1. 07 1月, 2014 7 次提交
  2. 20 12月, 2013 1 次提交
  3. 18 12月, 2013 1 次提交
    • J
      ext4: fix deadlock when writing in ENOSPC conditions · 34cf865d
      Jan Kara 提交于
      Akira-san has been reporting rare deadlocks of his machine when running
      xfstests test 269 on ext4 filesystem. The problem turned out to be in
      ext4_da_reserve_metadata() and ext4_da_reserve_space() which called
      ext4_should_retry_alloc() while holding i_data_sem. Since
      ext4_should_retry_alloc() can force a transaction commit, this is a
      lock ordering violation and leads to deadlocks.
      
      Fix the problem by just removing the retry loops. These functions should
      just report ENOSPC to the caller (e.g. ext4_da_write_begin()) and that
      function must take care of retrying after dropping all necessary locks.
      Reported-and-tested-by: NAkira Fujita <a-fujita@rs.jp.nec.com>
      Reviewed-by: NZheng Liu <wenqing.lz@taobao.com>
      Signed-off-by: NJan Kara <jack@suse.cz>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      Cc: stable@vger.kernel.org
      34cf865d
  4. 09 12月, 2013 2 次提交
  5. 04 12月, 2013 2 次提交
    • E
      ext4: check for overlapping extents in ext4_valid_extent_entries() · 5946d089
      Eryu Guan 提交于
      A corrupted ext4 may have out of order leaf extents, i.e.
      
      extent: lblk 0--1023, len 1024, pblk 9217, flags: LEAF UNINIT
      extent: lblk 1000--2047, len 1024, pblk 10241, flags: LEAF UNINIT
                   ^^^^ overlap with previous extent
      
      Reading such extent could hit BUG_ON() in ext4_es_cache_extent().
      
      	BUG_ON(end < lblk);
      
      The problem is that __read_extent_tree_block() tries to cache holes as
      well but assumes 'lblk' is greater than 'prev' and passes underflowed
      length to ext4_es_cache_extent(). Fix it by checking for overlapping
      extents in ext4_valid_extent_entries().
      
      I hit this when fuzz testing ext4, and am able to reproduce it by
      modifying the on-disk extent by hand.
      
      Also add the check for (ee_block + len - 1) in ext4_valid_extent() to
      make sure the value is not overflow.
      
      Ran xfstests on patched ext4 and no regression.
      
      Cc: Lukáš Czerner <lczerner@redhat.com>
      Signed-off-by: NEryu Guan <guaneryu@gmail.com>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      Cc: stable@vger.kernel.org
      5946d089
    • J
      ext4: fix use-after-free in ext4_mb_new_blocks · 4e8d2139
      Junho Ryu 提交于
      ext4_mb_put_pa should hold pa->pa_lock before accessing pa->pa_count.
      While ext4_mb_use_preallocated checks pa->pa_deleted first and then
      increments pa->count later, ext4_mb_put_pa decrements pa->pa_count
      before holding pa->pa_lock and then sets pa->pa_deleted.
      
      * Free sequence
      ext4_mb_put_pa (1):		atomic_dec_and_test pa->pa_count
      ext4_mb_put_pa (2):		lock pa->pa_lock
      ext4_mb_put_pa (3):			check pa->pa_deleted
      ext4_mb_put_pa (4):			set pa->pa_deleted=1
      ext4_mb_put_pa (5):		unlock pa->pa_lock
      ext4_mb_put_pa (6):		remove pa from a list
      ext4_mb_pa_callback:		free pa
      
      * Use sequence
      ext4_mb_use_preallocated (1):	iterate over preallocation
      ext4_mb_use_preallocated (2):	lock pa->pa_lock
      ext4_mb_use_preallocated (3):		check pa->pa_deleted
      ext4_mb_use_preallocated (4):		increase pa->pa_count
      ext4_mb_use_preallocated (5):	unlock pa->pa_lock
      ext4_mb_release_context:	access pa
      
      * Use-after-free sequence
      [initial status]		<pa->pa_deleted = 0, pa_count = 1>
      ext4_mb_use_preallocated (1):	iterate over preallocation
      ext4_mb_use_preallocated (2):	lock pa->pa_lock
      ext4_mb_use_preallocated (3):		check pa->pa_deleted
      ext4_mb_put_pa (1):		atomic_dec_and_test pa->pa_count
      [pa_count decremented]		<pa->pa_deleted = 0, pa_count = 0>
      ext4_mb_use_preallocated (4):		increase pa->pa_count
      [pa_count incremented]		<pa->pa_deleted = 0, pa_count = 1>
      ext4_mb_use_preallocated (5):	unlock pa->pa_lock
      ext4_mb_put_pa (2):		lock pa->pa_lock
      ext4_mb_put_pa (3):			check pa->pa_deleted
      ext4_mb_put_pa (4):			set pa->pa_deleted=1
      [race condition!]		<pa->pa_deleted = 1, pa_count = 1>
      ext4_mb_put_pa (5):		unlock pa->pa_lock
      ext4_mb_put_pa (6):		remove pa from a list
      ext4_mb_pa_callback:		free pa
      ext4_mb_release_context:	access pa
      
