program: syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x400, &(0x7f0000000140)=ANY=[], 0x1, 0x694, &(0x7f0000001100)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXr9l1Yq8tPp9odp5nnpd5nt/M7OzOKnKA/1nXzqXxOLVcO/fmcpFfeTTTWXk0c6efTjKRpJ40eqvU7ia1j5Kr6S35TLGx6q623X4+WJh9++NPVz7p5RrVUtav79Rukyv1LTY+rJacSXKkWj+Ddf1d39Bfa+TuaqszLAJ2th84GLdmku463z21VvJUw1+3wIFVK++bm6/5qeRoksnqc0Dvrti7Zx9qD8c9AAAAANgHL/yy/Ap/bNzjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMOk9/f/i1W51PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3jO0dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5TK6ntEInk83/83Xdude7enrh579zBmdIIJgaeoG2MxMxAJF7e+ZxIM1Ukbh3WSAyaLiNxcjV/Ld/It3MuZ/JWFrOQ72UuS5nPmXw9czmSuep8Ll6ndo7U1XW5t542klZ5XJrVu+jwY1rKXF4t2x7LQr6Vd3Mj87lS/ruUi3m96jGrR/jkEFd9fbR32rNfGHiY/Isk7eHa7YNiYMdX706DZ/10eR0cX7dl7Tp48fnfjxqfrRLFPn4ycETGb2MkLg5E4qWdI/Gb8m3lXufu7cVbc+8Nub/XqnVxHf3sQN0livPlxeJglbn1Z0dR9tLGsslevFrVLy69svV33KLs5GrZ9lfq5VzObFn71JY9XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94TZFe5hoJ+lvSZ7Wqpmn19mbRCtJmWj0E6P1MzFU5dba0Xnj988y5uaorZLnEqhGdZLdf3D7n91ud98P0xaJ5g7n/FqiW9lU1B2q+dgS/+o+vw7H/MYE7LkLS3feu3Dv/oMvLdyZe2f+nfm7s5cvz07PXr7ytws3Fzrz073XcY8S2AtrN/1xjwQAAAAAAAAAAAAY1n78t4Rtdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9p2+/lgYfbtjz9d+aSXa1RLWb++rl1zN7N4WC05k+RItR40+Qz9Xa/WuxpZqbY6wyJgZ/uBg3H7bwAAAP//2wMQAg==") syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="002cfbe4dfc52d07fe6b9670e93117085d789a4c3b76a7c8b3d273fd5392199ca0f5b52546f6050830f5a3ad42abe1a3b5b20f6e31132b03caec94aad2851bd2e7926212"], 0x1, 0xdab, &(0x7f0000000e80)="$eJzs3ctvXNX9APBzx544L36x8wuNm6ZJSkigj9iQumklNkaii1KE1CVLmgaa1gmP0AUoi5RFV0i1hPgDipDIpuqi6oJNFbGiG1Sp+wqx6iaVkLJAUcCV7XPG429mdGcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux8jg3N12l9N5H7z7zr7O/+NvylJOtHKdWHsfz2HxKqdmaL6XJsLz5idX0qy+uX2xPv85plc6nKlWt6en52615D6SUbqRT6VaaTE+9cOfeh4vPPrc4debm0Xc+vbs1rV9TbXUBAACwA3z58w9e+8djP70+dfcvJ+bTRGt62T6fz+MH83b/fN5QLtvL5X9A1ZZWHban94R843lohHxjHfK1l9MM+ca7lL8nLLfZJd9ETfljbdM6tRuG2dr/+Koxs2680ZiZWf1PvuyzsT3VzNXLCy9dG1BFgU1352TexWcwGEZuWDo06DUQwKp43PA+Nzb3SF1raeO9lX/76Ubn+WETbPfnX/nDVf4Hv7fGYfPs1k9TaVf5Hh3M4/E4wniYr9/vf1lePB7R7LGe3Y4jDMvxhW71HNvmemxUt/rHz8Vu9e2cltfhRIi3f3/iezos7zHQ2Zf2/xsMIzssDXoFBOxY8by5pazE43l9MT5RE99bE99XE99fEz9QE4dR9tc3/pgWq7X/+fE/fb/7w8p+tody+n991ifuj+y3/Hjeb78etPx4PjHsZL8898mf7/zu1j/j+f9fh/P/T+ff0sm8gij7C+N+9da5/+HC4EaXfIdDfR7qkH/l+ZH1+aoja8tJbeuZ++oxvX6+Q93yHV+fbzLk25+3RfaG+sbtk/1hvrL9Udar5fUaD+1thnbsCfUo78xUTveG9kx1a1fYkb0n5Gvm4f9Du46Edj0c5vtGaFc1vb5dcf95qc/RMD0eJyn5wtt23+9SfC/idRmP5PTtnL6f049z+nmHckdR+Tx2O/+/fD6nU7N66fLCpSfyePmcfjLWnFie/uQ21xt4cL1e/zOd1l//c7A1vdloXy8cWpteta8XJsP0812m/zCPl9+zX4/tW5k+c/GVhV9tduNhxF17863fvriwcOl1TzzxxJPWk0GvmYCtNvvGlVdnr7351rnLV158+dLLl65e+MmPzj8x9+MLF2ZXNutn2zfugV1l7Ud/0DUBAAAAAAAAAAAAelbt6zw5p3X3ty3Xk5fr0+P18QyH8r6VT0O5j0G5/rPbfV3K9ZtT21BHNt92XE406DYCnf3X/X8NhpEdlpbcxR/YGQbd/1+572FJr/79Z3uXh5Lt9tPr15fx/oXwIHZ6/3PK3139/7X6v+p5/Rd6zJrcWLlX7j16s63YdKzX8mP7y31gj/RX/tVcfmnN2dRb+Ut/CuXHG5X26JVQ/v4ey7+v/cc3Vv6rufzysj1+utfyV2tcNdbXI+43LvcBjPuNi9dC+8u9/fpu/wY7ans9lw+jbFj6mezXsPT/2U1ZblkP5tVz6zhduf927O+g3/qX+36X34GHw/Krmt83/X8Ot7r+P8vnb1b/n7DrfOb4n8EwssPS0tJAuz4Z1X5XdopBv/6D3oYcdPmDfv3rxP4/4/+l2P9njMf+P2M89v8Z47F/rRiP/X/G