syzbot


possible deadlock in attr_data_get_block

Status: upstream: reported C repro on 2022/10/17 07:43
Subsystems: ntfs3
[Documentation on labels]
Reported-by: syzbot+36bb70085ef6edc2ebb9@syzkaller.appspotmail.com
First crash: 519d, last: 10h55m
Cause bisection: failed (error log, bisect log)
  
Discussions (13)
Title Replies (including bot) Last reply
[syzbot] Monthly ntfs3 report (Mar 2024) 0 (1) 2024/03/05 11:09
[syzbot] Monthly ntfs3 report (Feb 2024) 0 (1) 2024/02/02 21:04
[syzbot] Monthly ntfs3 report (Jan 2024) 0 (1) 2024/01/02 13:36
[syzbot] Monthly ntfs3 report (Dec 2023) 0 (1) 2023/12/02 14:45
[syzbot] Monthly ntfs3 report (Oct 2023) 0 (1) 2023/11/01 10:13
[syzbot] Monthly ntfs3 report (Sep 2023) 0 (1) 2023/10/02 09:42
[syzbot] Monthly ntfs3 report (Aug 2023) 0 (1) 2023/08/30 12:45
[syzbot] Monthly ntfs3 report (Jul 2023) 0 (1) 2023/07/30 13:16
[syzbot] Monthly ntfs3 report (Jun 2023) 0 (1) 2023/06/29 09:21
[syzbot] Monthly ntfs3 report (May 2023) 0 (1) 2023/05/29 08:47
[syzbot] Monthly ntfs3 report (Apr 2023) 0 (1) 2023/04/28 08:47
[syzbot] Monthly ntfs3 report 0 (1) 2023/03/27 17:38
[syzbot] possible deadlock in attr_data_get_block 0 (2) 2022/12/04 18:11
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in attr_data_get_block origin:lts-only C inconclusive 51 6d18h 356d 0/3 upstream: reported C repro on 2023/03/29 04:32
linux-5.15 possible deadlock in attr_data_get_block origin:lts-only C done 105 5d12h 357d 0/3 upstream: reported C repro on 2023/03/27 15:11
Last patch testing requests (1)
Created Duration User Patch Repo Result
2022/12/05 10:08 26m hdanton@sina.com patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git c2bf05db6c78 OK log

Sample crash report:
======================================================
WARNING: possible circular locking dependency detected
6.8.0-rc6-syzkaller-00024-ge326df53af00 #0 Not tainted
------------------------------------------------------
syz-executor144/5082 is trying to acquire lock:
ffff888061d325e0 (&ni->ni_lock#2/4){+.+.}-{3:3}, at: ni_lock fs/ntfs3/ntfs_fs.h:1121 [inline]
ffff888061d325e0 (&ni->ni_lock#2/4){+.+.}-{3:3}, at: attr_data_get_block+0x444/0x2e10 fs/ntfs3/attrib.c:914

but task is already holding lock:
ffff88801bad14a0 (&mm->mmap_lock){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:124 [inline]
ffff88801bad14a0 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x181/0x420 mm/util.c:554

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&mm->mmap_lock){++++}-{3:3}:
       lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754
       __might_fault+0xc5/0x120 mm/memory.c:6080
       _copy_to_user+0x2a/0xb0 lib/usercopy.c:36
       copy_to_user include/linux/uaccess.h:191 [inline]
       fiemap_fill_next_extent+0x235/0x410 fs/ioctl.c:145
       ni_fiemap+0x100b/0x1230 fs/ntfs3/frecord.c:1948
       ntfs_fiemap+0x132/0x180 fs/ntfs3/file.c:1206
       ioctl_fiemap fs/ioctl.c:220 [inline]
       do_vfs_ioctl+0x1a04/0x2b60 fs/ioctl.c:811
       __do_sys_ioctl fs/ioctl.c:869 [inline]
       __se_sys_ioctl+0x81/0x170 fs/ioctl.c:857
       do_syscall_64+0xfb/0x240
       entry_SYSCALL_64_after_hwframe+0x6f/0x77

