From: Pengfei Xu <pengfei.xu@intel.com>
To: Miklos Szeredi <mszeredi@redhat.com>
Cc: <linux-kernel@vger.kernel.org>, <heng.su@intel.com>
Subject: Re: [Syzkaller & bisect] There is "notify_change" WARNING in v6.1-rc5 kernel
Date: Wed, 23 Nov 2022 19:25:21 +0800 [thread overview]
Message-ID: <Y34DIbVyih2rWYRF@xpf.sh.intel.com> (raw)
In-Reply-To: <CAOssrKdNRew=5OMsmc+F01NEzyz1cd6ctJKV=FBVrHardpEZSg@mail.gmail.com>
Hi Miklos,
On 2022-11-23 at 11:54:59 +0100, Miklos Szeredi wrote:
> On Thu, Nov 17, 2022 at 12:32 PM Pengfei Xu <pengfei.xu@intel.com> wrote:
> >
> > Hi Miklos Szeredi and developer,
> >
> > Greeting!
> >
> > There is "notify_change" WARNING in v6.1-rc5:
> > [ 45.378232] ------------[ cut here ]------------
> > [ 45.378741] WARNING: CPU: 0 PID: 463 at fs/attr.c:327 notify_change+0x9a1/0xb50
> > [ 45.379511] Modules linked in:
> > [ 45.379868] CPU: 0 PID: 463 Comm: repro Not tainted 6.1.0-rc5-094226ad94f4 #1
> > [ 45.380617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
> > [ 45.381752] RIP: 0010:notify_change+0x9a1/0xb50
> > [ 45.382234] Code: 44 89 f6 e8 81 2d cf ff 41 83 fe ff 74 0c c7 45 c4 00 00 00 00 e9 e1 fd ff ff 41 be b5 ff ff ff e9 ea fb ff ff e8 ef 2b cf ff <0f> 0b e9 c2 4
> > [ 45.384114] RSP: 0018:ffffc90000ef3b30 EFLAGS: 00010246
> > [ 45.384661] RAX: 0000000000000000 RBX: 0000000000004200 RCX: ffffffff8155b451
> > [ 45.385389] RDX: 0000000000000000 RSI: ffff88800cd40000 RDI: 0000000000000002
> > [ 45.386112] RBP: ffffc90000ef3b90 R08: ffff888009ed2f50 R09: 0101010101010101
> > [ 45.386840] R10: ffffc90000ef3bb0 R11: 0000000000005c67 R12: ffffc90000ef3bb8
> > [ 45.387568] R13: ffff88800af5ed80 R14: 0000000000000000 R15: ffffffff8385ff40
> > [ 45.388312] FS: 00007f914d059700(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000
> > [ 45.389142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > [ 45.389727] CR2: 0000000020006000 CR3: 000000000bfc0006 CR4: 0000000000770ef0
> > [ 45.390458] PKRU: 55555554
> > [ 45.390752] Call Trace:
> > [ 45.391015] <TASK>
> > [ 45.391253] ? write_comp_data+0x2f/0x90
> > [ 45.391697] __file_remove_privs+0x1de/0x240
> > [ 45.392181] ? __file_remove_privs+0x1de/0x240
> > [ 45.392671] ? __sanitizer_cov_trace_pc+0x25/0x60
> > [ 45.393181] ? current_time+0x64/0xb0
> > [ 45.393592] file_modified_flags+0x51/0x160
> > [ 45.394055] file_modified+0x20/0x30
> > [ 45.394462] fuse_file_fallocate+0x53a/0x620
> > [ 45.394928] ? __schedule+0x2e6/0x8f0
> > [ 45.395347] ? fuse_copy_file_range+0xc0/0xc0
> > [ 45.395835] vfs_fallocate+0x336/0x690
> > [ 45.396243] ioctl_preallocate+0xdf/0x110
> > [ 45.396677] do_vfs_ioctl+0xaf9/0xc20
> > [ 45.397080] ? __fget_light+0xb0/0x220
> > [ 45.397488] ? __sanitizer_cov_trace_pc+0x25/0x60
> > [ 45.397993] ? write_comp_data+0x2f/0x90
> > [ 45.398419] __x64_sys_ioctl+0xca/0x160
> > [ 45.398836] do_syscall_64+0x3b/0x90
> > [ 45.399235] entry_SYSCALL_64_after_hwframe+0x63/0xcd
> > [ 45.399788] RIP: 0033:0x7f914d17f59d
> > [ 45.400182] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 8
> > [ 45.402039] RSP: 002b:00007f914d058b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
> > [ 45.402815] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f914d17f59d
> > [ 45.403543] RDX: 00000000200001c0 RSI: 0000000040305828 RDI: 0000000000000004
> > [ 45.404286] RBP: 00007f914d058e00 R08: 0000000100000001 R09: 0000000000000000
> > [ 45.405023] R10: 0000000100000001 R11: 0000000000000246 R12: 00007fff22e7ec4e
> > [ 45.405758] R13: 00007fff22e7ec4f R14: 00007fff22e7ece0 R15: 00007f914d059700
> > [ 45.406496] </TASK>
> > [ 45.406736] ---[ end trace 0000000000000000 ]---
> >
> > Bisected and found the first bad commit:
> > 4a6f278d4827b59ba26ceae0ff4529ee826aa258
> > "fuse: add file_modified() to fallocate"
> >
> > After only revert this commit, this issue was gone.
> >
> > Kconfig, reproduced code from syzkaller, bisect info is in attached.
> >
> > All detailed info is in link:
> > https://github.com/xupengfe/syzkaller_logs/tree/main/221117_083125_notify_change
> >
> > If you find this info is useful, please add the "Reviewed-by" tag from me.
>
> Thanks for the report, fix now sent out.
Great, I'm so glad that it's helpful and there is fixed patch for this
issue! :)
Thanks!
BR.
>
> Miklos
>
prev parent reply other threads:[~2022-11-23 11:25 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-17 11:31 [Syzkaller & bisect] There is "notify_change" WARNING in v6.1-rc5 kernel Pengfei Xu
2022-11-23 10:54 ` Miklos Szeredi
2022-11-23 11:25 ` Pengfei Xu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y34DIbVyih2rWYRF@xpf.sh.intel.com \
--to=pengfei.xu@intel.com \
--cc=heng.su@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mszeredi@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.