From patchwork Tue Aug 14 16:16:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Fernandes X-Patchwork-Id: 10565857 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C93441510 for ; Tue, 14 Aug 2018 16:17:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BA1012A43C for ; Tue, 14 Aug 2018 16:17:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AD7312A442; Tue, 14 Aug 2018 16:17:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 156DD2A43C for ; Tue, 14 Aug 2018 16:17:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8AB626B0003; Tue, 14 Aug 2018 12:17:00 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 880646B0006; Tue, 14 Aug 2018 12:17:00 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 770E66B0007; Tue, 14 Aug 2018 12:17:00 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f200.google.com (mail-pf1-f200.google.com [209.85.210.200]) by kanga.kvack.org (Postfix) with ESMTP id 3719F6B0003 for ; Tue, 14 Aug 2018 12:17:00 -0400 (EDT) Received: by mail-pf1-f200.google.com with SMTP id n17-v6so11525320pff.17 for ; Tue, 14 Aug 2018 09:17:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:mime-version:content-transfer-encoding; bh=6BL5K3kVJVHWOHPhAygE7zY9VQyoDJoHovVdB5Nsq7I=; b=i1xTX3kaV5Obk3Ke5DEl3V+7a6geHcimMSwiNREWEJEYgvQSBJA9RViWBjw30yWRcA /XPehIsTwdleFDd7/QZwNC+elcim3WD8XxtA0uPcf1AVxDo6de+RVccWs+S0OnuWbNW/ l2qLIpg44agTLYz+g5awN7vAzOIpaYL7NQFOOe+o927NqjbcNx2Hzzp8ySESmZl8rsNm pI0tPc1GZfPU6KVgDXFpIc1WI/zCayqWsQgJOhUxil9p0zi48oGBQz6wqFrwBXv3SbOz DLCQHs+Y/eDonIIJlsXLCNBmsHYMGwPPksvPTifCzsuPx4GjVF8A0eBOP5FdFVxOv8mA DjWw== X-Gm-Message-State: AOUpUlGmV/kojDp3hYnkHx5peUulhP2rNfauXHcUCMq6563LoS8xhTJc aXCiySeI7ehTy4HvLyglIfrVbb6lGOt5K88CnX9otCneTcrM/G/SPaYAY3QTV6K2JS3sZINgNNe ch+e2bxJ4YSDOdz8j0ifwOxQeQXwPSJarxT/3S7oZAqbpUascjjv9Y7KtPDy4/Gx4SW4jfiuD66 h1KOresqk0NCxwWqxCEaJmblhLlex1fi8UePhuqMmNUWUNZ/P/nMVutF/VatxP+SysEP5L3bww9 L/IFIFvE+6Zyig7biDC1YTtLF8VEPNLRyoQ5A5UHnKjfdYOm0bJQDYgbF7PJFMP0eJ3AkLeOnRr YRJhJqWvgHx0jjIf87fqTrBK56SOxT1TMewQDXBIAZtDUS+WFNmOqLa+o+Ka+DqoPO1XRMRuKX9 d X-Received: by 2002:a62:5984:: with SMTP id k4-v6mr23979507pfj.116.1534263419831; Tue, 14 Aug 2018 09:16:59 -0700 (PDT) X-Received: by 2002:a62:5984:: with SMTP id k4-v6mr23979413pfj.116.1534263418592; Tue, 14 Aug 2018 09:16:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534263418; cv=none; d=google.com; s=arc-20160816; b=QTNqYssiP8SLQfOLpGAMrzmOQB+KFJTsiJCupz35cl3QO0MczQvTi899c+32hT+e4E JDk7zz2I2M5EJYSc04RcUEzZMUkhkmq1u1WNyhrmvHHyO5hvLELgZkTu7M5zm6c7NFmf oQb7IlUWjO62+V6tsHo6BBfCl1M8OABMMnVgo08Xzr/iROBZzrfp1Wq8GztK97elcuKN Yg0XvM7GZzyhwplw75l/cUoquuvoBkCoV5dUEJ0AXUtfvFeGp1CpL4rRKFDaJViB519t SDaXbV3AGfbVNXeQok6IEcAMqoBtSIjK80vGU8RH1Z1pnz98hQ+WsWQM7QyWnCYwqkGX +l5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:dkim-signature:arc-authentication-results; bh=6BL5K3kVJVHWOHPhAygE7zY9VQyoDJoHovVdB5Nsq7I=; b=yDXnoqLTWeSvGrg3+p4pw42vaFpV+8OlbblYaBBN6fUXB9FT3j/yjS50zntnL7/ZHt d1zOStWpaKDNcutev+tJX0XHRWtdRlWCeJEVLzGcGJqiQ9HTBTPQEz3MyFPj0zxwYoPb B5rz9d4G/B4bKu8cW11PpJBRlXfitsYS4lPBeZjN1lz7Y92HnblHHxzuqgqp6WHu3esm Tv/qb2gQx/sub2rdLW9+HjZEIZyBaq+IXmdhOnJwxMhu6c3awZHqqqhfcS1v4Z9kvw74 2kSx8wILjKIVH+vj/19qK6SSBI3/3hP5rcePFmhLM71hWEB1FMf21hfHyM4lw+TeGnB/ CPCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@joelfernandes.org header.s=google header.b=RJGdLcg4; spf=pass (google.com: domain of joel@joelfernandes.