program: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="2f0000007f68679b01"], 0x20) syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x3004048, &(0x7f0000000100)=ANY=[], 0x11, 0x2c6, &(0x7f0000005bc0)="$eJzs3btuE08Ux/HfjJ3E/3+isCFBSJSBSNAgCA2iMUKueAIqBMRGirCCgCAuVUBUCEFPR8Er8BA0IF4AKioeIFSLZmbt9WXXNpbjjcP3I8XatWd2z3gvc46laAXgn3Wt9v3jpZ/uz0gllaTXVyQrqSKVJZ3Qycrjnd3t3WajPmhDJd/D/RmFnqavzdZOI6ur6+d7JCK3VtZS53vB4niDRK44jq/+KDoIFM5f/RmstKD5dL0yxZhG8WLMfnsTjmPWmH3t66mWi44DAFCsZP63IZPXUpK/WyttJNO+zw8O2/w/rv2iAzhw8cBPO+Z/X2XFxh3fY/6jtN7zJZz73LaqxFH2PNez7tNH25NgmmFVpY/F/nd3u9k4v3W/Wbd6qWqio9maf62HU7dlSLTrGbXpACOM3WRnlL5etXNuDJsh/ieSuuJfHXOPYzOfzVdz00R6r3o7/yvHxh0mf6SiniMV4r+Qv0U/ysi1UnLbqFartqvJit/JKXWWEsNGWcmuSNQ6o1bU/QNBNCxO3+t4T68wuotDeq1m9tpsreX0Wuvq5UbTPpvz93fQzFtzw6zrlz6p1pH/WxffhgZemelVYzbCVOC/8TCe+ezdlf02o76Zo/9yaX+LC3mh/+69p13/EA++zSHPG93RZS0/evb8XqnZbDx0C7czFh4std+ZeyVltil4QXvpOwuKvb7GrUlpmoGdm+gG3f1jaGN3lR2Kg3KkF2pfpnsiFbFQ8P0JU5Ee9KIjQUFc3mVC/ZfWK+WQ7LmXKDNPH/GHgGSLscux2xVc2jcOGbmk//+qglvMr+D6a66+mtHXXKfPSmdG32OUxHlEmJq+6Ra//wMAAAAAAAAAAAAAAAAAAMyaafw7QdFjBAAAAAAAAAAAAAAAAAAAAABg1rWf/6vW83812vN/e5+7Msnn/77bUfbzfwFM0p8AAAD//0gLf7E=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) creat(&(0x7f0000000600)='./bus\x00', 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8080c61) creat(&(0x7f0000000300)='./bus\x00', 0x4) unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) r2 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendmmsg$inet(r2, &(0x7f00000013c0)=[{{&(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10, 0x0}}], 0x1, 0x4000000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) r3 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0) ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f00000000c0)=0x32) r4 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r4, 0xc05c6104, &(0x7f00000000c0)) syz_usb_connect$printer(0x6, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r5, 0x2007ffc) accept4(r5, &(0x7f0000000040)=@ethernet={0x0, @remote}, &(0x7f00000000c0)=0x80, 0x0) sendfile(r5, r5, 0x0, 0x800000009) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r5, 0x8982, &(0x7f0000000000)={0x1, 'pim6reg\x00', {}, 0x2000}) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x20, 0x1, 0x0, 0x0, 0x0, 0x7fea, 0x20082, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b72, 0x0, @perf_config_ext={0x1, 0x9}, 0x0, 0x32, 0xfffffbff, 0x4, 0x1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) [ 85.022150][ T5300] Bluetooth: hci0: command tx timeout [ 85.154828][ T5324] loop0: detected capacity change from 0 to 64 [ 85.190748][ T5324] ======================================================= [ 85.190748][ T5324] WARNING: The mand mount option has been deprecated and [ 85.190748][ T5324] and is ignored by this kernel. Remove the mand [ 85.190748][ T5324] option from the mount to silence this warning. [ 85.190748][ T5324] ======================================================= [ 86.146188][ T5324] hfs: request for non-existent node 8 in B*Tree [ 86.150045][ T5324] hfs: request for non-existent node 8 in B*Tree [ 86.203415][ T5324] [ 86.204577][ T5324] ====================================================== [ 86.208152][ T5324] WARNING: possible circular locking dependency detected [ 86.212056][ T5324] syzkaller #0 Not tainted [ 86.214596][ T5324] ------------------------------------------------------ [ 86.217800][ T5324] syz.0.0/5324 is trying to acquire lock: [ 86.220404][ T5324] ffff88804209c0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 86.224952][ T5324] [ 86.224952][ T5324] but task is already holding lock: [ 86.228889][ T5324] ffff888041e9c1f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 86.234773][ T5324] [ 86.234773][ T5324] which lock already depends on the new lock. [ 86.234773][ T5324] [ 86.239414][ T5324] [ 86.239414][ T5324] the existing dependency chain (in reverse order) is: [ 86.243445][ T5324] [ 86.243445][ T5324] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 86.248224][ T5324] __mutex_lock+0x19f/0x1300 [ 86.250909][ T5324] hfs_extend_file+0xf2/0x15e0 [ 86.253375][ T5324] hfs_bmap_reserve+0x107/0x430 [ 86.255882][ T5324] __hfs_ext_write_extent+0x1fa/0x470 [ 86.258847][ T5324] __hfs_ext_cache_extent+0x6b/0x9b0 [ 86.261992][ T5324] hfs_extend_file+0x39b/0x15e0 [ 86.264880][ T5324] hfs_get_block+0x412/0xc50 [ 86.267481][ T5324] __block_write_begin_int+0x6c6/0x1910 [ 86.270304][ T5324] cont_write_begin+0x737/0xae0 [ 86.272704][ T5324] hfs_write_begin+0x66/0xb0 [ 86.275097][ T5324] cont_write_begin+0x2e7/0xae0 [ 86.277628][ T5324] hfs_write_begin+0x66/0xb0 [ 86.280412][ T5324] generic_perform_write+0x2e2/0x8f0 [ 86.283574][ T5324] generic_file_write_iter+0x14a/0x680 [ 86.286584][ T5324] vfs_write+0x61d/0xb90 [ 86.288838][ T5324] __x64_sys_pwrite64+0x199/0x230 [ 86.291375][ T5324] do_syscall_64+0x14d/0xf80 [ 86.293857][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.297519][ T5324] [ 86.297519][ T5324] -> #0 (&tree->tree_lock/1){+.+.}-{4:4}: [ 86.301737][ T5324] __lock_acquire+0x15a5/0x2cf0 [ 86.304128][ T5324] lock_acquire+0xf0/0x2e0 [ 86.306621][ T5324] __mutex_lock+0x19f/0x1300 [ 86.309213][ T5324] hfs_find_init+0x18e/0x300 [ 86.311612][ T5324] hfs_extend_file+0x35c/0x15e0 [ 86.314910][ T5324] hfs_bmap_reserve+0x107/0x430 [ 86.317944][ T5324] hfs_cat_create+0x20f/0x800 [ 86.320849][ T5324] hfs_create+0x75/0xe0 [ 86.323141][ T5324] path_openat+0x1395/0x3860 [ 86.325358][ T5324] do_file_open+0x23e/0x4a0 [ 86.327501][ T5324] do_sys_openat2+0x113/0x200 [ 86.329883][ T5324] __x64_sys_open+0x11e/0x150 [ 86.332836][ T5324] do_syscall_64+0x14d/0xf80 [ 86.335562][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.338359][ T5324] [ 86.338359][ T5324] other info that might help us debug this: [ 86.338359][ T5324] [ 86.342997][ T5324] Possible unsafe locking scenario: [ 86.342997][ T5324] [ 86.346737][ T5324] CPU0 CPU1 [ 86.349253][ T5324] ---- ---- [ 86.351612][ T5324] lock(&HFS_I(tree->inode)->extents_lock); [ 86.354318][ T5324] lock(&tree->tree_lock/1); [ 86.357873][ T5324] lock(&HFS_I(tree->inode)->extents_lock); [ 86.362253][ T5324] lock(&tree->tree_lock/1); [ 86.364400][ T5324] [ 86.364400][ T5324] *** DEADLOCK *** [ 86.364400][ T5324] [ 86.368358][ T5324] 4 locks held by syz.0.0/5324: [ 86.371112][ T5324] #0: ffff88803c374420 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 86.375505][ T5324] #1: ffff888041e9bd20 (&type->i_mutex_dir_key#8){+.+.