[f2fs-dev] [PATCH] f2fs: use true and false for boolean values
Return statements in functions returning bool should use true or false instead of an integer value. This issue was detected with the help of Coccinelle. Signed-off-by: Gustavo A. R. Silva --- fs/f2fs/f2fs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 955a2d5..fdf60b8 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -1334,7 +1334,7 @@ static inline bool is_idle(struct f2fs_sb_info *sbi) struct request_list *rl = &q->root_rl; if (rl->count[BLK_RW_SYNC] || rl->count[BLK_RW_ASYNC]) - return 0; + return false; return f2fs_time_over(sbi, REQ_TIME); } @@ -3395,7 +3395,7 @@ static inline bool f2fs_may_encrypt(struct inode *inode) return (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)); #else - return 0; + return false; #endif } -- 2.7.4 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
Re: [f2fs-dev] [PATCH v6 1/2] f2fs: fix to avoid broken of dnode block list
On 2018/8/2 4:34, Jaegeuk Kim wrote: > On 07/29, Chao Yu wrote: >> From: Chao Yu >> >> f2fs recovery flow is relying on dnode block link list, it means fsynced >> file recovery depends on previous dnode's persistence in the list, so >> during fsync() we should wait on all regular inode's dnode writebacked >> before issuing flush. >> >> By this way, we can avoid dnode block list being broken by out-of-order >> IO submission due to IO scheduler or driver. >> >> Sheng Yong helps to do the test with this patch: >> >> Target:/data (f2fs, -) >> 64MB / 32768KB / 4KB / 8 >> >> 1 / PERSIST / Index >> >> Base: >> SEQ-RD(MB/s)SEQ-WR(MB/s)RND-RD(IOPS)RND-WR(IOPS) >> Insert(TPS) Update(TPS) Delete(TPS) >> 1867.82 204.15 41440.0341370.54680.8 >> 1025.94 1031.08 >> 2871.87 205.87 41370.3 40275.2 791.14 >> 1065.84 1101.7 >> 3866.52 205.69 41795.6740596.16694.69 >> 1037.16 1031.48 >> Avg 868.737 205.237 41535.3 40747.3 722.21 >> 1042.98 1054.75 >> >> After: >> SEQ-RD(MB/s)SEQ-WR(MB/s)RND-RD(IOPS)RND-WR(IOPS) >> Insert(TPS) Update(TPS) Delete(TPS) >> 1798.81 202.5 41143 40613.87602.71 >> 838.08 913.83 >> 2805.79 206.47 40297.2 41291.46604.44 >> 840.75 924.27 >> 3814.83 206.17 41209.5740453.62602.85 >> 834.66 927.91 >> Avg 806.477 205.047 40883.25667 40786.31667 >> 603.333 837.83 922.003 >> >> Patched/Original: >> 0.928332713 0.999074239 0.984300676 1.000957528 >> 0.835398753 0.803303994 0.874141189 >> >> It looks like atomic write will suffer performance regression. >> >> I suspect that the criminal is that we forcing to wait all dnode being in >> storage cache before we issue PREFLUSH+FUA. >> >> BTW, will commit ("f2fs: don't need to wait for node writes for atomic >> write") >> cause the problem: we will lose data of last transaction after SPO, even if >> atomic write return no error: >> >> - atomic_open(); >> - write() P1, P2, P3; >> - atomic_commit(); >> - writeback data: P1, P2, P3; >> - writeback node: N1, N2, N3; <--- If N1, N2 is not writebacked, N3 with >> fsync_mark is >> writebacked, In SPOR, we won't find N3 since node chain is broken, turns out >> that losing >> last transaction. >> - preflush + fua; >> - power-cut >> >> If we don't wait dnode writeback for atomic_write: >> >> SEQ-RD(MB/s)SEQ-WR(MB/s)RND-RD(IOPS)RND-WR(IOPS) >> Insert(TPS) Update(TPS) Delete(TPS) >> 1779.91 206.03 41621.5 40333.16716.9 >> 1038.21 1034.85 >> 2848.51 204.35 40082.4439486.17791.83 >> 1119.96 1083.77 >> 3772.12 206.27 41335.2541599.65723.29 >> 1055.07 971.92 >> Avg 800.18 205.55 41013.06333 40472.99333 >> 744.007 1071.08 1030.18 >> >> Patched/Original: >> 0.92108464 1.001526693 0.987425886 0.993268102 >> 1.030180511 1.026942031 0.976702294 >> >> SQLite's performance recovers. >> >> Jaegeuk: >> "Practically, I don't see db corruption becase of this. We can excuse to lose >> the last transaction." >> >> Finally, we decide to keep original implementation of atomic write interface >> sematics that we don't wait all dnode writeback before preflush+fua >> submission. >> >> Signed-off-by: Chao Yu >> --- >> v6: >> - fix to wait all writeback pages in put_super() for cp_error case. >> fs/f2fs/checkpoint.c | 2 + >> fs/f2fs/data.c | 2 + >> fs/f2fs/f2fs.h | 21 ++- >> fs/f2fs/file.c | 5 +- >> fs/f2fs/node.c | 144 +++ >> fs/f2fs/super.c | 6 ++ >> 6 files changed, 152 insertions(+), 28 deletions(-) >> >> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c >> index 3587aa53dc90..896dc8c9702c 100644 >> --- a/fs/f2fs/checkpoint.c >> +++ b/fs/f2fs/checkpoint.c >> @@ -1418,6 +1418,8 @@ static int do_checkpoint(struct f2fs_sb_info *sbi, >> struct cp_control *cpc) >> >> f2fs_release_ino_entry(sbi, false); >> >> +f2fs_reset_fsync_node_info(sbi); >> + >> clear_sbi_flag(sbi, SBI_IS_DIRTY); >> clear_sbi_flag(sbi, SBI_NEED_CP); >> __set_cp_next_pack(sbi); >> diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c >> index eb994c66fe66..69bc00d90aae 100644 >> --- a/fs/f2fs/data.c >> +++ b/fs/f2fs/data.c >> @@ -177,6 +177,8 @@ static void f2fs_write_end_io(struct bio *bio) >> page->index != nid_of_node(page)); >>
