./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2868859107

<...>
Warning: Permanently added '10.128.0.212' (ED25519) to the list of known hosts.
execve("./syz-executor2868859107", ["./syz-executor2868859107"], 0x7ffd2cd39f90 /* 10 vars */) = 0
brk(NULL)                               = 0x555577d24000
brk(0x555577d24d00)                     = 0x555577d24d00
arch_prctl(ARCH_SET_FS, 0x555577d24380) = 0
set_tid_address(0x555577d24650)         = 5069
set_robust_list(0x555577d24660, 24)     = 0
rseq(0x555577d24ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2868859107", 4096) = 28
getrandom("\x48\xf9\x7e\xae\xc0\xcf\x87\x2a", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555577d24d00
brk(0x555577d45d00)                     = 0x555577d45d00
brk(0x555577d46000)                     = 0x555577d46000
mprotect(0x7fe133ca1000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe12b600000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
munmap(0x7fe12b600000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
close(4)                                = 0
mkdir("./file1", 0777)                  = 0
mount("/dev/loop0", "./file1", "hfsplus", MS_NOATIME|MS_SILENT|MS_STRICTATIME, "") = 0
openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[   73.777609][ T5069] loop0: detected capacity change from 0 to 1024
chdir("./file1")                        = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = -1 EBUSY (Device or resource busy)
creat("./file1", 000)                   = 4
open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 5
creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 6
[   73.862155][   T28] audit: type=1800 audit(1713110370.473:2): pid=5069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor286" name="bus" dev="loop0" ino=25 res=0 errno=0
[   73.890240][ T5069] 
[   73.892580][ T5069] ======================================================
[   73.899597][ T5069] WARNING: possible circular locking dependency detected
[   73.906600][ T5069] 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted
[   73.913258][ T5069] ------------------------------------------------------
[   73.920347][ T5069] syz-executor286/5069 is trying to acquire lock:
[   73.926760][ T5069] ffff8880297207c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x21b/0x1b70
[   73.937837][ T5069] 
[   73.937837][ T5069] but task is already holding lock:
[   73.945189][ T5069] ffff888021db60b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x14a/0x1c0
[   73.954677][ T5069] 
[   73.954677][ T5069] which lock already depends on the new lock.
[   73.954677][ T5069] 
[   73.965064][ T5069] 
[   73.965064][ T5069] the existing dependency chain (in reverse order) is:
[   73.974060][ T5069] 
[   73.974060][ T5069] -> #1 (&tree->tree_lock){+.+.}-{3:3}:
[   73.981786][ T5069]        lock_acquire+0x1e4/0x530
[   73.986804][ T5069]        __mutex_lock+0x136/0xd70
[   73.991846][ T5069]        hfsplus_file_truncate+0x811/0xb50
[   73.997645][ T5069]        hfsplus_setattr+0x1ce/0x280
[   74.002918][ T5069]        notify_change+0xb9f/0xe70
[   74.008024][ T5069]        do_truncate+0x220/0x310
[   74.012968][ T5069]        path_openat+0x29fe/0x3240
[   74.018073][ T5069]        do_filp_open+0x235/0x490
[   74.023090][ T5069]        do_sys_openat2+0x13e/0x1d0
[   74.028278][ T5069]        __x64_sys_creat+0x123/0x170
[   74.033549][ T5069]        do_syscall_64+0xfd/0x240
[   74.038561][ T5069]        entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   74.044970][ T5069] 
[   74.044970][ T5069] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}:
[   74.054521][ T5069]        validate_chain+0x18cb/0x58e0