      AddressSanitizer has detected use-after-free in ext4_mb_new_blocks
      Bug report: http://goo.gl/rG1On3Signed-off-by: NJunho Ryu <jayr@google.com>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      Cc: stable@vger.kernel.org
      4e8d2139
  6. 02 12月, 2013 1 次提交
    • T
      ext4: call ext4_error_inode() if jbd2_journal_dirty_metadata() fails · ae1495b1
      Theodore Ts'o 提交于
      While it's true that errors can only happen if there is a bug in
      jbd2_journal_dirty_metadata(), if a bug does happen, we need to halt
      the kernel or remount the file system read-only in order to avoid
      further data loss.  The ext4_journal_abort_handle() function doesn't
      do any of this, and while it's likely that this call (since it doesn't
      adjust refcounts) will likely result in the file system eventually
      deadlocking since the current transaction will never be able to close,
      it's much cleaner to call let ext4's error handling system deal with
      this situation.
      
      There's a separate bug here which is that if certain jbd2 errors
      errors occur and file system is mounted errors=continue, the file
      system will probably eventually end grind to a halt as described
      above.  But things have been this way in a long time, and usually when
      we have these sorts of errors it's pretty much a disaster --- and
      that's why the jbd2 layer aggressively retries memory allocations,
      which is the most likely cause of these jbd2 errors.
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      Reviewed-by: NJan Kara <jack@suse.cz>
      Cc: stable@vger.kernel.org
      ae1495b1
  7. 12 11月, 2013 2 次提交
  8. 09 11月, 2013 1 次提交
  9. 08 11月, 2013 2 次提交
  10. 04 11月, 2013 1 次提交
  11. 01 11月, 2013 1 次提交
  12. 31 10月, 2013 1 次提交
  13. 30 10月, 2013 4 次提交
  14. 18 10月, 2013 2 次提交
    • T
      ext4: add ratelimiting to ext4 messages · efbed4dc
      Theodore Ts'o 提交于
      In the case of a storage device that suddenly disappears, or in the
      case of significant file system corruption, this can result in a huge
      flood of messages being sent to the console.  This can overflow the
      file system containing /var/log/messages, or if a serial console is
      configured, this can slow down the system so much that a hardware
      watchdog can end up triggering forcing a system reboot.
      
      Google-Bug-Id: 7258357
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      efbed4dc
    • M
      ext4: fix performance regression in ext4_writepages · aeac589a
      Ming Lei 提交于
      Commit 4e7ea81d(ext4: restructure writeback path) introduces another
      performance regression on random write:
      
      - one more page may be added to ext4 extent in
        mpage_prepare_extent_to_map, and will be submitted for I/O so
        nr_to_write will become -1 before 'done' is set
      
      - the worse thing is that dirty pages may still be retrieved from page
        cache after nr_to_write becomes negative, so lots of small chunks
        can be submitted to block device when page writeback is catching up
        with write path, and performance is hurted.
      
      On one arm A15 board with sata 3.0 SSD(CPU: 1.5GHz dura core, RAM:
      2GB, SATA controller: 3.0Gbps), this patch can improve below test's
      result from 157MB/sec to 174MB/sec(>10%):
      
      	dd if=/dev/zero of=./z.img bs=8K count=512K
      
      The above test is actually prototype of block write in bonnie++
      utility.
      
      This patch makes sure no more pages than nr_to_write can be added to
      extent for mapping, so that nr_to_write won't become negative.
      
      Cc: linux-ext4@vger.kernel.org
      Acked-by: NJan Kara <jack@suse.cz>
      Signed-off-by: NMing Lei <ming.lei@canonical.com>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      aeac589a
  15. 16 10月, 2013 3 次提交
  16. 13 10月, 2013 1 次提交
    • D
      ext4: fix memory leak in xattr · 6e4ea8e3
      Dave Jones 提交于
      If we take the 2nd retry path in ext4_expand_extra_isize_ea, we
      potentionally return from the function without having freed these
      allocations.  If we don't do the return, we over-write the previous
      allocation pointers, so we leak either way.
      
      Spotted with Coverity.
      
