From: Brian Foster <bfoster@redhat.com>
To: "Darrick J. Wong" <darrick.wong@oracle.com>
Cc: sandeen@sandeen.net, linux-xfs@vger.kernel.org, alex@zadara.com
Subject: Re: [PATCH 3/6] xfs_repair: enforce that inode btree chunks can't point to AG headers
Date: Fri, 6 Dec 2019 11:00:44 -0500 [thread overview]
Message-ID: <20191206160044.GB56473@bfoster> (raw)
In-Reply-To: <20191205162818.GC13260@magnolia>
On Thu, Dec 05, 2019 at 08:28:18AM -0800, Darrick J. Wong wrote:
> On Thu, Dec 05, 2019 at 09:37:27AM -0500, Brian Foster wrote:
> > On Wed, Dec 04, 2019 at 09:04:43AM -0800, Darrick J. Wong wrote:
> > > From: Darrick J. Wong <darrick.wong@oracle.com>
> > >
> > > xfs_repair has a very old check that evidently excuses the AG 0 inode
> > > btrees pointing to blocks that are already marked XR_E_INUSE_FS* (e.g.
> > > AG headers). mkfs never formats filesystems that way and it looks like
> > > an error, so purge the check. After this, we always complain if inodes
> > > overlap with AG headers because that should never happen.
> > >
> > > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
> > > ---
> >
> > Strange.. This seems reasonable to me, but any idea on how this might
> > have been used in the past?
>
> I don't have a clue -- this code has been there since the start of the
> xfsprogs git repo and I don't have the pre-git history. Dave said
> "hysterical raisins".
>
Heh, Ok.
> > The only thing I can see so far is that
> > perhaps if the superblock (blocksize/sectorsize) is corrupted, the
> > in-core state trees could be badly initialized such that the inode falls
> > into the "in use" state. Of course if that were the case the fs probably
> > has bigger problems..
>
> Yeah. These days if all those things collide (or look like they
> collide) then chances are the filesystem is already toast.
>
I guess I'm curious if/how this could change behavior in some way. It
kind of looks like this could be some kind of override to try and
preserve/prioritize the root inode if something else happens to be
corrupted and conflict. E.g., what happens if a stray rmapbt record
(incorrectly) categorizes this range as something other than inodes
before the inode scan gets to it? Would this change recovery behavior
from something that treats that as a broken rmapbt to something broader,
or is the outcome generally the same?
It looks to me it _could_ change behavior, but that's also considering a
very targeted corruption vs. something more likely to manifest in the
wild. This code clearly predates rmapbt, so that's obviously not the
original intent. I do also find it odd the hysterical code doesn't warn
if this condition occurs..
Brian
> --D
>
> > Brian
> >
> > > repair/globals.c | 1 -
> > > repair/globals.h | 1 -
> > > repair/scan.c | 19 -------------------
> > > repair/xfs_repair.c | 7 -------
> > > 4 files changed, 28 deletions(-)
> > >
> > >
> > > diff --git a/repair/globals.c b/repair/globals.c
> > > index dcd79ea4..8a60e706 100644
> > > --- a/repair/globals.c
> > > +++ b/repair/globals.c
> > > @@ -73,7 +73,6 @@ int lost_gquotino;
> > > int lost_pquotino;
> > >
> > > xfs_agino_t first_prealloc_ino;
> > > -xfs_agino_t last_prealloc_ino;
> > > xfs_agblock_t bnobt_root;
> > > xfs_agblock_t bcntbt_root;
> > > xfs_agblock_t inobt_root;
> > > diff --git a/repair/globals.h b/repair/globals.h
> > > index 008bdd90..2ed5c894 100644
> > > --- a/repair/globals.h
> > > +++ b/repair/globals.h
> > > @@ -114,7 +114,6 @@ extern int lost_gquotino;
> > > extern int lost_pquotino;
> > >
> > > extern xfs_agino_t first_prealloc_ino;
> > > -extern xfs_agino_t last_prealloc_ino;
> > > extern xfs_agblock_t bnobt_root;
> > > extern xfs_agblock_t bcntbt_root;
> > > extern xfs_agblock_t inobt_root;
> > > diff --git a/repair/scan.c b/repair/scan.c
> > > index c383f3aa..05707dd2 100644
> > > --- a/repair/scan.c
> > > +++ b/repair/scan.c
> > > @@ -1645,13 +1645,6 @@ scan_single_ino_chunk(
> > > break;
> > > case XR_E_INUSE_FS:
> > > case XR_E_INUSE_FS1:
> > > - if (agno == 0 &&
> > > - ino + j >= first_prealloc_ino &&
> > > - ino + j < last_prealloc_ino) {
> > > - set_bmap(agno, agbno, XR_E_INO);
> > > - break;
> > > - }
> > > - /* fall through */
> > > default:
> > > /* XXX - maybe should mark block a duplicate */
> > > do_warn(
> > > @@ -1782,18 +1775,6 @@ _("inode chunk claims untracked block, finobt block - agno %d, bno %d, inopb %d\
> > > break;
> > > case XR_E_INUSE_FS:
> > > case XR_E_INUSE_FS1:
> > > - if (agno == 0 &&
> > > - ino + j >= first_prealloc_ino &&
> > > - ino + j < last_prealloc_ino) {
> > > - do_warn(
> > > -_("inode chunk claims untracked block, finobt block - agno %d, bno %d, inopb %d\n"),
> > > - agno, agbno, mp->m_sb.sb_inopblock);
> > > -
> > > - set_bmap(agno, agbno, XR_E_INO);
> > > - suspect++;
> > > - break;
> > > - }
> > > - /* fall through */
> > > default:
> > > do_warn(
> > > _("inode chunk claims used block, finobt block - agno %d, bno %d, inopb %d\n"),
> > > diff --git a/repair/xfs_repair.c b/repair/xfs_repair.c
> > > index 9295673d..3e9059f3 100644
> > > --- a/repair/xfs_repair.c
> > > +++ b/repair/xfs_repair.c
> > > @@ -460,13 +460,6 @@ calc_mkfs(xfs_mount_t *mp)
> > > first_prealloc_ino = XFS_AGB_TO_AGINO(mp, fino_bno);
> > > }
> > >
> > > - ASSERT(M_IGEO(mp)->ialloc_blks > 0);
> > > -
> > > - if (M_IGEO(mp)->ialloc_blks > 1)
> > > - last_prealloc_ino = first_prealloc_ino + XFS_INODES_PER_CHUNK;
> > > - else
> > > - last_prealloc_ino = XFS_AGB_TO_AGINO(mp, fino_bno + 1);
> > > -
> > > /*
> > > * now the first 3 inodes in the system
> > > */
> > >
> >
>
next prev parent reply other threads:[~2019-12-06 16:00 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-04 17:04 [PATCH v2 0/6] xfs_repair: do not trash valid root dirs Darrick J. Wong
2019-12-04 17:04 ` [PATCH 1/6] xfs: don't commit sunit/swidth updates to disk if that would cause repair failures Darrick J. Wong
2019-12-04 17:04 ` [PATCH 2/6] mkfs: check root inode location Darrick J. Wong
2019-12-05 14:36 ` Brian Foster
2019-12-04 17:04 ` [PATCH 3/6] xfs_repair: enforce that inode btree chunks can't point to AG headers Darrick J. Wong
2019-12-05 14:37 ` Brian Foster
2019-12-05 16:28 ` Darrick J. Wong
2019-12-06 16:00 ` Brian Foster [this message]
2019-12-12 19:11 ` Eric Sandeen
2019-12-12 20:38 ` Eric Sandeen
2019-12-12 22:10 ` Darrick J. Wong
2019-12-04 17:04 ` [PATCH 4/6] xfs_repair: refactor fixed inode location checks Darrick J. Wong
2019-12-05 14:37 ` Brian Foster
2019-12-04 17:04 ` [PATCH 5/6] xfs_repair: use libxfs function to calculate root inode location Darrick J. Wong
2019-12-05 14:37 ` Brian Foster
2019-12-04 17:05 ` [PATCH 6/6] xfs_repair: check plausibility of root dir pointer before trashing it Darrick J. Wong
2019-12-05 14:38 ` Brian Foster
2019-12-12 22:46 ` [PATCH 6/6] xfs_repair: check plausibility of root dir pointer before trashing it\ Darrick J. Wong
2019-12-13 11:19 ` Brian Foster
2019-12-16 16:34 ` Darrick J. Wong
2019-12-17 11:32 ` Brian Foster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191206160044.GB56473@bfoster \
--to=bfoster@redhat.com \
--cc=alex@zadara.com \
--cc=darrick.wong@oracle.com \
--cc=linux-xfs@vger.kernel.org \
--cc=sandeen@sandeen.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.