program: r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x8, 0x800) ioctl$XFS_IOC_FSINUMBERS(r0, 0xc0205867, &(0x7f00000008c0)={&(0x7f0000000000)=0x8001, 0x533ed22d, &(0x7f0000000640)=[{}, {}, {}], &(0x7f0000000880)}) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0x7) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) socket$igmp(0x2, 0x3, 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0e0000000400000004000000a400000000000000", @ANYRES32, @ANYBLOB="be0d00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000080000000"], 0x50) syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x3004048, &(0x7f0000000100)=ANY=[], 0x11, 0x2c6, &(0x7f0000005bc0)="$eJzs3btuE08Ux/HfjJ3E/3+isCFBSJSBSNAgCA2iMUKueAIqBMRGirCCgCAuVUBUCEFPR8Er8BA0IF4AKioeIFSLZmbt9WXXNpbjjcP3I8XatWd2z3gvc46laAXgn3Wt9v3jpZ/uz0gllaTXVyQrqSKVJZ3Qycrjnd3t3WajPmhDJd/D/RmFnqavzdZOI6ur6+d7JCK3VtZS53vB4niDRK44jq/+KDoIFM5f/RmstKD5dL0yxZhG8WLMfnsTjmPWmH3t66mWi44DAFCsZP63IZPXUpK/WyttJNO+zw8O2/w/rv2iAzhw8cBPO+Z/X2XFxh3fY/6jtN7zJZz73LaqxFH2PNez7tNH25NgmmFVpY/F/nd3u9k4v3W/Wbd6qWqio9maf62HU7dlSLTrGbXpACOM3WRnlL5etXNuDJsh/ieSuuJfHXOPYzOfzVdz00R6r3o7/yvHxh0mf6SiniMV4r+Qv0U/ysi1UnLbqFartqvJit/JKXWWEsNGWcmuSNQ6o1bU/QNBNCxO3+t4T68wuotDeq1m9tpsreX0Wuvq5UbTPpvz93fQzFtzw6zrlz6p1pH/WxffhgZemelVYzbCVOC/8TCe+ezdlf02o76Zo/9yaX+LC3mh/+69p13/EA++zSHPG93RZS0/evb8XqnZbDx0C7czFh4std+ZeyVltil4QXvpOwuKvb7GrUlpmoGdm+gG3f1jaGN3lR2Kg3KkF2pfpnsiFbFQ8P0JU5Ee9KIjQUFc3mVC/ZfWK+WQ7LmXKDNPH/GHgGSLscux2xVc2jcOGbmk//+qglvMr+D6a66+mtHXXKfPSmdG32OUxHlEmJq+6Ra//wMAAAAAAAAAAAAAAAAAAMyaafw7QdFjBAAAAAAAAAAAAAAAAAAAAABg1rWf/6vW83812vN/e5+7Msnn/77bUfbzfwFM0p8AAAD//0gLf7E=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) creat(&(0x7f0000000600)='./bus\x00', 0x6) semget$private(0x0, 0x4, 0x0) semop(0x0, &(0x7f0000000080)=[{0x0, 0xfffc}], 0x1) semop(0x0, &(0x7f0000000100)=[{}, {0x0, 0xf001}], 0x2) semctl$IPC_RMID(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8080c61) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000001d00)=ANY=[@ANYRES16, @ANYRESOCT, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRES32, @ANYBLOB="7b8ae4d950a510a981c78f2246d4825535c37655327112a414ee394162b6e558c36104bc2a1b47a800a92237a6148a222bcace4f74ebf7b4d63ad663b601d02146f21caf496271e9376e3f721e48caaa194f00e137096facebc4e2574ed5d094491b637c93517ded181fdf49e2daceefb5c72f3fef86df384ff03cb9820b35f281ae9b5064199b03e8e689b35f17c7e23647ccaa01c87d80ab00757848", @ANYRES16, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESOCT, @ANYRES16], 0x0, 0x0, &(0x7f0000000000)) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000c0e00)={0x0, [], 0xe, "b5a0df4ca6c714"}) creat(&(0x7f0000000300)='./bus\x00', 0x4) unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) socket$kcm(0x10, 0x2, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x20000) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x400448cb, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x100, 0x0) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040e0402030c", @ANYRES64=r2], 0x7) [ 84.559445][ T5326] loop0: detected capacity change from 0 to 64 [ 84.564377][ T5326] ======================================================= [ 84.564377][ T5326] WARNING: The mand mount option has been deprecated and [ 84.564377][ T5326] and is ignored by this kernel. Remove the