On Thu, Apr 03, 2025 at 05:33:31PM +0800, 白烁冉 wrote: > Dear Maintainers, > > When using our customized Syzkaller to fuzz the latest Linux kernel, the following crash (95th)was triggered. > > > HEAD commit: 6537cfb395f352782918d8ee7b7f10ba2cc3cbf2 > git tree: upstream > Output:https://github.com/pghk13/Kernel-Bug/tree/main/0305_6.14rc5/95-INFO_%20rcu%20detected%20stall%20in%20sys_chdir > Kernel config:https://github.com/pghk13/Kernel-Bug/blob/main/0305_6.14rc5/config.txt > C reproducer:https://github.com/pghk13/Kernel-Bug/blob/main/0305_6.14rc5/95-INFO_%20rcu%20detected%20stall%20in%20sys_chdir/95repro.c > Syzlang reproducer: https://github.com/pghk13/Kernel-Bug/blob/main/0305_6.14rc5/95-INFO_%20rcu%20detected%20stall%20in%20sys_chdir/95call_trace.txt We generally ignore any reports from non-official syzbot instances. > > > > Our reproducer uses mounts a constructed filesystem image. > This could be a file system deadlock issue that occurs on lines > 547-548 of the chmod_common function. When this function is called, > the code already holds the inode lock (via the inode_lock (inode)), > but the notify_change may need to perform RCU-protected operations > internally. The core of the problem is that the chmod_common function > calls the notify_change while holding the inode lock, and the > notify_change internally relies on the RCU protection mechanism. At a > specific path to the SYSV file system, this combination results in a > deadlock. I'm not following at all but also sysv is removed in v6.15.