Re: [f2fs-dev] [PATCH] f2fs: fix invalid memory access
On 2018/8/2 2:58, Jaegeuk Kim wrote: > On 08/01, Chao Yu wrote: >> From: Chao Yu >> >> syzbot found the following crash on: >> >> HEAD commit:d9bd94c0bcaa Add linux-next specific files for 20180801 >> git tree: linux-next >> console output: https://syzkaller.appspot.com/x/log.txt?x=1001189c40 >> kernel config: https://syzkaller.appspot.com/x/.config?x=cc8964ea4d04518c >> dashboard link: https://syzkaller.appspot.com/bug?extid=c966a82db0b14aa37e81 >> compiler: gcc (GCC) 8.0.1 20180413 (experimental) >> >> Unfortunately, I don't have any reproducer for this crash yet. >> >> IMPORTANT: if you fix the bug, please add the following tag to the commit: >> Reported-by: syzbot+c966a82db0b14aa37...@syzkaller.appspotmail.com >> >> loop7: rw=12288, want=8200, limit=20 >> netlink: 65342 bytes leftover after parsing attributes in process >> `syz-executor4'. >> openvswitch: netlink: Message has 8 unknown bytes. >> kasan: CONFIG_KASAN_INLINE enabled >> kasan: GPF could be caused by NULL-ptr deref or user memory access >> general protection fault: [#1] SMP KASAN >> CPU: 1 PID: 7615 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ >> #29 >> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS >> Google 01/01/2011 >> RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] >> RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] >> RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] >> RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] >> RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 >> Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff >> df 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 >> f4 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 >> RSP: 0018:8801937cebe8 EFLAGS: 00010246 >> RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 >> RDX: RSI: 82fd9658 RDI: 0005 >> RBP: 8801937cef58 R08: 8801ab254700 R09: f94000d9e026 >> R10: f94000d9e026 R11: ea0006cf0137 R12: fffb >> R13: 8801937ceeb0 R14: 0003 R15: 880193419b40 >> FS: 7f36a61d5700() GS:8801db10() knlGS: >> CS: 0010 DS: ES: CR0: 80050033 >> CR2: 7fc04ff93000 CR3: 0001d0562000 CR4: 001426e0 >> DR0: DR1: DR2: >> DR3: DR6: fffe0ff0 DR7: 0400 >> Call Trace: >> f2fs_get_valid_checkpoint+0x436/0x1ec0 fs/f2fs/checkpoint.c:860 >> f2fs_fill_super+0x2d42/0x8110 fs/f2fs/super.c:2883 >> mount_bdev+0x314/0x3e0 fs/super.c:1344 >> f2fs_mount+0x3c/0x50 fs/f2fs/super.c:3133 >> legacy_get_tree+0x131/0x460 fs/fs_context.c:729 >> vfs_get_tree+0x1cb/0x5c0 fs/super.c:1743 >> do_new_mount fs/namespace.c:2603 [inline] >> do_mount+0x6f2/0x1e20 fs/namespace.c:2927 >> ksys_mount+0x12d/0x140 fs/namespace.c:3143 >> __do_sys_mount fs/namespace.c:3157 [inline] >> __se_sys_mount fs/namespace.c:3154 [inline] >> __x64_sys_mount+0xbe/0x150 fs/namespace.c:3154 >> do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 >> entry_SYSCALL_64_after_hwframe+0x49/0xbe >> RIP: 0033:0x45943a >> Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f >> 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff >> 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00 >> RSP: 002b:7f36a61d4a88 EFLAGS: 0206 ORIG_RAX: 00a5 >> RAX: ffda RBX: 7f36a61d4b30 RCX: 0045943a >> RDX: 7f36a61d4ad0 RSI: 2100 RDI: 7f36a61d4af0 >> RBP: 2100 R08: 7f36a61d4b30 R09: 7f36a61d4ad0 >> R10: R11: 0206 R12: 0013 >> R13: R14: 004c8ea0 R15: >> Modules linked in: >> Dumping ftrace buffer: >>(ftrace buffer empty) >> ---[ end trace bd8550c129352286 ]--- >> RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] >> RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] >> RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] >> RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] >> RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 >> Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff >> df 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c
Re: [f2fs-dev] [PATCH v6 1/2] f2fs: fix to avoid broken of dnode block list
On 07/29, Chao Yu wrote: > From: Chao Yu > > f2fs recovery flow is relying on dnode block link list, it means fsynced > file recovery depends on previous dnode's persistence in the list, so > during fsync() we should wait on all regular inode's dnode writebacked > before issuing flush. > > By this way, we can avoid dnode block list being broken by out-of-order > IO submission due to IO scheduler or driver. > > Sheng Yong helps to do the test with this patch: > > Target:/data (f2fs, -) > 64MB / 32768KB / 4KB / 8 > > 1 / PERSIST / Index > > Base: > SEQ-RD(MB/s)SEQ-WR(MB/s)RND-RD(IOPS)RND-WR(IOPS) > Insert(TPS) Update(TPS) Delete(TPS) > 1 867.82 204.15 41440.0341370.54680.8 > 1025.94 1031.08 > 2 871.87 205.87 41370.3 40275.2 791.14 > 1065.84 1101.7 > 3 866.52 205.69 41795.6740596.16694.69 > 1037.16 1031.48 > Avg 868.737 205.237 41535.3 40747.3 722.21 > 1042.98 1054.75 > > After: > SEQ-RD(MB/s)SEQ-WR(MB/s)RND-RD(IOPS)RND-WR(IOPS) > Insert(TPS) Update(TPS) Delete(TPS) > 1 798.81 202.5 41143 40613.87602.71 > 838.08 913.83 > 2 805.79 206.47 40297.2 41291.46604.44 > 840.75 924.27 > 3 814.83 206.17 41209.5740453.62602.85 > 834.66 927.91 > Avg 806.477 205.047 40883.25667 40786.31667 > 603.333 837.83 922.003 > > Patched/Original: > 0.928332713 0.999074239 0.984300676 1.000957528 > 0.835398753 0.803303994 0.874141189 > > It looks like atomic write will suffer performance regression. > > I suspect that the criminal is that we forcing to wait all dnode being in > storage cache before we issue PREFLUSH+FUA. > > BTW, will commit ("f2fs: don't need to wait for node writes for atomic write") > cause the problem: we will lose data of last transaction after SPO, even if > atomic write return no error: > > - atomic_open(); > - write() P1, P2, P3; > - atomic_commit(); > - writeback data: P1, P2, P3; > - writeback node: N1, N2, N3; <--- If N1, N2 is not writebacked, N3 with > fsync_mark is > writebacked, In SPOR, we won't find N3 since node chain is broken, turns out > that losing > last transaction. > - preflush + fua; > - power-cut > > If we don't wait dnode writeback for atomic_write: > > SEQ-RD(MB/s)SEQ-WR(MB/s)RND-RD(IOPS)RND-WR(IOPS) > Insert(TPS) Update(TPS) Delete(TPS) > 1 779.91 206.03 41621.5 40333.16716.9 > 1038.21 1034.85 > 2 848.51 204.35 40082.4439486.17791.83 > 1119.96 1083.77 > 3 772.12 206.27 41335.2541599.65723.29 > 1055.07 971.92 > Avg 800.18 205.55 41013.06333 40472.99333 > 744.007 1071.08 1030.18 > > Patched/Original: > 0.92108464 1.001526693 0.987425886 0.993268102 > 1.030180511 1.026942031 0.976702294 > > SQLite's performance recovers. > > Jaegeuk: > "Practically, I don't see db corruption becase of this. We can excuse to lose > the last transaction." > > Finally, we decide to keep original implementation of atomic write interface > sematics that we don't wait all dnode writeback before preflush+fua > submission. > > Signed-off-by: Chao Yu > --- > v6: > - fix to wait all writeback pages in put_super() for cp_error case. > fs/f2fs/checkpoint.c | 2 + > fs/f2fs/data.c | 2 + > fs/f2fs/f2fs.h | 21 ++- > fs/f2fs/file.c | 5 +- > fs/f2fs/node.c | 144 +++ > fs/f2fs/super.c | 6 ++ > 6 files changed, 152 insertions(+), 28 deletions(-) > > diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c > index 3587aa53dc90..896dc8c9702c 100644 > --- a/fs/f2fs/checkpoint.c > +++ b/fs/f2fs/checkpoint.c > @@ -1418,6 +1418,8 @@ static int do_checkpoint(struct f2fs_sb_info *sbi, > struct cp_control *cpc) > > f2fs_release_ino_entry(sbi, false); > > + f2fs_reset_fsync_node_info(sbi); > + > clear_sbi_flag(sbi, SBI_IS_DIRTY); > clear_sbi_flag(sbi, SBI_NEED_CP); > __set_cp_next_pack(sbi); > diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c > index eb994c66fe66..69bc00d90aae 100644 > --- a/fs/f2fs/data.c > +++ b/fs/f2fs/data.c > @@ -177,6 +177,8 @@ static void f2fs_write_end_io(struct bio *bio) > page->index != nid_of_node(page)); > > dec_page_count(sbi, type); > + if (f2fs_in_warm_node_list(sbi, page)) > + f2
Re: [f2fs-dev] [PATCH] f2fs: fix invalid memory access
On 08/01, Chao Yu wrote: > From: Chao Yu > > syzbot found the following crash on: > > HEAD commit:d9bd94c0bcaa Add linux-next specific files for 20180801 > git tree: linux-next > console output: https://syzkaller.appspot.com/x/log.txt?x=1001189c40 > kernel config: https://syzkaller.appspot.com/x/.config?x=cc8964ea4d04518c > dashboard link: https://syzkaller.appspot.com/bug?extid=c966a82db0b14aa37e81 > compiler: gcc (GCC) 8.0.1 20180413 (experimental) > > Unfortunately, I don't have any reproducer for this crash yet. > > IMPORTANT: if you fix the bug, please add the following tag to the commit: > Reported-by: syzbot+c966a82db0b14aa37...@syzkaller.appspotmail.com > > loop7: rw=12288, want=8200, limit=20 > netlink: 65342 bytes leftover after parsing attributes in process > `syz-executor4'. > openvswitch: netlink: Message has 8 unknown bytes. > kasan: CONFIG_KASAN_INLINE enabled > kasan: GPF could be caused by NULL-ptr deref or user memory access > general protection fault: [#1] SMP KASAN > CPU: 1 PID: 7615 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ #29 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS > Google 01/01/2011 > RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] > RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] > RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] > RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] > RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 > Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff df > 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f4 > 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 > RSP: 0018:8801937cebe8 EFLAGS: 00010246 > RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 > RDX: RSI: 82fd9658 RDI: 0005 > RBP: 8801937cef58 R08: 8801ab254700 R09: f94000d9e026 > R10: f94000d9e026 R11: ea0006cf0137 R12: fffb > R13: 8801937ceeb0 R14: 0003 R15: 880193419b40 > FS: 7f36a61d5700() GS:8801db10() knlGS: > CS: 0010 DS: ES: CR0: 80050033 > CR2: 7fc04ff93000 CR3: 0001d0562000 CR4: 001426e0 > DR0: DR1: DR2: > DR3: DR6: fffe0ff0 DR7: 0400 > Call Trace: > f2fs_get_valid_checkpoint+0x436/0x1ec0 fs/f2fs/checkpoint.c:860 > f2fs_fill_super+0x2d42/0x8110 fs/f2fs/super.c:2883 > mount_bdev+0x314/0x3e0 fs/super.c:1344 > f2fs_mount+0x3c/0x50 fs/f2fs/super.c:3133 > legacy_get_tree+0x131/0x460 fs/fs_context.c:729 > vfs_get_tree+0x1cb/0x5c0 fs/super.c:1743 > do_new_mount fs/namespace.c:2603 [inline] > do_mount+0x6f2/0x1e20 fs/namespace.c:2927 > ksys_mount+0x12d/0x140 fs/namespace.c:3143 > __do_sys_mount fs/namespace.c:3157 [inline] > __se_sys_mount fs/namespace.c:3154 [inline] > __x64_sys_mount+0xbe/0x150 fs/namespace.c:3154 > do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 > entry_SYSCALL_64_after_hwframe+0x49/0xbe > RIP: 0033:0x45943a > Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f > 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f > 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00 > RSP: 002b:7f36a61d4a88 EFLAGS: 0206 ORIG_RAX: 00a5 > RAX: ffda RBX: 7f36a61d4b30 RCX: 0045943a > RDX: 7f36a61d4ad0 RSI: 2100 RDI: 7f36a61d4af0 > RBP: 2100 R08: 7f36a61d4b30 R09: 7f36a61d4ad0 > R10: R11: 0206 R12: 0013 > R13: R14: 004c8ea0 R15: > Modules linked in: > Dumping ftrace buffer: >(ftrace buffer empty) > ---[ end trace bd8550c129352286 ]--- > RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] > RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] > RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] > RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] > RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 > Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff df > 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f4 > 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 > RSP: 0018:8801937cebe8 EFLAGS: 00010246 > RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 > RDX: RSI: 82fd9658 RDI: 0005 > netlink: 65342 bytes leftover after parsing attributes in process > `syz-executor
[f2fs-dev] [PATCH] f2fs: avoid f2fs_bug_on() in cp_error case
There is a subtle race condition to invoke f2fs_bug_on() in shutdown tests. I've confirmed that the last checkpoint is preserved in consistent state, so it'd be fine to just return error at this moment. Signed-off-by: Jaegeuk Kim --- fs/f2fs/node.c | 4 1 file changed, 4 insertions(+) diff --git a/fs/f2fs/node.c b/fs/f2fs/node.c index 6055d2d12640..21ffb784764c 100644 --- a/fs/f2fs/node.c +++ b/fs/f2fs/node.c @@ -1075,6 +1075,10 @@ int f2fs_remove_inode_page(struct inode *inode) f2fs_truncate_data_blocks_range(&dn, 1); /* 0 is possible, after f2fs_new_inode() has failed */ + if (unlikely(f2fs_cp_error(F2FS_I_SB(inode { + f2fs_put_dnode(&dn); + return -EIO; + } f2fs_bug_on(F2FS_I_SB(inode), inode->i_blocks != 0 && inode->i_blocks != 8); -- 2.17.0.441.gb46fe60e1d-goog -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
[f2fs-dev] [PATCH] f2fs: fix invalid memory access
From: Chao Yu syzbot found the following crash on: HEAD commit:d9bd94c0bcaa Add linux-next specific files for 20180801 git tree: linux-next console output: https://syzkaller.appspot.com/x/log.txt?x=1001189c40 kernel config: https://syzkaller.appspot.com/x/.config?x=cc8964ea4d04518c dashboard link: https://syzkaller.appspot.com/bug?extid=c966a82db0b14aa37e81 compiler: gcc (GCC) 8.0.1 20180413 (experimental) Unfortunately, I don't have any reproducer for this crash yet. IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+c966a82db0b14aa37...