From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Filipe Manana <fdmanana@gmail.com>,
"Lakshmipathi.G" <lakshmipathi.g@gmail.com>,
Qu Wenruo <wqu@suse.com>, Liu Bo <bo.li.liu@oracle.com>,
David Sterba <dsterba@suse.com>,
Ben Hutchings <ben.hutchings@codethink.co.uk>
Subject: [PATCH 4.4 22/51] btrfs: tree-checker: Fix false panic for sanity test
Date: Tue, 15 Jan 2019 17:35:18 +0100 [thread overview]
Message-ID: <20190115154849.828308715@linuxfoundation.org> (raw)
In-Reply-To: <20190115154846.928796000@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Qu Wenruo <wqu@suse.com>
commit 69fc6cbbac542c349b3d350d10f6e394c253c81d upstream.
[BUG]
If we run btrfs with CONFIG_BTRFS_FS_RUN_SANITY_TESTS=y, it will
instantly cause kernel panic like:
------
...
assertion failed: 0, file: fs/btrfs/disk-io.c, line: 3853
...
Call Trace:
btrfs_mark_buffer_dirty+0x187/0x1f0 [btrfs]
setup_items_for_insert+0x385/0x650 [btrfs]
__btrfs_drop_extents+0x129a/0x1870 [btrfs]
...
-----
[Cause]
Btrfs will call btrfs_check_leaf() in btrfs_mark_buffer_dirty() to check
if the leaf is valid with CONFIG_BTRFS_FS_RUN_SANITY_TESTS=y.
However quite some btrfs_mark_buffer_dirty() callers(*) don't really
initialize its item data but only initialize its item pointers, leaving
item data uninitialized.
This makes tree-checker catch uninitialized data as error, causing
such panic.
*: These callers include but not limited to
setup_items_for_insert()
btrfs_split_item()
btrfs_expand_item()
[Fix]
Add a new parameter @check_item_data to btrfs_check_leaf().
With @check_item_data set to false, item data check will be skipped and
fallback to old btrfs_check_leaf() behavior.
So we can still get early warning if we screw up item pointers, and
avoid false panic.
Cc: Filipe Manana <fdmanana@gmail.com>
Reported-by: Lakshmipathi.G <lakshmipathi.g@gmail.com>
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Liu Bo <bo.li.liu@oracle.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
[bwh: Backported to 4.4: adjust context]
Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/btrfs/disk-io.c | 10 ++++++++--
fs/btrfs/tree-checker.c | 27 ++++++++++++++++++++++-----
fs/btrfs/tree-checker.h | 14 +++++++++++++-
3 files changed, 43 insertions(+), 8 deletions(-)
--- a/fs/btrfs/disk-io.c
+++ b/fs/btrfs/disk-io.c
@@ -589,7 +589,7 @@ static int btree_readpage_end_io_hook(st
* that we don't try and read the other copies of this block, just
* return -EIO.
*/
- if (found_level == 0 && btrfs_check_leaf(root, eb)) {
+ if (found_level == 0 && btrfs_check_leaf_full(root, eb)) {
set_bit(EXTENT_BUFFER_CORRUPT, &eb->bflags);
ret = -EIO;
}
@@ -3896,7 +3896,13 @@ void btrfs_mark_buffer_dirty(struct exte
buf->len,
root->fs_info->dirty_metadata_batch);
#ifdef CONFIG_BTRFS_FS_CHECK_INTEGRITY
- if (btrfs_header_level(buf) == 0 && btrfs_check_leaf(root, buf)) {
+ /*
+ * Since btrfs_mark_buffer_dirty() can be called with item pointer set
+ * but item data not updated.
+ * So here we should only check item pointers, not item data.
+ */
+ if (btrfs_header_level(buf) == 0 &&
+ btrfs_check_leaf_relaxed(root, buf)) {
btrfs_print_leaf(root, buf);
ASSERT(0);
}
--- a/fs/btrfs/tree-checker.c
+++ b/fs/btrfs/tree-checker.c
@@ -195,7 +195,8 @@ static int check_leaf_item(struct btrfs_
return ret;
}
-int btrfs_check_leaf(struct btrfs_root *root, struct extent_buffer *leaf)
+static int check_leaf(struct btrfs_root *root, struct extent_buffer *leaf,
+ bool check_item_data)
{
struct btrfs_fs_info *fs_info = root->fs_info;
/* No valid key type is 0, so all key should be larger than this key */
@@ -299,10 +300,15 @@ int btrfs_check_leaf(struct btrfs_root *
return -EUCLEAN;
}
- /* Check if the item size and content meet other criteria */
- ret = check_leaf_item(root, leaf, &key, slot);
- if (ret < 0)
- return ret;
+ if (check_item_data) {
+ /*
+ * Check if the item size and content meet other
+ * criteria
+ */
+ ret = check_leaf_item(root, leaf, &key, slot);
+ if (ret < 0)
+ return ret;
+ }
prev_key.objectid = key.objectid;
prev_key.type = key.type;
@@ -312,6 +318,17 @@ int btrfs_check_leaf(struct btrfs_root *
return 0;
}
+int btrfs_check_leaf_full(struct btrfs_root *root, struct extent_buffer *leaf)
+{
+ return check_leaf(root, leaf, true);
+}
+
+int btrfs_check_leaf_relaxed(struct btrfs_root *root,
+ struct extent_buffer *leaf)
+{
+ return check_leaf(root, leaf, false);
+}
+
int btrfs_check_node(struct btrfs_root *root, struct extent_buffer *node)
{
unsigned long nr = btrfs_header_nritems(node);
--- a/fs/btrfs/tree-checker.h
+++ b/fs/btrfs/tree-checker.h
@@ -20,7 +20,19 @@
#include "ctree.h"
#include "extent_io.h"
-int btrfs_check_leaf(struct btrfs_root *root, struct extent_buffer *leaf);
+/*
+ * Comprehensive leaf checker.
