====================================================== WARNING: possible circular locking dependency detected 4.19.211-syzkaller #0 Not tainted ------------------------------------------------------ IPVS: ftp: loaded support on port[0] = 21 syz-executor.1/21459 is trying to acquire lock: 0000000015e45a36 (&HFSPLUS_I(inode)->extents_lock){+.+.}, at: hfsplus_get_block+0x292/0x960 fs/hfsplus/extents.c:260 but task is already holding lock: 00000000f30d6ef0 (&tree->tree_lock#2/2){+.+.}, at: hfsplus_find_init+0x195/0x220 fs/hfsplus/bfind.c:36 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&tree->tree_lock#2/2){+.+.}: hfsplus_find_init+0x195/0x220 fs/hfsplus/bfind.c:36 hfsplus_delete_all_attrs+0xfe/0x3f0 fs/hfsplus/attributes.c:366 hfsplus_delete_cat+0x824/0xe30 fs/hfsplus/catalog.c:425 hfsplus_file_release+0x1af/0x210 fs/hfsplus/inode.c:235 __fput+0x2ce/0x890 fs/file_table.c:278 task_work_run+0x148/0x1c0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:193 [inline] exit_to_usermode_loop+0x251/0x2a0 arch/x86/entry/common.c:167 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #1 (&tree->tree_lock#2){+.+.}: hfsplus_file_truncate+0xde7/0x1040 fs/hfsplus/extents.c:595 hfsplus_delete_inode+0x18d/0x220 fs/hfsplus/inode.c:419 hfsplus_file_release+0x1b7/0x210 fs/hfsplus/inode.c:237 __fput+0x2ce/0x890 fs/file_table.c:278 task_work_run+0x148/0x1c0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:193 [inline] exit_to_usermode_loop+0x251/0x2a0 arch/x86/entry/common.c:167 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}: __mutex_lock_common kernel/locking/mutex.c:937 [inline] __mutex_lock+0xd7/0x1190 kernel/locking/mutex.c:1078 hfsplus_get_block+0x292/0x960 fs/hfsplus/extents.c:260 block_read_full_page+0x288/0xd10 fs/buffer.c:2259 do_read_cache_page+0x533/0x1170 mm/filemap.c:2828 read_mapping_page include/linux/pagemap.h:402 [inline] __hfs_bnode_create+0x5b7/0xb60 fs/hfsplus/bnode.c:447 hfsplus_bnode_find+0x2aa/0xb80 fs/hfsplus/bnode.c:497 hfsplus_brec_find+0x2af/0x500 fs/hfsplus/bfind.c:183 hfsplus_find_attr+0xe5/0x280 fs/hfsplus/attributes.c:153 __hfsplus_getxattr+0x2bf/0x530 fs/hfsplus/xattr.c:523 hfsplus_getxattr+0x8f/0xd0 fs/hfsplus/xattr.c:591 hfsplus_security_getxattr+0x36/0x40 fs/hfsplus/xattr_security.c:20 vfs_getxattr_alloc+0x1ad/0x330 fs/xattr.c:320 ima_read_xattr+0x2c/0x60 security/integrity/ima/ima_appraise.c:196 process_measurement+0xdab/0x1440 security/integrity/ima/ima_main.c:280 ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391 do_last fs/namei.c:3425 [inline] path_openat+0x7e4/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Chain exists of: &HFSPLUS_I(inode)->extents_lock --> &tree->tree_lock#2 --> &tree->tree_lock#2/2 Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&tree->tree_lock#2/2); lock(&tree->tree_lock#2); lock(&tree->tree_lock#2/2); lock(&HFSPLUS_I(inode)->extents_lock); *** DEADLOCK *** 3 locks held by syz-executor.1/21459: #0: 00000000faeff6bd (sb_writers#27){.+.+}, at: sb_start_write include/linux/fs.h:1579 [inline] #0: 00000000faeff6bd (sb_writers#27){.+.+}, at: mnt_want_write+0x3a/0xb0 fs/namespace.c:360 #1: 00000000fa1b6af1 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224 #2: 00000000f30d6ef0 (&tree->tree_lock#2/2){+.+.