[syzbot] [gfs2?] KMSAN: uninit-value in gfs2_quota_init (2)
12 views
Skip to first unread message
syzbot
Nov 27, 2024, 2:32:31 PM11/27/24
to agru...@redhat.com, gf...@lists.linux.dev, linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 9f16d5e6f220 Merge tag 'for-linus' of git://git.kernel.org..
git tree: upstream
console+strace: https://syzkaller.appspot.com/x/log.txt?x=140fe530580000
kernel config: https://syzkaller.appspot.com/x/.config?x=ce1e2eda2213557
dashboard link: https://syzkaller.appspot.com/bug?extid=9fb37b567267511a9e11
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=120fe530580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=119ae778580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2fcdec73c0f3/disk-9f16d5e6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/d4dc8d1847e1/vmlinux-9f16d5e6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/db0e04822d2c/bzImage-9f16d5e6.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c42d45c3f3cb/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9fb37b...@syzkaller.appspotmail.com
gfs2: fsid=syz:syz.0: first mount done, others may mount
syz-executor205: attempt to access beyond end of device
loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
=====================================================
BUG: KMSAN: uninit-value in gfs2_metatype_check_i fs/gfs2/util.h:125 [inline]
BUG: KMSAN: uninit-value in gfs2_quota_init+0x22c4/0x2950 fs/gfs2/quota.c:1432
gfs2_metatype_check_i fs/gfs2/util.h:125 [inline]
gfs2_quota_init+0x22c4/0x2950 fs/gfs2/quota.c:1432
gfs2_make_fs_rw+0x4cf/0x6a0 fs/gfs2/super.c:159
gfs2_fill_super+0x43f5/0x45a0 fs/gfs2/ops_fstype.c:1274
get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
get_tree_bdev+0x37/0x50 fs/super.c:1659
gfs2_get_tree+0x5c/0x340 fs/gfs2/ops_fstype.c:1330
vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
do_new_mount+0x71f/0x15e0 fs/namespace.c:3507
path_mount+0x742/0x1f10 fs/namespace.c:3834
do_mount fs/namespace.c:3847 [inline]
__do_sys_mount fs/namespace.c:4057 [inline]
__se_sys_mount+0x722/0x810 fs/namespace.c:4034
__x64_sys_mount+0xe4/0x150 fs/namespace.c:4034
x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
Uninit was created at:
__alloc_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4774
alloc_pages_mpol_noprof+0x299/0x990 mm/mempolicy.c:2265
alloc_pages_noprof mm/mempolicy.c:2344 [inline]
folio_alloc_noprof+0x1db/0x310 mm/mempolicy.c:2351
filemap_alloc_folio_noprof+0xa6/0x440 mm/filemap.c:1009
__filemap_get_folio+0xac4/0x1550 mm/filemap.c:1951
gfs2_getbuf+0x23f/0xcd0 fs/gfs2/meta_io.c:142
gfs2_meta_ra+0x17f/0x7b0 fs/gfs2/meta_io.c:532
gfs2_quota_init+0x78d/0x2950 fs/gfs2/quota.c:1429
gfs2_make_fs_rw+0x4cf/0x6a0 fs/gfs2/super.c:159
gfs2_fill_super+0x43f5/0x45a0 fs/gfs2/ops_fstype.c:1274
get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
get_tree_bdev+0x37/0x50 fs/super.c:1659
gfs2_get_tree+0x5c/0x340 fs/gfs2/ops_fstype.c:1330
vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
do_new_mount+0x71f/0x15e0 fs/namespace.c:3507
path_mount+0x742/0x1f10 fs/namespace.c:3834
do_mount fs/namespace.c:3847 [inline]
__do_sys_mount fs/namespace.c:4057 [inline]
__se_sys_mount+0x722/0x810 fs/namespace.c:4034
__x64_sys_mount+0xe4/0x150 fs/namespace.c:4034
x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
CPU: 0 UID: 0 PID: 5797 Comm: syz-executor205 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
=====================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 9f16d5e6f220 Merge tag 'for-linus' of git://git.kernel.org..
git tree: upstream
console+strace: https://syzkaller.appspot.com/x/log.txt?x=140fe530580000
kernel config: https://syzkaller.appspot.com/x/.config?x=ce1e2eda2213557
dashboard link: https://syzkaller.appspot.com/bug?extid=9fb37b567267511a9e11
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=120fe530580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=119ae778580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2fcdec73c0f3/disk-9f16d5e6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/d4dc8d1847e1/vmlinux-9f16d5e6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/db0e04822d2c/bzImage-9f16d5e6.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/c42d45c3f3cb/mount_0.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9fb37b...@syzkaller.appspotmail.com
gfs2: fsid=syz:syz.0: first mount done, others may mount
syz-executor205: attempt to access beyond end of device
loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
=====================================================
BUG: KMSAN: uninit-value in gfs2_metatype_check_i fs/gfs2/util.h:125 [inline]
BUG: KMSAN: uninit-value in gfs2_quota_init+0x22c4/0x2950 fs/gfs2/quota.c:1432
gfs2_metatype_check_i fs/gfs2/util.h:125 [inline]
gfs2_quota_init+0x22c4/0x2950 fs/gfs2/quota.c:1432
gfs2_make_fs_rw+0x4cf/0x6a0 fs/gfs2/super.c:159
gfs2_fill_super+0x43f5/0x45a0 fs/gfs2/ops_fstype.c:1274
get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
get_tree_bdev+0x37/0x50 fs/super.c:1659
gfs2_get_tree+0x5c/0x340 fs/gfs2/ops_fstype.c:1330
vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
do_new_mount+0x71f/0x15e0 fs/namespace.c:3507
path_mount+0x742/0x1f10 fs/namespace.c:3834
do_mount fs/namespace.c:3847 [inline]
__do_sys_mount fs/namespace.c:4057 [inline]
__se_sys_mount+0x722/0x810 fs/namespace.c:4034
__x64_sys_mount+0xe4/0x150 fs/namespace.c:4034
x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
Uninit was created at:
__alloc_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4774
alloc_pages_mpol_noprof+0x299/0x990 mm/mempolicy.c:2265
alloc_pages_noprof mm/mempolicy.c:2344 [inline]
folio_alloc_noprof+0x1db/0x310 mm/mempolicy.c:2351
filemap_alloc_folio_noprof+0xa6/0x440 mm/filemap.c:1009
__filemap_get_folio+0xac4/0x1550 mm/filemap.c:1951
gfs2_getbuf+0x23f/0xcd0 fs/gfs2/meta_io.c:142
gfs2_meta_ra+0x17f/0x7b0 fs/gfs2/meta_io.c:532
gfs2_quota_init+0x78d/0x2950 fs/gfs2/quota.c:1429
gfs2_make_fs_rw+0x4cf/0x6a0 fs/gfs2/super.c:159
gfs2_fill_super+0x43f5/0x45a0 fs/gfs2/ops_fstype.c:1274
get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
get_tree_bdev+0x37/0x50 fs/super.c:1659
gfs2_get_tree+0x5c/0x340 fs/gfs2/ops_fstype.c:1330
vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
do_new_mount+0x71f/0x15e0 fs/namespace.c:3507
path_mount+0x742/0x1f10 fs/namespace.c:3834
do_mount fs/namespace.c:3847 [inline]
__do_sys_mount fs/namespace.c:4057 [inline]
__se_sys_mount+0x722/0x810 fs/namespace.c:4034
__x64_sys_mount+0xe4/0x150 fs/namespace.c:4034
x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
CPU: 0 UID: 0 PID: 5797 Comm: syz-executor205 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
=====================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Nov 28, 2024, 9:43:18 AM11/28/24
to linux-...@vger.kernel.org, syzkall...@googlegroups.com
For archival purposes, forwarding an incoming command email to
linux-...@vger.kernel.org, syzkall...@googlegroups.com.
***
Subject: Re: KMSAN: uninit-value in gfs2_quota_init()
Author: dman...@yandex.ru
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git b86545e02e8c22fb89218f29d381fa8e8b91d815
diff --git a/fs/gfs2/dir.c b/fs/gfs2/dir.c
index dbf1aede744c..85736135bcf5 100644
--- a/fs/gfs2/dir.c
+++ b/fs/gfs2/dir.c
@@ -299,6 +299,10 @@ static int gfs2_dir_read_data(struct gfs2_inode *ip, __be64 *buf,
goto fail;
BUG_ON(extlen < 1);
bh = gfs2_meta_ra(ip->i_gl, dblock, extlen);
+ if (IS_ERR(bh)) {
+ error = PTR_ERR(bh);
+ goto fail;
+ }
} else {
error = gfs2_meta_read(ip->i_gl, dblock, DIO_WAIT, 0, &bh);
if (error)
diff --git a/fs/gfs2/meta_io.c b/fs/gfs2/meta_io.c
index fea3efcc2f93..789294f4bf6f 100644
--- a/fs/gfs2/meta_io.c
+++ b/fs/gfs2/meta_io.c
@@ -512,7 +512,7 @@ int gfs2_meta_buffer(struct gfs2_inode *ip, u32 mtype, u64 num,
* @dblock: the starting disk block
* @extlen: the number of blocks in the extent
*
- * returns: the first buffer in the extent
+ * returns: the first buffer in the extent or error number
*/
struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
@@ -521,6 +521,7 @@ struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
struct buffer_head *first_bh, *bh;
u32 max_ra = gfs2_tune_get(sdp, gt_max_readahead) >>
sdp->sd_sb.sb_bsize_shift;
+ int ret;
BUG_ON(!extlen);
@@ -530,10 +531,15 @@ struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
extlen = max_ra;
first_bh = gfs2_getbuf(gl, dblock, CREATE);
+ if (unlikely(!first_bh))
+ return ERR_PTR(-EINVAL);
if (buffer_uptodate(first_bh))
goto out;
- bh_read_nowait(first_bh, REQ_META | REQ_PRIO);
+
+ ret = bh_read(first_bh, REQ_META | REQ_PRIO);
+ if (unlikely(ret < 0))
+ return ERR_PTR(ret);
dblock++;
extlen--;
diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c
index 72b48f6f5561..d919edfb8dda 100644
--- a/fs/gfs2/quota.c
+++ b/fs/gfs2/quota.c
@@ -1427,8 +1427,10 @@ int gfs2_quota_init(struct gfs2_sbd *sdp)
}
error = -EIO;
bh = gfs2_meta_ra(ip->i_gl, dblock, extlen);
- if (!bh)
+ if (IS_ERR(bh)) {
+ error = PTR_ERR(bh);
goto fail;
+ }
if (gfs2_metatype_check(sdp, bh, GFS2_METATYPE_QC))
goto fail_brelse;
diff --git a/fs/gfs2/recovery.c b/fs/gfs2/recovery.c
index f4fe7039f725..527353c36aa5 100644
--- a/fs/gfs2/recovery.c
+++ b/fs/gfs2/recovery.c
@@ -49,7 +49,7 @@ int gfs2_replay_read_block(struct gfs2_jdesc *jd, unsigned int blk,
*bh = gfs2_meta_ra(gl, dblock, extlen);
- return error;
+ return IS_ERR(*bh) ? PTR_ERR(*bh) : 0;
}
int gfs2_revoke_add(struct gfs2_jdesc *jd, u64 blkno, unsigned int where)
linux-...@vger.kernel.org, syzkall...@googlegroups.com.
***
Subject: Re: KMSAN: uninit-value in gfs2_quota_init()
Author: dman...@yandex.ru
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git b86545e02e8c22fb89218f29d381fa8e8b91d815
diff --git a/fs/gfs2/dir.c b/fs/gfs2/dir.c
index dbf1aede744c..85736135bcf5 100644
--- a/fs/gfs2/dir.c
+++ b/fs/gfs2/dir.c
@@ -299,6 +299,10 @@ static int gfs2_dir_read_data(struct gfs2_inode *ip, __be64 *buf,
goto fail;
BUG_ON(extlen < 1);
bh = gfs2_meta_ra(ip->i_gl, dblock, extlen);
+ if (IS_ERR(bh)) {
+ error = PTR_ERR(bh);
+ goto fail;
+ }
} else {
error = gfs2_meta_read(ip->i_gl, dblock, DIO_WAIT, 0, &bh);
if (error)
diff --git a/fs/gfs2/meta_io.c b/fs/gfs2/meta_io.c
index fea3efcc2f93..789294f4bf6f 100644
--- a/fs/gfs2/meta_io.c
+++ b/fs/gfs2/meta_io.c
@@ -512,7 +512,7 @@ int gfs2_meta_buffer(struct gfs2_inode *ip, u32 mtype, u64 num,
* @dblock: the starting disk block
* @extlen: the number of blocks in the extent
*
- * returns: the first buffer in the extent
+ * returns: the first buffer in the extent or error number
*/
struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
@@ -521,6 +521,7 @@ struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
struct buffer_head *first_bh, *bh;
u32 max_ra = gfs2_tune_get(sdp, gt_max_readahead) >>
sdp->sd_sb.sb_bsize_shift;
+ int ret;
BUG_ON(!extlen);
@@ -530,10 +531,15 @@ struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
extlen = max_ra;
first_bh = gfs2_getbuf(gl, dblock, CREATE);
+ if (unlikely(!first_bh))
+ return ERR_PTR(-EINVAL);
if (buffer_uptodate(first_bh))
goto out;
- bh_read_nowait(first_bh, REQ_META | REQ_PRIO);
+
+ ret = bh_read(first_bh, REQ_META | REQ_PRIO);
+ if (unlikely(ret < 0))
+ return ERR_PTR(ret);
dblock++;
extlen--;
diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c
index 72b48f6f5561..d919edfb8dda 100644
--- a/fs/gfs2/quota.c
+++ b/fs/gfs2/quota.c
@@ -1427,8 +1427,10 @@ int gfs2_quota_init(struct gfs2_sbd *sdp)
}
error = -EIO;
bh = gfs2_meta_ra(ip->i_gl, dblock, extlen);
- if (!bh)
+ if (IS_ERR(bh)) {
+ error = PTR_ERR(bh);
goto fail;
+ }
if (gfs2_metatype_check(sdp, bh, GFS2_METATYPE_QC))
goto fail_brelse;
diff --git a/fs/gfs2/recovery.c b/fs/gfs2/recovery.c
index f4fe7039f725..527353c36aa5 100644
--- a/fs/gfs2/recovery.c
+++ b/fs/gfs2/recovery.c
@@ -49,7 +49,7 @@ int gfs2_replay_read_block(struct gfs2_jdesc *jd, unsigned int blk,
*bh = gfs2_meta_ra(gl, dblock, extlen);
- return error;
+ return IS_ERR(*bh) ? PTR_ERR(*bh) : 0;
}
int gfs2_revoke_add(struct gfs2_jdesc *jd, u64 blkno, unsigned int where)
syzbot
Nov 28, 2024, 10:19:05 AM11/28/24
to dman...@yandex.ru, linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested on:
commit: b86545e0 Merge tag 'acpi-6.13-rc1-2' of git://git.kern..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=16544f78580000
kernel config: https://syzkaller.appspot.com/x/.config?x=a4aa348d53e96cc1
Note: testing is done by a robot and is best-effort only.
