program: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x8) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x30, 0x1411, 0x400, 0x70bd27, 0x4004, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x5}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$sock_proto_private(r0, 0x89e8, &(0x7f0000000100)="6a7fb6617c2de8bdc5a7c24a7f0d0300e167e40f4546c4b55c5457d697f9a858b9e6df91a7045b87") syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x400, &(0x7f0000000140)=ANY=[], 0x1, 0x694, &(0x7f0000001100)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXr9l1Yq8tPp9odp5nnpd5nt/M7OzOKnKA/1nXzqXxOLVcO/fmcpFfeTTTWXk0c6efTjKRpJ40eqvU7ia1j5Kr6S35TLGx6q623X4+WJh9++NPVz7p5RrVUtav79Rukyv1LTY+rJacSXKkWj+Ddf1d39Bfa+TuaqszLAJ2th84GLdmku463z21VvJUw1+3wIFVK++bm6/5qeRoksnqc0Dvrti7Zx9qD8c9AAAAANgHL/yy/Ap/bNzjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMOk9/f/i1W51PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3jO0dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5TK6ntEInk83/83Xdude7enrh579zBmdIIJgaeoG2MxMxAJF7e+ZxIM1Ukbh3WSAyaLiNxcjV/Ld/It3MuZ/JWFrOQ72UuS5nPmXw9czmSuep8Ll6ndo7U1XW5t542klZ5XJrVu+jwY1rKXF4t2x7LQr6Vd3Mj87lS/ruUi3m96jGrR/jkEFd9fbR32rNfGHiY/Isk7eHa7YNiYMdX706DZ/10eR0cX7dl7Tp48fnfjxqfrRLFPn4ycETGb2MkLg5E4qWdI/Gb8m3lXufu7cVbc+8Nub/XqnVxHf3sQN0livPlxeJglbn1Z0dR9tLGsslevFrVLy69svV33KLs5GrZ9lfq5VzObFn71JY9XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94TZFe5hoJ+lvSZ7Wqpmn19mbRCtJmWj0E6P1MzFU5dba0Xnj988y5uaorZLnEqhGdZLdf3D7n91ud98P0xaJ5g7n/FqiW9lU1B2q+dgS/+o+vw7H/MYE7LkLS3feu3Dv/oMvLdyZe2f+nfm7s5cvz07PXr7ytws3Fzrz073XcY8S2AtrN/1xjwQAAAAAAAAAAAAY1n78t4Rtdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9p2+/lgYfbtjz9d+aSXa1RLWb++rl1zN7N4WC05k+RItR40+Qz9Xa/WuxpZqbY6wyJgZ/uBg3H7bwAAAP//2wMQAg==") r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f00000001c0)=0x2, 0x4) r4 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b40)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000193ab0ebff727fe2dd400000044000180060001000a00000008000b00736970000c0007000000000000000000080009000000090006006e6f6e6500000000080008000000000000eb00374fb3e008bfa166dd197f8e4510553239a1c999eb4694cfc58458d92ab62fc957a1b28962f9f27886af44af0b3d21d911cf29032ce02a032bf3c9ae0b03d35c2fc1bf0184fe33db912e4c20cb84a0a92d617a33a49d0acc1b2843b6a5bda6614f77d890ff38c74ae3811364f4fcc34da7adce12d84896daa276477d94742bea93599e2a905e333185950289d09d235ae378b0766805d8baa4b03d02e5d9574ea5c5971547aaeb4a1af59fa180"], 0x58}}, 0x10) sendmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000000)=',', 0x1}], 0x1}, 0x8940) writev(r4, &(0x7f0000000340)=[{&(0x7f0000000100)="5fc908ce8cb5049e077f3ba953190a8ce22e51a45861006641e661523ed30e13487a64d3e98231a20c5e08ebe24801b531c63d06db0e6cca2bdb10dd7d02d74ab9dd95bd33747598fc1e063ff967b7c16abd2076323dca7cd2cc5ab8225b6d31c8029cfe91c8f8c054ff41", 0x6b}, {&(0x7f0000000980)="941dd634f75d70afed00837e63d7a620c1b5fd6f48660a86826b474ffb6274f02f52586f30140dafd6a0baffee63a7bafec8837268f35cf21be882e4ac6c522534080f35b3033aeb3f84e473f0b8c5a0d132378d8d7ff5299fd7616415c9c97f6331af9d07a746bb657558522dcee4c292efe922ce9584ec0ca31b7f5362419bd2084f5f9d2ef32bb866383dcb862e17ae85989ce20040b023f6d6b6cae15622b6b9ab922f95edd7f1fe11b20efdecc038027fe452320671c98e51817e1ab6e62610629bb0fa0b8513df543828b7dc90c220c6e7b17c4c7176508749", 0x50c}, {&(0x7f0000000480)="11", 0x10}], 0x3) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000b00)={[{@user_xattr}, {@nodioread_nolock}, {@nodelalloc}]}, 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x105042, 0x1fe) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r7 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r9 