1zP2/xnjR8NyY/+g0zXxb9bEj9XEv1UTP14Tj//fYvxUTfxETfxkTfxwTfyRmvjpmvijNfEzNfHHauKP18R3u+/kdFTbD6Ms9hvp+w+joxz/6fb9P1ITB4ZX7Nc5fr/P1sSB4VXO8/D9hhFUdb5jR9zfXvbjvp3T93P6cU4/37IKsh2+m9Pv5fT7Of1BTs/ldCansznVNeRw+8N/jp1YrNbO8zsU4r2eTxqvB4j3iXmyx/rE43P9ns96tMdytqr8DV4OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0GiuPc3PTVUrvffTuM/8+95vDy1NOtnKcWnkcz2PzKaVmSqnK4+NheTcmVtOvvrh+sVNapfMrj2U8PX+7Ne+B5fnTqXQrTaanXrhz78PFZ59bnDpz8+g7n97dmtavqba6AAAAABig/wUAAP//vrPsgA==") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x80086e8a, 0xfffffffffffffffe) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000100)={0xc, 0x0, 0xfa00, {0x0}}, 0xfdb6) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0xffffffffffff5f43]}) io_submit(r3, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x70000}]) [ 76.092012][ T5309] Bluetooth: hci0: command tx timeout [ 76.158070][ T5332] loop0: detected capacity change from 0 to 1024 [ 76.329957][ T26] audit: type=1800 audit(1767544168.736:2): pid=5332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 76.355923][ T5332] [ 76.356999][ T5332] ====================================================== [ 76.359812][ T5332] WARNING: possible circular locking dependency detected [ 76.362608][ T5332] syzkaller #0 Not tainted [ 76.364407][ T5332] ------------------------------------------------------ [ 76.367367][ T5332] syz.0.0/5332 is trying to acquire lock: [ 76.369831][ T5332] ffff88801a324108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1c30 [ 76.374656][ T5332] [ 76.374656][ T5332] but task is already holding lock: [ 76.377793][ T5332] ffff8880322da0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x2d0 [ 76.381965][ T5332] [ 76.381965][ T5332] which lock already depends on the new lock. [ 76.381965][ T5332] [ 76.386503][ T5332] [ 76.386503][ T5332] the existing dependency chain (in reverse order) is: [ 76.390508][ T5332] [ 76.390508][ T5332] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 76.394072][ T5332] __mutex_lock+0x187/0x1350 [ 76.396445][ T5332] hfsplus_find_init+0x168/0x2d0 [ 76.398942][ T5332] hfsplus_file_truncate+0x387/0xc10 [ 76.401576][ T5332] hfsplus_setattr+0x1c4/0x270 [ 76.403979][ T5332] notify_change+0xc1a/0xf40 [ 76.406303][ T5332] do_truncate+0x1a4/0x220 [ 76.408644][ T5332] do_ftruncate+0x4a5/0x560 [ 76.410935][ T5332] __x64_sys_ftruncate+0x92/0xf0 [ 76.413414][ T5332] do_syscall_64+0xec/0xf80 [ 76.415703][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.418610][ T5332] [ 76.418610][ T5332] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}: [ 76.422486][ T5332] __lock_acquire+0x15a6/0x2cf0 [ 76.424815][ T5332] lock_acquire+0x107/0x340 [ 76.426980][ T5332] __mutex_lock+0x187/0x1350 [ 76.429226][ T5332] hfsplus_file_extend+0x1f8/0x1c30 [ 76.431733][ T5332] hfsplus_bmap_reserve+0x125/0x510 [ 76.434230][ T5332] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 76.437047][ T5332] __hfsplus_ext_cache_extent+0x89/0xe30 [ 76.439720][ T5332] hfsplus_file_extend+0x437/0x1c30 [ 76.442163][ T5332] hfsplus_get_block+0x40a/0x1600 [ 76.444575][ T5332] __block_write_begin_int+0x6b5/0x1900 [ 76.447298][ T5332] cont_write_begin+0x78c/0xb50 [ 76.449555][ T5332] hfsplus_write_begin+0x66/0xb0 [ 76.451675][ T5332] generic_perform_write+0x2c5/0x900 [ 76.454032][ T5332] generic_file_write_iter+0x117/0x550 [ 76.456489][ T5332] aio_write+0x535/0x7a0 [ 76.458507][ T5332] io_submit_one+0x775/0x1430 [ 76.460797][ T5332] __se_sys_io_submit+0x185/0x320 [ 76.463213][ T5332] do_syscall_64+0xec/0xf80 [ 76.465384][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.468071][ T5332] [ 76.468071][ T5332] other info that might help us debug this: [ 76.468071][ T5332] [ 76.472310][ T5332] Possible unsafe locking scenario: [ 76.472310][ T5332] [ 76.475327][ T5332] CPU0 CPU1 [ 76.477610][ T5332] ---- ---- [ 76.480056][ T5332] lock(&tree->tree_lock/1); [ 76.482143][ T5332] lock(&HFSPLUS_I(inode)->extents_lock); [ 76.485763][ T5332] lock(&tree->tree_lock/1); [ 76.489008][ T5332] lock(&HFSPLUS_I(inode)->extents_lock); [ 76.491650][ T5332] [ 76.491650][ T5332] *** DEADLOCK *** [ 76.491650][ T5332] [ 76.495169][ T5332] 3 locks held by syz.0.0/5332: [ 76.497365][ T5332] #0: ffff88801a327238 (&sb->s_type->i_mutex_key#24){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550 [ 76.502264][ T5332] #1: ffff88801a327048 (&hip->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1c30 [ 76.506867][ T5332] #2: ffff8880322da0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x2d0 [ 76.511094][ T5332] [ 76.511094][ T5332] stack backtrace: [ 76.513655][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 76.513671][ T5332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.513678][ T5332] Call Trace: [ 76.513686][ T5332] [ 76.513692][ T5332] dump_stack_lvl+0xe8/0x150 [ 76.513710][ T5332] print_circular_bug+0x2e2/0x300 [ 76.513725][ T5332] check_noncircular+0x12e/0x150 [ 76.513739][ T5332] __lock_acquire+0x15a6/0x2cf0 [ 76.513750][ T5332] ? rcu_is_watching+0x15/0xb0 [ 76.513760][ T5332] ? __kasan_check_byte+0x12/0x40 [ 76.513770][ T5332] ? rcu_is_watching+0x15/0xb0 [ 76.513780][ T5332] ? lock_release+0x4b/0x3b0 [ 76.513787][ T5332] ? lock_release+0x4b/0x3b0 [ 76.513796][ T5332] ? hfsplus_file_extend+0x1f8/0x1c30 [ 76.513806][ T5332] lock_acquire+0x107/0x340 [ 76.513815][ T5332] ? hfsplus_file_extend+0x1f8/0x1c30 [ 76.513829][ T5332] __mutex_lock+0x187/0x1350 [ 76.513839][ T5332] ? hfsplus_file_extend+0x1f8/0x1c30 [ 76.513850][ T5332] ? stack_trace_save+0x9c/0xe0 [ 76.513866][ T5332] ? __pfx_stack_trace_save+0x10/0x10 [ 76.513881][ T5332] ? hfsplus_file_extend+0x1f8/0x1c30 [ 76.513890][ T5332] ? check_noncircular+0xda/0x150 [ 76.513902][ T5332] ? __pfx___mutex_lock+0x10/0x10 [ 76.513912][ T5332] ? add_lock_to_list+0xc7/0x100 [ 76.513924][ T5332] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 76.513941][ T5332] hfsplus_file_extend+0x1f8/0x1c30 [ 76.513955][ T5332] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 76.513964][ T5332] ? __pfx___mutex_trylock_common+0x10/0x10 [ 76.513977][ T5332] ? rcu_is_watching+0x15/0xb0 [ 76.513987][ T5332] ? trace_contention_end+0x39/0x100 [ 76.514001][ T5332] ? __asan_memset+0x22/0x50 [ 76.514013][ T5332] ? hfsplus_brec_find+0x1a9/0x510 [ 76.514028][ T5332] hfsplus_bmap_reserve+0x125/0x510 [ 76.514043][ T5332] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 76.514057][ T5332] __hfsplus_ext_cache_extent+0x89/0xe30 [ 76.514071][ T5332] hfsplus_file_extend+0x437/0x1c30 [ 