syzbot

 sign-in | mailing list | source | docs
🐞 Open [106]
🐞 Fixed [1]
🐞 Invalid [166]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in seq_read

Status: public: reported C repro on 2019/04/11 00:00
Reported-by: syzbot+9e57a4133291955054ed@syzkaller.appspotmail.com
First crash: 2264d, last: 1904d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 possible deadlock in seq_read (2) 1 932d 932d 0/1 auto-obsoleted due to no activity on 2022/09/01 16:45
linux-4.14 possible deadlock in seq_read 144 1298d 1973d 0/1 auto-closed as invalid on 2021/08/31 02:48
android-44 possible deadlock in seq_read C 632 1814d 2051d 0/2 public: reported C repro on 2019/04/11 08:44
android-49 possible deadlock in seq_read C 56124 1814d 2050d 1/3 public: reported C repro on 2019/04/12 00:00
linux-4.19 possible deadlock in seq_read C error 290 664d 1935d 0/1 upstream: reported C repro on 2019/08/05 16:40
upstream possible deadlock in seq_read (2) overlayfs C done error 95 1512d 2048d 0/28 auto-obsoleted due to no activity on 2022/09/24 20:28
upstream possible deadlock in seq_read fs C 19074 2057d 2547d 12/28 fixed on 2019/04/12 08:05

Sample crash report:
random: sshd: uninitialized urandom read (32 bytes read)
audit: type=1400 audit(1553570534.297:7): avc:  denied  { map } for  pid=1769 comm="syz-executor677" path="/root/syz-executor677385038" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
======================================================
WARNING: possible circular locking dependency detected
4.14.108+ #37 Not tainted
------------------------------------------------------
syz-executor677/1773 is trying to acquire lock:
 (&p->lock){+.+.}, at: [<ffffffff9bfcf95d>] seq_read+0xcd/0x1180 fs/seq_file.c:165

but task is already holding lock:
 (&pipe->mutex/1){+.+.}, at: [<ffffffff9bf71cd8>] pipe_lock_nested fs/pipe.c:67 [inline]
 (&pipe->mutex/1){+.+.}, at: [<ffffffff9bf71cd8>] pipe_lock+0x58/0x70 fs/pipe.c:75

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #2 (&pipe->mutex/1){+.+.}:

-> #1 (&sig->cred_guard_mutex){+.+.}:

-> #0 (&p->lock){+.+.}:

other info that might help us debug this:

Chain exists of:
  &p->lock --> &sig->cred_guard_mutex --> &pipe->mutex/1

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&pipe->mutex/1);
                               lock(&sig->cred_guard_mutex);
                               lock(&pipe->mutex/1);
  lock(&p->lock);

 *** DEADLOCK ***

1 lock held by syz-executor677/1773:
 #0:  (&pipe->mutex/1){+.+.}, at: [<ffffffff9bf71cd8>] pipe_lock_nested fs/pipe.c:67 [inline]
 #0:  (&pipe->mutex/1){+.+.}, at: [<ffffffff9bf71cd8>] pipe_lock+0x58/0x70 fs/pipe.c:75

stack backtrace:
CPU: 1 PID: 1773 Comm: syz-executor677 Not tainted 4.14.108+ #37
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xb9/0x10e lib/dump_stack.c:53
 print_circular_bug.isra.0.cold+0x2dc/0x425 kernel/locking/lockdep.c:1258

Crashes (1737):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/03/26 03:24 android-4.14 02b246355459 55684ce1 .config console log report syz C ci-android-414-kasan-gce-root
2018/11/28 02:11 android-4.14 0e1d81608a8a 4b6d14f2 .config console log report syz C ci-android-414-kasan-gce-root
2018/09/24 07:40 android-4.14 666c420fa3ea 28d9ac76 .config console log report syz C ci-android-414-kasan-gce-root
2018/09/24 03:52 android-4.14 666c420fa3ea 28d9ac76 .config console log report syz C ci-android-414-kasan-gce-root
2018/09/23 03:21 android-4.14 666c420fa3ea 37079712 .config console log report syz C ci-android-414-kasan-gce-root
2018/12/11 20:25 android-4.14 e525d2cfbe65 7795ae03 .config console log report syz ci-android-414-kasan-gce-root
2018/09/22 22:59 android-4.14 666c420fa3ea 37079712 .config console log report syz ci-android-414-kasan-gce-root
2019/09/04 22:33 android-4.14 38733badc0e6 040fda58 .config console log report ci-android-414-kasan-gce-root
2019/08/27 03:28 android-4.14 f5189d4af2b5 d21c5d9d .config console log report ci-android-414-kasan-gce-root
2019/08/01 20:31 android-4.14 a5847ae74b42 835dffe7 .config console log report ci-android-414-kasan-gce-root
2019/04/03 03:15 android-4.14 140cda105bb8 dfd3394d .config console log report ci-android-414-kasan-gce-root
2019/04/02 21:54 android-4.14 140cda105bb8 dfd3394d .config console log report ci-android-414-kasan-gce-root
2019/04/02 14:14 android-4.14 140cda105bb8 dfd3394d .config console log report ci-android-414-kasan-gce-root
2019/03/27 11:07 android-4.14 db689dd813b7 55684ce1 .config console log report ci-android-414-kasan-gce-root
2019/03/27 05:15 android-4.14 db689dd813b7 55684ce1 .config console log report ci-android-414-kasan-gce-root
2019/03/26 07:31 android-4.14 02b246355459 55684ce1 .config console log report ci-android-414-kasan-gce-root
2019/03/23 08:33 android-4.14 740617b2f48f 3361bde5 .config console log report ci-android-414-kasan-gce-root
2019/03/21 07:03 android-4.14 cfbe30be85c4 427ea487 .config console log report ci-android-414-kasan-gce-root
2019/03/19 03:36 android-4.14 ea583d160621 46264c32 .config console log report ci-android-414-kasan-gce-root
2019/03/17 16:54 android-4.14 8ed9bc6e6401 ba18afea .config console log report ci-android-414-kasan-gce-root
2019/03/17 14:48 android-4.14 8ed9bc6e6401 ba18afea .config console log report ci-android-414-kasan-gce-root
2019/03/10 10:03 android-4.14 b11964adfe4c 12365b99 .config console log report ci-android-414-kasan-gce-root
2019/03/07 14:32 android-4.14 a895cea2010e 8c085c5e .config console log report ci-android-414-kasan-gce-root
2019/03/04 13:16 android-4.14 934272e9380b 7c693b52 .config console log report ci-android-414-kasan-gce-root
2019/03/03 06:39 android-4.14 934272e9380b 1c0e457a .config console log report ci-android-414-kasan-gce-root
2019/03/02 00:03 android-4.14 0cc8f104f45a 68d9e495 .config console log report ci-android-414-kasan-gce-root
2019/03/01 04:39 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/03/01 02:57 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/03/01 00:19 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/02/28 22:51 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/02/28 21:27 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/02/28 19:53 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/02/28 13:16 android-4.14 0cc8f104f45a 09aeeba4 .config console log report ci-android-414-kasan-gce-root
2019/02/22 14:46 android-4.14 01709c953f89 6a5fcca4 .config console log report ci-android-414-kasan-gce-root
2019/02/16 16:14 android-4.14 4a739e3530cc f42dee6d .config console log report ci-android-414-kasan-gce-root
2019/02/15 18:43 android-4.14 6142833f8318 f6f233c0 .config console log report ci-android-414-kasan-gce-root
2019/02/11 13:46 android-4.14 57de59b3cf53 73f5f452 .config console log report ci-android-414-kasan-gce-root
2019/02/10 05:24 android-4.14 57de59b3cf53 b4f792e4 .config console log report ci-android-414-kasan-gce-root
2019/02/07 08:02 android-4.14 ae77ce090bb4 d25487bc .config console log report ci-android-414-kasan-gce-root
2019/02/06 23:17 android-4.14 ae77ce090bb4 d25487bc .config console log report ci-android-414-kasan-gce-root
2019/02/06 04:47 android-4.14 ae77ce090bb4 d672172c .config console log report ci-android-414-kasan-gce-root
2019/02/05 13:42 android-4.14 71c835d2a50c d672172c .config console log report ci-android-414-kasan-gce-root
2019/02/05 04:01 android-4.14 dcc2cc75ff5c d672172c .config console log report ci-android-414-kasan-gce-root
2019/02/04 09:20 android-4.14 80d7b06534fa c198d5dd .config console log report ci-android-414-kasan-gce-root
2019/02/02 20:31 android-4.14 80d7b06534fa c198d5dd .config console log report ci-android-414-kasan-gce-root
2019/02/02 17:28 android-4.14 80d7b06534fa c198d5dd .config console log report ci-android-414-kasan-gce-root
2019/02/01 11:29 android-4.14 63d1657d00e0 0c07abcf .config console log report ci-android-414-kasan-gce-root
2019/02/01 06:59 android-4.14 63d1657d00e0 0e8ea0a3 .config console log report ci-android-414-kasan-gce-root
2019/01/31 07:48 android-4.14 63d1657d00e0 aa432daf .config console log report ci-android-414-kasan-gce-root
2019/01/27 09:13 android-4.14 70014b13c28c c73f090a .config console log report ci-android-414-kasan-gce-root
2019/01/27 01:58 android-4.14 70014b13c28c c73f090a .config console log report ci-android-414-kasan-gce-root
2019/01/26 21:23 android-4.14 70014b13c28c c73f090a .config console log report ci-android-414-kasan-gce-root
2018/09/10 00:36 android-4.14 b859aa7d7a0c 6b5120a4 .config console log report ci-android-414-kasan-gce-root
* Struck through repros no longer work on HEAD.