[v1] Forwarded: Re: [syzbot] [jfs?] BUG: unable to handle kernel paging request in diUpdatePMap

Forwarded: Re: [syzbot] [jfs?] BUG: unable to handle kernel paging request in diUpdatePMap

Posted by syzbot 1 month, 1 week ago

For archival purposes, forwarding an incoming command email to
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com.

***

Subject: Re: [syzbot] [jfs?] BUG: unable to handle kernel paging request in diUpdatePMap
Author: yun.zhou@windriver.com

#syz test

diff --git a/fs/jfs/jfs_metapage.c b/fs/jfs/jfs_metapage.c
index 871cf4fb3636..0d6c40e7e551 100644
--- a/fs/jfs/jfs_metapage.c
+++ b/fs/jfs/jfs_metapage.c
@@ -270,6 +270,7 @@ static inline struct metapage *alloc_metapage(gfp_t 
gfp_mask)
                 mp->clsn = 0;
                 mp->log = NULL;
                 init_waitqueue_head(&mp->wait);
+               INIT_LIST_HEAD(&mp->synclist);
         }
         return mp;
  }
@@ -379,7 +380,7 @@ static void remove_from_logsync(struct metapage *mp)
                 mp->lsn = 0;
                 mp->clsn = 0;
                 log->count--;
-               list_del(&mp->synclist);
+               list_del_init(&mp->synclist);
         }
         LOGSYNC_UNLOCK(log, flags);
  }
diff --git a/fs/jfs/jfs_txnmgr.c b/fs/jfs/jfs_txnmgr.c
index 7840a03e5bcb..a5a5bc0a266d 100644
--- a/fs/jfs/jfs_txnmgr.c
+++ b/fs/jfs/jfs_txnmgr.c
@@ -275,6 +275,7 @@ int txInit(void)
         for (k = 0; k < nTxBlock; k++) {
                 init_waitqueue_head(&TxBlock[k].gcwait);
                 init_waitqueue_head(&TxBlock[k].waitor);
+               INIT_LIST_HEAD(&TxBlock[k].synclist);
         }

         for (k = 1; k < nTxBlock - 1; k++) {
@@ -974,7 +975,7 @@ static void txUnlock(struct tblock * tblk)
         if (tblk->lsn) {
                 LOGSYNC_LOCK(log, flags);
                 log->count--;
-               list_del(&tblk->synclist);
+               list_del_init(&tblk->synclist);
                 LOGSYNC_UNLOCK(log, flags);
         }
  }