Warning: Permanently added '10.128.0.160' (ED25519) to the list of known hosts. executing program [ 32.245952][ T6235] loop0: detected capacity change from 0 to 1024 [ 32.316284][ T6236] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 32.328039][ T6235] loop0: detected capacity change from 0 to 1024 [ 32.336517][ T6235] hfsplus: invalid extended attribute record [ 32.339557][ T6235] [ 32.340260][ T6235] ====================================================== [ 32.342099][ T6235] WARNING: possible circular locking dependency detected [ 32.343903][ T6235] 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 Not tainted [ 32.345663][ T6235] ------------------------------------------------------ [ 32.347558][ T6235] syz-executor324/6235 is trying to acquire lock: [ 32.349251][ T6235] ffff0000d8e5c0b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x6d0/0x9b8 [ 32.351852][ T6235] [ 32.351852][ T6235] but task is already holding lock: [ 32.353783][ T6235] ffff0000d8f122c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x250/0x9b8 [ 32.356733][ T6235] [ 32.356733][ T6235] which lock already depends on the new lock. [ 32.356733][ T6235] [ 32.359440][ T6235] [ 32.359440][ T6235] the existing dependency chain (in reverse order) is: [ 32.361856][ T6235] [ 32.361856][ T6235] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 32.364307][ T6235] __mutex_lock_common+0x190/0x21a0 [ 32.365898][ T6235] mutex_lock_nested+0x2c/0x38 [ 32.367310][ T6235] hfsplus_file_extend+0x1d0/0x1544 [ 32.368832][ T6235] hfsplus_bmap_reserve+0xec/0x474 [ 32.370340][ T6235] hfsplus_create_cat+0x18c/0x1318 [ 32.371800][ T6235] hfsplus_fill_super+0xf60/0x166c [ 32.373239][ T6235] mount_bdev+0x1d4/0x2a0 [ 32.374470][ T6235] hfsplus_mount+0x44/0x58 [ 32.375789][ T6235] legacy_get_tree+0xd4/0x16c [ 32.377202][ T6235] vfs_get_tree+0x90/0x288 [ 32.378529][ T6235] do_new_mount+0x278/0x900 [ 32.379784][ T6235] path_mount+0x590/0xe04 [ 32.381078][ T6235] __arm64_sys_mount+0x45c/0x594 [ 32.382537][ T6235] invoke_syscall+0x98/0x2b8 [ 32.383853][ T6235] el0_svc_common+0x130/0x23c [ 32.385146][ T6235] do_el0_svc+0x48/0x58 [ 32.386381][ T6235] el0_svc+0x54/0x168 [ 32.387549][ T6235] el0t_64_sync_handler+0x84/0xfc [ 32.388983][ T6235] el0t_64_sync+0x190/0x194 [ 32.390272][ T6235] [ 32.390272][ T6235] -> #0 (&tree->tree_lock){+.+.}-{3:3}: [ 32.392291][ T6235] __lock_acquire+0x3384/0x763c [ 32.393732][ T6235] lock_acquire+0x248/0x73c [ 32.395030][ T6235] __mutex_lock_common+0x190/0x21a0 [ 32.396551][ T6235] mutex_lock_nested+0x2c/0x38 [ 32.397933][ T6235] hfsplus_file_truncate+0x6d0/0x9b8 [ 32.399456][ T6235] hfsplus_delete_inode+0x154/0x200 [ 32.400928][ T6235] hfsplus_unlink+0x42c/0x690 [ 32.402261][ T6235] vfs_unlink+0x2f0/0x508 [ 32.403559][ T6235] do_unlinkat+0x4d0/0x700 [ 32.404889][ T6235] __arm64_sys_unlinkat+0xcc/0xfc [ 32.406445][ T6235] invoke_syscall+0x98/0x2b8 [ 32.407837][ T6235] el0_svc_common+0x130/0x23c [ 32.409207][ T6235] do_el0_svc+0x48/0x58 [ 32.410468][ T6235] el0_svc+0x54/0x168 [ 32.411661][ T6235] el0t_64_sync_handler+0x84/0xfc [ 32.413102][ T6235] el0t_64_sync+0x190/0x194 [ 32.414456][ T6235] [ 32.414456][ T6235] other info that might help us debug this: [ 32.414456][ T6235] [ 32.417080][ T6235] Possible unsafe locking scenario: [ 32.417080][ T6235] [ 32.419041][ T6235] CPU0 CPU1 [ 32.420390][ T6235] ---- ---- [ 32.421780][ T6235] lock(&HFSPLUS_I(inode)->extents_lock); [ 32.423264][ T6235] lock(&tree->tree_lock); [ 32.425067][ T6235] lock(&HFSPLUS_I(inode)->extents_lock); [ 32.427223][ T6235] lock(&tree->tree_lock); [ 32.428454][ T6235] [ 32.428454][ T6235] *** DEADLOCK *** [ 32.428454][ T6235] [ 32.430574][ T6235] 5 locks held by syz-executor324/6235: [ 32.432009][ T6235] #0: ffff0000d8e5a420 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 32.434404][ T6235] #1: ffff0000d8f11e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_unlinkat+0x2dc/0x700 [ 32.437126][ T6235] #2: ffff0000d8f124c0 (&sb->s_type->i_mutex_key#16){+.+.}-{3:3}, at: vfs_unlink+0xd8/0x508 [ 32.439791][ T6235] #3: ffff0000d226f198 (&sbi->vh_mutex){+.+.}-{3:3}, at: hfsplus_unlink+0x144/0x690 [ 32.442305][ T6235] #4: ffff0000d8f122c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x250/0x9b8 [ 32.445294][ T6235] [ 32.445294][ T6235] stack backtrace: [ 32.446796][ T6235] CPU: 1 PID: 6235 Comm: syz-executor324 Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 [ 32.449403][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 32.452040][ T6235] Call trace: [ 32.452937][ T6235] dump_backtrace+0x1b8/0x1e4 [ 32.454208][ T6235] show_stack+0x2c/0x3c [ 32.455293][ T6235] dump_stack_lvl+0xe4/0x150 [ 32.456510][ T6235] dump_stack+0x1c/0x28 [ 32.457575][ T6235] print_circular_bug+0x150/0x1b8 [ 32.458902][ T6235] check_noncircular+0x310/0x404 [ 32.460186][ T6235] __lock_acquire+0x3384/0x763c [ 32.461455][ T6235] lock_acquire+0x248/0x73c [ 32.462717][ T6235] __mutex_lock_common+0x190/0x21a0 [ 32.464021][ T6235] mutex_lock_nested+0x2c/0x38 [ 32.465175][ T6235] hfsplus_file_truncate+0x6d0/0x9b8 [ 32.466593][ T6235] hfsplus_delete_inode+0x154/0x200 [ 32.467948][ T6235] hfsplus_unlink+0x42c/0x690 [ 32.469152][ T6235] vfs_unlink+0x2f0/0x508 [ 32.470339][ T6235] do_unlinkat+0x4d0/0x700 [ 32.471539][ T6235] __arm64_sys_unlinkat+0xcc/0xfc [ 32.472873][ T6235] invoke_syscall+0x98/0x2b8 [ 32.474019][ T6235] el0_svc_common+0x130/0x23c [ 32.475212][ T6235] do_el0_svc+0x48/0x58 [ 32.476256][ T6235] el0_svc+0x54/0x168 [ 32.477274][ T6235] el0t_64_sync_handler+0x84/0xfc [ 32.478613][ T6235] el0t_64_sync+0x190/0x194