Hello,
syzbot found the following issue on:
HEAD commit: 574362648507 Linux 5.15.151
git tree: linux-5.15.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=13d8a2ea180000
kernel config:
https://syzkaller.appspot.com/x/.config?x=6c9a42d9e3519ca9
dashboard link:
https://syzkaller.appspot.com/bug?extid=8aca6387ff573aa9a06f
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/f00d4062000b/disk-57436264.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/3a74c2b6ca62/vmlinux-57436264.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/93bd706dc219/bzImage-57436264.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+8aca63...@syzkaller.appspotmail.com
loop3: detected capacity change from 0 to 4096
ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
ntfs3: loop3: Mark volume as dirty due to NTFS errors
ntfs3: loop3: Failed to load $Extend.
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(curr->lockdep_depth != depth - merged)
WARNING: CPU: 0 PID: 5537 at kernel/locking/lockdep.c:5347 __lock_release kernel/locking/lockdep.c:5347 [inline]
WARNING: CPU: 0 PID: 5537 at kernel/locking/lockdep.c:5347 lock_release+0x447/0x9a0 kernel/locking/lockdep.c:5643
Modules linked in:
CPU: 0 PID: 5537 Comm: syz-executor.3 Not tainted 5.15.151-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
RIP: 0010:__lock_release kernel/locking/lockdep.c:5347 [inline]
RIP: 0010:lock_release+0x447/0x9a0 kernel/locking/lockdep.c:5643
Code: 00 00 00 00 fc ff df 4c 8b 64 24 08 48 8b 5c 24 28 0f 85 76 01 00 00 48 c7 c7 a0 13 8b 8a 48 c7 c6 00 38 8b 8a e8 59 33 e9 ff <0f> 0b e9 5c 01 00 00 4c 89 ef 48 8b 74 24 20 48 8b 54 24 50 e8 c0
RSP: 0000:ffffc9000b7e6780 EFLAGS: 00010046
RAX: abfbb8481f824f00 RBX: 0000000000000246 RCX: 0000000000040000
RDX: ffffc90003f09000 RSI: 0000000000004600 RDI: 0000000000004601
RBP: ffffc9000b7e68b0 R08: ffffffff8166621c R09: ffffed1017344f24
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff920016fccfc
R13: 000000000004020d R14: 0000000000000246 R15: dffffc0000000000
FS: 00007fddecbf16c0(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020497000 CR3: 0000000023651000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
__raw_spin_unlock include/linux/spinlock_api_smp.h:150 [inline]
_raw_spin_unlock+0x12/0x40 kernel/locking/spinlock.c:186
spin_unlock include/linux/spinlock.h:403 [inline]
__mark_inode_dirty+0x6f4/0xd60 fs/fs-writeback.c:2548
generic_update_time fs/inode.c:1817 [inline]
inode_update_time fs/inode.c:1830 [inline]
touch_atime+0x3fa/0x680 fs/inode.c:1902
file_accessed include/linux/fs.h:2492 [inline]
filemap_read+0x2779/0x2980 mm/filemap.c:2715
__kernel_read+0x5ac/0xa60 fs/read_write.c:443
integrity_kernel_read+0xac/0xf0 security/integrity/iint.c:228
ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:485 [inline]
ima_calc_file_shash security/integrity/ima/ima_crypto.c:516 [inline]
ima_calc_file_hash+0xa5d/0x1c00 security/integrity/ima/ima_crypto.c:573
ima_collect_measurement+0x37e/0x800 security/integrity/ima/ima_api.c:255
process_measurement+0x1363/0x21c0 security/integrity/ima/ima_main.c:351
ima_file_check+0xf3/0x180 security/integrity/ima/ima_main.c:533
do_open fs/namei.c:3610 [inline]
path_openat+0x2745/0x2f20 fs/namei.c:3742
do_filp_open+0x21c/0x460 fs/namei.c:3769
do_sys_openat2+0x13b/0x500 fs/open.c:1211
do_sys_open fs/open.c:1227 [inline]
__do_sys_open fs/open.c:1235 [inline]
__se_sys_open fs/open.c:1231 [inline]
__x64_sys_open+0x221/0x270 fs/open.c:1231
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7fddee670da9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fddecbf10c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007fddee79ef80 RCX: 00007fddee670da9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
RBP: 00007fddee6bd47a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fddee79ef80 R15: 00007ffc6a0b0698
</TASK>
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup