Received: by 2002:a05:7412:f584:b0:e2:908c:2ebd with SMTP id eh4csp1929984rdb; Tue, 5 Sep 2023 09:05:55 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF0ObnAMyMkx50YL4PNnd/BRt9HdrR0stz/qzSKaGYmR/2w9JK2l1SxU3hQtQ2cPIiuRWFs X-Received: by 2002:a2e:87ca:0:b0:2b9:ea17:558b with SMTP id v10-20020a2e87ca000000b002b9ea17558bmr157331ljj.16.1693929955022; Tue, 05 Sep 2023 09:05:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1693929954; cv=none; d=google.com; s=arc-20160816; b=WXlw0fhqZOyvVwm/eRHTLDLrI8rkrKWoqGKDlIpbKrSAR9L0tElHRBqdNXvE0X/ea8 BnKgWlVZl/kj7xouZQJ6w2TQFIeW6RmtEAg/+ySentAeeQJk2ROpyFqLZXzrddbGEogf SBlLPzTepUKBLblaZHoSL87epl5zoJcWiUKV5mNoFjwq9uo6b4PUgXtLUYCvbmtdkokS wVwk9yL1C1cnowf3yoO4gyoPFDxFJKetaPlmoQ8/Gq8p5DKzoilRSM/uT+TF++co5TO4 4YLFBEFsYWgce6sB6S3H+nAOxy/UIDsGMVhojfFeZ4bLcOYsHAGhWyvgTrkkrKrdTxu1 ITXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=5kFxnNNm8+gjbZJh6ydJs8AQ0+l1yYrVwQkOkmwR0aE=; fh=z9NPm3RvqJoRpkSeRdSlqm6nHheaZa0kBQMols1kBGM=; b=BiHtxmrbpcgkt4LKjU3KnIwndsOIQ2TsMPT7G8xQ++7EwxuSEjkKn087cR/jp5vHGy +FWvBJcB/AU4LEc/G4wiQuFWtNH7KvxZ1w8Gxwj/eNAjCd0XGKpSJIBGe0Jc1N3AGm3F r0dVHUqXghUX+hOZxBpMtl+s2zJ4mdIT33GlO0rAlB6Wxhtz1nX0/qxdpOtK+5hyPPz9 ZKql62oyBof2vI2UJSv5EVSqYaKZTPFIf2NbqSGud2flbS6tAaMZ/Kq65cPU9Q5GJrEe EYKXs1bB4hN2zXK5M5Fzj5Xp7E7GRdkYXLjKhLvq3StJsAvT1BppbN+7ZiK6efgb71A6 WC+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.org.uk header.s=zeniv-20220401 header.b=JQiYogy2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zeniv.linux.org.uk Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id um15-20020a170906cf8f00b0099bce8c04d8si7910610ejb.141.2023.09.05.09.05.48; Tue, 05 Sep 2023 09:05:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.org.uk header.s=zeniv-20220401 header.b=JQiYogy2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zeniv.linux.org.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1349581AbjICXNs (ORCPT + 13 others); Sun, 3 Sep 2023 19:13:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42748 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229653AbjICXNr (ORCPT ); Sun, 3 Sep 2023 19:13:47 -0400 Received: from zeniv.linux.org.uk (zeniv.linux.org.uk [IPv6:2a03:a000:7:0:5054:ff:fe1c:15ff]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D5F0A4; Sun, 3 Sep 2023 16:13:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=linux.org.uk; s=zeniv-20220401; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=5kFxnNNm8+gjbZJh6ydJs8AQ0+l1yYrVwQkOkmwR0aE=; b=JQiYogy2D3O0pnE88F2CdkBOu3 5B3DgWzn19KZmt4NLY/XQ87ydrJRSgtySIJhIhKpOZIdSx/tyLkew7zVUHacLs4ucj3LUlBOPWqv/ +AIZ/XSrE50uO9WMqdH51Su0GtMx3Ym3fOG11koQPBN2jnV3Pdx5J3aAAA5FsK+EuQgr/VxlNGsZj 73+O1vCII2J2ys3du6l0Wal8cdAm/cqHsCRs8Baxhw84GcxwGZItvdfMWQMxEWWxbvbmVYSxyYYCQ p1gYn56xAKCKNYYnI6qjn5uk0rZ9RvBJmyIFWiBSAuarsr9nv2W1nOS/hlco6crRYSGdZq9Pi2276 VXZSnfZQ==; Received: from viro by zeniv.linux.org.uk with local (Exim 4.96 #2 (Red Hat Linux)) id 1qcwHi-003Ag2-2Y; Sun, 03 Sep 2023 23:13:38 +0000 Date: Mon, 4 Sep 2023 00:13:38 +0100 From: Al Viro To: Dave Chinner Cc: Mateusz Guzik , syzbot , brauner@kernel.org, djwong@kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-xfs@vger.kernel.org, llvm@lists.linux.dev, nathan@kernel.org, ndesaulniers@google.com, syzkaller-bugs@googlegroups.com, trix@redhat.com Subject: Re: [syzbot] [xfs?] INFO: task hung in __fdget_pos (4) Message-ID: <20230903231338.GN3390869@ZenIV> References: <000000000000e6432a06046c96a5@google.com> <20230903083357.75mq5l43gakuc2z7@f> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: Al Viro X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 04, 2023 at 08:27:15AM +1000, Dave Chinner wrote: > It already is (sysrq-t), but I'm not sure that will help - if it is > a leaked unlock then nothing will show up at all. Unlikely; grep and you'll see - very few callers, and for all of them there's an fdput_pos() downstream of any fdget_pos() that had picked non-NULL file reference. In theory, it's not impossible that something had stripped FDPUT_POS_UNLOCK from the flags, but that's basically "something might've corrupted the local variables" scenario. There are 12 functions total where we might be calling fdget_pos() and all of them are pretty small (1 in alpha osf_sys.c, 6 in read_write.c and 5 in readdir.c); none of those takes an address of struct fd, none of them has assignments to it after fdget_pos() and the only accesses to its members are those to fd.file - all fetches. Control flow is also easy to check - they are all short. IMO it's much more likely that we'll find something like thread A: grabs some fs lock gets stuck on something thread B: write() finds file grabs ->f_pos_lock calls into filesystem blocks on fs lock held by A thread C: read()/write()/lseek() on the same file blocks on ->f_pos_lock