename+0x82/0x90 [ 51.077922][ T3542] do_syscall_64+0x3d/0xb0 [ 51.082843][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.089242][ T3542] [ 51.089242][ T3542] other info that might help us debug this: [ 51.089242][ T3542] [ 51.099448][ T3542] Possible unsafe locking scenario: [ 51.099448][ T3542] [ 51.106877][ T3542] CPU0 CPU1 [ 51.112221][ T3542] ---- ---- [ 51.117578][ T3542] lock(&tree->tree_lock); [ 51.122071][ T3542] lock(&HFSPLUS_I(inode)->extents_lock); [ 51.130377][ T3542] lock(&tree->tree_lock); [ 51.137396][ T3542] lock(&HFSPLUS_I(inode)->extents_lock); [ 51.143201][ T3542] [ 51.143201][ T3542] *** DEADLOCK *** [ 51.143201][ T3542] [ 51.151325][ T3542] 5 locks held by syz-executor680/3542: [ 51.156850][ T3542] #0: ffff88807d194460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 51.165974][ T3542] #1: ffff88807d249e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: lock_rename+0xf6/0x1c0 [ 51.176149][ T3542] #2: ffff88807cda09c0 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: lock_two_inodes+0xfc/0x180 [ 51.186758][ T3542] #3: ffff88807d24ab80 (&sb->s_type->i_mutex_key#15/4){+.+.}-{3:3}, at: vfs_rename+0x749/0xf90 [ 51.197204][ T3542] #4: ffff8880772900b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x146/0x1c0 [ 51.207110][ T3542] [ 51.207110][ T3542] stack backtrace: [ 51.212976][ T3542] CPU: 1 PID: 3542 Comm: syz-executor680 Not tainted 6.1.69-syzkaller #0 [ 51.221367][ T3542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 51.231403][ T3542] Call Trace: [ 51.234668][ T3542] [ 51.237583][ T3542] dump_stack_lvl+0x1e3/0x2cb [ 51.242250][ T3542] ? nf_tcp_handle_invalid+0x642/0x642 [ 51.247698][ T3542] ? print_circular_bug+0x12b/0x1a0 [ 51.252887][ T3542] check_noncircular+0x2fa/0x3b0 [ 51.257815][ T3542] ? add_chain_block+0x850/0x850 [ 51.262742][ T3542] ? lockdep_lock+0x11f/0x2a0 [ 51.267406][ T3542] ? is_bpf_text_address+0x22/0x2a0 [ 51.272587][ T3542] ? is_bpf_text_address+0x289/0x2a0 [ 51.277855][ T3542] ? is_bpf_text_address+0x22/0x2a0 [ 51.283038][ T3542] ? stack_trace_save+0x1c0/0x1c0 [ 51.288051][ T3542] ? _find_first_zero_bit+0xd0/0x100 [ 51.293324][ T3542] validate_chain+0x1661/0x5950 [ 51.298170][ T3542] ? stack_trace_save+0x113/0x1c0 [ 51.303185][ T3542] ? check_noncircular+0x1e3/0x3b0 [ 51.308288][ T3542] ? reacquire_held_locks+0x660/0x660 [ 51.313655][ T3542] ? add_chain_block+0x850/0x850 [ 51.318585][ T3542] ? lockdep_unlock+0x165/0x300 [ 51.323425][ T3542] ? look_up_lock_class+0x77/0x140 [ 51.328521][ T3542] ? register_lock_class+0x100/0x990 [ 51.333793][ T3542] ? add_lock_to_list+0x1de/0x2e0 [ 51.338809][ T3542] ? is_dynamic_key+0x260/0x260 [ 51.343651][ T3542] ? validate_chain+0x13ce/0x5950 [ 51.348667][ T3542] ? mark_lock+0x9a/0x340 [ 51.352987][ T3542] __lock_acquire+0x125b/0x1f80 [ 51.357829][ T3542] lock_acquire+0x1f8/0x5a0 [ 51.362320][ T3542] ? hfsplus_file_extend+0x1d2/0x1b10 [ 51.367681][ T3542] ? read_lock_is_recursive+0x10/0x10 [ 51.373055][ T3542] ? __might_sleep+0xb0/0xb0 [ 51.377636][ T3542] ? print_irqtrace_events+0x210/0x210 [ 51.383099][ T3542] ? mark_lock+0x9a/0x340 [ 51.387446][ T3542] __mutex_lock+0x132/0xd80 [ 51.391940][ T3542] ? hfsplus_file_extend+0x1d2/0x1b10 [ 51.397300][ T3542] ? hfsplus_file_extend+0x1d2/0x1b10 [ 51.402656][ T3542] ? mutex_lock_nested+0x10/0x10 [ 51.407588][ T3542] hfsplus_file_extend+0x1d2/0x1b10 [ 51.412772][ T3542] ? __might_sleep+0xb0/0xb0 [ 51.417349][ T3542] ? trace_raw_output_contention_end+0xd0/0xd0 [ 51.423492][ T3542] ? hfsplus_get_block+0x14e0/0x14e0 [ 51.428766][ T3542] ? trace_contention_end+0x61/0x170 [ 51.434039][ T3542] ? __mutex_lock+0x2f7/0xd80 [ 51.438706][ T3542] ? hfsplus_find_init+0x146/0x1c0 [ 51.443806][ T3542] ? mutex_lock_nested+0x10/0x10 [ 51.448736][ T3542] hfsplus_bmap_reserve+0x101/0x4e0 [ 51.453937][ T3542] hfsplus_rename_cat+0x1cf/0x1090 [ 51.459043][ T3542] ? reacquire_held_locks+0x3a4/0x660 [ 51.464402][ T3542] ? __mark_inode_dirty+0x526/0xf80 [ 51.469589][ T3542] ? hfsplus_subfolders_dec+0x110/0x110 [ 51.475143][ T3542] ? hfsplus_link+0x840/0x840 [ 51.479891][ T3542] ? rwsem_write_trylock+0x166/0x210 [ 51.485168][ T3542] ? clear_nonspinnable+0x60/0x60 [ 51.490179][ T3542] hfsplus_rename+0x12a/0x1b0 [ 51.494841][ T3542] ? hfsplus_mknod+0x2a0/0x2a0 [ 51.499589][ T3542] vfs_rename+0xbfc/0xf90 [ 51.503908][ T3542] ? __ia32_sys_link+0x90/0x90 [ 51.508659][ T3542] ? security_path_rename+0x17f/0x210 [ 51.514020][ T3542] do_renameat2+0xcbd/0x1300 [ 51.518601][ T3542] ? fsnotify_move+0x4f0/0x4f0 [ 51.523353][ T3542] ? __virt_addr_valid+0x22b/0x2e0 [ 51.528451][ T3542] ? __phys_addr_symbol+0x2b/0x70 [ 51.533464][ T3542] ? strncpy_from_user+0x1f9/0x360 [ 51.538559][ T3542] ? getname_flags+0x1f9/0x4f0 [ 51.543305][ T3542] ? lockdep_hardirqs_on+0x94/0x130 [ 51.548491][ T3542] __x64_sys_rename+0x82/0x90 [ 51.553161][ T3542] do_syscall_64+0x3d/0xb0 [ 51.557565][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.563445][ T3542] RIP: 0033:0x7f350e0b36f9 [ 51.567841][ T3542] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.587430][ T3542] RSP: 002b:00007ffe68b2a4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 51.595837][ T3542] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f350e0b36f9 [ 51.603799][ T3542] RDX: 00007f350e0b36f9 RSI: 0000000020000300 RDI: 0000000020000b00 [ 51.611756][ T3542]