From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BCA8C17BB16; Tue, 3 Dec 2024 14:33:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733236439; cv=none; b=YzpLTsHYKqZrXoP7f3NdhIh2MHsVUGIbSWhd0VHf1dc0jsTEv5Po99VOu3a9lV1qHyPdUM4wuV0qaXmUkcskj8aEnBj9XgzcRhN1zH2WGCpkLgflpULyUSOWOENdFE+WBqK/6Nhy3yHv4WZHCWzbjY/YiiNIaQxNV86v/oBCO5g= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733236439; c=relaxed/simple; bh=L0sHNGIRXC0zZ0sNBxHPGWXB6dNaCbpWOpGdUciD/Kk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nmERnOaZOM6wdpVgLDbTDYTG++s/D8JZ8jUbmBj4CBcvrgCaGgEi4WiN1x4nUrj9KIkBF5bPPPCgrVv5m0+ftfr0Ojx2ANvSENYuhPLNjKpnTouHC8ASBjsFMIeKfv2LP3J6fwQRAO1P9kMq1x/g7KzmUgeBeCebXBiIqpzFH4A= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=JgfuLVIH; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="JgfuLVIH" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CE31FC4CECF; Tue, 3 Dec 2024 14:33:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1733236439; bh=L0sHNGIRXC0zZ0sNBxHPGWXB6dNaCbpWOpGdUciD/Kk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=JgfuLVIHaJMRq8hr38a7gFS74a7WtsnezGqAPYOk8oLJSKMxxRDLTolpreGFpKuS+ Kazre0Gun29ZfB+FWjwBsnloRBAGq0UUVESj53Fg5svLNRRgHKFIZTdh86bzEkN1GW 6We9TxdcsfNH5BBjlATw7qqx5vZMvfokYP/20Wsg= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Dmitry Antipov , syzbot+453873f1588c2d75b447@syzkaller.appspotmail.com, Joseph Qi , Joel Becker , Mark Fasheh , Junxiao Bi , Changwei Ge , Jun Piao , Andrew Morton Subject: [PATCH 4.19 002/138] ocfs2: uncache inode which has failed entering the group Date: Tue, 3 Dec 2024 15:30:31 +0100 Message-ID: <20241203141923.624974232@linuxfoundation.org> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241203141923.524658091@linuxfoundation.org> References: <20241203141923.524658091@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Dmitry Antipov commit 737f34137844d6572ab7d473c998c7f977ff30eb upstream. Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_trap+0x15a/0x3a0 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? do_error_trap+0x1dc/0x2c0 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? __pfx_do_error_trap+0x10/0x10 ? handle_invalid_op+0x34/0x40 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? exc_invalid_op+0x38/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? ocfs2_set_new_buffer_uptodate+0x2e/0x160 ? ocfs2_set_new_buffer_uptodate+0x144/0x160 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ocfs2_group_add+0x39f/0x15a0 ? __pfx_ocfs2_group_add+0x10/0x10 ? __pfx_lock_acquire+0x10/0x10 ? mnt_get_write_access+0x68/0x2b0 ? __pfx_lock_release+0x10/0x10 ? rcu_read_lock_any_held+0xb7/0x160 ? __pfx_rcu_read_lock_any_held+0x10/0x10 ? smack_log+0x123/0x540 ? mnt_get_write_access+0x68/0x2b0 ? mnt_get_write_access+0x68/0x2b0 ? mnt_get_write_access+0x226/0x2b0 ocfs2_ioctl+0x65e/0x7d0 ? __pfx_ocfs2_ioctl+0x10/0x10 ? smack_file_ioctl+0x29e/0x3a0 ? __pfx_smack_file_ioctl+0x10/0x10 ? lockdep_hardirqs_on_prepare+0x43d/0x780 ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 ? __pfx_ocfs2_ioctl+0x10/0x10 __se_sys_ioctl+0xfb/0x170 do_syscall_64+0xf3/0x230 entry_SYSCALL_64_after_hwframe+0x77/0x7f ... When 'ioctl(OCFS2_IOC_GROUP_ADD, ...)' has failed for the particular inode in 'ocfs2_verify_group_and_input()', corresponding buffer head remains cached and subsequent call to the same 'ioctl()' for the same inode issues the BUG() in 'ocfs2_set_new_buffer_uptodate()' (trying to cache the same buffer head of that inode). Fix this by uncaching the buffer head with 'ocfs2_remove_from_cache()' on error path in 'ocfs2_group_add()'. Link: https://lkml.kernel.org/r/20241114043844.111847-1-dmantipov@yandex.ru Fixes: 7909f2bf8353 ("[PATCH 2/2] ocfs2: Implement group add for online resize") Signed-off-by: Dmitry Antipov Reported-by: syzbot+453873f1588c2d75b447@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=453873f1588c2d75b447 Reviewed-by: Joseph Qi Cc: Dmitry Antipov Cc: Joel Becker Cc: Mark Fasheh Cc: Junxiao Bi Cc: Changwei Ge Cc: Jun Piao Cc: Signed-off-by: Andrew Morton Signed-off-by: Greg Kroah-Hartman --- fs/ocfs2/resize.c | 2 ++ 1 file changed, 2 insertions(+) --- a/fs/ocfs2/resize.c +++ b/fs/ocfs2/resize.c @@ -582,6 +582,8 @@ out_commit: ocfs2_commit_trans(osb, handle); out_free_group_bh: + if (ret < 0) + ocfs2_remove_from_cache(INODE_CACHE(inode), group_bh); brelse(group_bh); out_unlock: