Warning: Permanently added '10.128.0.107' (ED25519) to the list of known hosts. executing program [ 50.985835][ T3542] loop0: detected capacity change from 0 to 1024 [ 51.009179][ T27] audit: type=1800 audit(1704106925.551:2): pid=3542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor122" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 51.011702][ T3542] [ 51.031178][ T3542] ====================================================== [ 51.038201][ T3542] WARNING: possible circular locking dependency detected [ 51.045217][ T3542] 6.1.69-syzkaller #0 Not tainted [ 51.050222][ T3542] ------------------------------------------------------ [ 51.057221][ T3542] syz-executor122/3542 is trying to acquire lock: [ 51.063609][ T3542] ffff88807c1a07c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x1d2/0x1b10 [ 51.074650][ T3542] [ 51.074650][ T3542] but task is already holding lock: [ 51.082084][ T3542] ffff88807594e0b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x146/0x1c0 [ 51.091543][ T3542] [ 51.091543][ T3542] which lock already depends on the new lock. [ 51.091543][ T3542] [ 51.101937][ T3542] [ 51.101937][ T3542] the existing dependency chain (in reverse order) is: [ 51.110926][ T3542] [ 51.110926][ T3542] -> #1 (&tree->tree_lock){+.+.}-{3:3}: [ 51.118635][ T3542] lock_acquire+0x1f8/0x5a0 [ 51.123656][ T3542] __mutex_lock+0x132/0xd80 [ 51.128678][ T3542] hfsplus_file_truncate+0x80d/0xb40 [ 51.134468][ T3542] hfsplus_setattr+0x1b9/0x280 [ 51.139829][ T3542] notify_change+0xce3/0xfc0 [ 51.144923][ T3542] do_truncate+0x21c/0x300 [ 51.149845][ T3542] path_openat+0x27e2/0x2e60 [ 51.154945][ T3542] do_filp_open+0x230/0x480 [ 51.159971][ T3542] do_sys_openat2+0x13b/0x500 [ 51.165152][ T3542] __se_sys_openat2+0x237/0x2c0 [ 51.170502][ T3542] do_syscall_64+0x3d/0xb0 [ 51.175423][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.181817][ T3542] [ 51.181817][ T3542] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 51.190830][ T3542] validate_chain+0x1661/0x5950 [ 51.196188][ T3542] __lock_acquire+0x125b/0x1f80 [ 51.201542][ T3542] lock_acquire+0x1f8/0x5a0 [ 51.206547][ T3542] __mutex_lock+0x132/0xd80 [ 51.211551][ T3542] hfsplus_file_extend+0x1d2/0x1b10 [ 51.217262][ T3542] hfsplus_bmap_reserve+0x101/0x4e0 [ 51.222979][ T3542] hfsplus_rename_cat+0x1cf/0x1090 [ 51.228621][ T3542] hfsplus_rename+0x12a/0x1b0 [ 51.233809][ T3542] vfs_rename+0xbfc/0xf90 [ 51.238645][ T3542] do_renameat2+0xcbd/0x1300 [ 51.243747][ T3542] __x64_sys_renameat2+0xce/0xe0 [ 51.249300][ T3542] do_syscall_64+0x3d/0xb0 [ 51.254252][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.260673][ T3542] [ 51.260673][ T3542] other info that might help us debug this: [ 51.260673][ T3542] [ 51.270996][ T3542] Possible unsafe locking scenario: [ 51.270996][ T3542] [ 51.278427][ T3542] CPU0 CPU1 [ 51.283773][ T3542] ---- ---- [ 51.289115][ T3542] lock(&tree->tree_lock); [ 51.293604][ T3542] lock(&HFSPLUS_I(inode)->extents_lock); [ 51.301927][ T3542] lock(&tree->tree_lock); [ 51.308926][ T3542] lock(&HFSPLUS_I(inode)->extents_lock); [ 51.314712][ T3542] [ 51.314712][ T3542] *** DEADLOCK *** [ 51.314712][ T3542] [ 51.322829][ T3542] 4 locks held by syz-executor122/3542: [ 51.328353][ T3542] #0: ffff888075948460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 51.337471][ T3542] #1: ffff88807c1a1e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: lock_rename+0xf6/0x1c0 [ 51.347633][ T3542] #2: ffff88807c1a24c0 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lock_two_inodes+0xfc/0x180 [ 51.357960][ T3542] #3: ffff88807594e0b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x146/0x1c0 [ 51.367849][ T3542] [ 51.367849][ T3542] stack backtrace: [ 51.373723][ T3542] CPU: 1 PID: 3542 Comm: syz-executor122 Not tainted 6.1.69-syzkaller #0 [ 51.382110][ T3542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 51.392144][ T3542] Call Trace: [ 51.395405][ T3542] [ 51.398315][ T3542] dump_stack_lvl+0x1e3/0x2cb [ 51.403150][ T3542] ? nf_tcp_handle_invalid+0x642/0x642 [ 51.408677][ T3542] ? print_circular_bug+0x12b/0x1a0 [ 51.413901][ T3542] check_noncircular+0x2fa/0x3b0 [ 51.418840][ T3542] ? add_chain_block+0x850/0x850 [ 51.423770][ T3542] ? lockdep_lock+0x11f/0x2a0 [ 51.428433][ T3542] ? _find_first_zero_bit+0xd0/0x100 [ 51.433710][ T3542] validate_chain+0x1661/0x5950 [ 51.438544][ T3542] ? hlock_conflict+0x55/0x1f0 [ 51.443292][ T3542] ? check_noncircular+0x1e3/0x3b0 [ 51.448404][ T3542] ? reacquire_held_locks+0x660/0x660 [ 51.453783][ T3542] ? add_chain_block+0x850/0x850 [ 51.458700][ T3542] ? lockdep_unlock+0x165/0x300 [ 51.463542][ T3542] ? look_up_lock_class+0x77/0x140 [ 51.468669][ T3542] ? register_lock_class+0x100/0x990 [ 51.473951][ T3542] ? is_dynamic_key+0x260/0x260 [ 51.478785][ T3542] ? validate_chain+0x13ce/0x5950 [ 51.483792][ T3542] ? mark_lock+0x9a/0x340 [ 51.488131][ T3542] __lock_acquire+0x125b/0x1f80 [ 51.492971][ T3542] lock_acquire+0x1f8/0x5a0 [ 51.497471][ T3542] ? hfsplus_file_extend+0x1d2/0x1b10 [ 51.502826][ T3542] ? read_lock_is_recursive+0x10/0x10 [ 51.508181][ T3542] ? __might_sleep+0xb0/0xb0 [ 51.512749][ T3542] ? print_irqtrace_events+0x210/0x210 [ 51.518187][ T3542] ? mark_lock+0x9a/0x340 [ 51.522497][ T3542] __mutex_lock+0x132/0xd80 [ 51.527069][ T3542] ? hfsplus_file_extend+0x1d2/0x1b10 [ 51.532422][ T3542] ? hfsplus_file_extend+0x1d2/0x1b10 [ 51.537882][ T3542] ? mutex_lock_nested+0x10/0x10 [ 51.542850][ T3542] hfsplus_file_extend+0x1d2/0x1b10 [ 51.548039][ T3542] ? __might_sleep+0xb0/0xb0 [ 51.552615][ T3542] ? trace_raw_output_contention_end+0xd0/0xd0 [ 51.558768][ T3542] ? hfsplus_get_block+0x14e0/0x14e0 [ 51.564039][ T3542] ? trace_contention_end+0x61/0x170 [ 51.569394][ T3542] ? __mutex_lock+0x2f7/0xd80 [ 51.574059][ T3542] ? hfsplus_find_init+0x146/0x1c0 [ 51.579153][ T3542] ? mutex_lock_nested+0x10/0x10 [ 51.584074][ T3542] hfsplus_bmap_reserve+0x101/0x4e0 [ 51.589256][ T3542] hfsplus_rename_cat+0x1cf/0x1090 [ 51.594349][ T3542] ? stack_trace_save+0x113/0x1c0 [ 51.599351][ T3542] ? reacquire_held_locks+0x660/0x660 [ 51.604803][ T3542] ? stack_trace_snprint+0xe0/0xe0 [ 51.609901][ T3542] ? hfsplus_subfolders_dec+0x110/0x110 [ 51.615725][ T3542] ? rwsem_write_trylock+0x166/0x210 [ 51.621001][ T3542] ? vfs_rename+0x724/0xf90 [ 51.625581][ T3542] ? clear_nonspinnable+0x60/0x60 [ 51.630600][ T3542] ? generic_permission+0x21c/0x4f0 [ 51.635788][ T3542] hfsplus_rename+0x12a/0x1b0 [ 51.640535][ T3542] ? hfsplus_mknod+0x2a0/0x2a0 [ 51.645280][ T3542] vfs_rename+0xbfc/0xf90 [ 51.649597][ T3542] ? __ia32_sys_link+0x90/0x90 [ 51.654347][ T3542] ? security_path_rename+0x17f/0x210 [ 51.659703][ T3542] do_renameat2+0xcbd/0x1300 [ 51.664277][ T3542] ? fsnotify_move+0x4f0/0x4f0 [ 51.669020][ T3542] ? __virt_addr_valid+0x22b/0x2e0 [ 51.674136][ T3542] ? __check_object_size+0x4dd/0xa30 [ 51.679408][ T3542] ? getname_flags+0x1f9/0x4f0 [ 51.684151][ T3542] __x64_sys_renameat2+0xce/0xe0 [ 51.689075][ T3542] do_syscall_64+0x3d/0xb0 [ 51.693480][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.699370][ T3542] RIP: 0033:0x7f3e429567b9 [ 51.703768][ T3542] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.723443][ T3542] RSP: 002b:00007ffd979920d8 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 51.731923][ T3542] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f3e429567