From: syzbot <syzbot+4d8e30dbafb5c1260479@syzkaller.appspotmail.com>
To: linux-kernel@vger.kernel.org, listout@listout.xyz,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [ntfs3?] WARNING in ni_rename (2)
Date: Mon, 03 Nov 2025 22:34:03 -0800 [thread overview]
Message-ID: <69099e5b.a70a0220.88fb8.000c.GAE@google.com> (raw)
In-Reply-To: <uzq2pgc3ufm7iewqzhfnujt5pwqcsadnfgufywp5gx6guzdtye@4pxj7vqewujt>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
BUG: sleeping function called from invalid context in indx_insert_entry
loop0: detected capacity change from 0 to 4096
BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6503, name: syz.0.17
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
6 locks held by syz.0.17/6503:
#0: ffff888032ba6480 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 fs/namespace.c:508
#1: ffff888054585088 (&type->i_mutex_dir_key#8/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1025 [inline]
#1: ffff888054585088 (&type->i_mutex_dir_key#8/1){+.+.}-{4:4}, at: lock_rename fs/namei.c:3360 [inline]
#1: ffff888054585088 (&type->i_mutex_dir_key#8/1){+.+.}-{4:4}, at: do_renameat2+0x3b9/0xa50 fs/namei.c:5311
#2: ffff888054585838 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:980 [inline]
#2: ffff888054585838 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: lock_two_nondirectories+0xe7/0x180 fs/inode.c:1232
#3: ffff888054586f48 (&sb->s_type->i_mutex_key#20/4){+.+.}-{4:4}, at: vfs_rename+0x665/0xe80 fs/namei.c:5187
#4: ffff888054584dd0 (&ni->ni_lock/6){+.+.}-{4:4}, at: ni_lock_dir fs/ntfs3/ntfs_fs.h:1118 [inline]
#4: ffff888054584dd0 (&ni->ni_lock/6){+.+.}-{4:4}, at: ntfs_rename+0x6de/0xbf0 fs/ntfs3/namei.c:327
#5: ffff888054586c90 (&ni->ni_lock#3/5){+.+.}-{4:4}, at: ni_lock fs/ntfs3/ntfs_fs.h:1113 [inline]
#5: ffff888054586c90 (&ni->ni_lock#3/5){+.+.}-{4:4}, at: ntfs_rename+0x6f7/0xbf0 fs/ntfs3/namei.c:328
Preemption disabled at:
[<ffffffff8301e706>] ni_rename+0x46/0x130 fs/ntfs3/frecord.c:3026
CPU: 0 UID: 0 PID: 6503 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Call Trace:
<TASK>
dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
__might_resched+0x44b/0x5d0 kernel/sched/core.c:8927
might_alloc include/linux/sched/mm.h:321 [inline]
slab_pre_alloc_hook mm/slub.c:4921 [inline]
slab_alloc_node mm/slub.c:5256 [inline]
__kmalloc_cache_noprof+0x60/0x6c0 mm/slub.c:5758
kmalloc_noprof include/linux/slab.h:957 [inline]
kzalloc_noprof include/linux/slab.h:1094 [inline]
fnd_get fs/ntfs3/ntfs_fs.h:670 [inline]
indx_insert_entry+0xd9/0x720 fs/ntfs3/index.c:1954
ni_add_name+0x8a8/0xc90 fs/ntfs3/frecord.c:2995
ni_rename+0x54/0x130 fs/ntfs3/frecord.c:3027
ntfs_rename+0x735/0xbf0 fs/ntfs3/namei.c:332
vfs_rename+0xb34/0xe80 fs/namei.c:5216
do_renameat2+0x6a2/0xa50 fs/namei.c:5364
__do_sys_rename fs/namei.c:5411 [inline]
__se_sys_rename fs/namei.c:5409 [inline]
__x64_sys_rename+0x82/0x90 fs/namei.c:5409
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7efd9b34efc9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007efd9a9be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
RAX: ffffffffffffffda RBX: 00007efd9b5a5fa0 RCX: 00007efd9b34efc9
RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000580
RBP: 00007efd9b3d1f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007efd9b5a6038 R14: 00007efd9b5a5fa0 R15: 00007ffd3bf7c298
