Warning: Permanently added '10.128.1.7' (ECDSA) to the list of known hosts.
syzkaller login: [   41.778544] IPVS: ftp: loaded support on port[0] = 21
executing program
[   41.900217] syz-executor207[8144]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.900319] syz-executor207[8135]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.909249] Code: Bad RIP value.
[   41.918365] syz-executor207[8137]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.918372] Code: Bad RIP value.
[   41.920264] syz-executor207[8133]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.925549] syz-executor207[8142]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.931201] syz-executor207[8139]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.934353] syz-executor207[8140]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.943401] syz-executor207[8143]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.954030] syz-executor207[8138]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.961512] syz-executor207[8141]: segfault at 0 ip 0000000000000000 sp 0000000020000008 error 14
[   41.977191] Code: Bad RIP value.
[   42.008248] 
[   42.008277] Code: Bad RIP value.
[   42.009890] ======================================================
[   42.014381] Code: Bad RIP value.
[   42.019539] WARNING: possible circular locking dependency detected
[   42.023513] Code: Bad RIP value.
[   42.029189] 4.19.211-syzkaller #0 Not tainted
[   42.037008] ------------------------------------------------------
[   42.043318] syz-executor207/8150 is trying to acquire lock:
[   42.049022] 0000000074e99ddb (&HFSPLUS_I(inode)->extents_lock){+.+.}, at: hfsplus_file_extend+0x1bb/0xf40
[   42.053969] Code: Bad RIP value.
[   42.058746] 
[   42.058746] but task is already holding lock:
[   42.064476] Code: Bad RIP value.
[   42.068051] 0000000084eed216 (&tree->tree_lock){+.+.}, at: hfsplus_find_init+0x1b7/0x220
[   42.079609] 
[   42.079609] which lock already depends on the new lock.
[   42.079609] 
[   42.081400] Code: Bad RIP value.
[   42.087927] 
[   42.087927] the existing dependency chain (in reverse order) is:
[   42.097382] Code: Bad RIP value.
[   42.098889] 
[   42.098889] -> #1 (&tree->tree_lock){+.+.}:
[   42.108045]        hfsplus_file_truncate+0xde7/0x1040
[   42.113242]        hfsplus_setattr+0x1e7/0x310
[   42.117815]        notify_change+0x70b/0xfc0
[   42.122203]        do_truncate+0x134/0x1f0
[   42.126426]        path_openat+0x2308/0x2df0
[   42.130809]        do_filp_open+0x18c/0x3f0
[   42.135105]        do_sys_open+0x3b3/0x520
[   42.139445]        do_syscall_64+0xf9/0x620
[   42.143751]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   42.149438] 
[   42.149438] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}:
[   42.156534]        __mutex_lock+0xd7/0x1190
[   42.160838]        hfsplus_file_extend+0x1bb/0xf40
[   42.165752]        hfsplus_bmap_reserve+0x298/0x440
[   42.170761]        hfsplus_rename_cat+0x272/0x1490
[   42.175691]        hfsplus_unlink+0x49c/0x820
[   42.180171]        vfs_unlink+0x27d/0x4e0
[   42.184295]        do_unlinkat+0x3b8/0x660
[   42.188508]        do_coredump+0x1f9c/0x2d60
[   42.192897]        get_signal+0xed9/0x1f70
[   42.197112]        do_signal+0x8f/0x1670
[   42.201165]        exit_to_usermode_loop+0x204/0x2a0
[   42.206368]        prepare_exit_to_usermode+0x277/0x2d0
[   42.211713]        retint_user+0x8/0x18
[   42.215661] 
[   42.215661] other info that might help us debug this:
[   42.215661] 
[   42.223776]  Possible unsafe locking scenario:
[   42.223776] 
[   42.229815]        CPU0                    CPU1
[   42.234464]        ----                    ----
[   42.239105]   lock(&tree->tree_lock);
[   42.242885]                                lock(&HFSPLUS_I(inode)->extents_lock);
[   42.250485]                                lock(&tree->tree_lock);
[   42.256783]   lock(&HFSPLUS_I(inode)->extents_lock);
[   42.261866] 
[   42.261866]  *** DEADLOCK ***
[   42.261866] 
[   42.267901] 5 locks held by syz-executor207/8150:
[   42.272717]  #0: 0000000013d828b8 (sb_writers#11){.+.+}, at: mnt_want_write+0x3a/0xb0
[   42.280685]  #1: 00000000fc98fcd6 (&type->i_mutex_dir_key#7/1){+.+.}, at: do_unlinkat+0x27d/0x660
[   42.289698]  #2: 0000000044ce4107 (&sb->s_type->i_mutex_key#18){+.+.}, at: vfs_unlink+0xca/0x4e0
[   42.298622]  #3: 0000000091c545e5 (&sbi->vh_mutex){+.+.}, at: hfsplus_unlink+0x140/0x820
