Linux-ext4 Archive on lore.kernel.org
 help / color / Atom feed
* WARNING: suspicious RCU usage in ext4_release_system_zone
@ 2019-08-30 19:28 syzbot
  2019-08-31  0:17 ` Eric Biggers
  0 siblings, 1 reply; 2+ messages in thread
From: syzbot @ 2019-08-30 19:28 UTC (permalink / raw)
  To: adilger.kernel, linux-ext4, linux-kernel, syzkaller-bugs, tytso

Hello,

syzbot found the following crash on:

HEAD commit:    ed858b88 Add linux-next specific files for 20190826
git tree:       linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=121b506c600000
kernel config:  https://syzkaller.appspot.com/x/.config?x=ee8373cd9733e305
dashboard link: https://syzkaller.appspot.com/bug?extid=5bda120b4032f831c57f
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+5bda120b4032f831c57f@syzkaller.appspotmail.com

=============================
WARNING: suspicious RCU usage
5.3.0-rc6-next-20190826 #73 Not tainted
-----------------------------
fs/ext4/block_validity.c:333 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syz-executor.4/8779:
  #0: ffff888091c4a518 (&type->s_umount_key#32){++++}, at: deactivate_super  
fs/super.c:363 [inline]
  #0: ffff888091c4a518 (&type->s_umount_key#32){++++}, at:  
deactivate_super+0x1aa/0x1d0 fs/super.c:360

stack backtrace:
CPU: 0 PID: 8779 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190826  
#73
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
Call Trace:
  __dump_stack lib/dump_stack.c:77 [inline]
  dump_stack+0x172/0x1f0 lib/dump_stack.c:113
  lockdep_rcu_suspicious+0x153/0x15d kernel/locking/lockdep.c:5438
  ext4_release_system_zone+0x166/0x1a0 fs/ext4/block_validity.c:333
  ext4_put_super+0x954/0xd70 fs/ext4/super.c:992
  generic_shutdown_super+0x14c/0x370 fs/super.c:460
  kill_block_super+0xa0/0x100 fs/super.c:1434
  deactivate_locked_super+0x95/0x100 fs/super.c:333
  deactivate_super fs/super.c:364 [inline]
  deactivate_super+0x1b2/0x1d0 fs/super.c:360
  cleanup_mnt+0x351/0x4c0 fs/namespace.c:1102
  __cleanup_mnt+0x16/0x20 fs/namespace.c:1109
  task_work_run+0x145/0x1c0 kernel/task_work.c:113
  tracehook_notify_resume include/linux/tracehook.h:188 [inline]
  exit_to_usermode_loop+0x316/0x380 arch/x86/entry/common.c:163
  prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline]
  syscall_return_slowpath arch/x86/entry/common.c:274 [inline]
  do_syscall_64+0x65f/0x760 arch/x86/entry/common.c:300
  entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c2a7
Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 2f be ff ff 66 2e 0f  
1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff  
ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fffdccad768 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000045c2a7
RDX: 0000000000403520 RSI: 0000000000000002 RDI: 00007fffdccad810
RBP: 000000000000011b R08: 0000000000000000 R09: 000000000000000b
R10: 0000000000000005 R11: 0000000000000202 R12: 00007fffdccae8a0
R13: 00005555565a4940 R14: 0000000000000000 R15: 00007fffdccae8a0
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: percpu_counter hint: 0x0
WARNING: CPU: 1 PID: 8779 at lib/debugobjects.c:481  
debug_print_object+0x168/0x250 lib/debugobjects.c:481


---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: WARNING: suspicious RCU usage in ext4_release_system_zone
  2019-08-30 19:28 WARNING: suspicious RCU usage in ext4_release_system_zone syzbot
@ 2019-08-31  0:17 ` Eric Biggers
  0 siblings, 0 replies; 2+ messages in thread
From: Eric Biggers @ 2019-08-31  0:17 UTC (permalink / raw)
  To: syzbot; +Cc: adilger.kernel, linux-ext4, linux-kernel, syzkaller-bugs, tytso

On Fri, Aug 30, 2019 at 12:28:08PM -0700, syzbot wrote:
> Hello,
> 
> syzbot found the following crash on:
> 
> HEAD commit:    ed858b88 Add linux-next specific files for 20190826
> git tree:       linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=121b506c600000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=ee8373cd9733e305
> dashboard link: https://syzkaller.appspot.com/bug?extid=5bda120b4032f831c57f
> compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> 
> Unfortunately, I don't have any reproducer for this crash yet.
> 
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+5bda120b4032f831c57f@syzkaller.appspotmail.com
> 
> =============================
> WARNING: suspicious RCU usage
> 5.3.0-rc6-next-20190826 #73 Not tainted
> -----------------------------
> fs/ext4/block_validity.c:333 suspicious rcu_dereference_check() usage!
> 

#syz invalid

There was already a fix applied between ed858b88 and latest linux-next:

diff --git a/fs/ext4/block_validity.c b/fs/ext4/block_validity.c
index 003dc1dc2da3..f7bc914a74df 100644
--- a/fs/ext4/block_validity.c
+++ b/fs/ext4/block_validity.c
@@ -330,11 +330,13 @@ void ext4_release_system_zone(struct super_block *sb)
 {
 	struct ext4_system_blocks *system_blks;
 
+	rcu_read_lock();
 	system_blks = rcu_dereference(EXT4_SB(sb)->system_blks);
 	rcu_assign_pointer(EXT4_SB(sb)->system_blks, NULL);
 
 	if (system_blks)
 		call_rcu(&system_blks->rcu, ext4_destroy_system_zone);
+	rcu_read_unlock();
 }

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-30 19:28 WARNING: suspicious RCU usage in ext4_release_system_zone syzbot
2019-08-31  0:17 ` Eric Biggers

Linux-ext4 Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-ext4/0 linux-ext4/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-ext4 linux-ext4/ https://lore.kernel.org/linux-ext4 \
		linux-ext4@vger.kernel.org linux-ext4@archiver.kernel.org
	public-inbox-index linux-ext4


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-ext4


AGPL code for this site: git clone https://public-inbox.org/ public-inbox