mand [ 84.564377][ T5326] option from the mount to silence this warning. [ 84.564377][ T5326] ======================================================= [ 84.585727][ T5306] Bluetooth: hci0: command tx timeout [ 85.554866][ T5326] hfs: request for non-existent node 8 in B*Tree [ 85.557763][ T5326] hfs: request for non-existent node 8 in B*Tree [ 85.653517][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.653517][ T13] loop0: rw=1, sector=4169, nr_sectors = 1 limit=64 [ 85.700355][ T13] Buffer I/O error on dev loop0, logical block 4169, lost async page write [ 85.711755][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.711755][ T13] loop0: rw=1, sector=4170, nr_sectors = 1 limit=64 [ 85.728793][ T13] Buffer I/O error on dev loop0, logical block 4170, lost async page write [ 85.733269][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.733269][ T13] loop0: rw=1, sector=4172, nr_sectors = 1 limit=64 [ 85.755841][ T13] Buffer I/O error on dev loop0, logical block 4172, lost async page write [ 85.771743][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.771743][ T13] loop0: rw=1, sector=4173, nr_sectors = 1 limit=64 [ 85.790539][ T13] Buffer I/O error on dev loop0, logical block 4173, lost async page write [ 85.794862][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.794862][ T13] loop0: rw=1, sector=4174, nr_sectors = 1 limit=64 [ 85.805931][ T13] Buffer I/O error on dev loop0, logical block 4174, lost async page write [ 85.810323][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.810323][ T13] loop0: rw=1, sector=4175, nr_sectors = 1 limit=64 [ 85.816295][ T13] Buffer I/O error on dev loop0, logical block 4175, lost async page write [ 85.822949][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.822949][ T13] loop0: rw=1, sector=4176, nr_sectors = 1 limit=64 [ 85.828916][ T13] Buffer I/O error on dev loop0, logical block 4176, lost async page write [ 85.833456][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.833456][ T13] loop0: rw=1, sector=4177, nr_sectors = 1 limit=64 [ 85.840368][ T13] Buffer I/O error on dev loop0, logical block 4177, lost async page write [ 85.844636][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.844636][ T13] loop0: rw=1, sector=4178, nr_sectors = 16 limit=64 [ 85.851109][ T13] kworker/u4:1: attempt to access beyond end of device [ 85.851109][ T13] loop0: rw=1, sector=4196, nr_sectors = 1 limit=64 [ 85.856979][ T13] Buffer I/O error on dev loop0, logical block 4196, lost async page write [ 85.861254][ T13] Buffer I/O error on dev loop0, logical block 4197, lost async page write [ 85.964419][ T5326] [ 85.965603][ T5326] ====================================================== [ 85.968735][ T5326] WARNING: possible circular locking dependency detected [ 85.971858][ T5326] syzkaller #0 Not tainted [ 85.973884][ T5326] ------------------------------------------------------ [ 85.976949][ T5326] syz.0.0/5326 is trying to acquire lock: [ 85.979524][ T5326] ffff8880359c40a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 85.983674][ T5326] [ 85.983674][ T5326] but task is already holding lock: [ 85.986991][ T5326] ffff888040ef80f0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 85.991616][ T5326] [ 85.991616][ T5326] which lock already depends on the new lock. [ 85.991616][ T5326] [ 