syzbot

 sign-in | mailing list | source | docs
🐞 Open [1156] Subsystems 🐞 Fixed [4412] 🐞 Invalid [9924] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

possible deadlock in ntfs_read_folio

Status: upstream: reported C repro on 2022/10/01 13:48
Subsystems: ntfs (incorrect?)
Reported-by: syzbot+8ef76b0b1f86c382ad37@syzkaller.appspotmail.com
First crash: 182d, last: 15m

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: possible deadlock in ntfs_readpage (log)
Repro: C syz .config
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in ntfs_read_folio C 3 4d23h 14d 0/3 upstream: reported C repro on 2023/03/14 17:51

Sample crash report:
======================================================
WARNING: possible circular locking dependency detected
6.3.0-rc3-syzkaller-00029-g9fd6ba5420ba #0 Not tainted
------------------------------------------------------
kworker/u4:0/9 is trying to acquire lock:
ffff8880729a9180 (&rl->lock){++++}-{3:3}, at: ntfs_read_block fs/ntfs/aops.c:248 [inline]
ffff8880729a9180 (&rl->lock){++++}-{3:3}, at: ntfs_read_folio+0x14d5/0x29f0 fs/ntfs/aops.c:436

but task is already holding lock:
ffff8880729a9a50 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4c/0x630 fs/ntfs/mft.c:154

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&ni->mrec_lock){+.+.}-{3:3}:
       lock_acquire+0x1e1/0x520 kernel/locking/lockdep.c:5669
       __mutex_lock_common+0x1d8/0x2530 kernel/locking/mutex.c:603
       __mutex_lock kernel/locking/mutex.c:747 [inline]
       mutex_lock_nested+0x1b/0x20 kernel/locking/mutex.c:799
       map_mft_record+0x4c/0x630 fs/ntfs/mft.c:154
       ntfs_attr_extend_allocation+0x539/0x4340 fs/ntfs/attrib.c:2002
       ntfs_prepare_file_for_write fs/ntfs/file.c:391 [inline]
       ntfs_file_write_iter+0x3ad/0x1a00 fs/ntfs/file.c:1915
       call_write_iter include/linux/fs.h:1851 [inline]
       new_sync_write fs/read_write.c:491 [inline]
       vfs_write+0x7b2/0xbb0 fs/read_write.c:584
       ksys_write+0x1a0/0x2c0 fs/read_write.c:637
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #0 (&rl->lock){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3098 [inline]
       check_prevs_add kernel/locking/lockdep.c:3217 [inline]
       validate_chain+0x166b/0x58e0 kernel/locking/lockdep.c:3832
       __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5056
       lock_acquire+0x1e1/0x520 kernel/locking/lockdep.c:5669
       down_read+0x3d/0x50 kernel/locking/rwsem.c:1520
       ntfs_read_block fs/ntfs/aops.c:248 [inline]
       ntfs_read_folio+0x14d5/0x29f0 fs/ntfs/aops.c:436
       filemap_read_folio+0x19d/0x7a0 mm/filemap.c:2424
       do_read_cache_folio+0x2ee/0x820 mm/filemap.c:3683
       do_read_cache_page+0x32/0x230 mm/filemap.c:3749
       read_mapping_page include/linux/pagemap.h:769 [inline]
       ntfs_map_page fs/ntfs/aops.h:75 [inline]
       ntfs_sync_mft_mirror+0x25f/0x1ae0 fs/ntfs/mft.c:480
       write_mft_record_nolock+0x1155/0x18e0 fs/ntfs/mft.c:787
       write_mft_record+0x149/0x310 fs/ntfs/mft.h:95
       __ntfs_write_inode+0x703/0xbb0 fs/ntfs/inode.c:3050
       write_inode fs/fs-writeback.c:1453 [inline]
       __writeback_single_inode+0x69b/0xfb0 fs/fs-writeback.c:1665
       writeback_sb_inodes+0x8ef/0x11d0 fs/fs-writeback.c:1891
       __writeback_inodes_wb+0x11b/0x260 fs/fs-writeback.c:1962
       wb_writeback+0x46c/0xc70 fs/fs-writeback.c:2067
       wb_check_start_all fs/fs-writeback.c:2189 [inline]
       wb_do_writeback fs/fs-writeback.c:2215 [inline]
       wb_workfn+0x98f/0xff0 fs/fs-writeback.c:2248
       process_one_work+0x8a0/0x10e0 kernel/workqueue.c:2390
       worker_thread+0xa63/0x1210 kernel/workqueue.c:2537
       kthread+0x270/0x300 kernel/kthread.c:376
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&ni->mrec_lock);
                               lock(&rl->lock);
                               lock(&ni->mrec_lock);
  lock(&rl->lock);

 *** DEADLOCK ***

4 locks held by kworker/u4:0/9:
 #0: ffff888144bb4138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x77e/0x10e0 kernel/workqueue.c:2363
 #1: ffffc900000e7d20 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7c8/0x10e0 kernel/workqueue.c:2365
 #2: ffff8880219d40e0 (&type->s_umount_key#48){++++}-{3:3}, at: trylock_super+0x1f/0xf0 fs/super.c:414
 #3: ffff8880729a9a50 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4c/0x630 fs/ntfs/mft.c:154

stack backtrace:
CPU: 0 PID: 9 Comm: kworker/u4:0 Not tainted 6.3.0-rc3-syzkaller-00029-g9fd6ba5420ba #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Workqueue: writeback wb_workfn (flush-7:0)
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106
 check_noncircular+0x2fe/0x3b0 kernel/locking/lockdep.c:2178
 check_prev_add kernel/locking/lockdep.c:3098 [inline]
 check_prevs_add kernel/locking/lockdep.c:3217 [inline]
 validate_chain+0x166b/0x58e0 kernel/locking/lockdep.c:3832
 __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5056
 lock_acquire+0x1e1/0x520 kernel/locking/lockdep.c:5669
 down_read+0x3d/0x50 kernel/locking/rwsem.c:1520
 ntfs_read_block fs/ntfs/aops.c:248 [inline]
 ntfs_read_folio+0x14d5/0x29f0 fs/ntfs/aops.c:436
 filemap_read_folio+0x19d/0x7a0 mm/filemap.c:2424
 do_read_cache_folio+0x2ee/0x820 mm/filemap.c:3683
 do_read_cache_page+0x32/0x230 mm/filemap.c:3749
 read_mapping_page include/linux/pagemap.h:769 [inline]
 ntfs_map_page fs/ntfs/aops.h:75 [inline]
 ntfs_sync_mft_mirror+0x25f/0x1ae0 fs/ntfs/mft.c:480
 write_mft_record_nolock+0x1155/0x18e0 fs/ntfs/mft.c:787
 write_mft_record+0x149/0x310 fs/ntfs/mft.h:95
 __ntfs_write_inode+0x703/0xbb0 fs/ntfs/inode.c:3050
 write_inode fs/fs-writeback.c:1453 [inline]
 __writeback_single_inode+0x69b/0xfb0 fs/fs-writeback.c:1665
 writeback_sb_inodes+0x8ef/0x11d0 fs/fs-writeback.c:1891
 __writeback_inodes_wb+0x11b/0x260 fs/fs-writeback.c:1962
 wb_writeback+0x46c/0xc70 fs/fs-writeback.c:2067
 wb_check_start_all fs/fs-writeback.c:2189 [inline]
 wb_do_writeback fs/fs-writeback.c:2215 [inline]
 wb_workfn+0x98f/0xff0 fs/fs-writeback.c:2248
 process_one_work+0x8a0/0x10e0 kernel/workqueue.c:2390
 worker_thread+0xa63/0x1210 kernel/workqueue.c:2537
 kthread+0x270/0x300 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>

