syzbot


possible deadlock in ntfs_readpage

Status: upstream: reported C repro on 2023/03/15 17:04
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+49cf7fd77f8792cd05d5@syzkaller.appspotmail.com
First crash: 486d, last: 22h23m
Bug presence (3)
Date Name Commit Repro Result
2024/04/21 linux-5.15.y (ToT) c52b9710c83d C [report] possible deadlock in ntfs_readpage
2023/05/12 upstream (ToT) cc3c44c9fda2 C [report] possible deadlock in ntfs_read_folio
2024/04/21 upstream (ToT) ed30a4a51bb1 C Didn't crash
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 possible deadlock in ntfs_readpage ntfs C 40 502d 657d 0/1 upstream: reported C repro on 2022/09/26 03:04
linux-4.19 possible deadlock in ntfs_readpage ntfs C 51 507d 657d 0/1 upstream: reported C repro on 2022/09/26 05:24
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2024/06/10 02:21 5h54m fix candidate upstream OK (1) job log

Sample crash report:
======================================================
WARNING: possible circular locking dependency detected
5.15.157-syzkaller #0 Not tainted
------------------------------------------------------
kworker/u4:2/151 is trying to acquire lock:
ffff888075bd8940 (&rl->lock){++++}-{3:3}, at: ntfs_read_block fs/ntfs/aops.c:248 [inline]
ffff888075bd8940 (&rl->lock){++++}-{3:3}, at: ntfs_readpage+0x123e/0x2210 fs/ntfs/aops.c:435

but task is already holding lock:
ffff888075bdb310 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4a/0x850 fs/ntfs/mft.c:154

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&ni->mrec_lock){+.+.}-{3:3}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       __mutex_lock_common+0x1da/0x25a0 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       map_mft_record+0x4a/0x850 fs/ntfs/mft.c:154
       ntfs_attr_extend_allocation+0x535/0x4340 fs/ntfs/attrib.c:2002
       ntfs_prepare_file_for_write fs/ntfs/file.c:395 [inline]
       ntfs_file_write_iter+0x4c9/0x1fa0 fs/ntfs/file.c:1919
       call_write_iter include/linux/fs.h:2172 [inline]
       new_sync_write fs/read_write.c:507 [inline]
       vfs_write+0xacf/0xe50 fs/read_write.c:594
       ksys_write+0x1a2/0x2c0 fs/read_write.c:647
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&rl->lock){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
       __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
       ntfs_read_block fs/ntfs/aops.c:248 [inline]
       ntfs_readpage+0x123e/0x2210 fs/ntfs/aops.c:435
       do_read_cache_page+0x752/0x1040
       read_mapping_page include/linux/pagemap.h:515 [inline]
       ntfs_map_page+0x25/0x390 fs/ntfs/aops.h:75
       ntfs_sync_mft_mirror+0x253/0x19e0 fs/ntfs/mft.c:480
       write_mft_record_nolock+0x1164/0x16c0 fs/ntfs/mft.c:787
       write_mft_record fs/ntfs/mft.h:95 [inline]
       __ntfs_write_inode+0x7b4/0xdd0 fs/ntfs/inode.c:3050
       write_inode fs/fs-writeback.c:1495 [inline]
       __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
       writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
       __writeback_inodes_wb+0x114/0x400 fs/fs-writeback.c:2001
       wb_writeback+0x465/0xc50 fs/fs-writeback.c:2106
       wb_check_background_flush fs/fs-writeback.c:2172 [inline]
       wb_do_writeback fs/fs-writeback.c:2260 [inline]
       wb_workfn+0xd07/0x1130 fs/fs-writeback.c:2288
       process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
       worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
       kthread+0x3f6/0x4f0 kernel/kthread.c:334
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&ni->mrec_lock);
                               lock(&rl->lock);
                               lock(&ni->mrec_lock);
  lock(&rl->lock);

 *** DEADLOCK ***

4 locks held by kworker/u4:2/151:
 #0: ffff888142dfd138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: ffffc90001d27d20 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: ffff88807675e0e0 (&type->s_umount_key#65){.+.+}-{3:3}, at: trylock_super+0x1b/0xf0 fs/super.c:418
 #3: ffff888075bdb310 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4a/0x850 fs/ntfs/mft.c:154

stack backtrace:
CPU: 0 PID: 151 Comm: kworker/u4:2 Not tainted 5.15.157-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Workqueue: writeback wb_workfn (flush-7:3)
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 check_noncircular+0x2f8/0x3b0 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
 __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
 lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
 down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
 ntfs_read_block fs/ntfs/aops.c:248 [inline]
 ntfs_readpage+0x123e/0x2210 fs/ntfs/aops.c:435
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 ntfs_map_page+0x25/0x390 fs/ntfs/aops.h:75
 ntfs_sync_mft_mirror+0x253/0x19e0 fs/ntfs/mft.c:480
 write_mft_record_nolock+0x1164/0x16c0 fs/ntfs/mft.c:787
 write_mft_record fs/ntfs/mft.h:95 [inline]
 __ntfs_write_inode+0x7b4/0xdd0 fs/ntfs/inode.c:3050
 write_inode fs/fs-writeback.c:1495 [inline]
 __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
 writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
 __writeback_inodes_wb+0x114/0x400 fs/fs-writeback.c:2001
 wb_writeback+0x465/0xc50 fs/fs-writeback.c:2106
 wb_check_background_flush fs/fs-writeback.c:2172 [inline]
 wb_do_writeback fs/fs-writeback.c:2260 [inline]
 wb_workfn+0xd07/0x1130 fs/fs-writeback.c:2288
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
 </TASK>