85.996147][ T5326] [ 85.996147][ T5326] the existing dependency chain (in reverse order) is: [ 85.999980][ T5326] [ 85.999980][ T5326] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 86.003994][ T5326] __mutex_lock+0x1a3/0x1550 [ 86.006347][ T5326] hfs_extend_file+0xf2/0x15e0 [ 86.008726][ T5326] hfs_bmap_reserve+0x107/0x430 [ 86.011153][ T5326] __hfs_ext_write_extent+0x1fa/0x470 [ 86.013357][ T5326] __hfs_ext_cache_extent+0x6b/0x9b0 [ 86.015495][ T5326] hfs_extend_file+0x39b/0x15e0 [ 86.018015][ T5326] hfs_get_block+0x412/0xc50 [ 86.020219][ T5326] __block_write_begin_int+0x6c6/0x1910 [ 86.022589][ T5326] cont_write_begin+0x737/0xae0 [ 86.024654][ T5326] hfs_write_begin+0x66/0xb0 [ 86.026645][ T5326] cont_write_begin+0x2e7/0xae0 [ 86.028905][ T5326] hfs_write_begin+0x66/0xb0 [ 86.030860][ T5326] generic_perform_write+0x2e2/0x8f0 [ 86.033223][ T5326] generic_file_write_iter+0x14a/0x680 [ 86.035641][ T5326] vfs_write+0x61d/0xb90 [ 86.037600][ T5326] __x64_sys_pwrite64+0x199/0x230 [ 86.039912][ T5326] do_syscall_64+0x15f/0xf80 [ 86.042015][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.044787][ T5326] [ 86.044787][ T5326] -> #0 (&tree->tree_lock/1){+.+.}-{4:4}: [ 86.048291][ T5326] __lock_acquire+0x15a5/0x2cf0 [ 86.050459][ T5326] lock_acquire+0x106/0x350 [ 86.052597][ T5326] __mutex_lock+0x1a3/0x1550 [ 86.054731][ T5326] hfs_find_init+0x18e/0x300 [ 86.057016][ T5326] hfs_extend_file+0x35c/0x15e0 [ 86.059753][ T5326] hfs_bmap_reserve+0x107/0x430 [ 86.062077][ T5326] hfs_cat_create+0x20f/0x800 [ 86.064056][ T5326] hfs_create+0x75/0xe0 [ 86.066196][ T5326] path_openat+0x1395/0x3860 [ 86.068654][ T5326] do_file_open+0x23e/0x4a0 [ 86.070865][ T5326] do_sys_openat2+0x113/0x200 [ 86.073169][ T5326] __x64_sys_openat+0x138/0x170 [ 86.075588][ T5326] do_syscall_64+0x15f/0xf80 [ 86.078020][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.081418][ T5326] [ 86.081418][ T5326] other info that might help us debug this: [ 86.081418][ T5326] [ 86.085982][ T5326] Possible unsafe locking scenario: [ 86.085982][ T5326] [ 86.089620][ T5326] CPU0 CPU1 [ 86.091991][ T5326] ---- ---- [ 86.094617][ T5326] lock(&HFS_I(tree->inode)->extents_lock); [ 86.097618][ T5326] lock(&tree->tree_lock/1); [ 86.100837][ T5326] lock(&HFS_I(tree->inode)->extents_lock); [ 86.104778][ T5326] lock(&tree->tree_lock/1); [ 86.107063][ T5326] [ 86.107063][ T5326] *** DEADLOCK *** [ 86.107063][ T5326] [ 86.110917][ T5326] 4 locks held by syz.0.0/5326: [ 86.113168][ T5326] #0: ffff88801cf0a410 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 86.117141][ T5326] #1: ffff888040e3fad0 (&type->i_mutex_dir_key#8){+.+.}-{4:4}, at: path_openat+0xb4c/0x3860 [ 86.121485][ T5326] #2: ffff8880426e40a8 (&tree->tree_lock){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 86.125447][ T5326] #3: ffff888040ef80f0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 86.130337][ T5326] [ 86.130337][ T5326] stack backtrace: [ 86.133021][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.133041][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 86.133051][ T5326] Call Trace: [ 86.133062][ T5326] [ 86.133069][ T5326] dump_stack_lvl+0xe8/0x150 [ 86.133095][ T5326] print_circular_bug+0x2e1/0x300 [ 86.133112][ T5326] check_noncircular+0x12e/0x150 [ 86.133127][ T5326] __lock_acquire+0x15a5/0x2cf0 [ 86.133147][ T5326] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 86.133163][ T5326] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 86.133177][ T5326] ? stack_depot_save_flags+0x3f3/0x810 [ 86.133250][ T5326] ? kasan_save_track+0x4f/0x80 [ 86.133269][ T5326] ? kasan_save_track+0x3e/0x80 [ 86.133293][ T5326] ? hfs_find_init+0x18e/0x300 [ 86.133303][ T5326] lock_acquire+0x106/0x350 [ 86.133320][ T5326] ? hfs_find_init+0x18e/0x300 [ 86.133335][ T5326] __mutex_lock+0x1a3/0x1550 [ 86.133356][ T5326] ? hfs_find_init+0x18e/0x300 [ 86.133370][ T5326] ? hfs_find_init+0x18e/0x300 [ 86.133383][ T5326] ? __pfx___mutex_lock+0x10/0x10 [ 86.133400][ T5326] ? rcu_is_watching+0x15/0xb0 [ 86.133415][ T5326] ? __kmalloc_noprof+0x37d/0x760 [ 86.133428][ T5326] ? kasan_save_track+0x4f/0x80 [ 86.133447][ T5326] ? hfs_find_init+0xaa/0x300 [ 86.133458][ T5326] ? __kmalloc_noprof+0x1b8/0x760 [ 86.133469][ T5326] hfs_find_init+0x18e/0x300 [ 86.133481][ T5326] hfs_extend_file+0x35c/0x15e0 [ 86.133498][ T5326] ? __pfx_hfs_extend_file+0x10/0x10 [ 86.133512][ T5326] ? __mutex_lock+0x319/0x1550 [ 86.133528][ T5326] ? hfs_find_init+0x18e/0x300 [ 86.133539][ T5326] ? __pfx___mutex_lock+0x10/0x10 [ 86.133552][ T5326] ? rcu_is_watching+0x15/0xb0 [ 86.133564][ T5326] hfs_bmap_reserve+0x107/0x430 [ 86.133580][ T5326] hfs_cat_create+0x20f/0x800 [ 86.133594][ T5326] ? do_raw_spin_lock+0x12b/0x2f0 [ 86.133607][ T5326] ? __pfx_hfs_cat_create+0x10/0x10 [ 86.133625][ T5326] ? _raw_spin_unlock+0x28/0x50 [ 86.133635][ T5326] ? hfs_new_inode+0x92d/0xc70 [ 86.133652][ T5326] hfs_create+0x75/0xe0 [ 86.133665][ T5326] ? __pfx_hfs_create+0x10/0x10 [ 86.133678][ T5326] path_openat+0x1395/0x3860 [ 86.133696][ T5326] ? __pfx_path_openat+0x10/0x10 [ 86.133705][ T5326] ? __x64_sys_openat+0x138/0x170 [ 86.133723][ T5326] do_file_open+0x23e/0x4a0 [ 86.133735][ T5326] ? __pfx_do_file_open+0x10/0x10 [ 86.133751][ T5326] ? _raw_spin_unlock+0x28/0x50 [ 86.133763][ T5326] ? alloc_fd+0x64b/0x6c0 [ 86.133780][ T5326] do_sys_openat2+0x113/0x200 [ 86.133795][ T5326] ? __se_sys_futex+0x3a8/0x450 [ 86.133806][ T5326] ? __pfx_do_sys_openat2+0x10/0x10 [ 86.133821][ T5326] ? rcu_is_watching+0x15/0xb0 [ 86.133833][ T5326] __x64_sys_openat+0x138/0x170 [ 86.133849][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.133860][ T5326] do_syscall_64+0x15f/0xf80 [ 86.133876][ T5326] ? trace_irq_disable+0x3b/0x140 [ 86.133893][ T5326] ? clear_bhb_loop+0x40/0x90 [ 86.133907][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.133921][ T5326] RIP: 0033:0x7ff716b9c819 [ 86.133934][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 86.133945][ T5326] RSP: 002b:00007ff7179bafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 86.133961][ T5326] RAX: ffffffffffffffda RBX: 00007ff716e15fa0 RCX: 00007ff716b9c819 [ 86.133970][ T5326] RDX: 000000000000275a RSI: 0000200000000040 RDI: ffffffffffffff9c [ 86.133979][ T5326] RBP: 00007ff716c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 86.133987][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.133995][ T5326] R13: 00007ff716e16038 R14: 00007ff716e15fa0 R15: 00007ffc09588bb8 [ 86.134009][ T5326] [ 86.389698][ T5326] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 86.423081][ T5327] Bluetooth: hci0: Opcode 0x0c1a failed: -110