From nobody Sun Dec 14 13:50:13 2025 Received: from mx0a-0064b401.pphosted.com (mx0a-0064b401.pphosted.com [205.220.166.238]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7EE32040B2; Wed, 11 Dec 2024 09:15:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.166.238 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733908532; cv=none; b=tgKAa4ucSukAnbQjO2sq8FAhcp3nPsbq539Ps2tH3DmAVC3/mRLwMyTGhv/whxYJXsHVwX07KFXFg7OupxY1l2tSyiV50PtXIFeK3nUmDTMrv7rEyBxsPCSxN5xhHUQ1Tbkv0QfxInhtlBU/QZfQSkZQPXJP4yoz9mCJFLygs94= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733908532; c=relaxed/simple; bh=Cd+uhU8R6CFXhSMCzJ4EXSsUSmsT+tIYm39p00Pibq8=; h=From:To:CC:Subject:Date:Message-ID:MIME-Version:Content-Type; b=nXNAvjJ2Lk5Hma3bDtoFHAqMsKog2A++E4o1vKiriXQnngNi6MQuYVY5YtZo9zS64IZ2anronShxpyq43tHF+XOHF6YzfQaIgXHOumSZyaGsY46vFr6mKN14lGR/QFfiE+vy1p9gcuOrXfx2kIuCXvlethSTglocX0W28D0Clu8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=windriver.com; spf=pass smtp.mailfrom=windriver.com; arc=none smtp.client-ip=205.220.166.238 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=windriver.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=windriver.com Received: from pps.filterd (m0250809.ppops.net [127.0.0.1]) by mx0a-0064b401.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4BB71E2a026722; Wed, 11 Dec 2024 01:15:13 -0800 Received: from ala-exchng01.corp.ad.wrs.com (ala-exchng01.wrs.com [147.11.82.252]) by mx0a-0064b401.pphosted.com (PPS) with ESMTPS id 43cwy1v05r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Wed, 11 Dec 2024 01:15:13 -0800 (PST) Received: from ALA-EXCHNG02.corp.ad.wrs.com (147.11.82.254) by ala-exchng01.corp.ad.wrs.com (147.11.82.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.43; Wed, 11 Dec 2024 01:15:12 -0800 Received: from pek-lpg-core1.wrs.com (147.11.136.210) by ALA-EXCHNG02.corp.ad.wrs.com (147.11.82.254) with Microsoft SMTP Server id 15.1.2507.43 via Frontend Transport; Wed, 11 Dec 2024 01:15:10 -0800 From: To: , , CC: , , , , , Subject: [PATCH 6.1.y] ext4: fix access to uninitialised lock in fc replay path Date: Wed, 11 Dec 2024 18:13:04 +0800 Message-ID: <20241211101304.2070456-1-jianqi.ren.cn@windriver.com> X-Mailer: git-send-email 2.25.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-ORIG-GUID: Qg8DpU0joDSHKpgGBafatc-Hls2fVUuQ X-Authority-Analysis: v=2.4 cv=eePHf6EH c=1 sm=1 tr=0 ts=67595821 cx=c_pps a=/ZJR302f846pc/tyiSlYyQ==:117 a=/ZJR302f846pc/tyiSlYyQ==:17 a=RZcAm9yDv7YA:10 a=bC-a23v3AAAA:8 a=ID6ng7r3AAAA:8 a=VwQbUJbxAAAA:8 a=t7CeM3EgAAAA:8 a=bqYokX-Xi819JKuFumAA:9 a=-FEs8UIgK8oA:10 a=FO4_E8m0qiDe52t0p3_H:22 a=AkheI1RvQwOzcTXhi5f4:22 a=FdTzh2GWekK77mhwV6Dw:22 X-Proofpoint-GUID: Qg8DpU0joDSHKpgGBafatc-Hls2fVUuQ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2024-12-11_09,2024-12-10_01,2024-11-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1011 impostorscore=0 lowpriorityscore=0 suspectscore=0 mlxlogscore=749 priorityscore=1501 spamscore=0 phishscore=0 malwarescore=0 mlxscore=0 adultscore=0 bulkscore=0 classifier=spam authscore=0 adjust=0 reason=mlx scancount=1 engine=8.21.0-2411120000 definitions=main-2412110069 Content-Type: text/plain; charset="utf-8" From: "Luis Henriques (SUSE)" [ commit 23dfdb56581ad92a9967bcd720c8c23356af74c1 upstream ] The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd= 478f380-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x66/0x90 register_lock_class+0x759/0x7d0 __lock_acquire+0x85/0x2630 ? __find_get_block+0xb4/0x380 lock_acquire+0xd1/0x2d0 ? __ext4_journal_get_write_access+0xd5/0x160 _raw_spin_lock+0x33/0x40 ? __ext4_journal_get_write_access+0xd5/0x160 __ext4_journal_get_write_access+0xd5/0x160 ext4_reserve_inode_write+0x61/0xb0 __ext4_mark_inode_dirty+0x79/0x270 ? ext4_ext_replay_set_iblocks+0x2f8/0x450 ext4_ext_replay_set_iblocks+0x330/0x450 ext4_fc_replay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcu_is_watching+0x11/0x40 do_one_pass+0x447/0xd00 jbd2_journal_recover+0x139/0x1b0 jbd2_journal_load+0x96/0x390 ext4_load_and_init_journal+0x253/0xd40 ext4_fill_super+0x2cc6/0x3180 ... In the replay path there's an attempt to lock sbi->s_bdev_wb_lock in function ext4_check_bdev_write_error(). Unfortunately, at this point this spinlock has not been initialized yet. Moving it's initialization to an earlier point in __ext4_fill_super() fixes this splat. Signed-off-by: Luis Henriques (SUSE) Link: https://patch.msgid.link/20240718094356.7863-1-luis.henriques@linux.d= ev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org Signed-off-by: Jianqi Ren --- fs/ext4/super.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 987d49e18dbe..65e6e532cfb9 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -5276,6 +5276,8 @@ static int __ext4_fill_super(struct fs_context *fc, s= truct super_block *sb) INIT_LIST_HEAD(&sbi->s_orphan); /* unlinked but open files */ mutex_init(&sbi->s_orphan_lock); =20 + spin_lock_init(&sbi->s_bdev_wb_lock); + ext4_fast_commit_init(sb); =20 sb->s_root =3D NULL; @@ -5526,7 +5528,6 @@ static int __ext4_fill_super(struct fs_context *fc, s= truct super_block *sb) * Save the original bdev mapping's wb_err value which could be * used to detect the metadata async write error. */ - spin_lock_init(&sbi->s_bdev_wb_lock); errseq_check_and_advance(&sb->s_bdev->bd_inode->i_mapping->wb_err, &sbi->s_bdev_wb_err); sb->s_bdev->bd_super =3D sb; --=20 2.25.1