Warning: Permanently added '10.128.0.92' (ED25519) to the list of known hosts. executing program [ 34.236741][ T6092] syz-executor204[6092]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 34.245573][ T6092] loop0: detected capacity change from 0 to 1024 [ 34.258464][ T6092] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 34.260231][ T6092] hfsplus: xattr searching failed [ 34.261452][ T6092] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 34.263026][ T6092] hfsplus: xattr searching failed [ 34.264251][ T6092] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 34.265879][ T6092] hfsplus: xattr searching failed [ 34.267683][ T6092] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 34.270538][ T6092] hfsplus: xattr searching failed [ 34.273626][ T6092] hfsplus: inconsistency in B*Tree (1792,1,255,1,0) [ 34.275378][ T6092] [ 34.275959][ T6092] ====================================================== [ 34.277684][ T6092] WARNING: possible circular locking dependency detected [ 34.279436][ T6092] 6.6.0-rc7-syzkaller-g8de1e7afcc1c #0 Not tainted [ 34.281084][ T6092] ------------------------------------------------------ [ 34.282872][ T6092] syz-executor204/6092 is trying to acquire lock: [ 34.284441][ T6092] ffff0000d5728e88 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_extend+0x1d0/0x1544 [ 34.287396][ T6092] [ 34.287396][ T6092] but task is already holding lock: [ 34.289280][ T6092] ffff0000d5d720b0 (&tree->tree_lock/2){+.+.}-{3:3}, at: hfsplus_find_init+0x144/0x1bc [ 34.291781][ T6092] [ 34.291781][ T6092] which lock already depends on the new lock. [ 34.291781][ T6092] [ 34.294431][ T6092] [ 34.294431][ T6092] the existing dependency chain (in reverse order) is: [ 34.296697][ T6092] [ 34.296697][ T6092] -> #2 (&tree->tree_lock/2){+.+.}-{3:3}: [ 34.298794][ T6092] __mutex_lock_common+0x190/0x21a0 [ 34.300226][ T6092] mutex_lock_nested+0x2c/0x38 [ 34.301490][ T6092] hfsplus_find_init+0x144/0x1bc [ 34.302916][ T6092] hfsplus_attr_exists+0xf8/0x1c8 [ 34.304368][ T6092] __hfsplus_setxattr+0x384/0x1d00 [ 34.305832][ T6092] hfsplus_setxattr+0xb4/0xec [ 34.307140][ T6092] hfsplus_trusted_setxattr+0x54/0x6c [ 34.308705][ T6092] __vfs_setxattr+0x3d8/0x400 [ 34.310057][ T6092] __vfs_setxattr_noperm+0x110/0x528 [ 34.311600][ T6092] __vfs_setxattr_locked+0x1ec/0x218 [ 34.313104][ T6092] vfs_setxattr+0x1a8/0x344 [ 34.314402][ T6092] setxattr+0x208/0x29c [ 34.315592][ T6092] path_setxattr+0x17c/0x258 [ 34.316924][ T6092] __arm64_sys_lsetxattr+0xbc/0xd8 [ 34.318363][ T6092] invoke_syscall+0x98/0x2b8 [ 34.319725][ T6092] el0_svc_common+0x130/0x23c [ 34.321009][ T6092] do_el0_svc+0x48/0x58 [ 34.322219][ T6092] el0_svc+0x54/0x158 [ 34.323349][ T6092] el0t_64_sync_handler+0x84/0xfc [ 34.324776][ T6092] el0t_64_sync+0x190/0x194 [ 34.325993][ T6092] [ 34.325993][ T6092] -> #1 (&tree->tree_lock){+.+.}-{3:3}: [ 34.327959][ T6092] __mutex_lock_common+0x190/0x21a0 [ 34.329414][ T6092] mutex_lock_nested+0x2c/0x38 [ 34.330779][ T6092] hfsplus_file_truncate+0x6d0/0x9b8 [ 34.332256][ T6092] hfsplus_setattr+0x18c/0x248 [ 34.333661][ T6092] notify_change+0x9d4/0xc8c [ 34.334979][ T6092] do_truncate+0x1c0/0x28c [ 34.336285][ T6092] path_openat+0x2130/0x27f8 [ 34.337595][ T6092] do_filp_open+0x1bc/0x3cc [ 34.338873][ T6092] do_sys_openat2+0x124/0x1b8 [ 34.340175][ T6092] __arm64_sys_openat+0x1f0/0x240 [ 34.341614][ T6092] invoke_syscall+0x98/0x2b8 [ 34.342960][ T6092] el0_svc_common+0x130/0x23c [ 34.344296][ T6092] do_el0_svc+0x48/0x58 [ 34.345436][ T6092] el0_svc+0x54/0x158 [ 34.346546][ T6092] el0t_64_sync_handler+0x84/0xfc [ 34.347912][ T6092] el0t_64_sync+0x190/0x194 [ 34.349209][ T6092] [ 34.349209][ T6092] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 34.351556][ T6092] __lock_acquire+0x3370/0x75e8 [ 34.352990][ T6092] lock_acquire+0x23c/0x71c [ 34.354313][ T6092] __mutex_lock_common+0x190/0x21a0 [ 34.355758][ T6092] mutex_lock_nested+0x2c/0x38 [ 34.357131][ T6092] hfsplus_file_extend+0x1d0/0x1544 [ 34.358573][ T6092] hfsplus_bmap_reserve+0xec/0x474 [ 34.359980][ T6092] hfsplus_create_attr+0x1b0/0x568 [ 34.361442][ T6092] __hfsplus_setxattr+0x980/0x1d00 [ 34.362919][ T6092] hfsplus_setxattr+0xb4/0xec [ 34.364300][ T6092] hfsplus_trusted_setxattr+0x54/0x6c [ 34.365837][ T6092] __vfs_setxattr+0x3d8/0x400 [ 34.367175][ T6092] __vfs_setxattr_noperm+0x110/0x528 [ 34.368697][ T6092] __vfs_setxattr_locked+0x1ec/0x218 [ 34.370230][ T6092] vfs_setxattr+0x1a8/0x344 [ 34.371491][ T6092] setxattr+0x208/0x29c [ 34.372709][ T6092] path_setxattr+0x17c/0x258 [ 34.374125][ T6092] __arm64_sys_lsetxattr+0xbc/0xd8 [ 34.375532][ T6092] invoke_syscall+0x98/0x2b8 [ 34.376832][ T6092] el0_svc_common+0x130/0x23c [ 34.378147][ T6092] do_el0_svc+0x48/0x58 [ 34.379344][ T6092] el0_svc+0x54/0x158 [ 34.380452][ T6092] el0t_64_sync_handler+0x84/0xfc [ 34.381893][ T6092] el0t_64_sync+0x190/0x194 [ 34.383203][ T6092] [ 34.383203][ T6092] other info that might help us debug this: [ 34.383203][ T6092] [ 34.385834][ T6092] Chain exists of: [ 34.385834][ T6092] &HFSPLUS_I(inode)->extents_lock --> &tree->tree_lock --> &tree->tree_lock/2 [ 34.385834][ T6092] [ 34.389668][ T6092] Possible unsafe locking scenario: [ 34.389668][ T6092] [ 34.391497][ T6092] CPU0 CPU1 [ 34.392892][ T6092] ---- ---- [ 34.394298][ T6092] lock(&tree->tree_lock/2); [ 34.395504][ T6092] lock(&tree->tree_lock); [ 34.397372][ T6092] lock(&tree->tree_lock/2); [ 34.399225][ T6092] lock(&HFSPLUS_I(inode)->extents_lock); [ 34.400681][ T6092] [ 34.400681][ T6092] *** DEADLOCK *** [ 34.400681][ T6092] [ 34.402771][ T6092] 4 locks held by syz-executor204/6092: [ 34.404195][ T6092] #0: ffff0000d6044410 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 34.406577][ T6092] #1: ffff0000d572a4c0 (&sb->s_type->i_mutex_key#16){+.+.}-{3:3}, at: vfs_setxattr+0x17c/0x344 [ 34.409211][ T6092] #2: ffff0000d5d760b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_find_init+0x144/0x1bc [ 34.411838][ T6092] #3: ffff0000d5d720b0 (&tree->tree_lock/2){+.+.}-{3:3}, at: hfsplus_find_init+0x144/0x1bc [ 34.414478][ T6092] [ 34.414478][ T6092] stack backtrace: [ 34.416014][ T6092] CPU: 0 PID: 6092 Comm: syz-executor204 Not tainted 6.6.0-rc7-syzkaller-g8de1e7afcc1c #0 [ 34.418574][ T6092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 34.421141][ T6092] Call trace: [ 34.421999][ T6092] dump_backtrace+0x1b8/0x1e4 [ 34.423183][ T6092] show_stack+0x2c/0x44 [ 34.424270][ T6092] dump_stack_lvl+0xd0/0x124 [ 34.425443][ T6092] dump_stack+0x1c/0x28 [ 34.426517][ T6092] print_circular_bug+0x150/0x1b8 [ 34.427864][ T6092] check_noncircular+0x310/0x404 [ 34.429168][ T6092] __lock_acquire+0x3370/0x75e8 [ 34.430371][ T6092] lock_acquire+0x23c/0x71c [ 34.431526][ T6092] __mutex_lock_common+0x190/0x21a0 [ 34.432876][ T6092] mutex_lock_nested+0x2c/0x38 [ 34.434127][ T6092] hfsplus_file_extend+0x1d0/0x1544 [ 34.435492][ T6092] hfsplus_bmap_reserve+0xec/0x474 [ 34.436792][ T6092] hfsplus_create_attr+0x1b0/0x568 [ 34.438125][ T6092] __hfsplus_setxattr+0x980/0x1d00 [ 34.439523][ T6092] hfsplus_setxattr+0xb4/0xec [ 34.440702][ T6092] hfsplus_trusted_setxattr+0x54/0x6c [ 34.442053][ T6092] __vfs_setxattr+0x3d8/0x400 [ 34.443273][ T6092] __vfs_setxattr_noperm+0x110/0x528 [ 34.444616][ T6092] __vfs_setxattr_locked+0x1ec/0x218 [ 34.445946][ T6092] vfs_setxattr+0x1a8/0x344 [ 34.447141][ T6092] setxattr+0x208/0x29c [ 34.448187][ T6092] path_setxattr+0x17c/0x258 [ 34.449363][ T6092] __arm64_sys_lsetxattr+0xbc/0xd8 [ 34.450681][ T6092] invoke_syscall+0x98/0x2b8 [ 34.451892][ T6092] el0_svc_common+0x130/0x23c [ 34.453073][ T6092] do_el0_svc+0x48/0x58 [ 34.454144][ T6092] el0_svc+0x54/0x158 [ 34.455219][ T6092] el0t_64_sync_handler+0x84/0xfc [ 34.456466][ T6092] el0t_64_sync+0x190/0x194 [ 34.458549][ T6092] hfsplus: inconsistency in B*Tree (2,0,1,0,1)