76.514084][ T5332] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 76.514096][ T5332] ? clean_bdev_aliases+0x5c9/0x6b0 [ 76.514111][ T5332] ? __pfx_clean_bdev_aliases+0x10/0x10 [ 76.514125][ T5332] hfsplus_get_block+0x40a/0x1600 [ 76.514139][ T5332] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.514149][ T5332] ? do_raw_spin_unlock+0x4d/0x240 [ 76.514163][ T5332] ? _raw_spin_unlock+0x28/0x50 [ 76.514177][ T5332] __block_write_begin_int+0x6b5/0x1900 [ 76.514196][ T5332] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.514207][ T5332] ? __pfx___block_write_begin_int+0x10/0x10 [ 76.514222][ T5332] cont_write_begin+0x78c/0xb50 [ 76.514239][ T5332] ? __pfx_cont_write_begin+0x10/0x10 [ 76.514255][ T5332] hfsplus_write_begin+0x66/0xb0 [ 76.514264][ T5332] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.514275][ T5332] generic_perform_write+0x2c5/0x900 [ 76.514288][ T5332] ? __pfx_generic_perform_write+0x10/0x10 [ 76.514297][ T5332] ? file_update_time_flags+0x2cb/0x4e0 [ 76.514311][ T5332] ? __generic_file_write_iter+0xf9/0x230 [ 76.514319][ T5332] ? generic_file_write_iter+0x103/0x550 [ 76.514329][ T5332] generic_file_write_iter+0x117/0x550 [ 76.514338][ T5332] ? __pfx_generic_file_write_iter+0x10/0x10 [ 76.514353][ T5332] ? __lock_acquire+0x6b6/0x2cf0 [ 76.514371][ T5332] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 76.514386][ T5332] ? lockdep_hardirqs_on+0x7b/0x110 [ 76.514396][ T5332] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 76.514411][ T5332] ? stack_depot_save_flags+0x3f3/0x810 [ 76.514429][ T5332] ? io_submit_one+0x775/0x1430 [ 76.514445][ T5332] ? aio_write+0x4c4/0x7a0 [ 76.514488][ T5332] aio_write+0x535/0x7a0 [ 76.514503][ T5332] ? __pfx_aio_write+0x10/0x10 [ 76.514519][ T5332] ? __might_fault+0xb0/0x130 [ 76.514536][ T5332] io_submit_one+0x775/0x1430 [ 76.514550][ T5332] ? irqentry_exit+0x5e8/0x670 [ 76.514560][ T5332] ? __pfx_io_submit_one+0x10/0x10 [ 76.514572][ T5332] ? __might_fault+0xb0/0x130 [ 76.514586][ T5332] ? __might_fault+0xb0/0x130 [ 76.514597][ T5332] __se_sys_io_submit+0x185/0x320 [ 76.514609][ T5332] ? __pfx___se_sys_io_submit+0x10/0x10 [ 76.514625][ T5332] do_syscall_64+0xec/0xf80 [ 76.514634][ T5332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.514644][ T5332] ? trace_irq_disable+0x37/0x100 [ 76.514658][ T5332] ? clear_bhb_loop+0x60/0xb0 [ 76.514670][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.514681][ T5332] RIP: 0033:0x7efc6b58f7c9 [ 76.514692][ T5332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.514701][ T5332] RSP: 002b:00007efc6c43f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 76.514712][ T5332] RAX: ffffffffffffffda RBX: 00007efc6b7e5fa0 RCX: 00007efc6b58f7c9 [ 76.514720][ T5332] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007efc6c3f5000 [ 76.514728][ T5332] RBP: 00007efc6b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 76.514734][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.514740][ T5332] R13: 00007efc6b7e6038 R14: 00007efc6b7e5fa0 R15: 00007ffe6e7aab48 [ 76.514751][ T5332] [ 76.723142][ T26] audit: type=1804 audit(1767544168.766:3): pid=5332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.0" name="/newroot/0/file1/bus" dev="loop0" ino=26 res=1 errno=0