syzbot


possible deadlock in map_mft_record

Status: upstream: reported C repro on 2022/10/19 05:29
Subsystems: ntfs
[Documentation on labels]
Reported-by: syzbot+cb1fdea540b46f0ce394@syzkaller.appspotmail.com
First crash: 413d, last: 9h37m
Cause bisection: failed (error log, bisect log)
  
Discussions (9)
Title Replies (including bot) Last reply
[syzbot] Monthly ntfs report (Nov 2023) 0 (1) 2023/11/05 13:07
[syzbot] Monthly ntfs report (Oct 2023) 0 (1) 2023/10/04 13:13
[syzbot] Monthly ntfs report (Sep 2023) 0 (1) 2023/09/04 08:31
[syzbot] Monthly ntfs report (Aug 2023) 0 (1) 2023/08/03 07:02
[syzbot] Monthly ntfs report (Jul 2023) 0 (1) 2023/07/03 09:03
[syzbot] Monthly ntfs report (Jun 2023) 0 (1) 2023/06/02 08:40
[syzbot] Monthly ntfs report (May 2023) 0 (1) 2023/05/02 07:18
[syzbot] Monthly ntfs report 0 (1) 2023/03/31 15:00
[syzbot] possible deadlock in map_mft_record 0 (2) 2022/12/30 12:29
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in map_mft_record 10 15d 259d 0/3 upstream: reported on 2023/03/21 20:17
linux-4.14 possible deadlock in map_mft_record ntfs C 5 292d 386d 0/1 upstream: reported C repro on 2022/11/15 01:41
linux-5.15 possible deadlock in map_mft_record 21 35d 263d 0/3 upstream: reported on 2023/03/17 18:38
linux-4.19 possible deadlock in map_mft_record ntfs C error 11 311d 422d 0/1 upstream: reported C repro on 2022/10/09 19:52
Last patch testing requests (5)
Created Duration User Patch Repo Result
2023/09/15 04:01 21m retest repro upstream OK log
2023/09/15 04:01 14m retest repro linux-next report log
2023/09/14 09:07 22m retest repro upstream OK log
2023/09/13 14:47 20m retest repro upstream OK log
2023/09/13 14:47 17m retest repro upstream OK log

Sample crash report:
loop0: detected capacity change from 0 to 4096
ntfs: volume version 3.1.
======================================================
WARNING: possible circular locking dependency detected
6.3.0-rc3-next-20230324-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor268/5096 is trying to acquire lock:
ffff888073d2aad0 (&lcnbmp_mrec_lock_key){+.+.}-{3:3}, at: map_mft_record+0x40/0x6c0 fs/ntfs/mft.c:154

but task is already holding lock:
ffff888146ebd9f8 (&vol->lcnbmp_lock){+.+.}-{3:3}, at: ntfs_put_super+0x39c/0x1700 fs/ntfs/super.c:2290

