[lvc-project] [PATCH] ocfs2: uncache inode after ocfs2_search_dirblock() search failure
Dmitry Antipov
dmantipov at yandex.ru
Fri Dec 27 16:07:17 MSK 2024
Syzbot has reported the following BUG:
kernel BUG at fs/ocfs2/uptodate.c:509!
...
Call Trace:
<TASK>
? __die_body+0x61/0xb0
? die+0x9f/0xc0
? do_trap+0x14a/0x3d0
? ocfs2_set_new_buffer_uptodate+0x149/0x170
? do_error_trap+0x1c2/0x280
? ocfs2_set_new_buffer_uptodate+0x149/0x170
? __pfx_do_error_trap+0x10/0x10
? handle_invalid_op+0x34/0x40
? ocfs2_set_new_buffer_uptodate+0x149/0x170
? exc_invalid_op+0x39/0x50
? asm_exc_invalid_op+0x1a/0x20
? ocfs2_set_new_buffer_uptodate+0x148/0x170
? ocfs2_set_new_buffer_uptodate+0x149/0x170
? ocfs2_set_new_buffer_uptodate+0x148/0x170
ocfs2_group_add+0x318/0x1240
? mnt_get_write_access+0x68/0x2a0
? __pfx_ocfs2_group_add+0x10/0x10
? mnt_get_write_access+0x68/0x2a0
? __pfx_lock_release+0x10/0x10
? rcu_read_lock_any_held+0xb4/0x130
? __pfx_rcu_read_lock_any_held+0x10/0x10
? __pfx_lock_release+0x10/0x10
? mnt_get_write_access+0x223/0x2a0
? mnt_want_write_file+0x172/0x200
ocfs2_ioctl+0x60b/0x750
? __pfx_ocfs2_ioctl+0x10/0x10
? lockdep_hardirqs_on_prepare+0x401/0x750
? bpf_lsm_file_ioctl+0x9/0x20
? __pfx_ocfs2_ioctl+0x10/0x10
__se_sys_ioctl+0xfc/0x170
do_syscall_64+0xf6/0x210
? exc_page_fault+0x92/0x110
entry_SYSCALL_64_after_hwframe+0x77/0x7f
...
</TASK>
In 'ocfs2_find_entry_id()', the buffer head remains cached (by
'ocfs2_read_blocks()') regardless of the search result returned
by 'ocfs2_search_dirblock()'. In case of search failure, that
buffer head is no longer used and should be uncached before
calling 'brelse()'. This is very similar to commit 737f34137844
("ocfs2: uncache inode which has failed entering the group").
Reported-by: syzbot+7aef76bdb53b83d62a9e at syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=7aef76bdb53b83d62a9e
Fixes: 23193e513d1c ("ocfs2: Read support for directories with inline data")
Signed-off-by: Dmitry Antipov <dmantipov at yandex.ru>
---
fs/ocfs2/dir.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/ocfs2/dir.c b/fs/ocfs2/dir.c
index 213206ebdd58..3bfbc166d1fe 100644
--- a/fs/ocfs2/dir.c
+++ b/fs/ocfs2/dir.c
@@ -416,6 +416,9 @@ static struct buffer_head *ocfs2_find_entry_id(const char *name,
if (found == 1)
return di_bh;
+ /* Cached by ocfs2_read_blocks() so remove it. */
+ ocfs2_remove_from_cache(INODE_CACHE(dir), di_bh);
+
brelse(di_bh);
out:
return NULL;
--
2.47.1
More information about the lvc-project
mailing list