[   74.059907][ T5069]        __lock_acquire+0x1346/0x1fd0
[   74.065268][ T5069]        lock_acquire+0x1e4/0x530
[   74.070280][ T5069]        __mutex_lock+0x136/0xd70
[   74.075295][ T5069]        hfsplus_file_extend+0x21b/0x1b70
[   74.081007][ T5069]        hfsplus_bmap_reserve+0x105/0x4e0
[   74.086721][ T5069]        hfsplus_rename_cat+0x1d0/0x1050
[   74.092374][ T5069]        hfsplus_rename+0x12e/0x1c0
[   74.097585][ T5069]        vfs_rename+0xbdd/0xf00
[   74.102459][ T5069]        do_renameat2+0xd94/0x13f0
[   74.107573][ T5069]        __x64_sys_rename+0x86/0xa0
[   74.112773][ T5069]        do_syscall_64+0xfd/0x240
[   74.117787][ T5069]        entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   74.124200][ T5069] 
[   74.124200][ T5069] other info that might help us debug this:
[   74.124200][ T5069] 
[   74.134421][ T5069]  Possible unsafe locking scenario:
[   74.134421][ T5069] 
[   74.141856][ T5069]        CPU0                    CPU1
[   74.147210][ T5069]        ----                    ----
[   74.152562][ T5069]   lock(&tree->tree_lock);
[   74.157062][ T5069]                                lock(&HFSPLUS_I(inode)->extents_lock);
[   74.165387][ T5069]                                lock(&tree->tree_lock);
[   74.172420][ T5069]   lock(&HFSPLUS_I(inode)->extents_lock);
[   74.178240][ T5069] 
[   74.178240][ T5069]  *** DEADLOCK ***
[   74.178240][ T5069] 
[   74.186373][ T5069] 5 locks held by syz-executor286/5069:
[   74.191901][ T5069]  #0: ffff888021db2420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[   74.201051][ T5069]  #1: ffff888029721e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_renameat2+0x62c/0x13f0
[   74.211536][ T5069]  #2: ffff888022408300 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: lock_two_nondirectories+0xe1/0x170
[   74.222872][ T5069]  #3: ffff888022409080 (&sb->s_type->i_mutex_key#15/4){+.+.}-{3:3}, at: vfs_rename+0x6a2/0xf00
[   74.233346][ T5069]  #4: ffff888021db60b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x14a/0x1c0
[   74.243272][ T5069] 
[   74.243272][ T5069] stack backtrace:
[   74.249159][ T5069] CPU: 1 PID: 5069 Comm: syz-executor286 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0
[   74.259209][ T5069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   74.269252][ T5069] Call Trace:
[   74.272526][ T5069]  <TASK>
[   74.275447][ T5069]  dump_stack_lvl+0x241/0x360
[   74.280133][ T5069]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.285337][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.290186][ T5069]  ? print_circular_bug+0x130/0x1a0
[   74.295382][ T5069]  check_noncircular+0x36a/0x4a0
[   74.300332][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.305179][ T5069]  ? __read_once_word_nocheck+0x9/0x20
[   74.310643][ T5069]  ? __pfx_check_noncircular+0x10/0x10
[   74.316098][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.320941][ T5069]  ? lockdep_lock+0x123/0x2b0
[   74.325621][ T5069]  ? is_bpf_text_address+0x28d/0x2b0
[   74.330904][ T5069]  ? is_bpf_text_address+0x26/0x2b0
[   74.336101][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.340947][ T5069]  ? _find_first_zero_bit+0xd4/0x100
[   74.346242][ T5069]  validate_chain+0x18cb/0x58e0
[   74.351102][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.355951][ T5069]  ? check_noncircular+0x259/0x4a0
[   74.361057][ T5069]  ? __pfx_validate_chain+0x10/0x10
[   74.366256][ T5069]  ? __pfx_check_noncircular+0x10/0x10
[   74.371718][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.376567][ T5069]  ? lockdep_unlock+0x16a/0x300
[   74.381433][ T5069]  ? __pfx_lockdep_unlock+0x10/0x10