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=joel@joelfernandes.org Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id r12-v6sor5913451pfd.129.2018.08.14.09.16.58 for (Google Transport Security); Tue, 14 Aug 2018 09:16:58 -0700 (PDT) Received-SPF: pass (google.com: domain of joel@joelfernandes.org designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@joelfernandes.org header.s=google header.b=RJGdLcg4; spf=pass (google.com: domain of joel@joelfernandes.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=joel@joelfernandes.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelfernandes.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=6BL5K3kVJVHWOHPhAygE7zY9VQyoDJoHovVdB5Nsq7I=; b=RJGdLcg48Ix4sJp3W4wrHEtQ0se+/lHwBtmRcnmkLuga7JCcEIrqI+j/2wGw98UFxR COWZMGOVeIm8wjXn7P8Uz66PU4rEcFb88w3aNS28nQMSsUiYVXbp/PRZMfqQ4c19mxG+ M8cE94ILiHsf+6kzKd2pDyhFLb40a4Qr87JI0= X-Google-Smtp-Source: AA+uWPyDIMy2MUI1CsgcH5nnwqoZV2lcuo6jSidnyXcvPFFd1xqsBPGWDTxPflgNw6smlCE7/wsZEg== X-Received: by 2002:a62:3601:: with SMTP id d1-v6mr24064739pfa.41.1534263418065; Tue, 14 Aug 2018 09:16:58 -0700 (PDT) Received: from joelaf-glaptop0.roam.corp.google.com (c-98-210-118-128.hsd1.ca.comcast.net. [98.210.118.128]) by smtp.gmail.com with ESMTPSA id x15-v6sm20988611pgc.46.2018.08.14.09.16.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Aug 2018 09:16:57 -0700 (PDT) From: "Joel Fernandes (Google)" To: linux-kernel@vger.kernel.org Cc: kernel-team@android.com, Joel Fernandes , willy@infradead.org, stable@vger.kernel.org, peterz@infradead.org, linux-mm@kvack.org, Neil Brown Subject: [PATCH] mm: shmem: Correctly annotate new inodes Date: Tue, 14 Aug 2018 09:16:52 -0700 Message-Id: <20180814161652.28831-1-joel@joelfernandes.org> X-Mailer: git-send-email 2.18.0.597.ga71716f1ad-goog MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Directories and inodes don't necessarily need to be in the same lockdep class. For ex, hugetlbfs splits them out too to prevent false positives in lockdep. Annotate correctly after new inode creation. If its a directory inode, it will be put into a different class. This should fix a lockdep splat reported by syzbot: > ====================================================== > WARNING: possible circular locking dependency detected > 4.18.0-rc8-next-20180810+ #36 Not tainted > ------------------------------------------------------ > syz-executor900/4483 is trying to acquire lock: > 00000000d2bfc8fe (&sb->s_type->i_mutex_key#9){++++}, at: inode_lock > include/linux/fs.h:765 [inline] > 00000000d2bfc8fe (&sb->s_type->i_mutex_key#9){++++}, at: > shmem_fallocate+0x18b/0x12e0 mm/shmem.c:2602 > > but task is already holding lock: > 0000000025208078 (ashmem_mutex){+.+.}, at: ashmem_shrink_scan+0xb4/0x630 > drivers/staging/android/ashmem.c:448 > > which lock already depends on the new lock. > > -> #2 (ashmem_mutex){+.+.