From: syzbot <syzbot+c266ffd7d9f1769517ec@syzkaller.appspotmail.com>
To: jfs-discussion@lists.sourceforge.net,
linux-kernel@vger.kernel.org, shaggy@kernel.org,
syzkaller-bugs@googlegroups.com
Subject: [syzbot] [jfs?] BUG: sleeping function called from invalid context in jfs_fsync
Date: Sun, 23 Feb 2025 21:02:19 -0800 [thread overview]
Message-ID: <67bbfd5b.050a0220.bbfd1.0043.GAE@google.com> (raw)
Hello,
syzbot found the following issue on:
HEAD commit: e6747d19291c Merge branch 'for-next/el2-enable-feat-pmuv3p..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12435ae4580000
kernel config: https://syzkaller.appspot.com/x/.config?x=f6b108de97771157
dashboard link: https://syzkaller.appspot.com/bug?extid=c266ffd7d9f1769517ec
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=157c6fdf980000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=137bddb8580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/874063395a28/disk-e6747d19.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/f707e2e6b743/vmlinux-e6747d19.xz
kernel image: https://storage.googleapis.com/syzbot-assets/57c934b7f0e8/Image-e6747d19.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/fdad6db15ae6/mount_0.gz
fsck result: failed (log: https://syzkaller.appspot.com/x/fsck.log?x=106fdba4580000)
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c266ffd7d9f1769517ec@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1576
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16, name: ksoftirqd/0
preempt_count: 100, expected: 0
RCU nest depth: 0, expected: 0
no locks held by ksoftirqd/0/16.
Preemption disabled at:
[<ffff8000803110e4>] softirq_handle_begin kernel/softirq.c:402 [inline]
[<ffff8000803110e4>] handle_softirqs+0xe0/0xd34 kernel/softirq.c:537
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.14.0-rc3-syzkaller-ge6747d19291c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
__might_resched+0x374/0x4d0 kernel/sched/core.c:8767
__might_sleep+0x90/0xe4 kernel/sched/core.c:8696
down_write+0x28/0xc0 kernel/locking/rwsem.c:1576
inode_lock include/linux/fs.h:877 [inline]
jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
vfs_fsync_range+0x160/0x19c fs/sync.c:187
generic_write_sync include/linux/fs.h:2970 [inline]
dio_complete+0x510/0x6b8 fs/direct-io.c:313
dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
bio_endio+0x840/0x87c block/bio.c:1548
blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
blk_complete_reqs block/blk-mq.c:1220 [inline]
blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
handle_softirqs+0x320/0xd34 kernel/softirq.c:561
run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
kthread+0x65c/0x7b0 kernel/kthread.c:464
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
=============================
[ BUG: Invalid wait context ]
6.14.0-rc3-syzkaller-ge6747d19291c #0 Tainted: G W
-----------------------------
ksoftirqd/0/16 is trying to lock:
ffff0000dd220578 (&sb->s_type->i_mutex_key#18){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:877 [inline]
ffff0000dd220578 (&sb->s_type->i_mutex_key#18){+.+.}-{4:4}, at: jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
other info that might help us debug this:
context-{3:3}
no locks held by ksoftirqd/0/16.
stack backtrace:
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G W 6.14.0-rc3-syzkaller-ge6747d19291c #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
print_lock_invalid_wait_context kernel/locking/lockdep.c:4828 [inline]
check_wait_context kernel/locking/lockdep.c:4900 [inline]
__lock_acquire+0x2034/0x7904 kernel/locking/lockdep.c:5178
lock_acquire+0x23c/0x724 kernel/locking/lockdep.c:5851
down_write+0x50/0xc0 kernel/locking/rwsem.c:1577
inode_lock include/linux/fs.h:877 [inline]
jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
vfs_fsync_range+0x160/0x19c fs/sync.c:187
generic_write_sync include/linux/fs.h:2970 [inline]
dio_complete+0x510/0x6b8 fs/direct-io.c:313
dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
bio_endio+0x840/0x87c block/bio.c:1548
blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
blk_complete_reqs block/blk-mq.c:1220 [inline]
blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
handle_softirqs+0x320/0xd34 kernel/softirq.c:561
run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
kthread+0x65c/0x7b0 kernel/kthread.c:464
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1576
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16, name: ksoftirqd/0
preempt_count: 100, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
Preemption disabled at:
[<ffff8000803110e4>] softirq_handle_begin kernel/softirq.c:402 [inline]
[<ffff8000803110e4>] handle_softirqs+0xe0/0xd34 kernel/softirq.c:537
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G W 6.14.0-rc3-syzkaller-ge6747d19291c #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
__might_resched+0x374/0x4d0 kernel/sched/core.c:8767
__might_sleep+0x90/0xe4 kernel/sched/core.c:8696
down_write+0x28/0xc0 kernel/locking/rwsem.c:1576