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested on:
commit: b86545e0 Merge tag 'acpi-6.13-rc1-2' of git://git.kern..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=16544f78580000
kernel config: https://syzkaller.appspot.com/x/.config?x=a4aa348d53e96cc1
dashboard link: https://syzkaller.appspot.com/bug?extid=9fb37b567267511a9e11
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch: https://syzkaller.appspot.com/x/patch.diff?x=111463c0580000
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
Note: testing is done by a robot and is best-effort only.
syzbot
Nov 29, 2024, 3:41:26 AM11/29/24
to linux-...@vger.kernel.org, syzkall...@googlegroups.com
For archival purposes, forwarding an incoming command email to
linux-...@vger.kernel.org, syzkall...@googlegroups.com.
***
Subject: Re: KMSAN: uninit-value in gfs2_quota_init()
Author: dman...@yandex.ru
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 7af08b57bcb9ebf78675c50069c54125c0a8b795
linux-...@vger.kernel.org, syzkall...@googlegroups.com.
***
Subject: Re: KMSAN: uninit-value in gfs2_quota_init()
Author: dman...@yandex.ru
diff --git a/fs/gfs2/dir.c b/fs/gfs2/dir.c
index dbf1aede744c..85736135bcf5 100644
--- a/fs/gfs2/dir.c
+++ b/fs/gfs2/dir.c
@@ -299,6 +299,10 @@ static int gfs2_dir_read_data(struct gfs2_inode *ip, __be64 *buf,
goto fail;
BUG_ON(extlen < 1);
bh = gfs2_meta_ra(ip->i_gl, dblock, extlen);
+ if (IS_ERR(bh)) {
+ error = PTR_ERR(bh);
+ goto fail;
+ }
} else {
error = gfs2_meta_read(ip->i_gl, dblock, DIO_WAIT, 0, &bh);
if (error)
diff --git a/fs/gfs2/meta_io.c b/fs/gfs2/meta_io.c
--- a/fs/gfs2/meta_io.c
+++ b/fs/gfs2/meta_io.c
@@ -532,7 +532,7 @@ struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
first_bh = gfs2_getbuf(gl, dblock, CREATE);
if (buffer_uptodate(first_bh))
- goto out;
+ return first_bh;
bh_read_nowait(first_bh, REQ_META | REQ_PRIO);
dblock++;
@@ -546,11 +546,10 @@ struct buffer_head *gfs2_meta_ra(struct gfs2_glock *gl, u64 dblock, u32 extlen)
dblock++;
extlen--;
if (!buffer_locked(first_bh) && buffer_uptodate(first_bh))
- goto out;
+ return first_bh;
}
wait_on_buffer(first_bh);
-out:
- return first_bh;
+ return buffer_uptodate(first_bh) ? first_bh : ERR_PTR(-EIO);
syzbot
Nov 29, 2024, 4:10:05 AM11/29/24
to dman...@yandex.ru, linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested on:
commit: 7af08b57 Merge tag 'trace-v6.13-2' of git://git.kernel..
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested-by: syzbot+9fb37b...@syzkaller.appspotmail.com
Tested on:
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=17c849e8580000
kernel config: https://syzkaller.appspot.com/x/.config?x=d66c9f9a88c492bd
dashboard link: https://syzkaller.appspot.com/bug?extid=9fb37b567267511a9e11
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch: https://syzkaller.appspot.com/x/patch.diff?x=143b100f980000
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
Reply all
Reply to author
Forward
0 new messages