Crashes (181):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/28 19:09 linux-5.15.y b925f60c6ee7 07b455f9 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/04/28 16:09 linux-5.15.y b925f60c6ee7 07b455f9 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/04/26 08:00 linux-5.15.y c52b9710c83d 8bdc0f22 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/04/21 18:45 linux-5.15.y c52b9710c83d af24b050 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/04/08 06:02 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2023/04/30 14:15 linux-5.15.y f48aeeaaa64c 62df2017 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/06/03 00:06 linux-5.15.y c61bd26ae81a 3113787f .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/06/01 19:49 linux-5.15.y c61bd26ae81a 3113787f .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/18 17:20 linux-5.15.y c52b9710c83d af24b050 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/06 14:47 linux-5.15.y 80efc6265290 f39a7eed .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/06 10:46 linux-5.15.y 80efc6265290 f39a7eed .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/02/24 04:37 linux-5.15.y 458ce51d0356 8d446f15 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/01/24 12:43 linux-5.15.y ddcaf4999061 1e153dc8 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2023/11/30 23:27 linux-5.15.y a78d278e01b1 f819d6f7 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2023/08/10 04:42 linux-5.15.y c275eaaaa342 13ca4cd6 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2023/03/18 09:07 linux-5.15.y 8020ae3c051d 7939252e .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2023/08/13 18:27 linux-5.15.y 24c4de4069cb 39990d51 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/06/30 08:44 linux-5.15.y 4878aadf2d15 757f06b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/06/17 20:45 linux-5.15.y 4878aadf2d15 1f11cfd7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/06/16 03:44 linux-5.15.y c61bd26ae81a f429ab00 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/24 04:33 linux-5.15.y 83655231580b 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/20 02:03 linux-5.15.y 83655231580b c0f1611a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/18 04:08 linux-5.15.y 83655231580b c0f1611a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/12 23:20 linux-5.15.y 284087d4f7d5 9026e142 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/07 00:40 linux-5.15.y 284087d4f7d5 fa7a5cf0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/05 05:59 linux-5.15.y 284087d4f7d5 610f2a54 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/02 10:16 linux-5.15.y b925f60c6ee7 3ba885bc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/05/01 12:19 linux-5.15.y b925f60c6ee7 3ba885bc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/04/09 14:38 linux-5.15.y 9465fef4ae35 f3234354 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/04/01 22:14 linux-5.15.y 9465fef4ae35 6baf5069 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/03/29 14:34 linux-5.15.y 9465fef4ae35 c52bcb23 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/03/28 08:07 linux-5.15.y 9465fef4ae35 120789fd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/03/26 12:22 linux-5.15.y b95c01af2113 bcd9b39f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/03/24 15:17 linux-5.15.y b95c01af2113 0ea90952 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
2024/07/13 07:27 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/07/12 15:24 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/06/29 11:47 linux-5.15.y 4878aadf2d15 757f06b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/06/13 07:29 linux-5.15.y c61bd26ae81a 2aa5052f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/06/07 15:50 linux-5.15.y c61bd26ae81a 121701b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/05/29 21:06 linux-5.15.y c61bd26ae81a 34889ee3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/05/29 13:45 linux-5.15.y c61bd26ae81a 34889ee3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/05/16 09:07 linux-5.15.y 284087d4f7d5 ef5d53ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/05/09 01:20 linux-5.15.y 284087d4f7d5 20bf80e1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/21 23:50 linux-5.15.y c52b9710c83d af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/14 18:20 linux-5.15.y fa3df276cd36 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/13 08:45 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/11 12:59 linux-5.15.y cdfd0a7f0139 33b9e058 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/07 21:34 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/07 17:06 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/04 05:34 linux-5.15.y 9465fef4ae35 51c4dcff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/04/04 00:29 linux-5.15.y 9465fef4ae35 51c4dcff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/30 15:27 linux-5.15.y 9465fef4ae35 6baf5069 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/28 12:33 linux-5.15.y 9465fef4ae35 120789fd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/27 01:02 linux-5.15.y 9465fef4ae35 454571b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/14 01:47 linux-5.15.y 574362648507 f919f202 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/05 07:36 linux-5.15.y 80efc6265290 5fc53669 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/03/05 03:16 linux-5.15.y 80efc6265290 5fc53669 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/02/13 18:09 linux-5.15.y 6139f2a02fe0 e66542d7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/02/09 22:28 linux-5.15.y 6139f2a02fe0 77b23aa1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2024/02/01 16:11 linux-5.15.y 6139f2a02fe0 81024119 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in ntfs_readpage
2023/03/15 17:04 linux-5.15.y 2ddbd0f967b3 18b58603 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ntfs_readpage
* Struck through repros no longer work on HEAD.