      [ Fixed by tytso to set is and bs to NULL after freeing these
        pointers, in case in the retry loop we later end up triggering an
        error causing a jump to cleanup, at which point we could have a double
        free bug. -- Ted ]
      Signed-off-by: NDave Jones <davej@fedoraproject.org>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      Reviewed-by: NEric Sandeen <sandeen@redhat.com>
      Cc: stable@vger.kernel.org
      6e4ea8e3
  17. 16 9月, 2013 1 次提交
    • J
      ext4: fix performance regression in writeback of random writes · 9c12a831
      Jan Kara 提交于
      The Linux Kernel Performance project guys have reported that commit
      4e7ea81d introduces a performance regression for the following fio
      workload:
      
      [global]
      direct=0
      ioengine=mmap
      size=1500M
      bs=4k
      pre_read=1
      numjobs=1
      overwrite=1
      loops=5
      runtime=300
      group_reporting
      invalidate=0
      directory=/mnt/
      file_service_type=random:36
      file_service_type=random:36
      
      [job0]
      startdelay=0
      rw=randrw
      filename=data0/f1:data0/f2
      
      [job1]
      startdelay=0
      rw=randrw
      filename=data0/f2:data0/f1
      ...
      
      [job7]
      startdelay=0
      rw=randrw
      filename=data0/f2:data0/f1
      
      The culprit of the problem is that after the commit ext4_writepages()
      are more aggressive in writing back pages. Thus we have less consecutive
      dirty pages resulting in more seeking.
      
      This increased aggressivity is caused by a bug in the condition
      terminating ext4_writepages(). We start writing from the beginning of
      the file even if we should have terminated ext4_writepages() because
      wbc->nr_to_write <= 0.
      
      After fixing the condition the throughput of the fio workload is about 20%
      better than before writeback reorganization.
      Reported-by: N"Yan, Zheng" <zheng.z.yan@intel.com>
      Signed-off-by: NJan Kara <jack@suse.cz>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      9c12a831
  18. 13 9月, 2013 1 次提交
  19. 11 9月, 2013 1 次提交
    • D
      fs: convert fs shrinkers to new scan/count API · 1ab6c499
      Dave Chinner 提交于
      Convert the filesystem shrinkers to use the new API, and standardise some
      of the behaviours of the shrinkers at the same time.  For example,
      nr_to_scan means the number of objects to scan, not the number of objects
      to free.
      
      I refactored the CIFS idmap shrinker a little - it really needs to be
      broken up into a shrinker per tree and keep an item count with the tree
      root so that we don't need to walk the tree every time the shrinker needs
      to count the number of objects in the tree (i.e.  all the time under
      memory pressure).
      
      [glommer@openvz.org: fixes for ext4, ubifs, nfs, cifs and glock. Fixes are needed mainly due to new code merged in the tree]
      [assorted fixes folded in]
      Signed-off-by: NDave Chinner <dchinner@redhat.com>
      Signed-off-by: NGlauber Costa <glommer@openvz.org>
      Acked-by: NMel Gorman <mgorman@suse.de>
      Acked-by: NArtem Bityutskiy <artem.bityutskiy@linux.intel.com>
      Acked-by: NJan Kara <jack@suse.cz>
      Acked-by: NSteven Whitehouse <swhiteho@redhat.com>
      Cc: Adrian Hunter <adrian.hunter@intel.com>
      Cc: "Theodore Ts'o" <tytso@mit.edu>
      Cc: Adrian Hunter <adrian.hunter@intel.com>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
      Cc: Arve Hjønnevåg <arve@android.com>
      Cc: Carlos Maiolino <cmaiolino@redhat.com>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Chuck Lever <chuck.lever@oracle.com>
      Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Gleb Natapov <gleb@redhat.com>
      Cc: Greg Thelen <gthelen@google.com>
      Cc: J. Bruce Fields <bfields@redhat.com>
      Cc: Jan Kara <jack@suse.cz>
      Cc: Jerome Glisse <jglisse@redhat.com>
      Cc: John Stultz <john.stultz@linaro.org>
      Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
      Cc: Kent Overstreet <koverstreet@google.com>
      Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Cc: Marcelo Tosatti <mtosatti@redhat.com>
      Cc: Mel Gorman <mgorman@suse.de>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Thomas Hellstrom <thellstrom@vmware.com>
      Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      1ab6c499
  20. 04 9月, 2013 2 次提交
    • C
      direct-io: Handle O_(D)SYNC AIO · 02afc27f
      Christoph Hellwig 提交于
      Call generic_write_sync() from the deferred I/O completion handler if
      O_DSYNC is set for a write request.  Also make sure various callers
      don't call generic_write_sync if the direct I/O code returns
      -EIOCBQUEUED.
      
      Based on an earlier patch from Jan Kara <jack@suse.cz> with updates from
      Jeff Moyer <jmoyer@redhat.com> and Darrick J. Wong <darrick.wong@oracle.com>.
      Signed-off-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NJan Kara <jack@suse.cz>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      02afc27f
    • C
      direct-io: Implement generic deferred AIO completions · 7b7a8665
      Christoph Hellwig 提交于
      Add support to the core direct-io code to defer AIO completions to user
      context using a workqueue.  This replaces opencoded and less efficient
      code in XFS and ext4 (we save a memory allocation for each direct IO)
      and will be needed to properly support O_(D)SYNC for AIO.
      
      The communication between the filesystem and the direct I/O code requires
      a new buffer head flag, which is a bit ugly but not avoidable until the
      direct I/O code stops abusing the buffer_head structure for communicating
      with the filesystems.
      
      Currently this creates a per-superblock unbound workqueue for these
      completions, which is taken from an earlier patch by Jan Kara.  I'm
      not really convinced about this use and would prefer a "normal" global
      workqueue with a high concurrency limit, but this needs further discussion.
      
      JK: Fixed ext4 part, dynamic allocation of the workqueue.
      Signed-off-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NJan Kara <jack@suse.cz>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      7b7a8665
  21. 29 8月, 2013 3 次提交
    • E
      ext4: allow specifying external journal by pathname mount option · ad4eec61
      Eric Sandeen 提交于
      It's always been a hassle that if an external journal's
      device number changes, the filesystem won't mount.
      And since boot-time enumeration can change, device number
      changes aren't unusual.
      
      The current mechanism to update the journal location is by
      passing in a mount option w/ a new devnum, but that's a hassle;
      it's a manual approach, fixing things after the fact.
      
      Adding a mount option, "-o journal_path=/dev/$DEVICE" would
      help, since then we can do i.e.
      
      # mount -o journal_path=/dev/disk/by-label/$JOURNAL_LABEL ...
      
      and it'll mount even if the devnum has changed, as shown here:
      
      # losetup /dev/loop0 journalfile
      # mke2fs -L mylabel-journal -O journal_dev /dev/loop0 
      # mkfs.ext4 -L mylabel -J device=/dev/loop0 /dev/sdb1
      
      Change the journal device number:
      
      # losetup -d /dev/loop0
      # losetup /dev/loop1 journalfile 
      
      And today it will fail:
      
      # mount /dev/sdb1 /mnt/test
      mount: wrong fs type, bad option, bad superblock on /dev/sdb1,
             missing codepage or helper program, or other error
             In some cases useful info is found in syslog - try
             dmesg | tail  or so
      
      # dmesg | tail -n 1
      [17343.240702] EXT4-fs (sdb1): error: couldn't read superblock of external journal
      
      But with this new mount option, we can specify the new path:
      
      # mount -o journal_path=/dev/loop1 /dev/sdb1 /mnt/test
      #
      
      (which does update the encoded device number, incidentally):
      
      # umount /dev/sdb1
      # dumpe2fs -h /dev/sdb1 | grep "Journal device"
      dumpe2fs 1.41.12 (17-May-2010)
      Journal device:	          0x0701
      
      But best of all we can just always mount by journal-path, and
      it'll always work:
      
      # mount -o journal_path=/dev/disk/by-label/mylabel-journal /dev/sdb1 /mnt/test
      #
      
      So the journal_path option can be specified in fstab, and as long as
      the disk is available somewhere, and findable by label (or by UUID),
      we can mount.
      Signed-off-by: NEric Sandeen <sandeen@redhat.com>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      Reviewed-by: NJan Kara <jack@suse.cz>
      Reviewed-by: NCarlos Maiolino <cmaiolino@redhat.com>
      ad4eec61
    • D
      ext4: mark group corrupt on group descriptor checksum · bdfb6ff4
      Darrick J. Wong 提交于
      If the group descriptor fails validation, mark the whole blockgroup
      corrupt so that the inode/block allocators skip this group.  The
      previous approach takes the risk of writing to a damaged group
      descriptor; hopefully it was never the case that the [ib]bitmap fields
      pointed to another valid block and got dirtied, since the memset would
      fill the page with 1s.
      Signed-off-by: NDarrick J. Wong <darrick.wong@oracle.com>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      bdfb6ff4
    • D
      ext4: mark block group as corrupt on inode bitmap error · 87a39389
      Darrick J. Wong 提交于
      If we detect either a discrepancy between the inode bitmap and the
      inode counts or the inode bitmap fails to pass validation checks, mark
      the block group corrupt and refuse to allocate or deallocate inodes
      from the group.
      Signed-off-by: NDarrick J. Wong <darrick.wong@oracle.com>
      Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
      87a39389