======================================================
WARNING: possible circular locking dependency detected
5.15.164-syzkaller #0 Not tainted
------------------------------------------------------
kworker/u4:11/3955 is trying to acquire lock:
ffff888078879478 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x1440 fs/hfs/extent.c:397

but task is already holding lock:
ffff8880768b20b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x16a/0x1e0

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&tree->tree_lock/1){+.+.}-{3:3}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       __mutex_lock_common+0x1da/0x25a0 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       hfs_find_init+0x16a/0x1e0
       hfs_ext_read_extent fs/hfs/extent.c:200 [inline]
       hfs_get_block+0x4f0/0xb60 fs/hfs/extent.c:366
       block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
       do_read_cache_page+0x752/0x1040
       read_mapping_page include/linux/pagemap.h:515 [inline]
       hfs_btree_open+0x509/0x1140 fs/hfs/btree.c:78
       hfs_mdb_get+0x14e4/0x21d0 fs/hfs/mdb.c:204
       hfs_fill_super+0x100c/0x1730 fs/hfs/super.c:406
       mount_bdev+0x2c9/0x3f0 fs/super.c:1387
       legacy_get_tree+0xeb/0x180 fs/fs_context.c:611
       vfs_get_tree+0x88/0x270 fs/super.c:1517
       do_new_mount+0x2ba/0xb40 fs/namespace.c:3005
       do_mount fs/namespace.c:3348 [inline]
       __do_sys_mount fs/namespace.c:3556 [inline]
       __se_sys_mount+0x2d5/0x3c0 fs/namespace.c:3533
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
       __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       __mutex_lock_common+0x1da/0x25a0 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       hfs_extend_file+0xfb/0x1440 fs/hfs/extent.c:397
       hfs_bmap_reserve+0xd5/0x3f0 fs/hfs/btree.c:231
       __hfs_ext_write_extent+0x22e/0x4f0 fs/hfs/extent.c:121
       hfs_ext_write_extent+0x150/0x1d0 fs/hfs/extent.c:144
       hfs_write_inode+0xb8/0xec0 fs/hfs/inode.c:429
       write_inode fs/fs-writeback.c:1495 [inline]
       __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
       writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
       wb_writeback+0x451/0xc50 fs/fs-writeback.c:2104
       wb_do_writeback fs/fs-writeback.c:2247 [inline]
       wb_workfn+0x46c/0x1130 fs/fs-writeback.c:2288
       process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
       worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
       kthread+0x3f6/0x4f0 kernel/kthread.c:334
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&tree->tree_lock/1);
                               lock(&HFS_I(tree->inode)->extents_lock);
                               lock(&tree->tree_lock/1);
  lock(&HFS_I(tree->inode)->extents_lock);

 *** DEADLOCK ***

3 locks held by kworker/u4:11/3955:
 #0: ffff88814079c138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: ffffc90003287d20 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: ffff8880768b20b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x16a/0x1e0

stack backtrace:
CPU: 0 PID: 3955 Comm: kworker/u4:11 Not tainted 5.15.164-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Workqueue: writeback wb_workfn (flush-7:2)
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 check_noncircular+0x2f8/0x3b0 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
 __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
 lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
 __mutex_lock_common+0x1da/0x25a0 kernel/locking/mutex.c:596
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
 hfs_extend_file+0xfb/0x1440 fs/hfs/extent.c:397
 hfs_bmap_reserve+0xd5/0x3f0 fs/hfs/btree.c:231
 __hfs_ext_write_extent+0x22e/0x4f0 fs/hfs/extent.c:121
 hfs_ext_write_extent+0x150/0x1d0 fs/hfs/extent.c:144
 hfs_write_inode+0xb8/0xec0 fs/hfs/inode.c:429
 write_inode fs/fs-writeback.c:1495 [inline]
 __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
 writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
 wb_writeback+0x451/0xc50 fs/fs-writeback.c:2104
 wb_do_writeback fs/fs-writeback.c:2247 [inline]
 wb_workfn+0x46c/0x1130 fs/fs-writeback.c:2288
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>
hfs: new node 0 already hashed?
------------[ cut here ]------------
WARNING: CPU: 0 PID: 3955 at fs/hfs/bnode.c:432 hfs_bnode_create+0x3dd/0x460 fs/hfs/bnode.c:431
Modules linked in:
CPU: 0 PID: 3955 Comm: kworker/u4:11 Not tainted 5.15.164-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Workqueue: writeback wb_workfn (flush-7:2)
RIP: 0010:hfs_bnode_create+0x3dd/0x460 fs/hfs/bnode.c:432
Code: 8a 44 89 e6 e8 34 9e ee 07 e9 4c fd ff ff e8 ba 1c 3d ff 4c 89 ef e8 a2 5e f9 07 48 c7 c7 40 90 9f 8a 44 89 e6 e8 13 9e ee 07 <0f> 0b eb b5 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 59 fc ff ff 48 89
RSP: 0018:ffffc90003286e30 EFLAGS: 00010246
RAX: 000000000000001f RBX: ffff888060c6cd00 RCX: 2caaa13b00f6ac00
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffff8166892c R09: ffffed10173467a8
R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
R13: ffff8880768b20e0 R14: ffff8880768b2000 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fdadd86eab8 CR3: 000000001b247000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 hfs_bmap_alloc+0x64f/0x740 fs/hfs/btree.c:288
 hfs_btree_inc_height+0x11a/0xd20 fs/hfs/brec.c:471
 hfs_brec_insert+0x71f/0xbd0 fs/hfs/brec.c:148
 __hfs_ext_write_extent+0x2f2/0x4f0 fs/hfs/extent.c:124
 hfs_ext_write_extent+0x150/0x1d0 fs/hfs/extent.c:144
 hfs_write_inode+0xb8/0xec0 fs/hfs/inode.c:429
 write_inode fs/fs-writeback.c:1495 [inline]
 __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
 writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
 wb_writeback+0x451/0xc50 fs/fs-writeback.c:2104
 wb_do_writeback fs/fs-writeback.c:2247 [inline]
 wb_workfn+0x46c/0x1130 fs/fs-writeback.c:2288
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>