Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp4349656ybi; Tue, 11 Jun 2019 05:19:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqznxEnA4w0NiWMS6eBd+DULWdAj0LoKZ7AYcHcVWY+nlUlrBeDGd6TBzyVJbZ3u61E+JsVd X-Received: by 2002:a63:234e:: with SMTP id u14mr8595793pgm.13.1560255565119; Tue, 11 Jun 2019 05:19:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560255565; cv=none; d=google.com; s=arc-20160816; b=vbMCUaHMF+xMViYBwpuCiIX23gow2Zlt2lKNZXMHjSMZc3P7foUAABN+Iy8B1AeSdG yxtz59OYYYtmamS8jxXgLf3IbdnrTKu1iCncmpXIYUcNyuVKrkLr+U686DDZFWMAt6Mc 69HTCuoUWQ3u8b2+sUsUoDxbMjBr+npbFR+Q8Y1Yvrx3mOoEEQkOjEvRbfh7btWM9oWZ qJoY1UqMj9lvH/Fj4PnNl4e2qzpx1/SuDWSuk/uHMbK1qqFRgfSJ1SqOh/CMlw3jzjb6 4HpneTgSablWbSY7qyBpUNVFyv6cc+Uq82tg73nMVzkHOIzxZTe05J6IeT54uoCdpI0C d4ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :reply-to:message-id:subject:cc:to:from:date; bh=5s83rezjx5EcDmQGfEQQqGSHmedbQvdBCF+QXBtcMbo=; b=NAYY2YRXwERijSOnaiCTOwnGDTc1SutH7ik9ePtw454W6bK17f6FCJPk6uFBxeCUwJ r5+sWrE46W+TpMkGkqwAbBdt3UZuqZ5Wt0JlSNLka8SePou7QL+HMU2JyHTq3GXltEJn irq8aJ2KN0YCUqEbXs0VtR3XQaBSywcRvhKw/OaWPw2PYbTaTNvRBep1f4ICkbDjbJqX VSMoI/eKdrYalC9VNvdxAT1uJjlTh9xoFvwxH63Sn1hRFNlOK/5nA7kc/LinpHwps8Lb 4DZywmjdl7UymwkZJ9UXQvgyhJgCjcSJRRdI97v79Dl9TqxYzYpSv6UJagavWb1lLYtz HByg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j11si12537097pfa.41.2019.06.11.05.19.09; Tue, 11 Jun 2019 05:19:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388693AbfFKLC4 (ORCPT + 99 others); Tue, 11 Jun 2019 07:02:56 -0400 Received: from twin.jikos.cz ([91.219.245.39]:58891 "EHLO twin.jikos.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388669AbfFKLC4 (ORCPT ); Tue, 11 Jun 2019 07:02:56 -0400 X-Greylist: delayed 3594 seconds by postgrey-1.27 at vger.kernel.org; Tue, 11 Jun 2019 07:02:55 EDT Received: from twin.jikos.cz (dave@[127.0.0.1]) by twin.jikos.cz (8.13.6/8.13.6) with ESMTP id x5BA1sTh019587 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 11 Jun 2019 12:01:55 +0200 Received: (from dave@localhost) by twin.jikos.cz (8.13.6/8.13.6/Submit) id x5BA1rtN019585; Tue, 11 Jun 2019 12:01:53 +0200 Date: Tue, 11 Jun 2019 12:01:53 +0200 From: David Sterba To: Eric Biggers Cc: Chris Mason , Josef Bacik , David Sterba , linux-btrfs@vger.kernel.org, Dmitry Vyukov , Anand Jain , syzbot , LKML , syzkaller-bugs Subject: Re: kernel BUG at fs/btrfs/volumes.c:LINE! Message-ID: <20190611100153.GD24160@twin.jikos.cz> Reply-To: dave@jikos.cz Mail-Followup-To: Eric Biggers , Chris Mason , Josef Bacik , David Sterba , linux-btrfs@vger.kernel.org, Dmitry Vyukov , Anand Jain , syzbot , LKML , syzkaller-bugs References: <00000000000096009b056df92dc1@google.com> <70a3c2d1-3f53-d4c0-13b3-29f836ec46d9@oracle.com> <20180607153450.GF3215@twin.jikos.cz> <20180607165213.GI3215@twin.jikos.cz> <20190610231403.GZ63833@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190610231403.GZ63833@gmail.com> User-Agent: Mutt/1.5.23.1-rc1 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 10, 2019 at 04:14:04PM -0700, Eric Biggers wrote: > On Thu, Jun 07, 2018 at 06:52:13PM +0200, David Sterba wrote: > > On Thu, Jun 07, 2018 at 06:28:02PM +0200, Dmitry Vyukov wrote: > > > > Normally the GFP_NOFS allocations do not fail so I think the fuzzer > > > > environment is tuned to allow that, which is fine for coverage but does > > > > not happen in practice. This will be fixed eventually. > > > > > > Isn't GFP_NOFS more restricted than normal allocations? Are these > > > allocations accounted against memcg? It's easy to fail any allocation > > > within a memory container. > > > > https://lwn.net/Articles/723317/ The 'too small to fail' and some > > unwritten semantics of GFP_NOFS but I think you're right about the > > memory controler that can fail any allocation though. > > > > Error handling is being improved over time, the memory allocation > > failures are in some cases hard and this one would need to update some > > logic so it's not a oneliner. > > > > This bug is still there. In btrfs_close_one_device(): > > if (device->name) { > name = rcu_string_strdup(device->name->str, GFP_NOFS); > BUG_ON(!name); /* -ENOMEM */ > rcu_assign_pointer(new_device->name, name); > } > > It assumes that the memory allocation succeeded. > > See syzbot report from v5.2-rc3 here: https://syzkaller.appspot.com/text?tag=CrashReport&x=16c839c1a00000 > > Is there any plan to fix this? Yes there is, to avoid allocations when closing the device and tracking the state in another way. As this has never been reported in practice the priority to fix it is rather low so I can't give you an ETA.