[hfs?] possible deadlock in hfs_find_init
6 views
Skip to first unread message
syzbot
Jan 26, 2023, 2:14:43 PM1/26/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3949d1610004 Linux 4.14.304
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1364afa9480000
kernel config: https://syzkaller.appspot.com/x/.config?x=db4418ccbf710113
dashboard link: https://syzkaller.appspot.com/bug?extid=7dd495a3b89b40439a1e
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16bf8ecd480000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10eca835480000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2230a6d7e7f4/disk-3949d161.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9b8d5667f298/vmlinux-3949d161.xz
kernel image: https://storage.googleapis.com/syzbot-assets/825468a3e783/bzImage-3949d161.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/11685a1f082f/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7dd495...@syzkaller.appspotmail.com
IPVS: ftp: loaded support on port[0] = 21
============================================
WARNING: possible recursive locking detected
4.14.304-syzkaller #0 Not tainted
--------------------------------------------
kworker/u4:3/696 is trying to acquire lock:
(&tree->tree_lock/1){+.+.}, at: [<ffffffff81d4c4cf>] hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
but task is already holding lock:
(&tree->tree_lock/1){+.+.}, at: [<ffffffff81d4c4cf>] hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&tree->tree_lock/1);
lock(&tree->tree_lock/1);
*** DEADLOCK ***
May be due to missing lock nesting notation
4 locks held by kworker/u4:3/696:
#0: ("writeback"){+.+.}, at: [<ffffffff81365fe0>] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2088
#1: ((&(&wb->dwork)->work)){+.+.}, at: [<ffffffff81366016>] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2092
#2: (&tree->tree_lock/1){+.+.}, at: [<ffffffff81d4c4cf>] hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
#3: (&HFS_I(tree->inode)->extents_lock){+.+.}, at: [<ffffffff81d5b305>] hfs_extend_file+0x85/0xa40 fs/hfs/extent.c:397
stack backtrace:
CPU: 0 PID: 696 Comm: kworker/u4:3 Not tainted 4.14.304-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Workqueue: writeback wb_workfn (flush-7:0)
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x1b2/0x281 lib/dump_stack.c:58
print_deadlock_bug kernel/locking/lockdep.c:1800 [inline]
check_deadlock kernel/locking/lockdep.c:1847 [inline]
validate_chain kernel/locking/lockdep.c:2448 [inline]
__lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491
lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xc4/0x1310 kernel/locking/mutex.c:893
hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
hfs_ext_read_extent+0x15e/0x930 fs/hfs/extent.c:200
hfs_extend_file+0x439/0xa40 fs/hfs/extent.c:401
hfs_bmap_reserve+0x229/0x370 fs/hfs/btree.c:231
__hfs_ext_write_extent+0x393/0x4d0 fs/hfs/extent.c:121
hfs_ext_write_extent fs/hfs/extent.c:144 [inline]
hfs_ext_write_extent+0x155/0x190 fs/hfs/extent.c:135
hfs_write_inode+0x7e/0x8f0 fs/hfs/inode.c:426
write_inode fs/fs-writeback.c:1241 [inline]
__writeback_single_inode+0x6a4/0x1010 fs/fs-writeback.c:1439
writeback_sb_inodes+0x48b/0xd30 fs/fs-writeback.c:1645
wb_writeback+0x243/0xb80 fs/fs-writeback.c:1820
wb_do_writeback fs/fs-writeback.c:1952 [inline]
wb_workfn+0x2bd/0xf50 fs/fs-writeback.c:1988
process_one_work+0x793/0x14a0 kernel/workqueue.c:2117
worker_thread+0x5cc/0xff0 kernel/workqueue.c:2251
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:406
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 3949d1610004 Linux 4.14.304
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1364afa9480000
kernel config: https://syzkaller.appspot.com/x/.config?x=db4418ccbf710113
dashboard link: https://syzkaller.appspot.com/bug?extid=7dd495a3b89b40439a1e
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16bf8ecd480000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10eca835480000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2230a6d7e7f4/disk-3949d161.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/9b8d5667f298/vmlinux-3949d161.xz
kernel image: https://storage.googleapis.com/syzbot-assets/825468a3e783/bzImage-3949d161.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/11685a1f082f/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7dd495...@syzkaller.appspotmail.com
IPVS: ftp: loaded support on port[0] = 21
============================================
WARNING: possible recursive locking detected
4.14.304-syzkaller #0 Not tainted
--------------------------------------------
kworker/u4:3/696 is trying to acquire lock:
(&tree->tree_lock/1){+.+.}, at: [<ffffffff81d4c4cf>] hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
but task is already holding lock:
(&tree->tree_lock/1){+.+.}, at: [<ffffffff81d4c4cf>] hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&tree->tree_lock/1);
lock(&tree->tree_lock/1);
*** DEADLOCK ***
May be due to missing lock nesting notation
4 locks held by kworker/u4:3/696:
#0: ("writeback"){+.+.}, at: [<ffffffff81365fe0>] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2088
#1: ((&(&wb->dwork)->work)){+.+.}, at: [<ffffffff81366016>] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2092
#2: (&tree->tree_lock/1){+.+.}, at: [<ffffffff81d4c4cf>] hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
#3: (&HFS_I(tree->inode)->extents_lock){+.+.}, at: [<ffffffff81d5b305>] hfs_extend_file+0x85/0xa40 fs/hfs/extent.c:397
stack backtrace:
CPU: 0 PID: 696 Comm: kworker/u4:3 Not tainted 4.14.304-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Workqueue: writeback wb_workfn (flush-7:0)
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x1b2/0x281 lib/dump_stack.c:58
print_deadlock_bug kernel/locking/lockdep.c:1800 [inline]
check_deadlock kernel/locking/lockdep.c:1847 [inline]
validate_chain kernel/locking/lockdep.c:2448 [inline]
__lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491
lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xc4/0x1310 kernel/locking/mutex.c:893
hfs_find_init+0x16f/0x220 fs/hfs/bfind.c:33
hfs_ext_read_extent+0x15e/0x930 fs/hfs/extent.c:200
hfs_extend_file+0x439/0xa40 fs/hfs/extent.c:401
hfs_bmap_reserve+0x229/0x370 fs/hfs/btree.c:231
__hfs_ext_write_extent+0x393/0x4d0 fs/hfs/extent.c:121
hfs_ext_write_extent fs/hfs/extent.c:144 [inline]
hfs_ext_write_extent+0x155/0x190 fs/hfs/extent.c:135
hfs_write_inode+0x7e/0x8f0 fs/hfs/inode.c:426
write_inode fs/fs-writeback.c:1241 [inline]
__writeback_single_inode+0x6a4/0x1010 fs/fs-writeback.c:1439
writeback_sb_inodes+0x48b/0xd30 fs/fs-writeback.c:1645
wb_writeback+0x243/0xb80 fs/fs-writeback.c:1820
wb_do_writeback fs/fs-writeback.c:1952 [inline]
wb_workfn+0x2bd/0xf50 fs/fs-writeback.c:1988
process_one_work+0x793/0x14a0 kernel/workqueue.c:2117
worker_thread+0x5cc/0xff0 kernel/workqueue.c:2251
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:406
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Reply all
Reply to author
Forward
0 new messages