./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3842573076

<...>
Warning: Permanently added '10.128.1.126' (ED25519) to the list of known hosts.
execve("./syz-executor3842573076", ["./syz-executor3842573076"], 0x7ffcb925d030 /* 10 vars */) = 0
brk(NULL)                               = 0x5555827ac000
brk(0x5555827acd00)                     = 0x5555827acd00
arch_prctl(ARCH_SET_FS, 0x5555827ac380) = 0
set_tid_address(0x5555827ac650)         = 5097
set_robust_list(0x5555827ac660, 24)     = 0
rseq(0x5555827acca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3842573076", 4096) = 28
getrandom("\xdd\xee\x89\x0d\x58\xc2\xbd\x27", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555827acd00
brk(0x5555827cdd00)                     = 0x5555827cdd00
brk(0x5555827ce000)                     = 0x5555827ce000
mprotect(0x7fc5df02c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc5d6a00000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
munmap(0x7fc5d6a00000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
close(4)                                = 0
mkdir("./bus", 0777)                    = 0
mount("/dev/loop0", "./bus", "hfsplus", MS_SYNCHRONOUS|MS_RELATIME|MS_I_VERSION|MS_LAZYTIME, "force") = 0
openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
chdir("./bus")                          = 0
[   72.458772][ T5097] loop0: detected capacity change from 0 to 1024
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = -1 EBUSY (Device or resource busy)
creat("./bus", 000)                     = 4
openat(AT_FDCWD, "./file0", O_RDONLY)   = 5
unlinkat(5, "./file0", 0)               = 0
creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 6
[   72.556872][ T5097] 
[   72.559242][ T5097] ======================================================
[   72.566279][ T5097] WARNING: possible circular locking dependency detected
[   72.573310][ T5097] 6.9.0-rc7-next-20240506-syzkaller #0 Not tainted
[   72.579811][ T5097] ------------------------------------------------------
[   72.586826][ T5097] syz-executor384/5097 is trying to acquire lock:
[   72.593231][ T5097] ffff88807d3a87c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x21b/0x1b70
[   72.604305][ T5097] 
[   72.604305][ T5097] but task is already holding lock:
[   72.611678][ T5097] ffff888021f040b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x14a/0x1c0
[   72.621283][ T5097] 
[   72.621283][ T5097] which lock already depends on the new lock.
[   72.621283][ T5097] 
[   72.631686][ T5097] 
[   72.631686][ T5097] the existing dependency chain (in reverse order) is:
[   72.640712][ T5097] 
[   72.640712][ T5097] -> #1 (&tree->tree_lock){+.+.}-{3:3}:
[   72.648459][ T5097]        lock_acquire+0x1ed/0x550
[   72.653489][ T5097]        __mutex_lock+0x136/0xd70
[   72.658523][ T5097]        hfsplus_file_truncate+0x811/0xb50
[   72.664340][ T5097]        hfsplus_delete_inode+0x174/0x220
[   72.670060][ T5097]        hfsplus_unlink+0x512/0x790
[   72.675259][ T5097]        vfs_unlink+0x365/0x650
[   72.680108][ T5097]        do_unlinkat+0x4ae/0x830
[   72.685052][ T5097]        __x64_sys_unlinkat+0xce/0xf0
[   72.690427][ T5097]        do_syscall_64+0xf5/0x240
[   72.695447][ T5097]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.701858][ T5097] 
[   72.701858][ T5097] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}:
[   72.710888][ T5097]        validate_chain+0x18cb/0x58e0
[   72.716268][ T5097]        __lock_acquire+0x1346/0x1fd0
[   72.721631][ T5097]        lock_acquire+0x1ed/0x550
[   72.726648][ T5097]        __mutex_lock+0x136/0xd70
[   72.731663][ T5097]        hfsplus_file_extend+0x21b/0x1b70
[   72.737374][ T5097]        hfsplus_bmap_reserve+0x105/0x4e0
[   72.743115][ T5097]        hfsplus_rename_cat+0x1d0/0x1050
[   72.748741][ T5097]        hfsplus_rename+0x12e/0x1c0
[   72.753954][ T5097]        vfs_rename+0xbdb/0xf00
[   72.758810][ T5097]        do_renameat2+0xd94/0x13f0
[   72.764092][ T5097]        __x64_sys_rename+0x86/0xa0
[   72.769299][ T5097]        do_syscall_64+0xf5/0x240
[   72.774322][ T5097]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.780734][ T5097] 
[   72.780734][ T5097] other info that might help us debug this:
[   72.780734][ T5097] 
[   72.790951][ T5097]  Possible unsafe locking scenario:
[   72.790951][ T5097] 
[   72.798391][ T5097]        CPU0                    CPU1
[   72.803744][ T5097]        ----                    ----
[   72.809103][ T5097]   lock(&tree->tree_lock);
[   72.813604][ T5097]                                lock(&HFSPLUS_I(inode)->extents_lock);
[   72.821950][ T5097]                                lock(&tree->tree_lock);
[   72.828969][ T5097]   lock(&HFSPLUS_I(inode)->extents_lock);
[   72.834773][ T5097] 
[   72.834773][ T5097]  *** DEADLOCK ***
[   72.834773][ T5097] 
[   72.842908][ T5097] 5 locks held by syz-executor384/5097:
[   72.848455][ T5097]  #0: ffff888021f00420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[   72.857616][ T5097]  #1: ffff88807d3a9e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_renameat2+0x62c/0x13f0
[   72.868075][ T5097]  #2: ffff88807d3aab80 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: lock_two_nondirectories+0xe1/0x170
[   72.879397][ T5097]  #3: ffff88807d3abfc0 (&sb->s_type->i_mutex_key#15/4){+.+.}-{3:3}, at: vfs_rename+0x6a2/0xf00
[   72.889853][ T5097]  #4: ffff888021f040b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x14a/0x1c0
[   72.899788][ T5097] 
[   72.899788][ T5097] stack backtrace:
[   72.905666][ T5097] CPU: 1 PID: 5097 Comm: syz-executor384 Not tainted 6.9.0-rc7-next-20240506-syzkaller #0
[   72.915546][ T5097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   72.925603][ T5097] Call Trace:
[   72.928882][ T5097]  <TASK>
[   72.931808][ T5097]  dump_stack_lvl+0x241/0x360
[   72.936499][ T5097]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.941711][ T5097]  ? print_circular_bug+0x130/0x1a0
[   72.946919][ T5097]  check_noncircular+0x36a/0x4a0
[   72.951856][ T5097]  ? __read_once_word_nocheck+0x9/0x20
[   72.957326][ T5097]  ? __pfx_check_noncircular+0x10/0x10
[   72.962785][ T5097]  ? lockdep_lock+0x123/0x2b0
[   72.967458][ T5097]  ? is_bpf_text_address+0x285/0x2a0
[   72.972736][ T5097]  ? is_bpf_text_address+0x26/0x2a0
[   72.977933][ T5097]  ? _find_first_zero_bit+0xd4/0x100
[   72.983226][ T5097]  validate_chain+0x18cb/0x58e0
[   72.988085][ T5097]  ? check_noncircular+0x259/0x4a0
[   72.993206][ T5097]  ? __pfx_validate_chain+0x10/0x10
[   72.998405][ T5097]  ? __pfx_check_noncircular+0x10/0x10
[   73.003864][ T5097]  ? lockdep_unlock+0x16a/0x300
[   73.008708][ T5097]  ? __pfx_lockdep_unlock+0x10/0x10
[   73.013900][ T5097]  ? add_lock_to_list+0x1de/0x2e0
[   73.018928][ T5097]  ? look_up_lock_class+0x77/0x160
[   73.024037][ T5097]  ? register_lock_class+0x102/0x980
[   73.029314][ T5097]  ? validate_chain+0x15a2/0x58e0
[   73.034344][ T5097]  ? __pfx_register_lock_class+0x10/0x10
[   73.039974][ T5097]  ? mark_lock+0x9a/0x350
[   73.044300][ T5097]  __lock_acquire+0x1346/0x1fd0
[   73.049156][ T5097]  lock_acquire+0x1ed/0x550
[   73.053675][ T5097]  ? hfsplus_file_extend+0x21b/0x1b70
[   73.059071][ T5097]  ? __pfx_lock_acquire+0x10/0x10
[   73.064149][ T5097]  ? __pfx___might_resched+0x10/0x10
[   73.069460][ T5097]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   73.075803][ T5097]  __mutex_lock+0x136/0xd70
[   73.080314][ T5097]  ? hfsplus_file_extend+0x21b/0x1b70
[   73.085713][ T5097]  ? hfsplus_file_extend+0x21b/0x1b70
[   73.091086][ T5097]  ? __pfx___mutex_lock+0x10/0x10
[   73.096113][ T5097]  hfsplus_file_extend+0x21b/0x1b70
[   73.101314][ T5097]  ? __pfx_hfsplus_file_extend+0x10/0x10
[   73.106942][ T5097]  ? rcu_is_watching+0x15/0xb0
[   73.111702][ T5097]  ? trace_contention_end+0x3c/0x120
[   73.116986][ T5097]  ? __mutex_lock+0x2ef/0xd70
[   73.121659][ T5097]  ? hfsplus_find_init+0x14a/0x1c0
[   73.126777][ T5097]  ? __pfx___mutex_lock+0x10/0x10
[   73.131804][ T5097]  hfsplus_bmap_reserve+0x105/0x4e0
[   73.137129][ T5097]  hfsplus_rename_cat+0x1d0/0x1050
[   73.142273][ T5097]  ? number+0xb5e/0xf90
[   73.146450][ T5097]  ? __pfx_hfsplus_rename_cat+0x10/0x10
[   73.152056][ T5097]  ? __pfx_hfsplus_unlink+0x10/0x10
[   73.157289][ T5097]  ? __pfx___down_write_common+0x10/0x10
[   73.163039][ T5097]  ? __pfx___down_write_common+0x10/0x10
[   73.168692][ T5097]  hfsplus_rename+0x12e/0x1c0
[   73.173376][ T5097]  ? __pfx_hfsplus_rename+0x10/0x10
[   73.178585][ T5097]  vfs_rename+0xbdb/0xf00
[   73.182926][ T5097]  ? __pfx_vfs_rename+0x10/0x10
[   73.187782][ T5097]  ? security_path_rename+0x18b/0x220
[   73.193179][ T5097]  do_renameat2+0xd94/0x13f0
[   73.197800][ T5097]  ? __pfx_do_renameat2+0x10/0x10
[   73.202849][ T5097]  ? __virt_addr_valid+0x183/0x520
[   73.207994][ T5097]  ? __check_object_size+0x49c/0x900
[   73.213311][ T5097]  ? getname_flags+0x1fe/0x4f0
[   73.218089][ T5097]  __x64_sys_rename+0x86/0xa0
[   73.222774][ T5097]  do_syscall_64+0xf5/0x240
[   73.227284][ T5097]  ? clear_bhb_loop+0x35/0x90
[   73.231970][ T5097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.237867][ T5097] RIP: 0033:0x7fc5defb8839
[   73.242280][ T5097] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   73.261987][ T5097] RSP: 002b:00007fff091ebdf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   73.270404][ T5097] RAX: ffffffffffffffda RBX: 00007fff091ebfc8 RCX: 00007fc5defb8839
[   73.278385][ T5097] RDX: 00007fc5defb8839 RSI: 0000000020000300 RDI: 0000000020000b00
[   73.286380][ T5097] RBP: 00007fc5df02c610 R08: 00007fff091ebfc8 R09: 00007fff091ebfc8
[   73.294791][ T5097] R10: 00007fff091ebfc8 R11: 0000000000000246 R12: 0000000000000001
rename("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   73.302782][ T5097] R13: 00007fff091ebfb8 R14: 0000000000000001 R15: 00000000000000