}-{4:4}, at: path_openat+0xb4c/0x3860 [ 86.379726][ T5324] #2: ffff8880341be0b0 (&tree->tree_lock){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 86.384857][ T5324] #3: ffff888041e9c1f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 86.391627][ T5324] [ 86.391627][ T5324] stack backtrace: [ 86.394277][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.394299][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 86.394306][ T5324] Call Trace: [ 86.394314][ T5324] [ 86.394322][ T5324] dump_stack_lvl+0xe8/0x150 [ 86.394344][ T5324] print_circular_bug+0x2e1/0x300 [ 86.394365][ T5324] check_noncircular+0x12e/0x150 [ 86.394383][ T5324] __lock_acquire+0x15a5/0x2cf0 [ 86.394398][ T5324] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 86.394418][ T5324] ? kasan_save_track+0x4f/0x80 [ 86.394436][ T5324] ? kasan_save_track+0x3e/0x80 [ 86.394453][ T5324] ? __kasan_kmalloc+0x93/0xb0 [ 86.394465][ T5324] ? __kmalloc_noprof+0x35c/0x760 [ 86.394483][ T5324] ? hfs_find_init+0xaa/0x300 [ 86.394497][ T5324] ? hfs_extend_file+0x35c/0x15e0 [ 86.394508][ T5324] ? hfs_bmap_reserve+0x107/0x430 [ 86.394518][ T5324] lock_acquire+0xf0/0x2e0 [ 86.394528][ T5324] ? hfs_find_init+0x18e/0x300 [ 86.394543][ T5324] __mutex_lock+0x19f/0x1300 [ 86.394553][ T5324] ? hfs_find_init+0x18e/0x300 [ 86.394570][ T5324] ? hfs_find_init+0x18e/0x300 [ 86.394585][ T5324] ? __pfx___mutex_lock+0x10/0x10 [ 86.394594][ T5324] ? rcu_is_watching+0x15/0xb0 [ 86.394608][ T5324] ? __kmalloc_noprof+0x37d/0x760 [ 86.394622][ T5324] ? kasan_save_track+0x4f/0x80 [ 86.394636][ T5324] ? hfs_find_init+0xaa/0x300 [ 86.394650][ T5324] ? __kmalloc_noprof+0x1b8/0x760 [ 86.394665][ T5324] hfs_find_init+0x18e/0x300 [ 86.394677][ T5324] hfs_extend_file+0x35c/0x15e0 [ 86.394685][ T5324] ? __pfx_hfs_extend_file+0x10/0x10 [ 86.394692][ T5324] ? __mutex_lock+0x319/0x1300 [ 86.394708][ T5324] ? __pfx___mutex_lock+0x10/0x10 [ 86.394716][ T5324] ? rcu_is_watching+0x15/0xb0 [ 86.394728][ T5324] hfs_bmap_reserve+0x107/0x430 [ 86.394738][ T5324] hfs_cat_create+0x20f/0x800 [ 86.394751][ T5324] ? do_raw_spin_lock+0x12b/0x2f0 [ 86.394760][ T5324] ? __pfx_hfs_cat_create+0x10/0x10 [ 86.394773][ T5324] ? _raw_spin_unlock+0x28/0x50 [ 86.394788][ T5324] ? hfs_new_inode+0x92d/0xc70 [ 86.394802][ T5324] hfs_create+0x75/0xe0 [ 86.394812][ T5324] ? __pfx_hfs_create+0x10/0x10 [ 86.394822][ T5324] path_openat+0x1395/0x3860 [ 86.394838][ T5324] ? __pfx_path_openat+0x10/0x10 [ 86.394843][ T5324] ? __x64_sys_open+0x11e/0x150 [ 86.394853][ T5324] ? __lock_acquire+0x6b5/0x2cf0 [ 86.394861][ T5324] do_file_open+0x23e/0x4a0 [ 86.394868][ T5324] ? __pfx_do_file_open+0x10/0x10 [ 86.394885][ T5324] ? _raw_spin_unlock+0x28/0x50 [ 86.394898][ T5324] ? alloc_fd+0x64b/0x6c0 [ 86.394913][ T5324] do_sys_openat2+0x113/0x200 [ 86.394925][ T5324] ? __se_sys_futex+0x3a8/0x450 [ 86.394938][ T5324] ? __pfx_do_sys_openat2+0x10/0x10 [ 86.394951][ T5324] ? rcu_is_watching+0x15/0xb0 [ 86.394963][ T5324] __x64_sys_open+0x11e/0x150 [ 86.394973][ T5324] do_syscall_64+0x14d/0xf80 [ 86.394983][ T5324] ? trace_irq_disable+0x3b/0x150 [ 86.394997][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.395010][ T5324] ? clear_bhb_loop+0x40/0x90 [ 86.395024][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.395036][ T5324] RIP: 0033:0x7fea98d9c799 [ 86.395072][ T5324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 86.395084][ T5324] RSP: 002b:00007fea99b8bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 86.395098][ T5324] RAX: ffffffffffffffda RBX: 00007fea99015fa0 RCX: 00007fea98d9c799 [ 86.395107][ T5324] RDX: 0000000000000000 RSI: 0000000000145142 RDI: 0000200000000240 [ 86.395115][ T5324] RBP: 00007fea98e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 86.395122][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.395129][ T5324] R13: 00007fea99016038 R14: 00007fea99015fa0 R15: 00007ffe137c8e88 [ 86.395142][ T5324] [ 86.584301][ T24] audit: type=1800 audit(1773959822.274:2): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=25 res=0 errno=0 [ 87.199074][ T5324] hfs: request for non-existent node 9 in B*Tree [ 87.202277][ T5324] hfs: request for non-existent node 9 in B*Tree [ 87.205818][ T5300] Bluetooth: hci0: command tx timeout [ 87.235688][ T5325] syz.0.0: attempt to access beyond end of device [ 87.235688][ T5325] loop0: rw=8388609, sector=4169, nr_sectors = 1 limit=64 [ 87.247465][ T5325] Buffer I/O error on dev loop0, logical block 4169, lost async page write [ 87.252424][ T5325] syz.0.0: attempt to access beyond end of device [ 87.252424][ T5325] loop0: rw=8388609, sector=4170, nr_sectors = 1 limit=64 [ 87.258382][ T5325] Buffer I/O error on dev loop0, logical block 4170, lost async page write [ 87.262880][ T5325] syz.0.0: attempt to access beyond end of device [ 87.262880][ T5325] loop0: rw=8388609, sector=4172, nr_sectors = 1 limit=64 [ 87.270119][ T5325] Buffer I/O error on dev loop0, logical block 4172, lost async page write [ 87.274211][ T5325] syz.0.0: attempt to access beyond end of device [ 87.274211][ T5325] loop0: rw=8388609, sector=4173, nr_sectors = 1 limit=64 [ 87.280030][ T5325] Buffer I/O error on dev loop0, logical block 4173, lost async page write [ 87.293101][ T5325] syz.0.0: attempt to access beyond end of device [ 87.293101][ T5325] loop0: rw=8388609, sector=4174, nr_sectors = 1 limit=64 [ 87.300405][ T5325] Buffer I/O error on dev loop0, logical block 4174, lost async page write [ 87.306968][ T5325] syz.0.0: attempt to access beyond end of device [ 87.306968][ T5325] loop0: rw=8388609, sector=4175, nr_sectors = 1 limit=64 [ 87.314526][ T5325] Buffer I/O error on dev loop0, logical block 4175, lost async page write [ 87.319477][ T5325] syz.0.0: attempt to access beyond end of device [ 87.319477][ T5325] loop0: rw=8388609, sector=4176, nr_sectors = 1 limit=64 [ 87.329046][ T5325] Buffer I/O error on dev loop0, logical block 4176, lost async page write [ 87.334211][ T5325] syz.0.0: attempt to access beyond end of device [ 87.334211][ T5325] loop0: rw=8388609, sector=4177, nr_sectors = 1 limit=64 [ 87.339974][ T5325] Buffer I/O error on dev loop0, logical block 4177, lost async page write [ 87.345645][ T5325] syz.0.0: attempt to access beyond end of device [ 87.345645][ T5325] loop0: rw=1, sector=4178, nr_sectors = 16 limit=64 [ 87.352862][ T5325] syz.0.0: attempt to access beyond end of device [ 87.352862][ T5325] loop0: rw=8388609, sector=4196, nr_sectors = 1 limit=64 [ 87.359060][ T5325] Buffer I/O error on dev loop0, logical block 4196, lost async page write [ 87.363929][ T5325] Buffer I/O error on dev loop0, logical block 4197, lost async page write