@syzkaller.appspotmail.com loop7: rw=12288, want=8200, limit=20 netlink: 65342 bytes leftover after parsing attributes in process `syz-executor4'. openvswitch: netlink: Message has 8 unknown bytes. kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: [#1] SMP KASAN CPU: 1 PID: 7615 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f4 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 RSP: 0018:8801937cebe8 EFLAGS: 00010246 RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 RDX: RSI: 82fd9658 RDI: 0005 RBP: 8801937cef58 R08: 8801ab254700 R09: f94000d9e026 R10: f94000d9e026 R11: ea0006cf0137 R12: fffb R13: 8801937ceeb0 R14: 0003 R15: 880193419b40 FS: 7f36a61d5700() GS:8801db10() knlGS: CS: 0010 DS: ES: CR0: 80050033 CR2: 7fc04ff93000 CR3: 0001d0562000 CR4: 001426e0 DR0: DR1: DR2: DR3: DR6: fffe0ff0 DR7: 0400 Call Trace: f2fs_get_valid_checkpoint+0x436/0x1ec0 fs/f2fs/checkpoint.c:860 f2fs_fill_super+0x2d42/0x8110 fs/f2fs/super.c:2883 mount_bdev+0x314/0x3e0 fs/super.c:1344 f2fs_mount+0x3c/0x50 fs/f2fs/super.c:3133 legacy_get_tree+0x131/0x460 fs/fs_context.c:729 vfs_get_tree+0x1cb/0x5c0 fs/super.c:1743 do_new_mount fs/namespace.c:2603 [inline] do_mount+0x6f2/0x1e20 fs/namespace.c:2927 ksys_mount+0x12d/0x140 fs/namespace.c:3143 __do_sys_mount fs/namespace.c:3157 [inline] __se_sys_mount fs/namespace.c:3154 [inline] __x64_sys_mount+0xbe/0x150 fs/namespace.c:3154 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45943a Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00 RSP: 002b:7f36a61d4a88 EFLAGS: 0206 ORIG_RAX: 00a5 RAX: ffda RBX: 7f36a61d4b30 RCX: 0045943a RDX: 7f36a61d4ad0 RSI: 2100 RDI: 7f36a61d4af0 RBP: 2100 R08: 7f36a61d4b30 R09: 7f36a61d4ad0 R10: R11: 0206 R12: 0013 R13: R14: 004c8ea0 R15: Modules linked in: Dumping ftrace buffer: (ftrace buffer empty) ---[ end trace bd8550c129352286 ]--- RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f4 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 RSP: 0018:8801937cebe8 EFLAGS: 00010246 RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 RDX: RSI: 82fd9658 RDI: 0005 netlink: 65342 bytes leftover after parsing attributes in process `syz-executor4'. RBP: 8801937cef58 R08: 8801ab254700 R09: f94000d9e026 openvswitch: netlink: Message has 8 unknown bytes. R10: f94000d9e026 R11: ea0006cf0137 R12: fffb R13: 8801937ceeb0 R14: 0003 R15: 880193419b40 FS: 7f36a61d5700() GS:8801db10() knlGS: CS: 0010 DS: ES: CR0: 80050033 CR2: 7fc04ff93000 CR3: 0001d0562000 CR4: 001426e0 DR0: 0
[f2fs-dev] general protection fault in validate_checkpoint
Hello, syzbot found the following crash on: HEAD commit:d9bd94c0bcaa Add linux-next specific files for 20180801 git tree: linux-next console output: https://syzkaller.appspot.com/x/log.txt?x=1001189c40 kernel config: https://syzkaller.appspot.com/x/.config?x=cc8964ea4d04518c dashboard link: https://syzkaller.appspot.com/bug?extid=c966a82db0b14aa37e81 compiler: gcc (GCC) 8.0.1 20180413 (experimental) Unfortunately, I don't have any reproducer for this crash yet. IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+c966a82db0b14aa37...@syzkaller.appspotmail.com loop7: rw=12288, want=8200, limit=20 netlink: 65342 bytes leftover after parsing attributes in process `syz-executor4'. openvswitch: netlink: Message has 8 unknown bytes. kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: [#1] SMP KASAN CPU: 1 PID: 7615 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f4 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 RSP: 0018:8801937cebe8 EFLAGS: 00010246 RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 RDX: RSI: 82fd9658 RDI: 0005 RBP: 8801937cef58 R08: 8801ab254700 R09: f94000d9e026 R10: f94000d9e026 R11: ea0006cf0137 R12: fffb R13: 8801937ceeb0 R14: 0003 R15: 880193419b40 FS: 7f36a61d5700() GS:8801db10() knlGS: CS: 0010 DS: ES: CR0: 80050033 CR2: 7fc04ff93000 CR3: 0001d0562000 CR4: 001426e0 DR0: DR1: DR2: DR3: DR6: fffe0ff0 DR7: 0400 Call Trace: f2fs_get_valid_checkpoint+0x436/0x1ec0 fs/f2fs/checkpoint.c:860 f2fs_fill_super+0x2d42/0x8110 fs/f2fs/super.c:2883 mount_bdev+0x314/0x3e0 fs/super.c:1344 f2fs_mount+0x3c/0x50 fs/f2fs/super.c:3133 legacy_get_tree+0x131/0x460 fs/fs_context.c:729 vfs_get_tree+0x1cb/0x5c0 fs/super.c:1743 do_new_mount fs/namespace.c:2603 [inline] do_mount+0x6f2/0x1e20 fs/namespace.c:2927 ksys_mount+0x12d/0x140 fs/namespace.c:3143 __do_sys_mount fs/namespace.c:3157 [inline] __se_sys_mount fs/namespace.c:3154 [inline] __x64_sys_mount+0xbe/0x150 fs/namespace.c:3154 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45943a Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00 RSP: 002b:7f36a61d4a88 EFLAGS: 0206 ORIG_RAX: 00a5 RAX: ffda RBX: 7f36a61d4b30 RCX: 0045943a RDX: 7f36a61d4ad0 RSI: 2100 RDI: 7f36a61d4af0 RBP: 2100 R08: 7f36a61d4b30 R09: 7f36a61d4ad0 R10: R11: 0206 R12: 0013 R13: R14: 004c8ea0 R15: Modules linked in: Dumping ftrace buffer: (ftrace buffer empty) ---[ end trace bd8550c129352286 ]--- RIP: 0010:__read_once_size include/linux/compiler.h:188 [inline] RIP: 0010:compound_head include/linux/page-flags.h:142 [inline] RIP: 0010:PageLocked include/linux/page-flags.h:272 [inline] RIP: 0010:f2fs_put_page fs/f2fs/f2fs.h:2011 [inline] RIP: 0010:validate_checkpoint+0x66d/0xec0 fs/f2fs/checkpoint.c:835 Code: e8 58 05 7f fe 4c 8d 6b 80 4d 8d 74 24 08 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 c6 04 02 00 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f4 06 00 00 4c 89 ea 4d 8b 7c 24 08 48 b8 00 00 RSP: 0018:8801937cebe8 EFLAGS: 00010246 RAX: dc00 RBX: 8801937cef30 RCX: c90006035000 RDX: RSI: 82fd9658 RDI: 0005 netlink: 65342 bytes leftover after parsing attributes in process `syz-executor4'. RBP: 8801937cef58 R08: 8801ab254700 R09: f94000d9e026 openvswitch: netlink: Message has 8 unknown bytes. R10: f94000d9e026 R11: ea0006cf0137 R12: fffb R13: 8801937ceeb0 R14: 0003 R15: 880193419b40 FS: 7f36a61d5700() GS:8801db10() knlGS: CS: 0010 DS: ES: CR0: 80050033 CR2: 7fc04ff93000 CR3: 0001d0562000 CR4: 0
[f2fs-dev] [PATCH v2 4/5] f2fs: fix to do sanity check with cp_pack_start_sum
After fuzzing, cp_pack_start_sum could be corrupted, so current log's summary info should be wrong due to loading incorrect summary block. Then, if segment's type in current log is exceeded NR_CURSEG_TYPE, it can lead accessing invalid dirty_i->dirty_segmap bitmap finally. Add sanity check for cp_pack_start_sum to fix this issue. https://bugzilla.kernel.org/show_bug.cgi?id=200419 - Reproduce - Kernel message (f2fs-dev w/ KASAN) [ 3117.578432] F2FS-fs (loop0): Invalid log blocks per segment (8) [ 3117.578445] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 3117.581364] F2FS-fs (loop0): invalid crc_offset: 30716 [ 3117.583564] WARNING: CPU: 1 PID: 1225 at fs/f2fs/checkpoint.c:90 __get_meta_page+0x448/0x4b0 [ 3117.583570] Modules linked in: snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer joydev input_leds serio_raw snd soundcore mac_hid i2c_piix4 ib_iser rdma_cm iw_cm ib_cm ib_core configfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi btrfs zstd_decompress zstd_compress xxhash raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear 8139too qxl ttm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops drm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc aesni_intel psmouse aes_x86_64 8139cp crypto_simd cryptd mii glue_helper pata_acpi floppy [ 3117.584014] CPU: 1 PID: 1225 Comm: mount Not tainted 4.17.0+ #1 [ 3117.584017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014 [ 3117.584022] RIP: 0010:__get_meta_page+0x448/0x4b0 [ 3117.584023] Code: 00 49 8d bc 24 84 00 00 00 e8 74 54 da ff 41 83 8c 24 84 00 00 00 08 4c 89 f6 4c 89 ef e8 c0 d9 95 00 48 89 ef e8 18 e3 00 00 <0f> 0b f0 80 4d 48 04 e9 0f fe ff ff 0f 0b 48 89 c7 48 89 04 24 e8 [ 3117.584072] RSP: 0018:88018eb678c0 EFLAGS: 00010286 [ 3117.584082] RAX: 88018f0a6a78 RBX: ea0007a46600 RCX: 9314d1b2 [ 3117.584085] RDX: 0001 RSI: RDI: 88018f0a6a98 [ 3117.584087] RBP: 88018ebe9980 R08: 0002 R09: 0001 [ 3117.584090] R10: 0001 R11: ed00326e4450 R12: 880193722200 [ 3117.584092] R13: 88018ebe9afc R14: 0206 R15: 88018eb67900 [ 3117.584096] FS: 7f5694636840() GS:8801f3b0() knlGS: [ 3117.584098] CS: 0010 DS: ES: CR0: 80050033 [ 3117.584101] CR2: 016f21b8 CR3: 000191c22000 CR4: 06e0 [ 3117.584112] Call Trace: [ 3117.584121] ? f2fs_set_meta_page_dirty+0x150/0x150 [ 3117.584127] ? f2fs_build_segment_manager+0xbf9/0x3190 [ 3117.584133] ? f2fs_npages_for_summary_flush+0x75/0x120 [ 3117.584145] f2fs_build_segment_manager+0xda8/0x3190 [ 3117.584151] ? f2fs_get_valid_checkpoint+0x298/0xa00 [ 3117.584156] ? f2fs_flush_sit_entries+0x10e0/0x10e0 [ 3117.584184] ? map_id_range_down+0x17c/0x1b0 [ 3117.584188] ? __put_user_ns+0x30/0x30 [ 3117.584206] ? find_next_bit+0x53/0x90 [ 3117.584237] ? cpumask_next+0x16/0x20 [ 3117.584249] f2fs_fill_super+0x1948/0x2b40 [ 3117.584258] ? f2fs_commit_super+0x1a0/0x1a0 [ 3117.584279] ? sget_userns+0x65e/0x690 [ 3117.584296] ? set_blocksize+0x88/0x130 [ 3117.584302] ? f2fs_commit_super+0x1a0/0x1a0 [ 3117.584305] mount_bdev+0x1c0/0x200 [ 3117.584310] mount_fs+0x5c/0x190 [ 3117.584320] vfs_kern_mount+0x64/0x190 [ 3117.584330] do_mount+0x2e4/0x1450 [ 3117.584343] ? lockref_put_return+0x130/0x130 [ 3117.584347] ? copy_mount_string+0x20/0x20 [ 3117.584357] ? kasan_unpoison_shadow+0x31/0x40 [ 3117.584362] ? kasan_kmalloc+0xa6/0xd0 [ 3117.584373] ? memcg_kmem_put_cache+0x16/0x90 [ 3117.584377] ? __kmalloc_track_caller+0x196/0x210 [ 3117.584383] ? _copy_from_user+0x61/0x90 [ 3117.584396] ? memdup_user+0x3e/0x60 [ 3117.584401] ksys_mount+0x7e/0xd0 [ 3117.584405] __x64_sys_mount+0x62/0x70 [ 3117.584427] do_syscall_64+0x73/0x160 [ 3117.584440] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3117.584455] RIP: 0033:0x7f5693f14b9a [ 3117.584456] Code: 48 8b 0d 01 c3 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ce c2 2b 00 f7 d8 64 89 01 48 [ 3117.584505] RSP: 002b:7fff27346488 EFLAGS: 0206 ORIG_RAX: 00a5 [ 3117.584510] RAX: ffda RBX: 016e2030 RCX: 7f5693f14b9a [ 3117.584512] RDX: 016e2210 RSI: 016e3f30 RDI: 016ee040 [ 3117.584514] RBP: R08: R09: 0013 [ 3117.584516] R10: c0ed R11: 0206 R12: 016ee040 [ 3117.584519] R13: 016e2210 R14: R15: 0003 [ 3117.584523] ---[ end trace a8e0d899985faf31 ]--- [ 3117.685663] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 3117.685673] F2FS-fs (loop0): recover_data: ino = 2 (i
[f2fs-dev] [PATCH v6] f2fs: fix to do sanity check with block address in main area
This patch add to do sanity check with below field: - cp_pack_total_block_count - blkaddr of data/node - extent info - Overview BUG() in verify_block_addr() when writing to a corrupted f2fs image - Reproduce (4.18 upstream kernel) - POC (poc.c) static void activity(char *mpoint) { char *foo_bar_baz; int err; static int buf[8192]; memset(buf, 0, sizeof(buf)); err = asprintf(&foo_bar_baz, "%s/foo/bar/baz", mpoint); int fd = open(foo_bar_baz, O_RDWR | O_TRUNC, 0777); if (fd >= 0) { write(fd, (char *)buf, sizeof(buf)); fdatasync(fd); close(fd); } } int main(int argc, char *argv[]) { activity(argv[1]); return 0; } - Kernel message [ 689.349473] F2FS-fs (loop0): Mounted with checkpoint version = 3 [ 699.728662] WARNING: CPU: 0 PID: 1309 at fs/f2fs/segment.c:2860 f2fs_inplace_write_data+0x232/0x240 [ 699.728670] Modules linked in: snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hwdep snd_hda_core snd_pcm snd_timer snd mac_hid i2c_piix4 soundcore ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx raid1 raid0 multipath linear 8139too crct10dif_pclmul crc32_pclmul qxl drm_kms_helper syscopyarea aesni_intel sysfillrect sysimgblt fb_sys_fops ttm drm aes_x86_64 crypto_simd cryptd 8139cp glue_helper mii pata_acpi floppy [ 699.729056] CPU: 0 PID: 1309 Comm: a.out Not tainted 4.18.0-rc1+ #4 [ 699.729064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014 [ 699.729074] RIP: 0010:f2fs_inplace_write_data+0x232/0x240 [ 699.729076] Code: ff e9 cf fe ff ff 49 8d 7d 10 e8 39 45 ad ff 4d 8b 7d 10 be 04 00 00 00 49 8d 7f 48 e8 07 49 ad ff 45 8b 7f 48 e9 fb fe ff ff <0f> 0b f0 41 80 4d 48 04 e9 65 fe ff ff 90 66 66 66 66 90 55 48 8d [ 699.729130] RSP: 0018:8801f43af568 EFLAGS: 00010202 [ 699.729139] RAX: 003f RBX: 8801f43af7b8 RCX: b88c9113 [ 699.729142] RDX: 0003 RSI: dc00 RDI: 8802024e5540 [ 699.729144] RBP: 8801f43af590 R08: 0009 R09: ffe8 [ 699.729147] R10: 0001 R11: ed0039b0596a R12: 8802024e5540 [ 699.729149] R13: 8801f0335500 R14: 8801e3e7a700 R15: 8801e1ee4450 [ 699.729154] FS: 7f9bf97f5700() GS:8801f6e0() knlGS: [ 699.729156] CS: 0010 DS: ES: CR0: 80050033 [ 699.729159] CR2: 7f9bf925d170 CR3: 0001f0c34000 CR4: 06f0 [ 699.729171] Call Trace: [ 699.729192] f2fs_do_write_data_page+0x2e2/0xe00 [ 699.729203] ? f2fs_should_update_outplace+0xd0/0xd0 [ 699.729238] ? memcg_drain_all_list_lrus+0x280/0x280 [ 699.729269] ? __radix_tree_replace+0xa3/0x120 [ 699.729276] __write_data_page+0x5c7/0xe30 [ 699.729291] ? kasan_check_read+0x11/0x20 [ 699.729310] ? page_mapped+0x8a/0x110 [ 699.729321] ? page_mkclean+0xe9/0x160 [ 699.729327] ? f2fs_do_write_data_page+0xe00/0xe00 [ 699.729331] ? invalid_page_referenced_vma+0x130/0x130 [ 699.729345] ? clear_page_dirty_for_io+0x332/0x450 [ 699.729351] f2fs_write_cache_pages+0x4ca/0x860 [ 699.729358] ? __write_data_page+0xe30/0xe30 [ 699.729374] ? percpu_counter_add_batch+0x22/0xa0 [ 699.729380] ? kasan_check_write+0x14/0x20 [ 699.729391] ? _raw_spin_lock+0x17/0x40 [ 699.729403] ? f2fs_mark_inode_dirty_sync.part.18+0x16/0x30 [ 699.729413] ? iov_iter_advance+0x113/0x640 [ 699.729418] ? f2fs_write_end+0x133/0x2e0 [ 699.729423] ? balance_dirty_pages_ratelimited+0x239/0x640 [ 699.729428] f2fs_write_data_pages+0x329/0x520 [ 699.729433] ? generic_perform_write+0x250/0x320 [ 699.729438] ? f2fs_write_cache_pages+0x860/0x860 [ 699.729454] ? current_time+0x110/0x110 [ 699.729459] ? f2fs_preallocate_blocks+0x1ef/0x370 [ 699.729464] do_writepages+0x37/0xb0 [ 699.729468] ? f2fs_write_cache_pages+0x860/0x860 [ 699.729472] ? do_writepages+0x37/0xb0 [ 699.729478] __filemap_fdatawrite_range+0x19a/0x1f0 [ 699.729483] ? delete_from_page_cache_batch+0x4e0/0x4e0 [ 699.729496] ? __vfs_write+0x2b2/0x410 [ 699.729501] file_write_and_wait_range+0x66/0xb0 [ 699.729506] f2fs_do_sync_file+0x1f9/0xd90 [ 699.729511] ? truncate_partial_data_page+0x290/0x290 [ 699.729521] ? __sb_end_write+0x30/0x50 [ 699.729526] ? vfs_write+0x20f/0x260 [ 699.729530] f2fs_sync_file+0x9a/0xb0 [ 699.729534] ? f2fs_do_sync_file+0xd90/0xd90 [ 699.729548] vfs_fsync_range+0x68/0x100 [ 699.729554] ? __fget_light+0xc9/0xe0 [ 699.729558] do_fsync+0x3d/0x70 [ 699.729562] __x64_sys_fdatasync+0x24/0x30 [ 699.729585] do_syscall_64+0x78/0x170 [ 699.729595] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 699.729613] RIP: 0033:0x7f9bf930d800 [ 699.729615] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 49 bf 2c 00 00 75 10 b8 4b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 be 78 01 00 48 89 04 24 [ 699.72966
Re: [f2fs-dev] [PATCH] f2fs: check total CP pack block count correctly
On 2018/8/1 18:26, Chao Yu wrote: On 2018/8/1 15:36, Sheng Yong wrote: On 2018/8/1 14:56, Chao Yu wrote: Hi Sheng, On 2018/8/1 11:46, Sheng Yong wrote: Fixes: 652d19558a347 ('f2fs: fix to do sanity check with block address in main area') Reported-by: Zhang Xiaobo Signed-off-by: Sheng Yong That's my bad, and thanks for the fix. Do you mind merge this into buggy patch, since the patch has not been upstreamed yet. No, of course not :) Thanks, Thanks, --- fs/f2fs/checkpoint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c index 3587aa53dc90..c32ee10a1384 100644 --- a/fs/f2fs/checkpoint.c +++ b/fs/f2fs/checkpoint.c @@ -809,7 +809,7 @@ static struct page *validate_checkpoint(struct f2fs_sb_info *sbi, goto invalid_cp1; if (le32_to_cpu(cp_block->cp_pack_total_block_count) > - sbi->log_blocks_per_seg) { + sbi->blocks_per_seg - 1) { actually, cp_pack_total_block_count can be sbi->blocks_per_seg? Oh, right, it can be sbi->blocks_per_seg :) Thanks Thanks, f2fs_msg(sbi->sb, KERN_WARNING, "invalid cp_pack_total_block_count:%u", le32_to_cpu(cp_block->cp_pack_total_block_count)); . . . -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
Re: [f2fs-dev] [PATCH] f2fs: check total CP pack block count correctly
On 2018/8/1 15:36, Sheng Yong wrote: > > > On 2018/8/1 14:56, Chao Yu wrote: >> Hi Sheng, >> >> On 2018/8/1 11:46, Sheng Yong wrote: >>> Fixes: 652d19558a347 ('f2fs: fix to do sanity check with block address in >>> main area') >>> Reported-by: Zhang Xiaobo >>> Signed-off-by: Sheng Yong >> >> That's my bad, and thanks for the fix. >> >> Do you mind merge this into buggy patch, since the patch has not been >> upstreamed >> yet. > > No, of course not :) > > Thanks, > >> >> Thanks, >> >>> --- >>> fs/f2fs/checkpoint.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c >>> index 3587aa53dc90..c32ee10a1384 100644 >>> --- a/fs/f2fs/checkpoint.c >>> +++ b/fs/f2fs/checkpoint.c >>> @@ -809,7 +809,7 @@ static struct page *validate_checkpoint(struct >>> f2fs_sb_info *sbi, >>> goto invalid_cp1; >>> >>> if (le32_to_cpu(cp_block->cp_pack_total_block_count) > >>> - sbi->log_blocks_per_seg) { >>> + sbi->blocks_per_seg - 1) { actually, cp_pack_total_block_count can be sbi->blocks_per_seg? Thanks, >>> f2fs_msg(sbi->sb, KERN_WARNING, >>> "invalid cp_pack_total_block_count:%u", >>> le32_to_cpu(cp_block->cp_pack_total_block_count)); >>> >> >> >> . >> > > > . > -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
Re: [f2fs-dev] [PATCH] f2fs: remove unused cp_blkaddr in f2fs_sanity_check_ckpt
On 2018/8/1 14:54, Chao Yu wrote: > Hi Junling, > > On 2018/7/31 13:21, Junling Zheng wrote: >> Remove unused cp_blkaddr in f2fs_sanity_check_ckpt(). > > Since this issue is introduced by recent change, and the related patch has not > been upstreamed yet, can we merge this into that patch, if you don't mind? > OK, I don't mind :) > Thanks, > >> >> Signed-off-by: Junling Zheng >> --- >> fs/f2fs/super.c | 3 +-- >> 1 file changed, 1 insertion(+), 2 deletions(-) >> >> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c >> index d56bc6eb8760..6ee003e87f63 100644 >> --- a/fs/f2fs/super.c >> +++ b/fs/f2fs/super.c >> @@ -2297,7 +2297,7 @@ int f2fs_sanity_check_ckpt(struct f2fs_sb_info *sbi) >> unsigned int sit_bitmap_size, nat_bitmap_size; >> unsigned int log_blocks_per_seg; >> unsigned int segment_count_main; >> -unsigned int cp_pack_start_sum, cp_blkaddr, cp_payload; >> +unsigned int cp_pack_start_sum, cp_payload; >> block_t user_block_count; >> int i; >> >> @@ -2359,7 +2359,6 @@ int f2fs_sanity_check_ckpt(struct f2fs_sb_info *sbi) >> } >> >> cp_pack_start_sum = __start_sum_addr(sbi); >> -cp_blkaddr = __start_cp_addr(sbi); >> cp_payload = __cp_payload(sbi); >> if (cp_pack_start_sum < cp_payload + 1 || >> cp_pack_start_sum > blocks_per_seg - 1 - >> > > > . > -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
Re: [f2fs-dev] [PATCH] f2fs: check total CP pack block count correctly
On 2018/8/1 14:56, Chao Yu wrote: Hi Sheng, On 2018/8/1 11:46, Sheng Yong wrote: Fixes: 652d19558a347 ('f2fs: fix to do sanity check with block address in main area') Reported-by: Zhang Xiaobo Signed-off-by: Sheng Yong That's my bad, and thanks for the fix. Do you mind merge this into buggy patch, since the patch has not been upstreamed yet. No, of course not :) Thanks, Thanks, --- fs/f2fs/checkpoint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c index 3587aa53dc90..c32ee10a1384 100644 --- a/fs/f2fs/checkpoint.c +++ b/fs/f2fs/checkpoint.c @@ -809,7 +809,7 @@ static struct page *validate_checkpoint(struct f2fs_sb_info *sbi, goto invalid_cp1; if (le32_to_cpu(cp_block->cp_pack_total_block_count) > - sbi->log_blocks_per_seg) { + sbi->blocks_per_seg - 1) { f2fs_msg(sbi->sb, KERN_WARNING, "invalid cp_pack_total_block_count:%u", le32_to_cpu(cp_block->cp_pack_total_block_count)); . -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel