DUID 00:04:a3:03:08:15:93:78:e3:1f:4c:1c:fb:56:e6:f5:4b:05 forked to background, child pid 4653 [ 34.661231][ T4654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.681246][ T4654] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.95' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 73.522578][ T5074] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5074 'syz-executor188' [ 73.547636][ T5074] loop0: detected capacity change from 0 to 1024 [ 73.550954][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.582962][ T5074] loop0: detected capacity change from 0 to 1024 [ 73.585418][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.614329][ T5074] loop0: detected capacity change from 0 to 1024 [ 73.618440][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 executing program [ 73.654411][ T5074] loop0: detected capacity change from 0 to 1024 [ 73.658410][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.685654][ T5074] loop0: detected capacity change from 0 to 1024 [ 73.688279][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.734686][ T5078] loop0: detected capacity change from 0 to 1024 [ 73.737896][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.756841][ T5078] hfsplus: failed to load root directory [ 73.777075][ T5078] loop0: detected capacity change from 0 to 1024 [ 73.787096][ T5078] hfsplus: failed to load root directory [ 73.805599][ T5078] loop0: detected capacity change from 0 to 1024 [ 73.808016][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.823954][ T5078] hfsplus: failed to load root directory executing program [ 73.851148][ T5078] loop0: detected capacity change from 0 to 1024 [ 73.855208][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.867322][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 73.877216][ T5076] Buffer I/O error on dev loop0, logical block 0, async page read [ 73.887740][ T5078] hfsplus: failed to load root directory [ 73.936000][ T5081] loop0: detected capacity change from 0 to 1024 [ 73.937467][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 73.955824][ T5081] hfsplus: failed to load root directory [ 73.976893][ T5081] loop0: detected capacity change from 0 to 1024 [ 73.986678][ T5081] hfsplus: failed to load root directory [ 74.004963][ T5081] loop0: detected capacity change from 0 to 1024 [ 74.007757][ T5076] Buffer I/O error on dev loop0, logical block 0, async page read [ 74.021900][ T5081] hfsplus: failed to load root directory executing program [ 74.042065][ T5081] loop0: detected capacity change from 0 to 1024 [ 74.053045][ T5081] hfsplus: failed to load root directory [ 74.112255][ T5084] loop0: detected capacity change from 0 to 1024 [ 74.136094][ T5084] loop0: detected capacity change from 0 to 1024 [ 74.140859][ T5076] Buffer I/O error on dev loop0, logical block 0, async page read [ 74.166912][ T5084] loop0: detected capacity change from 0 to 1024 [ 74.170489][ T5076] Buffer I/O error on dev loop0, logical block 0, async page read [ 74.198279][ T5084] loop0: detected capacity change from 0 to 1024 executing program [ 74.227123][ T5084] loop0: detected capacity change from 0 to 1024 [ 74.236913][ T5076] Buffer I/O error on dev loop0, logical block 0, async page read [ 74.244964][ T5076] Buffer I/O error on dev loop0, logical block 0, async page read [ 74.302796][ T5088] loop0: detected capacity change from 0 to 1024 [ 74.328890][ T5088] [ 74.331255][ T5088] ====================================================== [ 74.338344][ T5088] WARNING: possible circular locking dependency detected [ 74.345349][ T5088] 6.2.0-rc5-next-20230123-syzkaller #0 Not tainted [ 74.351843][ T5088] ------------------------------------------------------ [ 74.358853][ T5088] syz-executor188/5088 is trying to acquire lock: [ 74.365251][ T5088] ffff88807ce340b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0xe87/0x10d0 [ 74.375193][ T5088] [ 74.375193][ T5088] but task is already holding lock: [ 74.382544][ T5088] ffff88807c833708 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x205/0x10d0 [ 74.393772][ T5088] [ 74.393772][ T5088] which lock already depends on the new lock. [ 74.393772][ T5088] [ 74.404260][ T5088] [ 74.404260][ T5088] the existing dependency chain (in reverse order) is: [ 74.413269][ T5088] [ 74.413269][ T5088] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 74.422310][ T5088] __mutex_lock+0x12f/0x1350 [ 74.427428][ T5088] hfsplus_get_block+0x27b/0x9b0 [ 74.432914][ T5088] block_read_full_folio+0x41d/0xab0 [ 74.438719][ T5088] filemap_read_folio+0xdb/0x2c0 [ 74.444180][ T5088] do_read_cache_folio+0x1df/0x510 [ 74.449824][ T5088] read_cache_page+0x5d/0x160 [ 74.455020][ T5088] __hfs_bnode_create+0x61b/0x820 [ 74.460731][ T5088] hfsplus_bnode_find+0x408/0xc50 [ 74.466283][ T5088] hfsplus_brec_find+0x2b3/0x510 [ 74.471735][ T5088] hfsplus_brec_read+0x2c/0x120 [ 74.477105][ T5088] hfsplus_find_cat+0x1d4/0x490 [ 74.482481][ T5088] hfsplus_iget+0x480/0x7c0 [ 74.487529][ T5088] hfsplus_fill_super+0xd15/0x1a30 [ 74.493178][ T5088] mount_bdev+0x351/0x410 [ 74.498034][ T5088] legacy_get_tree+0x109/0x220 [ 74.503313][ T5088] vfs_get_tree+0x8d/0x2f0 [ 74.508252][ T5088] path_mount+0x132a/0x1e20 [ 74.513278][ T5088] __x64_sys_mount+0x283/0x300 [ 74.518565][ T5088] do_syscall_64+0x39/0xb0 [ 74.523505][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 74.529918][ T5088] [ 74.529918][ T5088] -> #0 (&tree->tree_lock){+.+.}-{3:3}: [ 74.537641][ T5088] __lock_acquire+0x2a9d/0x5780 [ 74.543011][ T5088] lock_acquire.part.0+0x11c/0x350 [ 74.548730][ T5088] __mutex_lock+0x12f/0x1350 [ 74.553840][ T5088] hfsplus_file_truncate+0xe87/0x10d0 [ 74.559740][ T5088] hfsplus_delete_inode+0x191/0x220 [ 74.565463][ T5088] hfsplus_unlink+0x5a6/0x830 [ 74.570678][ T5088] hfsplus_rename+0xc2/0x210 [ 74.575812][ T5088] vfs_rename+0xef6/0x17a0 [ 74.580758][ T5088] do_renameat2+0xb62/0xc90 [ 74.585788][ T5088] __x64_sys_rename+0x81/0xa0 [ 74.591153][ T5088] do_syscall_64+0x39/0xb0 [ 74.596092][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 74.602517][ T5088] [ 74.602517][ T5088] other info that might help us debug this: [ 74.602517][ T5088] [ 74.612733][ T5088] Possible unsafe locking scenario: [ 74.612733][ T5088] [ 74.620169][ T5088] CPU0 CPU1 [ 74.625534][ T5088] ---- ---- [ 74.630886][ T5088] lock(&HFSPLUS_I(inode)->extents_lock); [ 74.636684][ T5088] lock(&tree->tree_lock); [ 74.643698][ T5088] lock(&HFSPLUS_I(inode)->extents_lock); [ 74.652016][ T5088] lock(&tree->tree_lock); [ 74.656517][ T5088] [ 74.656517][ T5088] *** DEADLOCK *** [ 74.656517][ T5088] [ 74.664732][ T5088] 6 locks held by syz-executor188/5088: [ 74.670264][ T5088] #0: ffff88801c858460 (sb_writers#10){.+.+}-{0:0}, at: do_renameat2+0x37f/0xc90 [ 74.679495][ T5088] #1: ffff88807c832b80 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: lock_rename+0x229/0x280 [ 74.689783][ T5088] #2: ffff88807c833240 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: lock_two_nondirectories+0xf0/0x110 [ 74.701122][ T5088] #3: ffff88807c833900 (&sb->s_type->i_mutex_key#15/4){+.+.}-{3:3}, at: lock_two_nondirectories+0xd5/0x110 [ 74.712622][ T5088] #4: ffff88807c150998 (&sbi->vh_mutex){+.+.