CC: [email protected] TO: Alexander Levin <[email protected]>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git queue-5.4 head: 140166ac42ab2340c6a7df1537060d8f79eb67c7 commit: 0d18f7e8765986fd2cdcbbad32cb4740df219d70 [370/451] btrfs: trim: fix underflow in trim length to prevent access beyond device boundary :::::: branch date: 8 hours ago :::::: commit date: 8 hours ago config: i386-randconfig-s001-20201229 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0 reproduce: # apt-get install sparse # sparse version: v0.6.3-184-g1b896707-dirty # https://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git/commit/?id=0d18f7e8765986fd2cdcbbad32cb4740df219d70 git remote add sashal-linux-stable https://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git git fetch --no-tags sashal-linux-stable queue-5.4 git checkout 0d18f7e8765986fd2cdcbbad32cb4740df219d70 # save the attached .config to linux build tree make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> "sparse warnings: (new ones prefixed by >>)" fs/btrfs/extent-tree.c:5625:25: sparse: sparse: incompatible types in comparison expression (different address spaces): >> fs/btrfs/extent-tree.c:5625:25: sparse: struct rcu_string [noderef] >> <asn:4> * fs/btrfs/extent-tree.c:5625:25: sparse: struct rcu_string * fs/btrfs/extent-tree.c:1787:9: sparse: sparse: context imbalance in 'run_and_cleanup_extent_op' - unexpected unlock fs/btrfs/extent-tree.c:1860:28: sparse: sparse: context imbalance in 'cleanup_ref_head' - unexpected unlock fs/btrfs/extent-tree.c:1937:36: sparse: sparse: context imbalance in 'btrfs_run_delayed_refs_for_head' - unexpected unlock fs/btrfs/extent-tree.c:2002:21: sparse: sparse: context imbalance in '__btrfs_run_delayed_refs' - wrong count at exit fs/btrfs/extent-tree.c:3395:39: sparse: sparse: context imbalance in 'btrfs_lock_cluster' - wrong count at exit fs/btrfs/extent-tree.c:3549:28: sparse: sparse: context imbalance in 'find_free_extent_clustered' - unexpected unlock vim +5625 fs/btrfs/extent-tree.c acce952b0263825 liubo 2011-01-06 5568 499f377f49f085e Jeff Mahoney 2015-06-15 5569 /* 499f377f49f085e Jeff Mahoney 2015-06-15 5570 * It used to be that old block groups would be left around forever. 499f377f49f085e Jeff Mahoney 2015-06-15 5571 * Iterating over them would be enough to trim unused space. Since we 499f377f49f085e Jeff Mahoney 2015-06-15 5572 * now automatically remove them, we also need to iterate over unallocated 499f377f49f085e Jeff Mahoney 2015-06-15 5573 * space. 499f377f49f085e Jeff Mahoney 2015-06-15 5574 * 499f377f49f085e Jeff Mahoney 2015-06-15 5575 * We don't want a transaction for this since the discard may take a 499f377f49f085e Jeff Mahoney 2015-06-15 5576 * substantial amount of time. We don't require that a transaction be 499f377f49f085e Jeff Mahoney 2015-06-15 5577 * running, but we do need to take a running transaction into account fee7acc361314df Jeff Mahoney 2018-09-06 5578 * to ensure that we're not discarding chunks that were released or fee7acc361314df Jeff Mahoney 2018-09-06 5579 * allocated in the current transaction. 499f377f49f085e Jeff Mahoney 2015-06-15 5580 * 499f377f49f085e Jeff Mahoney 2015-06-15 5581 * Holding the chunks lock will prevent other threads from allocating 499f377f49f085e Jeff Mahoney 2015-06-15 5582 * or releasing chunks, but it won't prevent a running transaction 499f377f49f085e Jeff Mahoney 2015-06-15 5583 * from committing and releasing the memory that the pending chunks 499f377f49f085e Jeff Mahoney 2015-06-15 5584 * list head uses. For that, we need to take a reference to the fee7acc361314df Jeff Mahoney 2018-09-06 5585 * transaction and hold the commit root sem. We only need to hold fee7acc361314df Jeff Mahoney 2018-09-06 5586 * it while performing the free space search since we have already fee7acc361314df Jeff Mahoney 2018-09-06 5587 * held back allocations. 499f377f49f085e Jeff Mahoney 2015-06-15 5588 */ 8103d10b71610aa Nikolay Borisov 2019-06-03 5589 static int btrfs_trim_free_extents(struct btrfs_device *device, u64 *trimmed) 499f377f49f085e Jeff Mahoney 2015-06-15 5590 { 8103d10b71610aa Nikolay Borisov 2019-06-03 5591 u64 start = SZ_1M, len = 0, end = 0; 499f377f49f085e Jeff Mahoney 2015-06-15 5592 int ret; 499f377f49f085e Jeff Mahoney 2015-06-15 5593 499f377f49f085e Jeff Mahoney 2015-06-15 5594 *trimmed = 0; 499f377f49f085e Jeff Mahoney 2015-06-15 5595 0be88e367fd8fbd Jeff Mahoney 2018-09-06 5596 /* Discard not supported = nothing to do. */ 0be88e367fd8fbd Jeff Mahoney 2018-09-06 5597 if (!blk_queue_discard(bdev_get_queue(device->bdev))) 0be88e367fd8fbd Jeff Mahoney 2018-09-06 5598 return 0; 0be88e367fd8fbd Jeff Mahoney 2018-09-06 5599 52042d8e82ff50d Andrea Gelmini 2018-11-28 5600 /* Not writable = nothing to do. */ ebbede42d47dc77 Anand Jain 2017-12-04 5601 if (!test_bit(BTRFS_DEV_STATE_WRITEABLE, &device->dev_state)) 499f377f49f085e Jeff Mahoney 2015-06-15 5602 return 0; 499f377f49f085e Jeff Mahoney 2015-06-15 5603 499f377f49f085e Jeff Mahoney 2015-06-15 5604 /* No free space = nothing to do. */ 499f377f49f085e Jeff Mahoney 2015-06-15 5605 if (device->total_bytes <= device->bytes_used) 499f377f49f085e Jeff Mahoney 2015-06-15 5606 return 0; 499f377f49f085e Jeff Mahoney 2015-06-15 5607 499f377f49f085e Jeff Mahoney 2015-06-15 5608 ret = 0; 499f377f49f085e Jeff Mahoney 2015-06-15 5609 499f377f49f085e Jeff Mahoney 2015-06-15 5610 while (1) { fb456252d3d9c05 Jeff Mahoney 2016-06-22 5611 struct btrfs_fs_info *fs_info = device->fs_info; 499f377f49f085e Jeff Mahoney 2015-06-15 5612 u64 bytes; 499f377f49f085e Jeff Mahoney 2015-06-15 5613 499f377f49f085e Jeff Mahoney 2015-06-15 5614 ret = mutex_lock_interruptible(&fs_info->chunk_mutex); 499f377f49f085e Jeff Mahoney 2015-06-15 5615 if (ret) fee7acc361314df Jeff Mahoney 2018-09-06 5616 break; 499f377f49f085e Jeff Mahoney 2015-06-15 5617 929be17a9b49b10 Nikolay Borisov 2019-03-27 5618 find_first_clear_extent_bit(&device->alloc_state, start, 929be17a9b49b10 Nikolay Borisov 2019-03-27 5619 &start, &end, 929be17a9b49b10 Nikolay Borisov 2019-03-27 5620 CHUNK_TRIMMED | CHUNK_ALLOCATED); 53460a4572585b5 Nikolay Borisov 2019-06-03 5621 0d18f7e8765986f Qu Wenruo 2020-07-31 5622 /* Check if there are any CHUNK_* bits left */ 0d18f7e8765986f Qu Wenruo 2020-07-31 5623 if (start > device->total_bytes) { 0d18f7e8765986f Qu Wenruo 2020-07-31 5624 WARN_ON(IS_ENABLED(CONFIG_BTRFS_DEBUG)); 0d18f7e8765986f Qu Wenruo 2020-07-31 @5625 btrfs_warn_in_rcu(fs_info, 0d18f7e8765986f Qu Wenruo 2020-07-31 5626 "ignoring attempt to trim beyond device size: offset %llu length %llu device %s device size %llu", 0d18f7e8765986f Qu Wenruo 2020-07-31 5627 start, end - start + 1, 0d18f7e8765986f Qu Wenruo 2020-07-31 5628 rcu_str_deref(device->name), 0d18f7e8765986f Qu Wenruo 2020-07-31 5629 device->total_bytes); 0d18f7e8765986f Qu Wenruo 2020-07-31 5630 mutex_unlock(&fs_info->chunk_mutex); 0d18f7e8765986f Qu Wenruo 2020-07-31 5631 ret = 0; 0d18f7e8765986f Qu Wenruo 2020-07-31 5632 break; 0d18f7e8765986f Qu Wenruo 2020-07-31 5633 } 0d18f7e8765986f Qu Wenruo 2020-07-31 5634 53460a4572585b5 Nikolay Borisov 2019-06-03 5635 /* Ensure we skip the reserved area in the first 1M */ 53460a4572585b5 Nikolay Borisov 2019-06-03 5636 start = max_t(u64, start, SZ_1M); 53460a4572585b5 Nikolay Borisov 2019-06-03 5637 929be17a9b49b10 Nikolay Borisov 2019-03-27 5638 /* 929be17a9b49b10 Nikolay Borisov 2019-03-27 5639 * If find_first_clear_extent_bit find a range that spans the 929be17a9b49b10 Nikolay Borisov 2019-03-27 5640 * end of the device it will set end to -1, in this case it's up 929be17a9b49b10 Nikolay Borisov 2019-03-27 5641 * to the caller to trim the value to the size of the device. 929be17a9b49b10 Nikolay Borisov 2019-03-27 5642 */ 929be17a9b49b10 Nikolay Borisov 2019-03-27 5643 end = min(end, device->total_bytes - 1); 53460a4572585b5 Nikolay Borisov 2019-06-03 5644 929be17a9b49b10 Nikolay Borisov 2019-03-27 5645 len = end - start + 1; 499f377f49f085e Jeff Mahoney 2015-06-15 5646 929be17a9b49b10 Nikolay Borisov 2019-03-27 5647 /* We didn't find any extents */ 929be17a9b49b10 Nikolay Borisov 2019-03-27 5648 if (!len) { 499f377f49f085e Jeff Mahoney 2015-06-15 5649 mutex_unlock(&fs_info->chunk_mutex); 499f377f49f085e Jeff Mahoney 2015-06-15 5650 ret = 0; 499f377f49f085e Jeff Mahoney 2015-06-15 5651 break; 499f377f49f085e Jeff Mahoney 2015-06-15 5652 } 499f377f49f085e Jeff Mahoney 2015-06-15 5653 8811133d8a982d3 Nikolay Borisov 2019-03-27 5654 ret = btrfs_issue_discard(device->bdev, start, len, 8811133d8a982d3 Nikolay Borisov 2019-03-27 5655 &bytes); 8811133d8a982d3 Nikolay Borisov 2019-03-27 5656 if (!ret) 8811133d8a982d3 Nikolay Borisov 2019-03-27 5657 set_extent_bits(&device->alloc_state, start, 8811133d8a982d3 Nikolay Borisov 2019-03-27 5658 start + bytes - 1, 8811133d8a982d3 Nikolay Borisov 2019-03-27 5659 CHUNK_TRIMMED); 499f377f49f085e Jeff Mahoney 2015-06-15 5660 mutex_unlock(&fs_info->chunk_mutex); 499f377f49f085e Jeff Mahoney 2015-06-15 5661 499f377f49f085e Jeff Mahoney 2015-06-15 5662 if (ret) 499f377f49f085e Jeff Mahoney 2015-06-15 5663 break; 499f377f49f085e Jeff Mahoney 2015-06-15 5664 499f377f49f085e Jeff Mahoney 2015-06-15 5665 start += len; 499f377f49f085e Jeff Mahoney 2015-06-15 5666 *trimmed += bytes; 499f377f49f085e Jeff Mahoney 2015-06-15 5667 499f377f49f085e Jeff Mahoney 2015-06-15 5668 if (fatal_signal_pending(current)) { 499f377f49f085e Jeff Mahoney 2015-06-15 5669 ret = -ERESTARTSYS; 499f377f49f085e Jeff Mahoney 2015-06-15 5670 break; 499f377f49f085e Jeff Mahoney 2015-06-15 5671 } 499f377f49f085e Jeff Mahoney 2015-06-15 5672 499f377f49f085e Jeff Mahoney 2015-06-15 5673 cond_resched(); 499f377f49f085e Jeff Mahoney 2015-06-15 5674 } 499f377f49f085e Jeff Mahoney 2015-06-15 5675 499f377f49f085e Jeff Mahoney 2015-06-15 5676 return ret; 499f377f49f085e Jeff Mahoney 2015-06-15 5677 } 499f377f49f085e Jeff Mahoney 2015-06-15 5678 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
_______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
