Warning: Permanently added '10.128.1.175' (ED25519) to the list of known hosts. executing program [ 35.626389][ T4234] loop0: detected capacity change from 0 to 1024 [ 35.639527][ T4234] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 35.641146][ T4234] hfsplus: xattr searching failed [ 35.644793][ T4234] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 35.646356][ T4234] [ 35.646844][ T4234] ====================================================== [ 35.648344][ T4234] WARNING: possible circular locking dependency detected [ 35.649855][ T4234] 6.1.74-syzkaller #0 Not tainted [ 35.650953][ T4234] ------------------------------------------------------ [ 35.652473][ T4234] syz-executor161/4234 is trying to acquire lock: [ 35.653825][ T4234] ffff0000cfce0e88 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x198/0x14cc [ 35.656301][ T4234] [ 35.656301][ T4234] but task is already holding lock: [ 35.657819][ T4234] ffff0000cfd260b0 (&tree->tree_lock/2){+.+.}-{3:3}, at: hfsplus_find_init+0x144/0x1bc [ 35.659806][ T4234] [ 35.659806][ T4234] which lock already depends on the new lock. [ 35.659806][ T4234] [ 35.662085][ T4234] [ 35.662085][ T4234] the existing dependency chain (in reverse order) is: [ 35.663936][ T4234] [ 35.663936][ T4234] -> #2 (&tree->tree_lock/2){+.+.}-{3:3}: [ 35.665557][ T4234] __mutex_lock_common+0x190/0x21a0 [ 35.666755][ T4234] mutex_lock_nested+0x38/0x44 [ 35.667938][ T4234] hfsplus_find_init+0x144/0x1bc [ 35.669073][ T4234] hfsplus_attr_exists+0xf8/0x1c8 [ 35.670234][ T4234] __hfsplus_setxattr+0x384/0x1d10 [ 35.671399][ T4234] hfsplus_setxattr+0xb4/0xec [ 35.672570][ T4234] hfsplus_trusted_setxattr+0x54/0x6c [ 35.673801][ T4234] __vfs_setxattr+0x388/0x3a4 [ 35.674913][ T4234] __vfs_setxattr_noperm+0x110/0x528 [ 35.676218][ T4234] __vfs_setxattr_locked+0x1ec/0x218 [ 35.677454][ T4234] vfs_setxattr+0x1a8/0x344 [ 35.678547][ T4234] setxattr+0x230/0x294 [ 35.679507][ T4234] path_setxattr+0x17c/0x258 [ 35.680636][ T4234] __arm64_sys_lsetxattr+0xbc/0xd8 [ 35.681857][ T4234] invoke_syscall+0x98/0x2c0 [ 35.682969][ T4234] el0_svc_common+0x138/0x258 [ 35.684085][ T4234] do_el0_svc+0x64/0x218 [ 35.685111][ T4234] el0_svc+0x58/0x168 [ 35.686088][ T4234] el0t_64_sync_handler+0x84/0xf0 [ 35.687360][ T4234] el0t_64_sync+0x18c/0x190 [ 35.688435][ T4234] [ 35.688435][ T4234] -> #1 (&tree->tree_lock){+.+.}-{3:3}: [ 35.690078][ T4234] __mutex_lock_common+0x190/0x21a0 [ 35.691389][ T4234] mutex_lock_nested+0x38/0x44 [ 35.692567][ T4234] hfsplus_file_truncate+0x6d0/0x9b8 [ 35.693828][ T4234] hfsplus_setattr+0x18c/0x25c [ 35.694994][ T4234] notify_change+0xb58/0xe1c [ 35.696092][ T4234] do_truncate+0x1c0/0x28c [ 35.697213][ T4234] path_openat+0x1fa0/0x2548 [ 35.698338][ T4234] do_filp_open+0x1bc/0x3cc [ 35.699486][ T4234] do_sys_openat2+0x128/0x3d8 [ 35.700594][ T4234] __arm64_sys_openat+0x1f0/0x240 [ 35.701754][ T4234] invoke_syscall+0x98/0x2c0 [ 35.702871][ T4234] el0_svc_common+0x138/0x258 [ 35.703942][ T4234] do_el0_svc+0x64/0x218 [ 35.704953][ T4234] el0_svc+0x58/0x168 [ 35.705980][ T4234] el0t_64_sync_handler+0x84/0xf0 [ 35.707086][ T4234] el0t_64_sync+0x18c/0x190 [ 35.708225][ T4234] [ 35.708225][ T4234] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 35.710166][ T4234] __lock_acquire+0x3338/0x7680 [ 35.711280][ T4234] lock_acquire+0x26c/0x7cc [ 35.712381][ T4234] __mutex_lock_common+0x190/0x21a0 [ 35.713641][ T4234] mutex_lock_nested+0x38/0x44 [ 35.714808][ T4234] hfsplus_file_extend+0x198/0x14cc [ 35.716006][ T4234] hfsplus_bmap_reserve+0xec/0x474 [ 35.717176][ T4234] hfsplus_create_attr+0x1b0/0x568 [ 35.718348][ T4234] __hfsplus_setxattr+0x990/0x1d10 [ 35.719616][ T4234] hfsplus_setxattr+0xb4/0xec [ 35.720744][ T4234] hfsplus_trusted_setxattr+0x54/0x6c [ 35.722140][ T4234] __vfs_setxattr+0x388/0x3a4 [ 35.723243][ T4234] __vfs_setxattr_noperm+0x110/0x528 [ 35.724547][ T4234] __vfs_setxattr_locked+0x1ec/0x218 [ 35.725844][ T4234] vfs_setxattr+0x1a8/0x344 [ 35.726867][ T4234] setxattr+0x230/0x294 [ 35.727832][ T4234] path_setxattr+0x17c/0x258 [ 35.728947][ T4234] __arm64_sys_lsetxattr+0xbc/0xd8 [ 35.730075][ T4234] invoke_syscall+0x98/0x2c0 [ 35.731157][ T4234] el0_svc_common+0x138/0x258 [ 35.732251][ T4234] do_el0_svc+0x64/0x218 [ 35.733320][ T4234] el0_svc+0x58/0x168 [ 35.734303][ T4234] el0t_64_sync_handler+0x84/0xf0 [ 35.735494][ T4234] el0t_64_sync+0x18c/0x190 [ 35.736554][ T4234] [ 35.736554][ T4234] other info that might help us debug this: [ 35.736554][ T4234] [ 35.738783][ T4234] Chain exists of: [ 35.738783][ T4234] &HFSPLUS_I(inode)->extents_lock --> &tree->tree_lock --> &tree->tree_lock/2 [ 35.738783][ T4234] [ 35.741919][ T4234] Possible unsafe locking scenario: [ 35.741919][ T4234] [ 35.743578][ T4234] CPU0 CPU1 [ 35.744819][ T4234] ---- ---- [ 35.745951][ T4234] lock(&tree->tree_lock/2); [ 35.746919][ T4234] lock(&tree->tree_lock); [ 35.748398][ T4234] lock(&tree->tree_lock/2); [ 35.749852][ T4234] lock(&HFSPLUS_I(inode)->extents_lock); [ 35.751089][ T4234] [ 35.751089][ T4234] *** DEADLOCK *** [ 35.751089][ T4234] [ 35.752816][ T4234] 4 locks held by syz-executor161/4234: [ 35.753956][ T4234] #0: ffff0000cfd20460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 35.755904][ T4234] #1: ffff0000cfce24c0 (&sb->s_type->i_mutex_key#17){+.+.}-{3:3}, at: vfs_setxattr+0x17c/0x344 [ 35.758240][ T4234] #2: ffff0000cfd240b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x144/0x1bc [ 35.760337][ T4234] #3: ffff0000cfd260b0 (&tree->tree_lock/2){+.+.}-{3:3}, at: hfsplus_find_init+0x144/0x1bc [ 35.762456][ T4234] [ 35.762456][ T4234] stack backtrace: [ 35.763673][ T4234] CPU: 0 PID: 4234 Comm: syz-executor161 Not tainted 6.1.74-syzkaller #0 [ 35.765491][ T4234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 35.767658][ T4234] Call trace: [ 35.768391][ T4234] dump_backtrace+0x1c8/0x1f4 [ 35.769380][ T4234] show_stack+0x2c/0x3c [ 35.770266][ T4234] dump_stack_lvl+0x108/0x170 [ 35.771263][ T4234] dump_stack+0x1c/0x58 [ 35.772108][ T4234] print_circular_bug+0x150/0x1b8 [ 35.773200][ T4234] check_noncircular+0x2cc/0x378 [ 35.774299][ T4234] __lock_acquire+0x3338/0x7680 [ 35.775327][ T4234] lock_acquire+0x26c/0x7cc [ 35.776243][ T4234] __mutex_lock_common+0x190/0x21a0 [ 35.777368][ T4234] mutex_lock_nested+0x38/0x44 [ 35.778399][ T4234] hfsplus_file_extend+0x198/0x14cc [ 35.779495][ T4234] hfsplus_bmap_reserve+0xec/0x474 [ 35.780596][ T4234] hfsplus_create_attr+0x1b0/0x568 [ 35.781720][ T4234] __hfsplus_setxattr+0x990/0x1d10 [ 35.782836][ T4234] hfsplus_setxattr+0xb4/0xec [ 35.783825][ T4234] hfsplus_trusted_setxattr+0x54/0x6c [ 35.785003][ T4234] __vfs_setxattr+0x388/0x3a4 [ 35.786066][ T4234] __vfs_setxattr_noperm+0x110/0x528 [ 35.787244][ T4234] __vfs_setxattr_locked+0x1ec/0x218 [ 35.788340][ T4234] vfs_setxattr+0x1a8/0x344 [ 35.789273][ T4234] setxattr+0x230/0x294 [ 35.790138][ T4234] path_setxattr+0x17c/0x258 [ 35.791135][ T4234] __arm64_sys_lsetxattr+0xbc/0xd8 [ 35.792285][ T4234] invoke_syscall+0x98/0x2c0 [ 35.793241][ T4234] el0_svc_common+0x138/0x258 [ 35.794207][ T4234] do_el0_svc+0x64/0x218 [ 35.795132][ T4234] el0_svc+0x58/0x168 [ 35.795950][ T4234] el0t_64_sync_handler+0x84/0xf0 [ 35.797089][ T4234] el0t_64_sync+0x18c/0x190 [ 35.799858][ T4234] hfsplus: inconsistency in B*Tree (2,0,1,0,1)