From: Eric Biggers <ebiggers@kernel.org>
To: Jan Kara <jack@suse.cz>
Cc: Ted Tso <tytso@mit.edu>, linux-ext4@vger.kernel.org
Subject: Re: [PATCH 20/25] jbd2: Reserve space for revoke descriptor blocks
Date: Thu, 14 Nov 2019 23:52:23 -0800 [thread overview]
Message-ID: <20191115075223.GA152352@sol.localdomain> (raw)
In-Reply-To: <20191105164437.32602-20-jack@suse.cz>
On Tue, Nov 05, 2019 at 05:44:26PM +0100, Jan Kara wrote:
> static inline int jbd2_handle_buffer_credits(handle_t *handle)
> {
> - return handle->h_buffer_credits;
> + journal_t *journal = handle->h_transaction->t_journal;
> +
> + return handle->h_buffer_credits -
> + DIV_ROUND_UP(handle->h_revoke_credits_requested,
> + journal->j_revoke_records_per_block);
> }
This patch is causing a crash with 'kvm-xfstests -c dioread_nolock ext4/024'.
Looks like this code incorrectly assumes that h_transaction is always valid
rather than the other member of the union, h_journal.
BUG: kernel NULL pointer dereference, address: 0000000000000614
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] SMP
CPU: 1 PID: 105 Comm: kworker/u4:3 Not tainted 5.4.0-rc3-00020-gfdc3ef882a5d #18
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20191013_105130-anatol 04/01/2014
Workqueue: ext4-rsv-conversion ext4_end_io_rsv_work
RIP: 0010:jbd2_handle_buffer_credits include/linux/jbd2.h:1656 [inline]
RIP: 0010:__ext4_journal_start_reserved+0x38/0x1f0 fs/ext4/ext4_jbd2.c:122
Code: 83 ec 10 48 81 ff ff 0f 00 00 89 75 d4 89 55 d0 0f 86 f5 00 00 00 48 8b 07 49 89 fc 48 8b 5d 08 4c 8b a8 40 07 00 6
RSP: 0018:ffffc90000457d40 EFLAGS: 00010296
RAX: 0000000000000038 RBX: ffffffff812e68fb RCX: 000000000000000c
RDX: 000000000000000b RSI: 000000000000137f RDI: ffff8880779c5468
RBP: ffffc90000457d78 R08: 0000000000001000 R09: 0000000000001000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880779c5468
R13: ffff88807b726000 R14: ffff8880779ad9e8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff88807fd00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000614 CR3: 000000007a0dd000 CR4: 00000000003406e0
Call Trace:
ext4_convert_unwritten_extents+0x8b/0x250 fs/ext4/extents.c:4991
ext4_end_io fs/ext4/page-io.c:152 [inline]
ext4_do_flush_completed_IO fs/ext4/page-io.c:226 [inline]
ext4_end_io_rsv_work+0x11a/0x1f0 fs/ext4/page-io.c:240
process_one_work+0x227/0x5b0 kernel/workqueue.c:2269
worker_thread+0x4b/0x3c0 kernel/workqueue.c:2415
kthread+0x125/0x140 kernel/kthread.c:255
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
CR2: 0000000000000614
---[ end trace d8eaf4e1225480d5 ]---
next prev parent reply other threads:[~2019-11-15 7:52 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-03 22:05 [PATCH 0/19 v3] ext4: Fix transaction overflow due to revoke descriptors Jan Kara
2019-10-03 22:05 ` [PATCH 01/22] jbd2: Fix possible overflow in jbd2_log_space_left() Jan Kara
2019-10-21 1:08 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 02/22] jbd2: Fixup stale comment in commit code Jan Kara
2019-10-21 1:08 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 03/22] ext4: Do not iput inode under running transaction in ext4_mkdir() Jan Kara
2019-10-21 1:21 ` Theodore Y. Ts'o
2019-10-24 10:19 ` Jan Kara
2019-10-24 12:09 ` Theodore Y. Ts'o
2019-10-24 13:37 ` Jan Kara
2019-11-04 12:35 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 04/22] ext4: Fix credit estimate for final inode freeing Jan Kara
2019-10-21 1:07 ` Theodore Y. Ts'o
2019-10-24 10:30 ` Jan Kara
2019-10-03 22:05 ` [PATCH 05/22] ext4: Fix ext4_should_journal_data() for EA inodes Jan Kara
2019-10-21 1:38 ` Theodore Y. Ts'o
2019-10-23 16:55 ` Jan Kara
2019-10-03 22:05 ` [PATCH 06/22] ext4: Use ext4_journal_extend() instead of jbd2_journal_extend() Jan Kara
2019-10-21 1:39 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 07/22] ext4: Avoid unnecessary revokes in ext4_alloc_branch() Jan Kara
2019-10-21 13:39 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 08/22] ext4: Provide function to handle transaction restarts Jan Kara
2019-10-21 16:20 ` Theodore Y. Ts'o
2019-10-23 16:25 ` Jan Kara
2019-10-03 22:05 ` [PATCH 09/22] ext4, jbd2: Provide accessor function for handle credits Jan Kara
2019-10-21 16:21 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 10/22] ocfs2: Use accessor function for h_buffer_credits Jan Kara
2019-10-21 16:21 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 11/22] jbd2: Fix statistics for the number of logged blocks Jan Kara
2019-10-21 16:24 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 12/22] jbd2: Reorganize jbd2_journal_stop() Jan Kara
2019-10-21 17:29 ` Theodore Y. Ts'o
2019-10-03 22:05 ` [PATCH 13/22] jbd2: Drop pointless check from jbd2_journal_stop() Jan Kara
2019-10-21 17:30 ` Theodore Y. Ts'o
2019-10-03 22:06 ` [PATCH 14/22] jbd2: Drop pointless wakeup " Jan Kara
2019-10-21 17:34 ` Theodore Y. Ts'o
2019-10-03 22:06 ` [PATCH 15/22] jbd2: Factor out common parts of stopping and restarting a handle Jan Kara
2019-10-21 17:49 ` Theodore Y. Ts'o
2019-10-23 16:17 ` Jan Kara
2019-11-04 12:36 ` Theodore Y. Ts'o
2019-11-04 12:59 ` Jan Kara
2019-10-03 22:06 ` [PATCH 16/22] jbd2: Account descriptor blocks into t_outstanding_credits Jan Kara
2019-10-21 21:04 ` Theodore Y. Ts'o
2019-10-23 13:09 ` Jan Kara
2019-10-03 22:06 ` [PATCH 17/22] jbd2: Drop jbd2_space_needed() Jan Kara
2019-10-21 21:05 ` Theodore Y. Ts'o
2019-10-03 22:06 ` [PATCH 18/22] jbd2: Reserve space for revoke descriptor blocks Jan Kara
2019-10-21 21:47 ` Theodore Y. Ts'o
2019-10-23 13:27 ` Jan Kara
2019-10-03 22:06 ` [PATCH 19/22] jbd2: Rename h_buffer_credits to h_total_credits Jan Kara
2019-10-21 21:48 ` Theodore Y. Ts'o
2019-10-03 22:06 ` [PATCH 20/22] jbd2: Make credit checking more strict Jan Kara
2019-10-21 22:29 ` Theodore Y. Ts'o
2019-10-23 13:30 ` Jan Kara
2019-10-03 22:06 ` [PATCH 21/22] ext4: Reserve revoke credits for freed blocks Jan Kara
2019-10-21 23:18 ` Theodore Y. Ts'o
2019-10-23 16:13 ` Jan Kara
2019-11-04 13:08 ` Theodore Y. Ts'o
2019-11-05 8:31 ` Jan Kara
2019-10-03 22:06 ` [PATCH 22/22] jbd2: Provide trace event for handle restarts Jan Kara
2019-10-21 23:18 ` Theodore Y. Ts'o
2019-10-19 19:19 ` [PATCH 0/19 v3] ext4: Fix transaction overflow due to revoke descriptors Theodore Y. Ts'o
2019-10-24 13:09 ` Jan Kara
2019-10-24 15:12 ` Jan Kara
2019-11-04 3:32 ` Theodore Y. Ts'o
2019-11-04 11:22 ` Jan Kara
2019-11-04 13:09 ` Theodore Y. Ts'o
2019-11-05 16:44 ` [PATCH 0/25 " Jan Kara
2019-11-05 16:44 ` [PATCH 01/25] jbd2: Fix possible overflow in jbd2_log_space_left() Jan Kara
2019-11-05 16:44 ` [PATCH 02/25] jbd2: Fixup stale comment in commit code Jan Kara
2019-11-05 16:44 ` [PATCH 03/25] jbd2: Completely fill journal descriptor blocks Jan Kara
2019-11-05 16:44 ` [PATCH 04/25] ext4: Move marking of handle as sync to ext4_add_nondir() Jan Kara
2019-11-05 16:44 ` [PATCH 05/25] ext4: Do not iput inode under running transaction Jan Kara
2019-11-05 16:44 ` [PATCH 06/25] ext4: Fix credit estimate for final inode freeing Jan Kara
2019-11-05 21:00 ` Theodore Y. Ts'o
2019-11-05 16:44 ` [PATCH 07/25] ext4: Fix ext4_should_journal_data() for EA inodes Jan Kara
2019-11-05 16:44 ` [PATCH 08/25] ext4: Use ext4_journal_extend() instead of jbd2_journal_extend() Jan Kara
2019-11-05 16:44 ` [PATCH 09/25] ext4: Avoid unnecessary revokes in ext4_alloc_branch() Jan Kara
2019-11-05 16:44 ` [PATCH 10/25] ext4: Provide function to handle transaction restarts Jan Kara
2019-11-05 16:44 ` [PATCH 11/25] ext4, jbd2: Provide accessor function for handle credits Jan Kara
2019-11-05 16:44 ` [PATCH 12/25] ocfs2: Use accessor function for h_buffer_credits Jan Kara
2019-11-05 16:44 ` [PATCH 13/25] jbd2: Fix statistics for the number of logged blocks Jan Kara
2019-11-05 16:44 ` [PATCH 14/25] jbd2: Reorganize jbd2_journal_stop() Jan Kara
2019-11-05 16:44 ` [PATCH 15/25] jbd2: Drop pointless check from jbd2_journal_stop() Jan Kara
2019-11-05 16:44 ` [PATCH 16/25] jbd2: Drop pointless wakeup " Jan Kara
2019-11-05 16:44 ` [PATCH 17/25] jbd2: Factor out common parts of stopping and restarting a handle Jan Kara
2019-11-05 16:44 ` [PATCH 18/25] jbd2: Account descriptor blocks into t_outstanding_credits Jan Kara
2019-11-05 16:44 ` [PATCH 19/25] jbd2: Drop jbd2_space_needed() Jan Kara
2019-11-05 16:44 ` [PATCH 20/25] jbd2: Reserve space for revoke descriptor blocks Jan Kara
2019-11-15 7:52 ` Eric Biggers [this message]
2019-11-15 10:02 ` Jan Kara
2019-11-15 14:20 ` Theodore Y. Ts'o
2019-11-15 17:10 ` Eric Biggers
2019-11-05 16:44 ` [PATCH 21/25] jbd2: Rename h_buffer_credits to h_total_credits Jan Kara
2019-11-05 16:44 ` [PATCH 22/25] jbd2: Make credit checking more strict Jan Kara
2019-11-05 16:44 ` [PATCH 23/25] ext4: Reserve revoke credits for freed blocks Jan Kara
2019-11-05 16:44 ` [PATCH 24/25] jbd2: Provide trace event for handle restarts Jan Kara
2019-11-05 16:44 ` [PATCH 25/25] jbd2: Fine tune estimate of necessary descriptor blocks Jan Kara
2019-11-05 21:04 ` [PATCH 0/25 v3] ext4: Fix transaction overflow due to revoke descriptors Theodore Y. Ts'o
[not found] ` <20191112220614.GA11089@mit.edu>
[not found] ` <20191113094545.GC6367@quack2.suse.cz>
2019-11-14 5:26 ` [PATCH 0/19 " Theodore Y. Ts'o
2019-11-14 8:49 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191115075223.GA152352@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=jack@suse.cz \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).