}-{3:3}, at: hfsplus_unlink+0x151/0x830 [ 74.722118][ T5088] #5: ffff88807c833708 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x205/0x10d0 [ 74.733792][ T5088] [ 74.733792][ T5088] stack backtrace: [ 74.739934][ T5088] CPU: 1 PID: 5088 Comm: syz-executor188 Not tainted 6.2.0-rc5-next-20230123-syzkaller #0 [ 74.749815][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 74.759867][ T5088] Call Trace: [ 74.763137][ T5088] [ 74.766060][ T5088] dump_stack_lvl+0xd1/0x138 [ 74.770658][ T5088] check_noncircular+0x25f/0x2e0 [ 74.775598][ T5088] ? register_lock_class+0xbe/0x1120 [ 74.780881][ T5088] ? print_circular_bug+0x1e0/0x1e0 [ 74.786076][ T5088] ? debug_object_activate+0x28b/0x3e0 [ 74.791546][ T5088] __lock_acquire+0x2a9d/0x5780 [ 74.796409][ T5088] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 74.802397][ T5088] ? mark_lock.part.0+0xee/0x1910 [ 74.807438][ T5088] ? find_held_lock+0x2d/0x110 [ 74.812206][ T5088] lock_acquire.part.0+0x11c/0x350 [ 74.817353][ T5088] ? hfsplus_file_truncate+0xe87/0x10d0 [ 74.823014][ T5088] ? lock_sync+0x190/0x190 [ 74.827517][ T5088] ? hfsplus_file_truncate+0xe87/0x10d0 [ 74.833076][ T5088] ? rcu_read_lock_sched_held+0x3e/0x70 [ 74.838628][ T5088] ? trace_lock_acquire+0x1f1/0x290 [ 74.843909][ T5088] ? hfsplus_file_truncate+0xe87/0x10d0 [ 74.849458][ T5088] ? lock_acquire+0x32/0xc0 [ 74.853968][ T5088] ? hfsplus_file_truncate+0xe87/0x10d0 [ 74.859536][ T5088] __mutex_lock+0x12f/0x1350 [ 74.864125][ T5088] ? hfsplus_file_truncate+0xe87/0x10d0 [ 74.869724][ T5088] ? lockdep_hardirqs_on+0x7d/0x100 [ 74.874946][ T5088] ? hfsplus_file_truncate+0xe87/0x10d0 [ 74.880516][ T5088] ? _raw_spin_unlock+0x28/0x40 [ 74.885385][ T5088] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 74.890940][ T5088] ? hfsplus_block_free+0x36f/0x500 [ 74.896148][ T5088] ? hfsplus_find_init+0x95/0x230 [ 74.901272][ T5088] ? hfsplus_free_extents+0x152/0x4f0 [ 74.906737][ T5088] hfsplus_file_truncate+0xe87/0x10d0 [ 74.912117][ T5088] ? hfsplus_find_exit+0x79/0xc0 [ 74.917055][ T5088] ? hfsplus_get_block+0x9b0/0x9b0 [ 74.922173][ T5088] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 74.927721][ T5088] hfsplus_delete_inode+0x191/0x220 [ 74.932927][ T5088] hfsplus_unlink+0x5a6/0x830 [ 74.937620][ T5088] ? hfsplus_symlink+0x2e0/0x2e0 [ 74.942563][ T5088] ? lock_acquire+0x32/0xc0 [ 74.947063][ T5088] ? lock_two_nondirectories+0xd5/0x110 [ 74.952618][ T5088] ? down_write_nested+0x15b/0x220 [ 74.957734][ T5088] ? up_read+0x20/0x20 [ 74.961808][ T5088] ? hfsplus_unlink+0x830/0x830 [ 74.966667][ T5088] hfsplus_rename+0xc2/0x210 [ 74.971269][ T5088] ? hfsplus_unlink+0x830/0x830 [ 74.976141][ T5088] vfs_rename+0xef6/0x17a0 [ 74.980569][ T5088] ? path_openat+0x2750/0x2750 [ 74.985340][ T5088] ? do_raw_spin_unlock+0x175/0x230 [ 74.990539][ T5088] ? _raw_spin_unlock+0x28/0x40 [ 74.995395][ T5088] ? bpf_lsm_path_rename+0x9/0x10 [ 75.000420][ T5088] ? security_path_rename+0x158/0x230 [ 75.005797][ T5088] do_renameat2+0xb62/0xc90 [ 75.010314][ T5088] ? __ia32_sys_link+0xa0/0xa0 [ 75.015079][ T5088] ? trace_lock_acquire+0x1f1/0x290 [ 75.020272][ T5088] ? __virt_addr_valid+0x61/0x2e0 [ 75.025304][ T5088] ? __phys_addr_symbol+0x30/0x70 [ 75.030346][ T5088] ? strncpy_from_user+0x28b/0x3c0 [ 75.035467][ T5088] __x64_sys_rename+0x81/0xa0 [ 75.040153][ T5088] do_syscall_64+0x39/0xb0 [ 75.044663][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 75.050570][ T5088] RIP: 0033:0x7fbbe5d140b9 [ 75.054994][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 75.074595][ T5088] RSP: 002b:00007fbbe5c972f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 75.083016][ T5088] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbe5d140b9 [ 75.090981][ T5088] RDX: 0000000000000031 RSI: 00000000200001c0 RDI: 0000000020000180 [ 75.098962][ T5088] RBP: 00007fbbe5d92778 R08: 0000000000000000 R09: 0000000000000000 [ 75.106927][ T5088] R10: 00000000000005fb R11: 0000000000000246 R12: 00007fbbe5d92770 [ 75.114896][ T5088] R13: 736f706d6f636564 R14: 0030656c69662f2e R15: 0073756c70736668 [ 75.122883][ T5088] executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 76.361718][ T1121] cfg80211: failed to load regulatory.db executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 79.401621][ T12] hfsplus: b-tree write err: -5, ino 4 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program