}, at: hfsplus_find_init+0x195/0x220 fs/hfsplus/bfind.c:36 stack backtrace: CPU: 1 PID: 21459 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 print_circular_bug.constprop.0.cold+0x2d7/0x41e kernel/locking/lockdep.c:1222 check_prev_add kernel/locking/lockdep.c:1866 [inline] check_prevs_add kernel/locking/lockdep.c:1979 [inline] validate_chain kernel/locking/lockdep.c:2420 [inline] __lock_acquire+0x30c9/0x3ff0 kernel/locking/lockdep.c:3416 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908 __mutex_lock_common kernel/locking/mutex.c:937 [inline] __mutex_lock+0xd7/0x1190 kernel/locking/mutex.c:1078 hfsplus_get_block+0x292/0x960 fs/hfsplus/extents.c:260 block_read_full_page+0x288/0xd10 fs/buffer.c:2259 do_read_cache_page+0x533/0x1170 mm/filemap.c:2828 read_mapping_page include/linux/pagemap.h:402 [inline] __hfs_bnode_create+0x5b7/0xb60 fs/hfsplus/bnode.c:447 hfsplus_bnode_find+0x2aa/0xb80 fs/hfsplus/bnode.c:497 hfsplus_brec_find+0x2af/0x500 fs/hfsplus/bfind.c:183 hfsplus_find_attr+0xe5/0x280 fs/hfsplus/attributes.c:153 __hfsplus_getxattr+0x2bf/0x530 fs/hfsplus/xattr.c:523 hfsplus_getxattr+0x8f/0xd0 fs/hfsplus/xattr.c:591 hfsplus_security_getxattr+0x36/0x40 fs/hfsplus/xattr_security.c:20 vfs_getxattr_alloc+0x1ad/0x330 fs/xattr.c:320 ima_read_xattr+0x2c/0x60 security/integrity/ima/ima_appraise.c:196 process_measurement+0xdab/0x1440 security/integrity/ima/ima_main.c:280 ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391 do_last fs/namei.c:3425 [inline] path_openat+0x7e4/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fa8b49a30f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fa8b2f15168 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00007fa8b4ac2f80 RCX: 00007fa8b49a30f9 RDX: 0000000000000000 RSI: 0000000000008b43 RDI: 0000000020000180 RBP: 00007fa8b49feae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe4934fb2f R14: 00007fa8b2f15300 R15: 0000000000022000 hfsplus: xattr searching failed IPVS: ftp: loaded support on port[0] = 21 XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount tmpfs: Bad value 'local:00:96' for mount option 'mpol' overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop2): Unmounting Filesystem IPVS: ftp: loaded support on port[0] = 21 hfsplus: xattr searching failed tmpfs: Bad value 'local:00:96' for mount option 'mpol' tmpfs: Bad value 'local:00:96' for mount option 'mpol' hfsplus: xattr searching failed hfsplus: xattr searching failed hfsplus: xattr searching failed XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop2): Unmounting Filesystem tmpfs: Bad value 'local:00:96' for mount option 'mpol' tmpfs: Bad value 'local:00:96' for mount option 'mpol' tmpfs: Bad value 'local:00:96' for mount option 'mpol' tmpfs: Bad value 'local:00:96' for mount option 'mpol' XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. tmpfs: Bad value 'local:00:96' for mount option 'mpol' XFS (loop4): Unmounting Filesystem XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount XFS (loop2): Unmounting Filesystem XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount XFS (loop2): Unmounting Filesystem overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Unmounting Filesystem XFS (loop2): Mounting V4 Filesystem XFS (loop4): Mounting V4 Filesystem XFS (loop2): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Ending clean mount XFS (loop2): Unmounting Filesystem overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Unmounting Filesystem XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop2): Unmounting Filesystem XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Unmounting Filesystem XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop2): Unmounting Filesystem overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Unmounting Filesystem overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Unmounting Filesystem overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop2): Unmounting Filesystem XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop4): Unmounting Filesystem XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop2): Unmounting Filesystem overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount