[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <tencent_93E0C66D49BEAEDE6ECA0C9FA7C786D2D206@qq.com>
Date: Wed, 30 Oct 2024 18:31:52 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+ec07f6f5ce62b858579f@...kaller.appspotmail.com
Cc: amir73il@...il.com,
linux-kernel@...r.kernel.org,
linux-unionfs@...r.kernel.org,
miklos@...redi.hu,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [overlayfs?] WARNING in ovl_encode_real_fh
When the memory is insufficient, the allocation of fh fails, which causes
the failure to obtain the dentry fid, and finally causes the dentry encoding
to fail.
Retry is used to avoid the failure of fh allocation caused by temporary
insufficient memory.
#syz test
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
index 2ed6ad641a20..1e027a3cf084 100644
--- a/fs/overlayfs/copy_up.c
+++ b/fs/overlayfs/copy_up.c
@@ -423,15 +423,22 @@ struct ovl_fh *ovl_encode_real_fh(struct ovl_fs *ofs, struct dentry *real,
int fh_type, dwords;
int buflen = MAX_HANDLE_SZ;
uuid_t *uuid = &real->d_sb->s_uuid;
- int err;
+ int err, rtt = 0;
/* Make sure the real fid stays 32bit aligned */
BUILD_BUG_ON(OVL_FH_FID_OFFSET % 4);
BUILD_BUG_ON(MAX_HANDLE_SZ + OVL_FH_FID_OFFSET > 255);
+retry:
fh = kzalloc(buflen + OVL_FH_FID_OFFSET, GFP_KERNEL);
- if (!fh)
+ if (!fh) {
+ if (!rtt) {
+ cond_resched();
+ rtt++;
+ goto retry;
+ }
return ERR_PTR(-ENOMEM);
+ }
/*
* We encode a non-connectable file handle for non-dir, because we
Powered by blists - more mailing lists