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)={0x24, 0x12, 0xa01, 0x0, 0x0, {0x7, 0x0, 0x2}, [@nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x24}}, 0x0) ioctl$FS_IOC_RESVSP(r8, 0x40305839, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000}) io_submit(r3, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x70000}]) [ 85.737828][ T5302] Bluetooth: hci0: command tx timeout [ 85.875767][ T5324] loop0: detected capacity change from 0 to 1024 [ 85.974716][ T5324] netlink: 68 bytes leftover after parsing attributes in process `syz.0.0'. [ 86.062762][ T25] audit: type=1800 audit(1761691350.004:2): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.0" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 86.091972][ T25] audit: type=1800 audit(1761691350.034:3): pid=5326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="bus" dev="loop0" ino=26 res=0 errno=0 [ 86.141992][ T25] audit: type=1804 audit(1761691350.084:4): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.0" name="/newroot/0/file1/file1" dev="loop0" ino=20 res=1 errno=0 [ 86.157944][ T5326] loop0: detected capacity change from 1024 to 64 [ 86.188745][ T5324] [ 86.189960][ T5324] ====================================================== [ 86.193189][ T5324] WARNING: possible circular locking dependency detected [ 86.196299][ T5324] syzkaller #0 Not tainted [ 86.214401][ T5324] ------------------------------------------------------ [ 86.217411][ T5324] syz.0.0/5324 is trying to acquire lock: [ 86.219998][ T5324] ffff8880522a4108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1ba0 [ 86.225302][ T5324] [ 86.225302][ T5324] but task is already holding lock: [ 86.228757][ T5324] ffff888032ede0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x290 [ 86.249213][ T5324] [ 86.249213][ T5324] which lock already depends on the new lock. [ 86.249213][ T5324] [ 86.253933][ T5324] [ 86.253933][ T5324] the existing dependency chain (in reverse order) is: [ 86.258139][ T5324] [ 86.258139][ T5324] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 86.277844][ T5324] lock_acquire+0x120/0x360 [ 86.280179][ T5324] __mutex_lock+0x187/0x1350 [ 86.282650][ T5324] hfsplus_find_init+0x168/0x290 [ 86.285198][ T5324] hfsplus_get_block+0x8dc/0x15d0 [ 86.287726][ T5324] block_read_full_folio+0x29f/0x830 [ 86.292871][ T5324] read_pages+0x35d/0x580 [ 86.295760][ T5324] page_cache_ra_unbounded+0x75e/0x9a0 [ 86.298935][ T5324] filemap_get_pages+0x468/0x1de0 [ 86.303296][ T5324] filemap_read+0x3f6/0x11a0 [ 86.308606][ T5324] __kernel_read+0x4cf/0x960 [ 86.312301][ T5324] integrity_kernel_read+0x89/0xd0 [ 86.315703][ T5324] ima_calc_file_hash+0x85e/0x16f0 [ 86.318397][ T5324] ima_collect_measurement+0x428/0x8f0 [ 86.321290][ T5324] process_measurement+0x1121/0x1a40 [ 86.324018][ T5324] ima_file_check+0xd7/0x120 [ 86.326869][ T5324] security_file_post_open+0xbb/0x290 [ 86.331102][ T5324] path_openat+0x2f26/0x3830 [ 86.336732][ T5324] do_filp_open+0x1fa/0x410 [ 86.339638][ T5324] do_sys_openat2+0x121/0x1c0 [ 86.342321][ T5324] __x64_sys_openat+0x138/0x170 [ 86.344643][ T5324] do_syscall_64+0xfa/0xfa0 [ 86.346760][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.349331][ T5324] [ 86.349331][ T5324] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}: [ 86.354468][ T5324] validate_chain+0xb9b/0x2140 [ 86.358020][ T5324] __lock_acquire+0xab9/0xd20 [ 86.360777][ T5324] lock_acquire+0x120/0x360 [ 86.363888][ T5324] __mutex_lock+0x187/0x1350 [ 86.367173][ T5324] hfsplus_file_extend+0x1f8/0x1ba0 [ 86.371146][ T5324] hfsplus_bmap_reserve+0x122/0x500 [ 86.375135][ T5324] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 86.380518][ T5324] __hfsplus_ext_cache_extent+0x89/0xe30 [ 86.383301][ T5324] hfsplus_file_extend+0x437/0x1ba0 [ 86.385935][ T5324] hfsplus_get_block+0x40a/0x15d0 [ 86.388424][ T5324] __block_write_begin_int+0x6b5/0x1900 [ 86.391023][ T5324] cont_write_begin+0x789/0xb50 [ 86.409414][ T5324] hfsplus_write_begin+0x66/0xb0 [ 86.411814][ T5324] generic_perform_write+0x2c5/0x900 [ 86.414319][ T5324] generic_file_write_iter+0x117/0x550 [ 86.416877][ T5324] aio_write+0x535/0x7a0 [ 86.419032][ T5324] io_submit_one+0x78b/0x1310 [ 86.421404][ T5324] __se_sys_io_submit+0x185/0x2f0 [ 86.423879][ T5324] do_syscall_64+0xfa/0xfa0 [ 86.442778][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.446849][ T5324] [ 86.446849][ T5324] other info that might help us debug this: [ 86.446849][ T5324] [ 86.464511][ T5324] Possible unsafe locking scenario: [ 86.464511][ T5324] [ 86.468712][ T5324] CPU0 CPU1 [ 86.471505][ T5324] ---- ---- [ 86.489163][ T5324] lock(&tree->tree_lock/1); [ 86.491325][ T5324] lock(&HFSPLUS_I(inode)->extents_lock); [ 86.495149][ T5324] lock(&tree->tree_lock/1); [ 86.498655][ T5324] lock(&HFSPLUS_I(inode)->extents_lock); [ 86.501505][ T5324] [ 86.501505][ T5324] *** DEADLOCK *** [ 86.501505][ T5324] [ 86.518357][ T5324] 3 locks held by syz.0.0/5324: [ 86.521100][ T5324] #0: ffff8880522a6b78 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550 [ 86.526619][ T5324] #1: ffff8880522a6988 (&hip->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1ba0 [ 86.531410][ T5324] #2: ffff888032ede0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x290 [ 86.551897][ T5324] [ 86.551897][ T5324] stack backtrace: [ 86.554740][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.554762][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.554770][ T5324] Call Trace: [ 86.554778][ T5324] [ 86.554785][ T5324] dump_stack_lvl+0x189/0x250 [ 86.554807][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.554823][ T5324] ? __pfx__printk+0x10/0x10 [ 86.554834][ T5324] ? print_lock_name+0xde/0x100 [ 86.554843][ T5324] print_circular_bug+0x2ee/0x310 [ 86.554856][ T5324] check_noncircular+0x134/0x160 [ 86.554869][ T5324] validate_chain+0xb9b/0x2140 [ 86.554882][ T5324] ? rcu_is_watching+0x15/0xb0 [ 86.554893][ T5324] ? __kasan_check_byte+0x12/0x40 [ 86.554908][ T5324] ? rcu_is_watching+0x15/0xb0 [ 86.554920][ T5324] ? look_up_lock_class+0x74/0x170 [ 86.554935][ T5324] ? register_lock_class+0x51/0x320 [ 86.554946][ T5324] __lock_acquire+0xab9/0xd20 [ 86.554959][ T5324] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 86.554973][ T5324] lock_acquire+0x120/0x360 [ 86.554983][ T5324] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 86.554998][ T5324] __mutex_lock+0x187/0x1350 [ 86.555010][ T5324] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 86.555024][ T5324] ? check_path+0x21/0x40 [ 86.555035][ T5324] ? check_noncircular+0xe0/0x160 [ 86.555048][ T5324] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 86.555060][ T5324] ? lockdep_unlock+0x89/0x120 [ 86.555078][ T5324] ? __pfx___mutex_lock+0x10/0x10 [ 86.555098][ T5324] hfsplus_file_extend+0x1f8/0x1ba0 [ 86.555112][ T5324] ? __lock_acquire+0xab9/0xd20 [ 86.555126][ T5324] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 86.555138][ T5324] ? __pfx___mutex_trylock_common+0x10/0x10 [ 86.555151][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.555163][ T5324] ? rcu_is_watching+0x15/0xb0 [ 86.555175][ T5324] ? trace_contention_end+0x39/0x120 [ 86.555189][ T5324] ? __asan_memset+0x22/0x50 [ 86.555201][ T5324] ? hfsplus_brec_find+0x1a9/0x510 [ 86.555213][ T5324] hfsplus_bmap_reserve+0x122/0x500 [ 86.555230][ T5324] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 86.555246][ T5324] __hfsplus_ext_cache_extent+0x89/0xe30 [ 86.555262][ T5324] hfsplus_file_extend+0x437/0x1ba0 [ 86.555277][ T5324] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 86.555291][ T5324] ? clean_bdev_aliases+0x5c9/0x6b0 [ 86.555305][ T5324] ? __pfx_clean_bdev_aliases+0x10/0x10 [ 86.555316][ T5324] hfsplus_get_block+0x40a/0x15d0 [ 86.555330][ T5324] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.555341][ T5324] ? do_raw_spin_unlock+0x4d/0x240 [ 86.555354][ T5324] ? _raw_spin_unlock+0x28/0x50 [ 86.555365][ T5324] __block_write_begin_int+0x6b5/0x1900 [ 86.555375][ T5324] ? __pfx_workingset_update_node+0x10/0x10 [ 86.555387][ T5324] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.555401][ T5324] ? __pfx___block_write_begin_int+0x10/0x10 [ 86.555414][ T5324] cont_write_begin+0x789/0xb50 [ 86.555427][ T5324] ? __pfx_cont_write_begin+0x10/0x10 [ 86.555438][ T5324] ? __pfx___might_resched+0x10/0x10 [ 86.555458][ T5324] ? __mark_inode_dirty+0x3d2/0xe10 [ 86.555467][ T5324] ? folio_unlock+0x101/0x160 [ 86.555483][ T5324] hfsplus_write_begin+0x66/0xb0 [ 86.555495][ T5324] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.555507][ T5324] generic_perform_write+0x2c5/0x900 [ 86.555520][ T5324] ? __pfx_generic_perform_write+0x10/0x10 [ 86.555529][ T5324] ? file_update_time+0x416/0x490 [ 86.555539][ T5324] ? __generic_file_write_iter+0xf9/0x230 [ 86.555548][ T5324] ? generic_file_write_iter+0x103/0x550 [ 86.555557][ T5324] generic_file_write_iter+0x117/0x550 [ 86.555567][ T5324] ? __pfx_generic_file_write_iter+0x10/0x10 [ 86.555575][ T5324] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 86.555587][ T5324] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 86.555597][ T5324] ? __pfx_aa_file_perm+0x10/0x10 [ 86.555615][ T5324] ? __lock_acquire+0xab9/0xd20 [ 86.555630][ T5324] ? aio_write+0x4c4/0x7a0 [ 86.555643][ T5324] aio_write+0x535/0x7a0 [ 86.555655][ T5324] ? __pfx_aio_write+0x10/0x10 [ 86.555666][ T5324] ? __might_fault+0xb0/0x130 [ 86.555695][ T5324] io_submit_one+0x78b/0x1310 [ 86.555711][ T5324] ? __pfx_io_submit_one+0x10/0x10 [ 86.555721][ T5324] ? __might_fault+0xb0/0x130 [ 86.555736][ T5324] ? __might_fault+0xb0/0x130 [ 86.555747][ T5324] __se_sys_io_submit+0x185/0x2f0 [ 86.555762][ T5324] ? __pfx___se_sys_io_submit+0x10/0x10 [ 86.555778][ T5324] ? do_syscall_64+0xbe/0xfa0 [ 86.555792][ T5324] do_syscall_64+0xfa/0xfa0 [ 86.555803][ T5324] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.555816][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.555825][ T5324] ? clear_bhb_loop+0x60/0xb0 [ 86.555838][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.555850][ T5324] RIP: 0033:0x7f09ce38efc9 [ 86.555861][ T5324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.555869][ T5324] RSP: 002b:00007f09cf26a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 86.555882][ T5324] RAX: ffffffffffffffda RBX: 00007f09ce5e5fa0 RCX: 00007f09ce38efc9 [ 86.555892][ T5324] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f09cf220000 [ 86.555899][ T5324] RBP: 00007f09ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 86.555906][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.555912][ T5324] R13: 00007f09ce5e6038 R14: 00007f09ce5e5fa0 R15: 00007ffc02d19f08 [ 86.555923][ T5324] [ 87.047462][ T25] audit: type=1800 audit(1761691350.104:5): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.0" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 87.074710][ T10] cfg80211: failed to load regulatory.db