Warning: Permanently added '10.128.0.170' (ED25519) to the list of known hosts. executing program [ 39.614912][ T3500] loop0: detected capacity change from 0 to 1024 [ 39.639426][ T25] audit: type=1800 audit(1704287360.854:2): pid=3500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor405" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 39.642075][ T3500] [ 39.661437][ T3500] ====================================================== [ 39.668453][ T3500] WARNING: possible circular locking dependency detected [ 39.675469][ T3500] 5.15.145-syzkaller #0 Not tainted [ 39.680644][ T3500] ------------------------------------------------------ [ 39.687633][ T3500] syz-executor405/3500 is trying to acquire lock: [ 39.694159][ T3500] ffff8880169b07c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x1d2/0x1b10 [ 39.705211][ T3500] [ 39.705211][ T3500] but task is already holding lock: [ 39.712585][ T3500] ffff8880784080b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x146/0x1c0 [ 39.722030][ T3500] [ 39.722030][ T3500] which lock already depends on the new lock. [ 39.722030][ T3500] [ 39.732403][ T3500] [ 39.732403][ T3500] the existing dependency chain (in reverse order) is: [ 39.741385][ T3500] [ 39.741385][ T3500] -> #1 (&tree->tree_lock){+.+.}-{3:3}: [ 39.749104][ T3500] lock_acquire+0x1db/0x4f0 [ 39.754102][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 39.759795][ T3500] mutex_lock_nested+0x17/0x20 [ 39.765065][ T3500] hfsplus_file_truncate+0x864/0xb80 [ 39.770846][ T3500] hfsplus_setattr+0x1b9/0x280 [ 39.776103][ T3500] notify_change+0xc6d/0xf50 [ 39.781185][ T3500] do_truncate+0x21c/0x300 [ 39.786095][ T3500] path_openat+0x28a0/0x2f20 [ 39.791179][ T3500] do_filp_open+0x21c/0x460 [ 39.796174][ T3500] do_sys_openat2+0x13b/0x500 [ 39.801354][ T3500] __x64_sys_openat2+0x23f/0x290 [ 39.806784][ T3500] do_syscall_64+0x3d/0xb0 [ 39.811789][ T3500] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.818178][ T3500] [ 39.818178][ T3500] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 39.827193][ T3500] validate_chain+0x1649/0x5930 [ 39.832550][ T3500] __lock_acquire+0x1295/0x1ff0 [ 39.837894][ T3500] lock_acquire+0x1db/0x4f0 [ 39.842887][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 39.848579][ T3500] mutex_lock_nested+0x17/0x20 [ 39.853839][ T3500] hfsplus_file_extend+0x1d2/0x1b10 [ 39.859531][ T3500] hfsplus_bmap_reserve+0x101/0x4e0 [ 39.865219][ T3500] hfsplus_rename_cat+0x1cf/0x1090 [ 39.870821][ T3500] hfsplus_rename+0x12a/0x1b0 [ 39.875999][ T3500] vfs_rename+0xbfc/0xf90 [ 39.880821][ T3500] do_renameat2+0xd74/0x1660 [ 39.885904][ T3500] __x64_sys_renameat2+0xce/0xe0 [ 39.891334][ T3500] do_syscall_64+0x3d/0xb0 [ 39.896243][ T3500] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.902629][ T3500] [ 39.902629][ T3500] other info that might help us debug this: [ 39.902629][ T3500] [ 39.912829][ T3500] Possible unsafe locking scenario: [ 39.912829][ T3500] [ 39.920252][ T3500] CPU0 CPU1 [ 39.925587][ T3500] ---- ---- [ 39.930925][ T3500] lock(&tree->tree_lock); [ 39.935401][ T3500] lock(&HFSPLUS_I(inode)->extents_lock); [ 39.943717][ T3500] lock(&tree->tree_lock); [ 39.950711][ T3500] lock(&HFSPLUS_I(inode)->extents_lock); [ 39.956499][ T3500] [ 39.956499][ T3500] *** DEADLOCK *** [ 39.956499][ T3500] [ 39.964628][ T3500] 4 locks held by syz-executor405/3500: [ 39.970140][ T3500] #0: ffff88807a974460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 39.979244][ T3500] #1: ffff8880169b1e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_renameat2+0x611/0x1660 [ 39.989650][ T3500] #2: ffff8880169b24c0 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lock_two_inodes+0xfc/0x180 [ 40.000053][ T3500] #3: ffff8880784080b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x146/0x1c0 [ 40.009934][ T3500] [ 40.009934][ T3500] stack backtrace: [ 40.015814][ T3500] CPU: 0 PID: 3500 Comm: syz-executor405 Not tainted 5.15.145-syzkaller #0 [ 40.024368][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 40.034393][ T3500] Call Trace: [ 40.037650][ T3500] [ 40.040555][ T3500] dump_stack_lvl+0x1e3/0x2cb [ 40.045208][ T3500] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 40.050829][ T3500] ? print_circular_bug+0x12b/0x1a0 [ 40.055999][ T3500] check_noncircular+0x2f8/0x3b0 [ 40.060911][ T3500] ? add_chain_block+0x850/0x850 [ 40.065819][ T3500] ? lockdep_lock+0x11f/0x2a0 [ 40.070469][ T3500] validate_chain+0x1649/0x5930 [ 40.075298][ T3500] ? reacquire_held_locks+0x660/0x660 [ 40.080641][ T3500] ? check_noncircular+0x1e1/0x3b0 [ 40.085752][ T3500] ? add_chain_block+0x850/0x850 [ 40.090659][ T3500] ? look_up_lock_class+0x77/0x120 [ 40.095744][ T3500] ? register_lock_class+0x100/0x9a0 [ 40.101004][ T3500] ? is_dynamic_key+0x1f0/0x1f0 [ 40.105831][ T3500] ? mark_lock+0x98/0x340 [ 40.110131][ T3500] __lock_acquire+0x1295/0x1ff0 [ 40.114957][ T3500] lock_acquire+0x1db/0x4f0 [ 40.119429][ T3500] ? hfsplus_file_extend+0x1d2/0x1b10 [ 40.124787][ T3500] ? read_lock_is_recursive+0x10/0x10 [ 40.130137][ T3500] ? __might_sleep+0xc0/0xc0 [ 40.134713][ T3500] ? print_irqtrace_events+0x210/0x210 [ 40.140152][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 40.145336][ T3500] ? hfsplus_file_extend+0x1d2/0x1b10 [ 40.150689][ T3500] ? hfsplus_file_extend+0x1d2/0x1b10 [ 40.156038][ T3500] ? mutex_lock_io_nested+0x60/0x60 [ 40.161210][ T3500] ? read_lock_is_recursive+0x10/0x10 [ 40.166556][ T3500] mutex_lock_nested+0x17/0x20 [ 40.171291][ T3500] hfsplus_file_extend+0x1d2/0x1b10 [ 40.176465][ T3500] ? hfsplus_get_block+0x14e0/0x14e0 [ 40.181723][ T3500] ? __mutex_lock_common+0x444/0x25a0 [ 40.187069][ T3500] ? hfsplus_find_init+0x146/0x1c0 [ 40.192161][ T3500] ? mutex_lock_io_nested+0x60/0x60 [ 40.197357][ T3500] hfsplus_bmap_reserve+0x101/0x4e0 [ 40.202566][ T3500] hfsplus_rename_cat+0x1cf/0x1090 [ 40.207664][ T3500] ? hfsplus_subfolders_dec+0x110/0x110 [ 40.213184][ T3500] ? lockdep_unlock+0x166/0x300 [ 40.218023][ T3500] ? read_lock_is_recursive+0x10/0x10 [ 40.223374][ T3500] ? down_write_nested+0x117/0x180 [ 40.228460][ T3500] ? down_read_non_owner+0x310/0x310 [ 40.233717][ T3500] ? generic_permission+0x21c/0x4f0 [ 40.238894][ T3500] ? do_raw_spin_unlock+0x137/0x8b0 [ 40.244065][ T3500] hfsplus_rename+0x12a/0x1b0 [ 40.248804][ T3500] ? hfsplus_mknod+0x2a0/0x2a0 [ 40.253539][ T3500] vfs_rename+0xbfc/0xf90 [ 40.257851][ T3500] ? __ia32_sys_link+0x90/0x90 [ 40.262593][ T3500] ? security_path_rename+0x207/0x2a0 [ 40.267953][ T3500] do_renameat2+0xd74/0x1660 [ 40.272522][ T3500] ? fsnotify_move+0x470/0x470 [ 40.277261][ T3500] ? __virt_addr_valid+0x22b/0x2e0 [ 40.282349][ T3500] ? __phys_addr_symbol+0x2b/0x70 [ 40.287374][ T3500] ? 0xffffffff81000000 [ 40.291501][ T3500] ? getname_flags+0x1ec/0x4e0 [ 40.296245][ T3500] __x64_sys_renameat2+0xce/0xe0 [ 40.301172][ T3500] do_syscall_64+0x3d/0xb0 [ 40.305564][ T3500] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 40.311431][ T3500] RIP: 0033:0x7ff22fb687b9 [ 40.315822][ T3500] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 40.335409][ T3500] RSP: 002b:00007ffdc55bee98 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 40.343826][ T3500] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007ff22fb687b9 [ 40.351773][ T3500] RDX: 0000000000000007 RSI: 00000000200001c0 RDI: 0000000000000007 [ 40.359814][ T3500] RBP: 00007ff22fbdc610 R08: 0000000000000000 R09: 00007ffdc55bf068 [