}: > __mutex_lock_common kernel/locking/mutex.c:925 [inline] > __mutex_lock+0x171/0x1700 kernel/locking/mutex.c:1073 > mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1088 > ashmem_mmap+0x55/0x520 drivers/staging/android/ashmem.c:361 > call_mmap include/linux/fs.h:1844 [inline] > mmap_region+0xf27/0x1c50 mm/mmap.c:1762 > do_mmap+0xa10/0x1220 mm/mmap.c:1535 > do_mmap_pgoff include/linux/mm.h:2298 [inline] > vm_mmap_pgoff+0x213/0x2c0 mm/util.c:357 > ksys_mmap_pgoff+0x4da/0x660 mm/mmap.c:1585 > __do_sys_mmap arch/x86/kernel/sys_x86_64.c:100 [inline] > __se_sys_mmap arch/x86/kernel/sys_x86_64.c:91 [inline] > __x64_sys_mmap+0xe9/0x1b0 arch/x86/kernel/sys_x86_64.c:91 > do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 > entry_SYSCALL_64_after_hwframe+0x49/0xbe > > -> #1 (&mm->mmap_sem){++++}: > __might_fault+0x155/0x1e0 mm/memory.c:4568 > _copy_to_user+0x30/0x110 lib/usercopy.c:25 > copy_to_user include/linux/uaccess.h:155 [inline] > filldir+0x1ea/0x3a0 fs/readdir.c:196 > dir_emit_dot include/linux/fs.h:3464 [inline] > dir_emit_dots include/linux/fs.h:3475 [inline] > dcache_readdir+0x13a/0x620 fs/libfs.c:193 > iterate_dir+0x48b/0x5d0 fs/readdir.c:51 > __do_sys_getdents fs/readdir.c:231 [inline] > __se_sys_getdents fs/readdir.c:212 [inline] > __x64_sys_getdents+0x29f/0x510 fs/readdir.c:212 > do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 > entry_SYSCALL_64_after_hwframe+0x49/0xbe > > -> #0 (&sb->s_type->i_mutex_key#9){++++}: > lock_acquire+0x1e4/0x540 kernel/locking/lockdep.c:3924 > down_write+0x8f/0x130 kernel/locking/rwsem.c:70 > inode_lock include/linux/fs.h:765 [inline] > shmem_fallocate+0x18b/0x12e0 mm/shmem.c:2602 > ashmem_shrink_scan+0x236/0x630 drivers/staging/android/ashmem.c:455 > ashmem_ioctl+0x3ae/0x13a0 drivers/staging/android/ashmem.c:797 > vfs_ioctl fs/ioctl.c:46 [inline] > file_ioctl fs/ioctl.c:501 [inline] > do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:685 > ksys_ioctl+0xa9/0xd0 fs/ioctl.c:702 > __do_sys_ioctl fs/ioctl.c:709 [inline] > __se_sys_ioctl fs/ioctl.c:707 [inline] > __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:707 > do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 > entry_SYSCALL_64_after_hwframe+0x49/0xbe > > other info that might help us debug this: > > Chain exists of: > &sb->s_type->i_mutex_key#9 --> &mm->mmap_sem --> ashmem_mutex > > Possible unsafe locking scenario: > > CPU0 CPU1 > ---- ---- > lock(ashmem_mutex); > lock(&mm->mmap_sem); > lock(ashmem_mutex); > lock(&sb->s_type->i_mutex_key#9); > > *** DEADLOCK *** > > 1 lock held by syz-executor900/4483: > #0: 0000000025208078 (ashmem_mutex){+.+.}, at: > ashmem_shrink_scan+0xb4/0x630 drivers/staging/android/ashmem.c:448 Reported-by: syzbot Cc: willy@infradead.org Cc: stable@vger.kernel.org Cc: peterz@infradead.org Suggested-by: Neil Brown Signed-off-by: Joel Fernandes (Google) Reviewed-by: NeilBrown --- mm/shmem.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mm/shmem.c b/mm/shmem.c index 2cab84403055..4429a8fd932d 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -2225,6 +2225,8 @@ static struct inode *shmem_get_inode(struct super_block *sb, const struct inode mpol_shared_policy_init(&info->policy, NULL); break; } + + lockdep_annotate_inode_mutex_key(inode); } else shmem_free_inode(sb); return inode;