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&vol->lcnbmp_lock){+.+.}-{3:3}:
       down_write+0x92/0x200 kernel/locking/rwsem.c:1573
       __ntfs_cluster_free+0x12d/0xbe0 fs/ntfs/lcnalloc.c:862
       ntfs_cluster_free fs/ntfs/lcnalloc.h:96 [inline]
       ntfs_truncate+0x16c1/0x2a50 fs/ntfs/inode.c:2695
       ntfs_truncate_vfs fs/ntfs/inode.c:2862 [inline]
       ntfs_setattr+0x397/0x560 fs/ntfs/inode.c:2914
       notify_change+0xb2c/0x1180 fs/attr.c:482
       do_truncate+0x143/0x200 fs/open.c:66
       handle_truncate fs/namei.c:3219 [inline]
       do_open fs/namei.c:3564 [inline]
       path_openat+0x2083/0x2750 fs/namei.c:3715
       do_file_open_root+0x2cc/0x590 fs/namei.c:3767
       file_open_root+0x2e2/0x460 fs/open.c:1336
       do_handle_open+0x327/0x8b0 fs/fhandle.c:232
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #0 (&lcnbmp_mrec_lock_key){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3108 [inline]
       check_prevs_add kernel/locking/lockdep.c:3227 [inline]
       validate_chain kernel/locking/lockdep.c:3842 [inline]
       __lock_acquire+0x2f21/0x5df0 kernel/locking/lockdep.c:5074
       lock_acquire.part.0+0x11c/0x370 kernel/locking/lockdep.c:5691
       __mutex_lock_common kernel/locking/mutex.c:603 [inline]
       __mutex_lock+0x12f/0x1350 kernel/locking/mutex.c:747
       map_mft_record+0x40/0x6c0 fs/ntfs/mft.c:154
       __ntfs_write_inode+0x88/0xc40 fs/ntfs/inode.c:2978
       ntfs_commit_inode fs/ntfs/inode.h:300 [inline]
       ntfs_put_super+0xf43/0x1700 fs/ntfs/super.c:2291
       generic_shutdown_super+0x158/0x480 fs/super.c:500
       kill_block_super+0x9b/0xf0 fs/super.c:1407
       deactivate_locked_super+0x98/0x160 fs/super.c:331
       deactivate_super+0xb1/0xd0 fs/super.c:362
       cleanup_mnt+0x2ae/0x3d0 fs/namespace.c:1177
       task_work_run+0x16f/0x270 kernel/task_work.c:179
       exit_task_work include/linux/task_work.h:38 [inline]
       do_exit+0xb0d/0x29f0 kernel/exit.c:869
       do_group_exit+0xd4/0x2a0 kernel/exit.c:1019
       __do_sys_exit_group kernel/exit.c:1030 [inline]
       __se_sys_exit_group kernel/exit.c:1028 [inline]
       __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1028
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&vol->lcnbmp_lock);
                               lock(&lcnbmp_mrec_lock_key);
                               lock(&vol->lcnbmp_lock);
  lock(&lcnbmp_mrec_lock_key);

 *** DEADLOCK ***

2 locks held by syz-executor268/5096:
 #0: ffff8880291640e0 (&type->s_umount_key#45){+.+.}-{3:3}, at: deactivate_super+0xa9/0xd0 fs/super.c:361
 #1: ffff888146ebd9f8 (&vol->lcnbmp_lock){+.+.}-{3:3}, at: ntfs_put_super+0x39c/0x1700 fs/ntfs/super.c:2290

stack backtrace:
CPU: 0 PID: 5096 Comm: syz-executor268 Not tainted 6.3.0-rc3-next-20230324-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106
 check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2188
 check_prev_add kernel/locking/lockdep.c:3108 [inline]
 check_prevs_add kernel/locking/lockdep.c:3227 [inline]
 validate_chain kernel/locking/lockdep.c:3842 [inline]
 __lock_acquire+0x2f21/0x5df0 kernel/locking/lockdep.c:5074
 lock_acquire.part.0+0x11c/0x370 kernel/locking/lockdep.c:5691
 __mutex_lock_common kernel/locking/mutex.c:603 [inline]
 __mutex_lock+0x12f/0x1350 kernel/locking/mutex.c:747
 map_mft_record+0x40/0x6c0 fs/ntfs/mft.c:154
 __ntfs_write_inode+0x88/0xc40 fs/ntfs/inode.c:2978
 ntfs_commit_inode fs/ntfs/inode.h:300 [inline]
 ntfs_put_super+0xf43/0x1700 fs/ntfs/super.c:2291
 generic_shutdown_super+0x158/0x480 fs/super.c:500
 kill_block_super+0x9b/0xf0 fs/super.c:1407
 deactivate_locked_super+0x98/0x160 fs/super.c:331
 deactivate_super+0xb1/0xd0 fs/super.c:362
 cleanup_mnt+0x2ae/0x3d0 fs/namespace.c:1177
 task_work_run+0x16f/0x270 kernel/task_work.c:179
 exit_task_work include/linux/task_work.h:38 [inline]
 do_exit+0xb0d/0x29f0 kernel/exit.c:869
 do_group_exit+0xd4/0x2a0 kernel/exit.c:1019
 __do_sys_exit_group kernel/exit.c:1030 [inline]
 __se_sys_exit_group kernel/exit.c:1028 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1028
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f81c3b87a29
Code: Unable to access opcode bytes at 0x7f81c3b879ff.
RSP: 002b:00007fff4088e008 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007f81c3c1c330 RCX: 00007f81c3b87a29
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
RBP: 0000000000000001 