Crashes (884):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci2-upstream-fs 2023/03/24 04:06 upstream 9fd6ba5420ba f94b4a29 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/18 09:33 upstream 478a351ce0d6 7939252e .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-smack-root 2023/03/18 08:40 upstream 8d3c682a5e3d 7939252e .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/02 12:50 upstream ee3f96b16468 f8902b57 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-root 2023/01/14 01:54 upstream d9fc1511728c 529798b0 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-root 2022/12/26 09:35 upstream 1b929c02afd3 9da18ae8 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-root 2022/12/25 09:23 upstream 72a85e2b0a1e 9da18ae8 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-root 2022/09/29 00:52 upstream 49c13ed0316d e2556bc3 .config strace log report syz C possible deadlock in ntfs_read_folio
ci-upstream-linux-next-kasan-gce-root 2023/01/21 20:06 linux-next d514392f17fd 559a440a .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-linux-next-kasan-gce-root 2023/01/21 14:20 linux-next d514392f17fd 559a440a .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-linux-next-kasan-gce-root 2023/01/06 20:50 linux-next cc3c08b41a9c 1dac8c7a .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-upstream-gce-arm64 2023/03/24 06:12 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci fe15c26ee26e f94b4a29 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/29 07:28 upstream fcd476ea6a88 fc067f05 .config console log report info possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-root 2023/03/29 06:13 upstream fcd476ea6a88 fc067f05 .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/29 05:05 upstream fcd476ea6a88 fc067f05 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/29 03:41 upstream fcd476ea6a88 fc067f05 .config console log report info possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/29 02:15 upstream fcd476ea6a88 fc067f05 .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/29 00:34 upstream fcd476ea6a88 fc067f05 .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 20:04 upstream 3a93e40326c8 48c74771 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 15:52 upstream 3a93e40326c8 48c74771 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 09:23 upstream 3a93e40326c8 47f3aaf1 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 07:26 upstream 3a93e40326c8 47f3aaf1 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 05:44 upstream 3a93e40326c8 47f3aaf1 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 04:29 upstream 3a93e40326c8 47f3aaf1 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 02:54 upstream 3a93e40326c8 47f3aaf1 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/28 01:53 upstream 3a93e40326c8 47f3aaf1 .config console log report info possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/27 19:55 upstream 197b6b60ae7b f8f96aa9 .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/27 18:14 upstream 197b6b60ae7b f8f96aa9 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/27 17:09 upstream 197b6b60ae7b f8f96aa9 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/27 11:50 upstream 197b6b60ae7b f8f96aa9 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/27 06:11 upstream 0ec57cfa721f fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/27 04:17 upstream 0ec57cfa721f fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/27 02:32 upstream 0ec57cfa721f fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/27 01:04 upstream 18940c888c85 fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/26 22:51 upstream 0ec57cfa721f fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/26 20:39 upstream 0ec57cfa721f fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/25 20:04 upstream 65aca32efdcb fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/25 14:27 upstream e76db6e50c85 fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream 2023/03/25 13:19 upstream e76db6e50c85 fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci2-upstream-fs 2023/03/25 10:56 upstream 65aca32efdcb fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-smack-root 2023/03/24 16:41 upstream 1e760fa3596e 9700afae .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-upstream-kasan-gce-selinux-root 2023/03/16 15:41 upstream 9c1bec9c0b08 18b58603 .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/29 10:13 upstream fcd476ea6a88 fc067f05 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/29 07:43 upstream fcd476ea6a88 fc067f05 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/28 22:31 upstream fcd476ea6a88 48c74771 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/28 17:54 upstream 3a93e40326c8 48c74771 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/27 13:51 upstream 197b6b60ae7b f8f96aa9 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/27 12:08 upstream 197b6b60ae7b f8f96aa9 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/27 09:46 upstream 197b6b60ae7b f8f96aa9 .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/27 07:21 upstream 197b6b60ae7b fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/27 00:03 upstream 18940c888c85 fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/26 20:45 upstream 18940c888c85 fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/26 19:20 upstream 18940c888c85 fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/26 12:22 upstream da8e7da11e4b fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/26 09:42 upstream da8e7da11e4b fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/26 07:19 upstream da8e7da11e4b fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/26 05:22 upstream da8e7da11e4b fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/25 23:17 upstream 65aca32efdcb fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/25 22:04 upstream 65aca32efdcb fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2023/03/25 18:12 upstream 65aca32efdcb fbf0499a .config console log report info possible deadlock in ntfs_read_folio
ci-qemu-upstream-386 2022/09/27 18:04 upstream a1375562c0a8 87840e00 .config console log report info possible deadlock in ntfs_read_folio
ci-upstream-linux-next-kasan-gce-root 2023/03/06 04:01 linux-next dc837c1a5137 f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] possible deadlock in ntfs_read_folio
* Struck through repros no longer work on HEAD.