lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250702183942.GD1880847@ZenIV>
Date: Wed, 2 Jul 2025 19:39:42 +0100
From: Al Viro <viro@...iv.linux.org.uk>
To: syzbot <syzbot+6d7771315ecb9233f395@...kaller.appspotmail.com>
Cc: brauner@...nel.org, jack@...e.cz, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [fs?] possible deadlock in __simple_recursive_removal

On Wed, Jul 02, 2025 at 11:04:33AM -0700, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    50c8770a42fa Add linux-next specific files for 20250702
> git tree:       linux-next
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=152d348c580000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=70c16e4e191115d4
> dashboard link: https://syzkaller.appspot.com/bug?extid=6d7771315ecb9233f395
> compiler:       Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=106bd770580000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=164b048c580000
> 
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/3d4ef6bedc5b/disk-50c8770a.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/15b7565dc0ef/vmlinux-50c8770a.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/3b397342a62b/bzImage-50c8770a.xz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+6d7771315ecb9233f395@...kaller.appspotmail.com
> 
> ============================================
> WARNING: possible recursive locking detected
> 6.16.0-rc4-next-20250702-syzkaller #0 Not tainted

False positive.  locked_recursive_removal() is called with ->i_rwsem
on the victim's parent.  It will grab and release ->i_rwsem on
descendents of victim and victim itself (never more than one held
simultaneously) and it is used only on filesystems where we never
change the tree topology.  So the normal ordering of ->i_rwsem is
upheld there.

Proper annotations would be to have the lock on parent grabbed with
I_MUTEX_PARENT as class...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