Re: mm: BUG in resv_map_release

From: Andrew Morton
Date: Tue Mar 28 2017 - 19:39:10 EST


On Thu, 23 Mar 2017 11:19:38 +0100 Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote:

> Hello,
>
> I've got the following BUG while running syzkaller fuzzer.
> Note the injected kmalloc failure, most likely it's the root cause.
>

Yes, probably the logic(?) in region_chg() leaked a
resv->adds_in_progress++, although I'm not sure how. And afaict that
code can leak the memory at *nrg if the `trg' allocation attempt failed
on the second or later pass around the retry loop.

Blah. Does someone want to take a look at it?