+ * Will check not only the item pointers, but also every possible member
+ * in item data.
+ */
+int btrfs_check_leaf_full(struct btrfs_root *root, struct extent_buffer *leaf);
+
+/*
+ * Less strict leaf checker.
+ * Will only check item pointers, not reading item data.
+ */
+int btrfs_check_leaf_relaxed(struct btrfs_root *root,
+ struct extent_buffer *leaf);
int btrfs_check_node(struct btrfs_root *root, struct extent_buffer *node);
#endif
next prev parent reply other threads:[~2019-01-15 16:59 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-15 16:34 [PATCH 4.4 00/51] 4.4.171-stable review Greg Kroah-Hartman
2019-01-15 16:34 ` [PATCH 4.4 01/51] ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 Greg Kroah-Hartman
2019-01-15 16:34 ` [PATCH 4.4 02/51] btrfs: cleanup, stop casting for extent_map->lookup everywhere Greg Kroah-Hartman
2019-01-15 16:34 ` [PATCH 4.4 03/51] btrfs: Enhance chunk validation check Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 04/51] Btrfs: add validadtion checks for chunk loading Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 05/51] Btrfs: check inconsistence between chunk and block group Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 06/51] Btrfs: fix em leak in find_first_block_group Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 07/51] Btrfs: detect corruption when non-root leaf has zero item Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 08/51] Btrfs: check btree nodes nritems Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 09/51] Btrfs: fix BUG_ON in btrfs_mark_buffer_dirty Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 10/51] Btrfs: memset to avoid stale content in btree node block Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 11/51] Btrfs: improve check_node to avoid reading corrupted nodes Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 12/51] Btrfs: kill BUG_ON in run_delayed_tree_ref Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 13/51] Btrfs: memset to avoid stale content in btree leaf Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 14/51] Btrfs: fix emptiness check for dirtied extent buffers at check_leaf() Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 15/51] btrfs: struct-funcs, constify readers Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 16/51] btrfs: Refactor check_leaf function for later expansion Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 17/51] btrfs: Check if item pointer overlaps with the item itself Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 18/51] btrfs: Add sanity check for EXTENT_DATA when reading out leaf Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 19/51] btrfs: Add checker for EXTENT_CSUM Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 20/51] btrfs: Move leaf and node validation checker to tree-checker.c Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 21/51] btrfs: tree-checker: Enhance btrfs_check_node output Greg Kroah-Hartman
2019-01-15 16:35 ` Greg Kroah-Hartman [this message]
2019-01-15 16:35 ` [PATCH 4.4 23/51] btrfs: tree-checker: Add checker for dir item Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 24/51] btrfs: tree-checker: use %zu format string for size_t Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 25/51] btrfs: tree-check: reduce stack consumption in check_dir_item Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 26/51] btrfs: tree-checker: Verify block_group_item Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 27/51] btrfs: tree-checker: Detect invalid and empty essential trees Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 28/51] btrfs: validate type when reading a chunk Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 29/51] btrfs: Check that each block group has corresponding chunk at mount time Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 30/51] btrfs: Verify that every chunk has corresponding block group " Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 31/51] btrfs: tree-checker: Check level for leaves and nodes Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 32/51] btrfs: tree-checker: Fix misleading group system information Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 33/51] CIFS: Do not hide EINTR after sending network packets Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 34/51] cifs: Fix potential OOB access of lock element array Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 35/51] usb: cdc-acm: send ZLP for Telit 3G Intel based modems Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 36/51] USB: storage: dont insert sane sense for SPC3+ when bad sense specified Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 37/51] USB: storage: add quirk for SMI SM3350 Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 38/51] USB: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 39/51] slab: alien caches must not be initialized if the allocation of the alien cache failed Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 40/51] PCI: altera: Fix altera_pcie_link_is_up() Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 41/51] PCI: altera: Reorder read/write functions Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 42/51] PCI: altera: Check link status before retrain link Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 43/51] PCI: altera: Poll for link up status after retraining the link Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 44/51] PCI: altera: Poll for link training " Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 45/51] PCI: altera: Rework config accessors for use without a struct pci_bus Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 46/51] PCI: altera: Move retrain from fixup to altera_pcie_host_init() Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 47/51] ACPI: power: Skip duplicate power resource references in _PRx Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 48/51] i2c: dev: prevent adapter retries and timeout being set as minus value Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 49/51] crypto: cts - fix crash on short inputs Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 50/51] ext4: fix a potential fiemap/page fault deadlock w/ inline_data Greg Kroah-Hartman
2019-01-15 16:35 ` [PATCH 4.4 51/51] sunrpc: use-after-free in svc_process_common() Greg Kroah-Hartman
2019-01-16 1:24 ` [PATCH 4.4 00/51] 4.4.171-stable review shuah
2019-01-16 11:55 ` Naresh Kamboju
2019-01-16 20:36 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190115154849.828308715@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=ben.hutchings@codethink.co.uk \
--cc=bo.li.liu@oracle.com \
--cc=dsterba@suse.com \
--cc=fdmanana@gmail.com \
--cc=lakshmipathi.g@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=wqu@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.