</TASK>
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6503 at fs/ntfs3/frecord.c:3031 ni_rename+0x122/0x130 fs/ntfs3/frecord.c:3030
Modules linked in:
CPU: 0 UID: 0 PID: 6503 Comm: syz.0.17 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)}
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
RIP: 0010:ni_rename+0x122/0x130 fs/ntfs3/frecord.c:3030
Code: 75 2d 89 d8 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 91 37 c2 07 cc e8 4b d8 bc fe e8 46 f0 30 fe eb cf e8 3f d8 bc fe 90 <0f> 0b 90 eb 98 e8 04 79 be 07 0f 1f 40 00 90 90 90 90 90 90 90 90
RSP: 0018:ffffc9000488fa98 EFLAGS: 00010293
RAX: ffffffff8301e7e1 RBX: 00000000fffffffe RCX: ffff88803dc5bc00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00000000fffffffe R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffffbfff1dac5ef R12: ffff888054584ce0
R13: ffff8880268d2200 R14: ffff8880268d2a00 R15: ffff888054586ba0
FS: 00007efd9a9be6c0(0000) GS:ffff888126df9000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe9d3cde000 CR3: 0000000023140000 CR4: 00000000003526f0
Call Trace:
<TASK>
ntfs_rename+0x735/0xbf0 fs/ntfs3/namei.c:332
vfs_rename+0xb34/0xe80 fs/namei.c:5216
do_renameat2+0x6a2/0xa50 fs/namei.c:5364
__do_sys_rename fs/namei.c:5411 [inline]
__se_sys_rename fs/namei.c:5409 [inline]
__x64_sys_rename+0x82/0x90 fs/namei.c:5409
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7efd9b34efc9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007efd9a9be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
RAX: ffffffffffffffda RBX: 00007efd9b5a5fa0 RCX: 00007efd9b34efc9
RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000580
RBP: 00007efd9b3d1f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007efd9b5a6038 R14: 00007efd9b5a5fa0 R15: 00007ffd3bf7c298
</TASK>
Tested on:
commit: c9cfc122 Merge tag 'for-6.18-rc4-tag' of git://git.ker..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1041c114580000
kernel config: https://syzkaller.appspot.com/x/.config?x=41ad820f608cb833
dashboard link: https://syzkaller.appspot.com/bug?extid=4d8e30dbafb5c1260479
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
patch: https://syzkaller.appspot.com/x/patch.diff?x=17dfc532580000
next parent reply other threads:[~2025-11-04 6:34 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <uzq2pgc3ufm7iewqzhfnujt5pwqcsadnfgufywp5gx6guzdtye@4pxj7vqewujt>
2025-11-04 6:34 ` syzbot [this message]
[not found] <20260319163058.304780-1-junjie.cao@linux.dev>
2026-03-19 19:50 ` [syzbot] [ntfs3?] WARNING in ni_rename (2) syzbot
[not found] <20260319154838.293419-1-junjie.cao@linux.dev>
2026-03-19 16:04 ` syzbot
[not found] <20260319153911.289905-1-junjie.cao@linux.dev>
2026-03-19 15:50 ` syzbot
[not found] <20260319112858.213422-1-junjie.cao@linux.dev>
2026-03-19 14:05 ` syzbot
[not found] <CAJ9gUkHct+WE_cZN48BcNRuvcVnwf+qeOFxMCF+t263KqZAetg@mail.gmail.com>
2025-11-10 17:18 ` syzbot
[not found] <kj6hgbdwsmff55vzjvmlsvybcmhrdywa2d4fxqt7376ocmocle@5jrydocarqf2>
2025-11-04 7:03 ` syzbot
2025-10-30 22:35 syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=69099e5b.a70a0220.88fb8.000c.GAE@google.com \
--to=syzbot+4d8e30dbafb5c1260479@syzkaller.appspotmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=listout@listout.xyz \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.