syzbot


possible deadlock in mi_read

Status: upstream: reported C repro on 2022/10/01 13:47
Reported-by: syzbot+bc7ca0ae4591cb2550f9@syzkaller.appspotmail.com
First crash: 56d, last: 4d00h

Cause bisection: failed (bisect log)

Sample crash report:
loop0: detected capacity change from 0 to 4096
ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
============================================
WARNING: possible recursive locking detected
6.0.0-rc7-syzkaller-00220-gffb4d94b4314 #0 Not tainted
--------------------------------------------
syz-executor130/3607 is trying to acquire lock:
ffff888074709e80 (&ni->ni_lock/4){+.+.}-{3:3}, at: ni_lock fs/ntfs3/ntfs_fs.h:1108 [inline]
ffff888074709e80 (&ni->ni_lock/4){+.+.}-{3:3}, at: mi_read+0x298/0x510 fs/ntfs3/record.c:148

but task is already holding lock:
ffff88807470d980 (&ni->ni_lock/4){+.+.}-{3:3}, at: ni_lock fs/ntfs3/ntfs_fs.h:1108 [inline]
ffff88807470d980 (&ni->ni_lock/4){+.+.}-{3:3}, at: ntfs_lookup+0x104/0x1b0 fs/ntfs3/namei.c:82

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&ni->ni_lock/4);
  lock(&ni->ni_lock/4);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

2 locks held by syz-executor130/3607:
 #0: ffff88807470dc20 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: inode_lock_shared include/linux/fs.h:766 [inline]
 #0: ffff88807470dc20 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lookup_slow+0x45/0x70 fs/namei.c:1701
 #1: ffff88807470d980 (&ni->ni_lock/4){+.+.}-{3:3}, at: ni_lock fs/ntfs3/ntfs_fs.h:1108 [inline]
 #1: ffff88807470d980 (&ni->ni_lock/4){+.+.}-{3:3}, at: ntfs_lookup+0x104/0x1b0 fs/ntfs3/namei.c:82

stack backtrace:
CPU: 1 PID: 3607 Comm: syz-executor130 Not tainted 6.0.0-rc7-syzkaller-00220-gffb4d94b4314 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106
 print_deadlock_bug kernel/locking/lockdep.c:2988 [inline]
 check_deadlock kernel/locking/lockdep.c:3031 [inline]
 validate_chain+0x4916/0x6c00 kernel/locking/lockdep.c:3816
 __lock_acquire+0x1292/0x1f60 kernel/locking/lockdep.c:5053
 lock_acquire+0x182/0x3c0 kernel/locking/lockdep.c:5666
 __mutex_lock_common+0x1bd/0x26e0 kernel/locking/mutex.c:603
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:799
 ni_lock fs/ntfs3/ntfs_fs.h:1108 [inline]
 mi_read+0x298/0x510 fs/ntfs3/record.c:148
 ntfs_read_mft fs/ntfs3/inode.c:69 [inline]
 ntfs_iget5+0x3f9/0x36a0 fs/ntfs3/inode.c:501
 dir_search_u+0x2aa/0x320 fs/ntfs3/dir.c:264
 ntfs_lookup+0x112/0x1b0 fs/ntfs3/namei.c:83
 __lookup_slow+0x266/0x3a0 fs/namei.c:1685
 lookup_slow+0x53/0x70 fs/namei.c:1702
 walk_component+0x2e1/0x410 fs/namei.c:1993
 lookup_last fs/namei.c:2450 [inline]
 path_lookupat+0x17d/0x450 fs/namei.c:2474
 filename_lookup+0x274/0x650 fs/namei.c:2503
 user_path_at_empty+0x40/0x1a0 fs/namei.c:2876
 user_path_at include/linux/namei.h:57 [inline]
 __do_sys_open_tree fs/namespace.c:2537 [inline]
 __se_sys_open_tree+0x1fa/0x8c0 fs/namespace.c:2504
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f0d628870e9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc67bb1008 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac
RAX: ffffffffffffffda RBX: 00007f0d628cca90 RCX: 00007f0d628870e9
RDX: 0000000000000800 RSI: 0000000020000140 RDI: 0000000000000003
RBP: 00007f0d628cc7a8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d628cc5c0
R13: 00007f0d628ca918 R14: 0003

Fix bisection attempts:
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-fs 2022/11/04 12:24 upstream ee6050c8af96 feb56351 .config log report syz C
* Struck through repros no longer work on HEAD.
Crashes (5):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-fs 2022/10/01 20:29 upstream ffb4d94b4314 feb56351 .config log report syz C possible deadlock in mi_read
ci-upstream-gce-arm64 2022/10/01 09:49 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bbed346d5a96 feb56351 .config log report syz C possible deadlock in mi_read
ci-upstream-kasan-gce-root 2022/11/23 01:16 upstream eb7081409f94 9da37ae8 .config log report info possible deadlock in mi_read
ci-upstream-gce-arm64 2022/10/01 10:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bbed346d5a96 feb56351 .config log report info possible deadlock in mi_read
ci-upstream-gce-arm64 2022/10/01 09:25 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bbed346d5a96 feb56351 .config log report info possible deadlock in mi_read
* Struck through repros no longer work on HEAD.