Crashes (763):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/03/25 13:17 linux-next e5dbf24e8b9e fbf0499a .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root possible deadlock in map_mft_record
2023/06/24 11:15 upstream 61dabacdad4e 09ffe269 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root possible deadlock in map_mft_record
2023/02/23 17:42 upstream d8ca6dbb8de7 9e2ebb3c .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root possible deadlock in map_mft_record
2023/01/02 03:52 upstream e4cf7c25bae5 ab32d508 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs possible deadlock in map_mft_record
2022/12/30 12:29 upstream 2258c2dc850b 44712fbc .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs possible deadlock in map_mft_record
2023/12/04 01:01 upstream 33cc938e65a9 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in map_mft_record
2023/12/02 23:15 upstream 815fb87b7530 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in map_mft_record
2023/11/29 22:56 upstream 3b47bc037bd4 6e78f9ce .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in map_mft_record
2023/11/28 17:44 upstream df60cee26a2e 1adfb6f6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in map_mft_record
2023/11/27 00:56 upstream d2da77f431ac 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in map_mft_record
2023/11/26 19:52 upstream 090472ed9c92 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in map_mft_record
2023/11/21 02:09 upstream 98b1cc82c4af cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in map_mft_record
2023/11/19 07:31 upstream 23dfa043f6d5 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in map_mft_record
2023/11/18 21:14 upstream 05aa69b096a0 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in map_mft_record
2023/11/14 18:34 upstream 9bacdd8996c7 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in map_mft_record
2023/10/21 22:57 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root possible deadlock in map_mft_record
2023/10/15 23:59 upstream 11d3f7261395 f757a323 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in map_mft_record
2023/12/05 22:51 upstream bee0e7762ad2 858d62d1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/12/03 21:19 upstream 33cc938e65a9 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/12/03 09:49 upstream 1b8af6552cb7 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/12/02 09:11 upstream 815fb87b7530 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/12/01 16:32 upstream 994d5c58e50e f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/12/01 14:02 upstream 994d5c58e50e f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/30 16:45 upstream 3b47bc037bd4 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/30 11:27 upstream 3b47bc037bd4 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/30 10:18 upstream 3b47bc037bd4 f819d6f7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/29 13:40 upstream 18d46e76d7c2 1adfb6f6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/29 08:45 upstream 18d46e76d7c2 1adfb6f6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/29 04:44 upstream 18d46e76d7c2 1adfb6f6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/27 03:14 upstream d2da77f431ac 5b429f39 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/26 03:19 upstream b46ae77f6787 5b429f39 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/25 09:30 upstream 0f5cc96c367f 5b429f39 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/25 01:38 upstream 0f5cc96c367f 5b429f39 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/24 21:47 upstream f1a09972a45a 5b429f39 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/23 18:43 upstream 9b6de136b5f0 5b429f39 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/23 04:20 upstream 9b6de136b5f0 fc59b78e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/22 00:28 upstream c2d5304e6c64 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/20 23:13 upstream 98b1cc82c4af cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/20 07:02 upstream eb3479bc23fa cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/20 04:30 upstream eb3479bc23fa cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/19 18:55 upstream 037266a5f723 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/19 03:32 upstream 23dfa043f6d5 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/18 15:57 upstream 791c8ab095f7 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/18 13:06 upstream 791c8ab095f7 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/18 07:12 upstream 791c8ab095f7 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/18 00:06 upstream 6bc40e44f1dd cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/16 19:28 upstream 7475e51b8796 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/16 09:18 upstream c42d9eeef8e5 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/15 21:22 upstream c42d9eeef8e5 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/15 14:43 upstream 86d11b0e20c0 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/15 12:31 upstream 86d11b0e20c0 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/15 07:36 upstream 86d11b0e20c0 cb976f63 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/13 00:59 upstream b57b17e88bf5 6d6dbf8a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in map_mft_record
2023/11/02 13:01 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 8de1e7afcc1c b5f07fd3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in map_mft_record
2022/10/18 16:52 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bbed346d5a96 b31320fc .config console log report info [disk image] [vmlinux] ci-upstream-gce-arm64 possible deadlock in map_mft_record
* Struck through repros no longer work on HEAD.