[   74.386636][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.391479][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.396326][ T5069]  ? look_up_lock_class+0x77/0x160
[   74.401441][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.406285][ T5069]  ? register_lock_class+0x102/0x980
[   74.411567][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.416415][ T5069]  ? validate_chain+0x15a2/0x58e0
[   74.421438][ T5069]  ? __pfx_register_lock_class+0x10/0x10
[   74.427064][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.431908][ T5069]  ? mark_lock+0x9a/0x350
[   74.436232][ T5069]  __lock_acquire+0x1346/0x1fd0
[   74.441084][ T5069]  lock_acquire+0x1e4/0x530
[   74.445577][ T5069]  ? hfsplus_file_extend+0x21b/0x1b70
[   74.450946][ T5069]  ? __pfx_lock_acquire+0x10/0x10
[   74.455962][ T5069]  ? __pfx___might_resched+0x10/0x10
[   74.461245][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.466095][ T5069]  __mutex_lock+0x136/0xd70
[   74.470592][ T5069]  ? hfsplus_file_extend+0x21b/0x1b70
[   74.475960][ T5069]  ? hfsplus_file_extend+0x21b/0x1b70
[   74.481330][ T5069]  ? __pfx___mutex_lock+0x10/0x10
[   74.486350][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.491199][ T5069]  hfsplus_file_extend+0x21b/0x1b70
[   74.496395][ T5069]  ? __pfx_hfsplus_file_extend+0x10/0x10
[   74.502017][ T5069]  ? rcu_is_watching+0x15/0xb0
[   74.506772][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.511615][ T5069]  ? trace_contention_end+0x3c/0x100
[   74.516895][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.521740][ T5069]  ? __mutex_lock+0x2ef/0xd70
[   74.526415][ T5069]  ? hfsplus_find_init+0x14a/0x1c0
[   74.531526][ T5069]  ? __pfx___mutex_lock+0x10/0x10
[   74.536544][ T5069]  ? rcu_is_watching+0x15/0xb0
[   74.541302][ T5069]  hfsplus_bmap_reserve+0x105/0x4e0
[   74.546507][ T5069]  hfsplus_rename_cat+0x1d0/0x1050
[   74.551622][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.556464][ T5069]  ? reacquire_held_locks+0x3eb/0x690
[   74.561830][ T5069]  ? __mark_inode_dirty+0x4de/0xdb0
[   74.567028][ T5069]  ? __pfx_hfsplus_rename_cat+0x10/0x10
[   74.572570][ T5069]  ? __pfx_reacquire_held_locks+0x10/0x10
[   74.578331][ T5069]  ? __pfx_hfsplus_unlink+0x10/0x10
[   74.583528][ T5069]  ? __pfx___down_write_common+0x10/0x10
[   74.589159][ T5069]  ? __pfx___down_write_common+0x10/0x10
[   74.594967][ T5069]  hfsplus_rename+0x12e/0x1c0
[   74.599636][ T5069]  ? __pfx_hfsplus_rename+0x10/0x10
[   74.604831][ T5069]  vfs_rename+0xbdd/0xf00
[   74.609189][ T5069]  ? __pfx_vfs_rename+0x10/0x10
[   74.614043][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.618902][ T5069]  ? security_path_rename+0x18b/0x220
[   74.624271][ T5069]  do_renameat2+0xd94/0x13f0
[   74.628864][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.633737][ T5069]  ? __pfx_do_renameat2+0x10/0x10
[   74.638774][ T5069]  ? __virt_addr_valid+0x183/0x520
[   74.643899][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.648744][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.653598][ T5069]  ? __check_object_size+0x4bc/0xa00
[   74.658877][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.663724][ T5069]  ? srso_return_thunk+0x5/0x5f
[   74.668590][ T5069]  ? getname_flags+0x1fe/0x4f0
[   74.673365][ T5069]  __x64_sys_rename+0x86/0xa0
[   74.678047][ T5069]  do_syscall_64+0xfd/0x240
[   74.682557][ T5069]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   74.688471][ T5069] RIP: 0033:0x7fe133c2e6f9
[   74.692881][ T5069] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
rename("./bus", "./file2")              = -1 ENOENT (No such file or directory)
exit_group(0)                           = ?
+++ exited with 0 +++
[   74.712488][ T5069] RSP: 002b:00007ffe