* [PATCH] ext4: Check superblock mapped prior to committing
@ 2018-06-29 19:36 Jon Derrick
2018-06-30 4:36 ` Andreas Dilger
2018-07-02 22:50 ` Theodore Y. Ts'o
0 siblings, 2 replies; 3+ messages in thread
From: Jon Derrick @ 2018-06-29 19:36 UTC (permalink / raw)
To: linux-ext4; +Cc: Theodore Ts'o, Andreas Dilger, linux-kernel, Jon Derrick
This patch attempts to close a hole leading to a BUG seen with hot
removals during writes [1].
A block device (NVME namespace in this test case) is formatted to EXT4
without partitions. It's mounted and write I/O is run to a file, then
the device is hot removed from the slot. The superblock attempts to be
written to the drive which is no longer present.
The typical chain of events leading to the BUG:
ext4_commit_super()
__sync_dirty_buffer()
submit_bh()
submit_bh_wbc()
BUG_ON(!buffer_mapped(bh));
This fix checks for the superblock's buffer head being mapped prior to
syncing.
[1] https://www.spinics.net/lists/linux-ext4/msg56527.html
Signed-off-by: Jon Derrick <jonathan.derrick@intel.com>
---
fs/ext4/super.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 0c4c220..ee33233 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -4736,6 +4736,14 @@ static int ext4_commit_super(struct super_block *sb, int sync)
if (!sbh || block_device_ejected(sb))
return error;
+
+ /*
+ * The superblock bh should be mapped, but it might not be if the
+ * device was hot-removed. Not much we can do but fail the I/O.
+ */
+ if (!buffer_mapped(sbh))
+ return error;
+
/*
* If the file system is mounted read-only, don't update the
* superblock write time. This avoids updating the superblock
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] ext4: Check superblock mapped prior to committing
2018-06-29 19:36 [PATCH] ext4: Check superblock mapped prior to committing Jon Derrick
@ 2018-06-30 4:36 ` Andreas Dilger
2018-07-02 22:50 ` Theodore Y. Ts'o
1 sibling, 0 replies; 3+ messages in thread
From: Andreas Dilger @ 2018-06-30 4:36 UTC (permalink / raw)
To: Jon Derrick
Cc: Ext4 Developers List, Theodore Ts'o,
Linux Kernel Mailing List
[-- Attachment #1: Type: text/plain, Size: 1964 bytes --]
On Jun 29, 2018, at 1:36 PM, Jon Derrick <jonathan.derrick@intel.com> wrote:
>
> This patch attempts to close a hole leading to a BUG seen with hot
> removals during writes [1].
>
> A block device (NVME namespace in this test case) is formatted to EXT4
> without partitions. It's mounted and write I/O is run to a file, then
> the device is hot removed from the slot. The superblock attempts to be
> written to the drive which is no longer present.
>
> The typical chain of events leading to the BUG:
> ext4_commit_super()
> __sync_dirty_buffer()
> submit_bh()
> submit_bh_wbc()
> BUG_ON(!buffer_mapped(bh));
>
> This fix checks for the superblock's buffer head being mapped prior to
> syncing.
>
> [1] https://www.spinics.net/lists/linux-ext4/msg56527.html
>
> Signed-off-by: Jon Derrick <jonathan.derrick@intel.com>
> ---
> fs/ext4/super.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index 0c4c220..ee33233 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -4736,6 +4736,14 @@ static int ext4_commit_super(struct super_block *sb, int sync)
>
> if (!sbh || block_device_ejected(sb))
> return error;
> +
> + /*
> + * The superblock bh should be mapped, but it might not be if the
> + * device was hot-removed. Not much we can do but fail the I/O.
> + */
> + if (!buffer_mapped(sbh))
> + return error;
This still looks a bit racy, based on the stack trace you posted.
There is already a "block_device_ejected()" check a line above,
which makes me think that the PCI device removal should be handled
like an ejected device, so that it is also handled elsewhere.
Even so, the check here in ext4_commit_super() can pass, and the
PCI card can be removed on the next instruction and still trigger
the BUG_ON().
That said, this is probably still an improvement on the existing
situation.
Cheers, Andreas
[-- Attachment #2: Message signed with OpenPGP --]
[-- Type: application/pgp-signature, Size: 873 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] ext4: Check superblock mapped prior to committing
2018-06-29 19:36 [PATCH] ext4: Check superblock mapped prior to committing Jon Derrick
2018-06-30 4:36 ` Andreas Dilger
@ 2018-07-02 22:50 ` Theodore Y. Ts'o
1 sibling, 0 replies; 3+ messages in thread
From: Theodore Y. Ts'o @ 2018-07-02 22:50 UTC (permalink / raw)
To: Jon Derrick; +Cc: linux-ext4, Andreas Dilger, linux-kernel
On Fri, Jun 29, 2018 at 01:36:35PM -0600, Jon Derrick wrote:
> This patch attempts to close a hole leading to a BUG seen with hot
> removals during writes [1].
>
> A block device (NVME namespace in this test case) is formatted to EXT4
> without partitions. It's mounted and write I/O is run to a file, then
> the device is hot removed from the slot. The superblock attempts to be
> written to the drive which is no longer present.
>
> The typical chain of events leading to the BUG:
> ext4_commit_super()
> __sync_dirty_buffer()
> submit_bh()
> submit_bh_wbc()
> BUG_ON(!buffer_mapped(bh));
>
> This fix checks for the superblock's buffer head being mapped prior to
> syncing.
>
> [1] https://www.spinics.net/lists/linux-ext4/msg56527.html
>
> Signed-off-by: Jon Derrick <jonathan.derrick@intel.com>
Thanks, applied.
- Ted
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-07-02 22:50 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-06-29 19:36 [PATCH] ext4: Check superblock mapped prior to committing Jon Derrick
2018-06-30 4:36 ` Andreas Dilger
2018-07-02 22:50 ` Theodore Y. Ts'o
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).