[   42.306844]  #4: 0000000084eed216 (&tree->tree_lock){+.+.}, at: hfsplus_find_init+0x1b7/0x220
[   42.315495] 
[   42.315495] stack backtrace:
[   42.319977] CPU: 0 PID: 8150 Comm: syz-executor207 Not tainted 4.19.211-syzkaller #0
[   42.327872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   42.337216] Call Trace:
[   42.339792]  dump_stack+0x1fc/0x2ef
[   42.343402]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   42.349187]  __lock_acquire+0x30c9/0x3ff0
[   42.353319]  ? mark_held_locks+0xf0/0xf0
[   42.357358]  ? is_bpf_text_address+0xd5/0x1b0
[   42.361830]  ? lock_downgrade+0x720/0x720
[   42.365957]  ? lock_acquire+0x170/0x3c0
[   42.369912]  ? __bpf_address_lookup+0x330/0x330
[   42.374589]  ? check_preemption_disabled+0x41/0x280
[   42.379583]  ? __lock_acquire+0x6de/0x3ff0
[   42.383798]  lock_acquire+0x170/0x3c0
[   42.387576]  ? hfsplus_file_extend+0x1bb/0xf40
[   42.392136]  ? hfsplus_file_extend+0x1bb/0xf40
[   42.396706]  __mutex_lock+0xd7/0x1190
[   42.400485]  ? hfsplus_file_extend+0x1bb/0xf40
[   42.405047]  ? kasan_kmalloc+0x139/0x160
[   42.409084]  ? hfsplus_file_extend+0x1bb/0xf40
[   42.413641]  ? mutex_trylock+0x1a0/0x1a0
[   42.417680]  ? hfsplus_rename_cat+0x13f/0x1490
[   42.422239]  ? hfsplus_unlink+0x49c/0x820
[   42.426365]  ? vfs_unlink+0x27d/0x4e0
[   42.430140]  ? do_unlinkat+0x3b8/0x660
[   42.434005]  ? do_coredump+0x1f9c/0x2d60
[   42.438046]  ? get_signal+0xed9/0x1f70
[   42.441910]  ? do_signal+0x8f/0x1670
[   42.445602]  ? exit_to_usermode_loop+0x204/0x2a0
[   42.450338]  ? prepare_exit_to_usermode+0x277/0x2d0
[   42.455334]  ? retint_user+0x8/0x18
[   42.458962]  ? lock_acquire+0x170/0x3c0
[   42.462918]  ? hfsplus_find_init+0x1b7/0x220
[   42.467306]  hfsplus_file_extend+0x1bb/0xf40
[   42.471693]  ? hfsplus_free_fork+0x7e0/0x7e0
[   42.476080]  ? mutex_trylock+0x1a0/0x1a0
[   42.480122]  ? check_preemption_disabled+0x41/0x280
[   42.485117]  hfsplus_bmap_reserve+0x298/0x440
[   42.489594]  hfsplus_rename_cat+0x272/0x1490
[   42.493985]  ? hfsplus_delete_cat+0xe30/0xe30
[   42.498465]  ? __lock_acquire+0x6de/0x3ff0
[   42.502681]  ? mark_held_locks+0xf0/0xf0
[   42.506720]  ? number+0x7ca/0xa90
[   42.510155]  ? __sanitizer_cov_trace_switch+0x4b/0x80
[   42.515324]  ? put_dec+0xd0/0xd0
[   42.518705]  ? enable_ptr_key_workfn+0x30/0x30
[   42.523267]  ? __lock_acquire+0x6de/0x3ff0
[   42.527482]  ? vsnprintf+0x2cc/0x14f0
[   42.531265]  ? pointer+0x850/0x850
[   42.534801]  ? hfsplus_unlink+0x140/0x820
[   42.538926]  ? sprintf+0xc0/0x100
[   42.542361]  ? snprintf+0xf0/0xf0
[   42.545797]  ? common_perm+0x4be/0x800
[   42.549663]  hfsplus_unlink+0x49c/0x820
[   42.553616]  ? hfsplus_symlink+0x2e0/0x2e0
[   42.557834]  ? vfs_unlink+0xca/0x4e0
[   42.561528]  vfs_unlink+0x27d/0x4e0
[   42.565132]  do_unlinkat+0x3b8/0x660
[   42.568841]  ? __ia32_sys_rmdir+0x40/0x40
[   42.572967]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   42.577963]  ? memcpy+0x35/0x50
[   42.581221]  do_coredump+0x1f9c/0x2d60
[   42.585090]  ? trace_hardirqs_off+0x64/0x200
[   42.589477]  ? get_signal+0xc70/0x1f70
[   42.593344]  ? cn_esc_printf+0x510/0x510
[   42.597384]  ? try_to_wake_up+0x7b/0x1050
[   42.601510]  ? trace_hardirqs_off+0x64/0x200
[   42.605897]  ? debug_check_no_obj_freed+0x201/0x490
[   42.610891]  ? lock_downgrade+0x720/0x720
[   42.615019]  ? trace_hardirqs_off+0x64/0x200
[   42.619415]  ? _raw_spin_unlock_irq+0x24/0x80
[   42.623891]  get_signal+0xed9/0x1f70
[   42.627589]  do_signal+0x8f/0x1670
[   42.631111]  ? setup_sigcontext+0x820/0x820
[   42.635424]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[   42.640504]  ? ___ratelimit+0x319/0x590
[   42.644459]  ? __do_page_fault+0x180/0xd60
[   42.648670]  ? exit_to_usermode_loop+0x36/0x2a0
[   42.653318]  exit_to_usermode_loop+0x204/0x2a0
[   42.657877]  prepare_exit_to_usermode+0x277/0x2d0
[   42.662713]  ? page_fault+0x8/0x30
[   42.666232]  retint_user+0x8/0x18
[   42.669691] RIP: 0033:          (null)
[   42.673551] Code: Bad RIP value.
[   42.676897] RSP: 002b:0000000020000008 EFLAGS: 00010217
[   42.682238] RAX: 0000000000000000 RBX: 0000000000000030 RCX: 00007f283e0be249
[   42.689486] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000
[   42.696734] RBP: 00007fff9c53c338 R08: 0000000000000000 R09: 00007f283e12ce40
[   42.703981] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff9c53c340
[   42.711236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000