inode_lock include/linux/fs.h:877 [inline]
jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
vfs_fsync_range+0x160/0x19c fs/sync.c:187
generic_write_sync include/linux/fs.h:2970 [inline]
dio_complete+0x510/0x6b8 fs/direct-io.c:313
dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
bio_endio+0x840/0x87c block/bio.c:1548
blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
blk_complete_reqs block/blk-mq.c:1220 [inline]
blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
handle_softirqs+0x320/0xd34 kernel/softirq.c:561
run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
kthread+0x65c/0x7b0 kernel/kthread.c:464
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1576
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16, name: ksoftirqd/0
preempt_count: 100, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
Preemption disabled at:
[<ffff8000803110e4>] softirq_handle_begin kernel/softirq.c:402 [inline]
[<ffff8000803110e4>] handle_softirqs+0xe0/0xd34 kernel/softirq.c:537
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G W 6.14.0-rc3-syzkaller-ge6747d19291c #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
__might_resched+0x374/0x4d0 kernel/sched/core.c:8767
__might_sleep+0x90/0xe4 kernel/sched/core.c:8696
down_write+0x28/0xc0 kernel/locking/rwsem.c:1576
inode_lock include/linux/fs.h:877 [inline]
jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
vfs_fsync_range+0x160/0x19c fs/sync.c:187
generic_write_sync include/linux/fs.h:2970 [inline]
dio_complete+0x510/0x6b8 fs/direct-io.c:313
dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
bio_endio+0x840/0x87c block/bio.c:1548
blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
blk_complete_reqs block/blk-mq.c:1220 [inline]
blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
handle_softirqs+0x320/0xd34 kernel/softirq.c:561
run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
kthread+0x65c/0x7b0 kernel/kthread.c:464
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1576
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16, name: ksoftirqd/0
preempt_count: 100, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
Preemption disabled at:
[<ffff8000803110e4>] softirq_handle_begin kernel/softirq.c:402 [inline]
[<ffff8000803110e4>] handle_softirqs+0xe0/0xd34 kernel/softirq.c:537
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G W 6.14.0-rc3-syzkaller-ge6747d19291c #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
__might_resched+0x374/0x4d0 kernel/sched/core.c:8767
__might_sleep+0x90/0xe4 kernel/sched/core.c:8696
down_write+0x28/0xc0 kernel/locking/rwsem.c:1576
inode_lock include/linux/fs.h:877 [inline]
jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
vfs_fsync_range+0x160/0x19c fs/sync.c:187
generic_write_sync include/linux/fs.h:2970 [inline]
dio_complete+0x510/0x6b8 fs/direct-io.c:313
dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
bio_endio+0x840/0x87c block/bio.c:1548
blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
blk_complete_reqs block/blk-mq.c:1220 [inline]
blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
handle_softirqs+0x320/0xd34 kernel/softirq.c:561
run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
kthread+0x65c/0x7b0 kernel/kthread.c:464
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1576
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16, name: ksoftirqd/0
preempt_count: 100, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
Preemption disabled at:
[<ffff8000803110e4>] softirq_handle_begin kernel/softirq.c:402 [inline]
[<ffff8000803110e4>] handle_softirqs+0xe0/0xd34 kernel/softirq.c:537
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G W 6.14.0-rc3-syzkaller-ge6747d19291c #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
dump_stack+0x1c/0x28 lib/dump_stack.c:129
__might_resched+0x374/0x4d0 kernel/sched/core.c:8767
__might_sleep+0x90/0xe4 kernel/sched/core.c:8696
down_write+0x28/0xc0 kernel/locking/rwsem.c:1576
inode_lock include/linux/fs.h:877 [inline]
jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
vfs_fsync_range+0x160/0x19c fs/sync.c:187
generic_write_sync include/linux/fs.h:2970 [inline]
dio_complete+0x510/0x6b8 fs/direct-io.c:313
dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
bio_endio+0x840/0x87c block/bio.c:1548
blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
blk_complete_reqs block/blk-mq.c:1220 [inline]
blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
handle_softirqs+0x320/0xd34 kernel/softirq.c:561
run_ksoftirqd+0x70/0xc0 kernel/softirq.c:950
smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164
kthread+0x65c/0x7b0 kernel/kthread.c:464
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
reply other threads:[~2025-02-24 5:02 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=67bbfd5b.050a0220.bbfd1.0043.GAE@google.com \
--to=syzbot+c266ffd7d9f1769517ec@syzkaller.appspotmail.com \
--cc=jfs-discussion@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=shaggy@kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.