-> #0 (&ni->ni_lock#2/4){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3134 [inline]
       check_prevs_add kernel/locking/lockdep.c:3253 [inline]
       validate_chain+0x18ca/0x58e0 kernel/locking/lockdep.c:3869
       __lock_acquire+0x1345/0x1fd0 kernel/locking/lockdep.c:5137
       lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754
       __mutex_lock_common kernel/locking/mutex.c:608 [inline]
       __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
       ni_lock fs/ntfs3/ntfs_fs.h:1121 [inline]
       attr_data_get_block+0x444/0x2e10 fs/ntfs3/attrib.c:914
       ntfs_file_mmap+0x529/0x820 fs/ntfs3/file.c:294
       call_mmap include/linux/fs.h:2092 [inline]
       mmap_region+0xda8/0x1fa0 mm/mmap.c:2821
       do_mmap+0x7ae/0xe60 mm/mmap.c:1379
       vm_mmap_pgoff+0x1e2/0x420 mm/util.c:556
       ksys_mmap_pgoff+0x503/0x6e0 mm/mmap.c:1425
       do_syscall_64+0xfb/0x240
       entry_SYSCALL_64_after_hwframe+0x6f/0x77

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&mm->mmap_lock);
                               lock(&ni->ni_lock#2/4);
                               lock(&mm->mmap_lock);
  lock(&ni->ni_lock#2/4);

 *** DEADLOCK ***

1 lock held by syz-executor144/5082:
 #0: ffff88801bad14a0 (&mm->mmap_lock){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:124 [inline]
 #0: ffff88801bad14a0 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x181/0x420 mm/util.c:554

stack backtrace:
CPU: 1 PID: 5082 Comm: syz-executor144 Not tainted 6.8.0-rc6-syzkaller-00024-ge326df53af00 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106
 check_noncircular+0x36a/0x4a0 kernel/locking/lockdep.c:2187
 check_prev_add kernel/locking/lockdep.c:3134 [inline]
 check_prevs_add kernel/locking/lockdep.c:3253 [inline]
 validate_chain+0x18ca/0x58e0 kernel/locking/lockdep.c:3869
 __lock_acquire+0x1345/0x1fd0 kernel/locking/lockdep.c:5137
 lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754
 __mutex_lock_common kernel/locking/mutex.c:608 [inline]
 __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
 ni_lock fs/ntfs3/ntfs_fs.h:1121 [inline]
 attr_data_get_block+0x444/0x2e10 fs/ntfs3/attrib.c:914
 ntfs_file_mmap+0x529/0x820 fs/ntfs3/file.c:294
 call_mmap include/linux/fs.h:2092 [inline]
 mmap_region+0xda8/0x1fa0 mm/mmap.c:2821
 do_mmap+0x7ae/0xe60 mm/mmap.c:1379
 vm_mmap_pgoff+0x1e2/0x420 mm/util.c:556
 ksys_mmap_pgoff+0x503/0x6e0 mm/mmap.c:1425
 do_syscall_64+0xfb/0x240
 entry_SYSCALL_64_after_hwframe+0x6f/0x77
RIP: 0033:0x7feffa939639
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007feffa8d5208 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007feffa9e0618 RCX: 00007feffa939639
RDX: 00000000027fffff RSI: 0000000000600000 RDI: 0000000020000000
RBP: 00007feffa9e0610 R08: 0000000000000004 R09: 0000000000000000
R10: 0000000004002011 R11: 0000000000000246 R12: 00007feffa9acb5c
R13: 00007feffa98d0c0 R14: 6465646165726874 R15: 0030656c69662f2e
 </TASK>

Crashes (1821):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/02/29 06:10 upstream e326df53af00 352ab904 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root possible deadlock in attr_data_get_block
2024/02/29 05:34 upstream e326df53af00 352ab904 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root possible deadlock in attr_data_get_block
2023/11/14 08:25 upstream 9bacdd8996c7 cb976f63 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs possible deadlock in attr_data_get_block
2023/11/14 07:22 upstream 9bacdd8996c7 cb976f63 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs possible deadlock in attr_data_get_block
2023/10/28 12:24 upstream 56567a20b22b 3c418d72 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs possible deadlock in attr_data_get_block
2023/10/15 21:27 upstream 9a3dad63edbe 6388bc36 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root possible deadlock in attr_data_get_block
2024/03/14 15:33 upstream e5e038b7ae9d 8d8ee116 .config console log report syz C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-qemu-upstream possible deadlock in attr_data_get_block
2023/06/29 01:42 upstream e8f75c0270d9 8064cb02 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-selinux-root possible deadlock in attr_data_get_block
2023/05/10 09:20 upstream 16a8829130ca 1964022b .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root possible deadlock in attr_data_get_block
2022/12/31 11:51 upstream c8451c141e07 ab32d508 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root possible deadlock in attr_data_get_block
2022/12/04 18:11 upstream c2bf05db6c78 e080de16 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs possible deadlock in attr_data_get_block
2023/11/12 00:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 8de1e7afcc1c 6d6dbf8a .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2023/05/12 22:04 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 14f8db1c0f9a ecca8a24 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2023/11/14 09:55 upstream 9bacdd8996c7 cb976f63 .config console log report syz [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] ci-upstream-kasan-gce-selinux-root possible deadlock in attr_data_get_block
2024/03/17 23:22 upstream fe46a7dd189e d615901c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/11 11:02 upstream e8f897f4afef 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/10 19:42 upstream 005f6f34bd47 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/10 17:27 upstream 005f6f34bd47 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/10 09:14 upstream 005f6f34bd47 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/10 08:06 upstream 005f6f34bd47 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/10 06:34 upstream 09e5c48fea17 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 22:42 upstream 09e5c48fea17 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 19:50 upstream 09e5c48fea17 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 19:30 upstream 09e5c48fea17 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 18:10 upstream 10d48d70e82d 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 16:58 upstream 10d48d70e82d 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 15:01 upstream 10d48d70e82d 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 13:27 upstream 10d48d70e82d 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 10:30 upstream 10d48d70e82d 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/09 00:01 upstream 10d48d70e82d 8e75c913 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/08 12:07 upstream 3aaa8ce7a335 cf82cde1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/07 17:59 upstream 67be068d31d4 2b789849 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/07 13:52 upstream 67be068d31d4 2b789849 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/07 10:22 upstream 67be068d31d4 f39a7eed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/06 20:55 upstream 5847c9777c30 f39a7eed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/06 12:13 upstream 5847c9777c30 f39a7eed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/05 23:16 upstream 29cd507cbec2 f39a7eed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/05 00:19 upstream 90d35da658da 3717835d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/04 12:40 upstream 90d35da658da 3717835d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/03 21:22 upstream 58c806d867bf 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/03 19:19 upstream 58c806d867bf 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/03 05:55 upstream 04b8076df253 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/02 15:57 upstream 5ad3cb0ed525 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/02 02:48 upstream 17ba56605bfd 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/01 22:11 upstream 17ba56605bfd 83acf9e0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/01 14:27 upstream 87adedeba51a 83acf9e0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/01 06:20 upstream 87adedeba51a 352ab904 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/01 03:24 upstream 87adedeba51a 352ab904 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/03/01 00:57 upstream 805d849d7c3c 352ab904 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/02/29 20:50 upstream 805d849d7c3c 352ab904 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in attr_data_get_block
2024/02/01 20:52 upstream 6764c317b6bb 81024119 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root possible deadlock in attr_data_get_block
2024/01/18 04:02 upstream 1b1934dbbdcf 915053c7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in attr_data_get_block
2023/12/21 16:31 upstream a4aebe936554 4f9530a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in attr_data_get_block
2023/08/23 01:24 upstream 53663f4103ff b81ca3f6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in attr_data_get_block
2024/03/18 20:57 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 baa80228 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2024/03/17 18:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 d615901c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2024/03/17 14:29 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 d615901c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2024/03/17 05:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 d615901c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2024/03/15 19:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 d615901c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2024/03/13 06:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 db5b7ff0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2024/03/11 06:19 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
2023/05/25 04:35 linux-next 715abedee4cd 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in attr_data_get_block
2022/10/17 06:53 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bbed346d5a96 67cb024c .config console log report info [disk image] [vmlinux] ci-upstream-gce-arm64 possible deadlock in attr_data_get_block
* Struck through repros no longer work on HEAD.