From: syzbot <syzbot+3b6c5c6a1d0119b687a1@syzkaller.appspotmail.com>
To: dhowells@redhat.com, linux-afs@lists.infradead.org,
linux-kernel@vger.kernel.org, marc.dionne@auristor.com,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [afs?] BUG: sleeping function called from invalid context in __alloc_frozen_pages_noprof
Date: Fri, 28 Mar 2025 11:15:02 -0700 [thread overview]
Message-ID: <67e6e726.050a0220.2f068f.0080.GAE@google.com> (raw)
In-Reply-To: <85011.1743183886@warthog.procyon.org.uk>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
possible deadlock in afs_dynroot_readdir
loop0: detected capacity change from 0 to 512
EXT4-fs: Ignoring removed bh option
EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
EXT4-fs (loop0): 1 truncate cleaned up
EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
============================================
WARNING: possible recursive locking detected
6.14.0-syzkaller-07422-gacb4f33713b9-dirty #0 Not tainted
--------------------------------------------
syz.0.16/6130 is trying to acquire lock:
ffff888011d70148 (&type->i_mutex_dir_key#9){.+.+}-{4:4}, at: afs_dynroot_readdir+0x49e/0xb10 fs/afs/dynroot.c:351
but task is already holding lock:
ffff888011d70148 (&type->i_mutex_dir_key#9){.+.+}-{4:4}, at: iterate_dir+0x4a6/0x760 fs/readdir.c:101
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&type->i_mutex_dir_key#9);
lock(&type->i_mutex_dir_key#9);
*** DEADLOCK ***
May be due to missing lock nesting notation
2 locks held by syz.0.16/6130:
#0: ffff88807e06bcf8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x310 fs/file.c:1213
#1: ffff888011d70148 (&type->i_mutex_dir_key#9){.+.+}-{4:4}, at: iterate_dir+0x4a6/0x760 fs/readdir.c:101
stack backtrace:
CPU: 1 UID: 0 PID: 6130 Comm: syz.0.16 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9-dirty #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
print_deadlock_bug+0x2be/0x2d0 kernel/locking/lockdep.c:3042
check_deadlock kernel/locking/lockdep.c:3094 [inline]
validate_chain+0x928/0x24e0 kernel/locking/lockdep.c:3896
__lock_acquire+0xad5/0xd80 kernel/locking/lockdep.c:5235
lock_acquire+0x116/0x2f0 kernel/locking/lockdep.c:5866
down_read+0xb3/0xa50 kernel/locking/rwsem.c:1524
afs_dynroot_readdir+0x49e/0xb10 fs/afs/dynroot.c:351
iterate_dir+0x5a9/0x760 fs/readdir.c:108
__do_sys_getdents fs/readdir.c:322 [inline]
__se_sys_getdents+0x1ff/0x4e0 fs/readdir.c:308
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdd5b98d169
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdd5c816038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
RAX: ffffffffffffffda RBX: 00007fdd5bba5fa0 RCX: 00007fdd5b98d169
RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000004
RBP: 00007fdd5ba0e2a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fdd5bba5fa0 R15: 00007ffe6a4f5bb8
</TASK>
Tested on:
commit: acb4f337 Merge tag 'm68knommu-for-v6.15' of git://git...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=10922a4c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=982413b40f90fdf8
dashboard link: https://syzkaller.appspot.com/bug?extid=3b6c5c6a1d0119b687a1
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch: https://syzkaller.appspot.com/x/patch.diff?x=17f51198580000
next prev parent reply other threads:[~2025-03-28 18:15 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-27 16:26 [syzbot] [afs?] BUG: sleeping function called from invalid context in __alloc_frozen_pages_noprof syzbot
2025-03-28 17:44 ` David Howells
2025-03-28 18:15 ` syzbot [this message]
2025-03-29 2:47 ` Edward Adam Davis
2025-03-29 5:51 ` syzbot
2025-03-29 5:55 ` Edward Adam Davis
2025-03-29 6:07 ` syzbot
2025-03-29 9:39 ` Edward Adam Davis
2025-03-29 10:03 ` syzbot
2025-03-29 9:49 ` David Howells
2025-03-29 10:18 ` syzbot
2025-03-31 10:58 ` David Howells
2025-03-31 12:49 ` Aleksandr Nogikh
-- strict thread matches above, loose matches on Subject: below --
2025-03-27 16:27 [syzbot] [afs?] [ntfs3?] BUG: sleeping function called from invalid context in ovl_cache_entry_new syzbot
2025-03-29 2:53 ` [syzbot] [afs?] BUG: sleeping function called from invalid context in __alloc_frozen_pages_noprof Edward Adam Davis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=67e6e726.050a0220.2f068f.0080.GAE@google.com \
--to=syzbot+3b6c5c6a1d0119b687a1@syzkaller.appspotmail.com \
--cc=dhowells@redhat.com \
--cc=linux-afs@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marc.dionne@auristor.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.