asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/fs/xfs
History
Darrick J. Wong 649836fe94 xfs: don't crash on null attr fork xfs_bmapi_read 
[ Upstream commit 8612de3f7ba6e900465e340516b8313806d27b2d ]

Zorro Lang reported a crash in generic/475 if we try to inactivate a
corrupt inode with a NULL attr fork (stack trace shortened somewhat):

RIP: 0010:xfs_bmapi_read+0x311/0xb00 [xfs]
RSP: 0018:ffff888047f9ed68 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: ffff888047f9f038 RCX: 1ffffffff5f99f51
RDX: 0000000000000002 RSI: 0000000000000008 RDI: 0000000000000012
RBP: ffff888002a41f00 R08: ffffed10005483f0 R09: ffffed10005483ef
R10: ffffed10005483ef R11: ffff888002a41f7f R12: 0000000000000004
R13: ffffe8fff53b5768 R14: 0000000000000005 R15: 0000000000000001
FS:  00007f11d44b5b80(0000) GS:ffff888114200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000ef6000 CR3: 000000002e176003 CR4: 00000000001606e0
Call Trace:
 xfs_dabuf_map.constprop.18+0x696/0xe50 [xfs]
 xfs_da_read_buf+0xf5/0x2c0 [xfs]
 xfs_da3_node_read+0x1d/0x230 [xfs]
 xfs_attr_inactive+0x3cc/0x5e0 [xfs]
 xfs_inactive+0x4c8/0x5b0 [xfs]
 xfs_fs_destroy_inode+0x31b/0x8e0 [xfs]
 destroy_inode+0xbc/0x190
 xfs_bulkstat_one_int+0xa8c/0x1200 [xfs]
 xfs_bulkstat_one+0x16/0x20 [xfs]
 xfs_bulkstat+0x6fa/0xf20 [xfs]
 xfs_ioc_bulkstat+0x182/0x2b0 [xfs]
 xfs_file_ioctl+0xee0/0x12a0 [xfs]
 do_vfs_ioctl+0x193/0x1000
 ksys_ioctl+0x60/0x90
 __x64_sys_ioctl+0x6f/0xb0
 do_syscall_64+0x9f/0x4d0
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f11d39a3e5b

The "obvious" cause is that the attr ifork is null despite the inode
claiming an attr fork having at least one extent, but it's not so
obvious why we ended up with an inode in that state.

Reported-by: Zorro Lang <zlang@redhat.com>
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=204031
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Bill O'Donnell <billodo@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-10-01 08:26:12 +02:00
..
libxfs xfs: don't crash on null attr fork xfs_bmapi_read 2019-10-01 08:26:12 +02:00
scrub xfs: don't treat unknown di_flags2 as corruption in scrub 2018-09-29 13:49:00 +10:00
Kconfig xfs: implement the metadata repair ioctl flag 2018-05-15 18:12:50 -07:00
kmem.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
kmem.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
Makefile xfs: move the repair extent list into its own file 2018-07-29 22:37:09 -07:00
mrlock.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs.h xfs: remove b_last_holder & associated macros 2018-08-12 08:37:31 -07:00
xfs_acl.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_acl.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_aops.c xfs: eof trim writeback mapping as soon as it is cached 2019-02-12 19:47:23 +01:00
xfs_aops.h xfs: remove xfs_map_cow 2018-07-11 22:25:59 -07:00
xfs_attr_inactive.c xfs: remove all boilerplate defer init/finish code 2018-07-26 10:15:15 -07:00
xfs_attr_list.c xfs: don't overflow xattr listent buffer 2019-07-26 09:14:28 +02:00
xfs_bmap_item.c xfs: pass transaction to xfs_defer_add() 2018-08-02 23:05:14 -07:00
xfs_bmap_item.h xfs: use transaction for intent recovery instead of raw dfops 2018-08-02 23:05:13 -07:00
xfs_bmap_util.c xfs: flush removing page cache in xfs_reflink_remap_prep 2019-07-26 09:14:28 +02:00
xfs_bmap_util.h xfs: flush removing page cache in xfs_reflink_remap_prep 2019-07-26 09:14:28 +02:00
xfs_buf.c xfs: remove b_last_holder & associated macros 2018-08-12 08:37:31 -07:00
xfs_buf.h xfs: remove b_last_holder & associated macros 2018-08-12 08:37:31 -07:00
xfs_buf_item.c xfs: fix transient reference count error in xfs_buf_resubmit_failed_buffers 2019-02-12 19:47:20 +01:00
xfs_buf_item.h xfs: refactor xfs_buf_log_item reference count handling 2018-09-29 13:45:26 +10:00
xfs_dir2_readdir.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_discard.c xfs: trivial xfs_btree_del_cursor cleanups 2018-07-23 09:08:00 -07:00
xfs_discard.h
xfs_dquot.c xfs: always rejoin held resources during defer roll 2019-08-29 08:28:58 +02:00
xfs_dquot.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_dquot_item.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_dquot_item.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_error.c xfs: force summary counter recalc at next mount 2018-07-23 09:08:01 -07:00
xfs_error.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_export.c xfs: clean up IRELE/iput callsites 2018-07-26 10:15:16 -07:00
xfs_export.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_extent_busy.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_extent_busy.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_extfree_item.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_extfree_item.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_file.c xfs: abort unaligned nowait directio early 2019-07-26 09:14:29 +02:00
xfs_filestream.c xfs: replace dop_low with transaction flag 2018-08-02 23:05:13 -07:00
xfs_filestream.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_fsmap.c xfs: trivial xfs_btree_del_cursor cleanups 2018-07-23 09:08:00 -07:00
xfs_fsmap.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_fsops.c xfs: reserve blocks for ifree transaction during log recovery 2019-07-26 09:14:28 +02:00
xfs_fsops.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_globals.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_icache.c xfs: introduce a new xfs_inode_has_cow_data helper 2018-07-30 07:57:48 -07:00
xfs_icache.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_icreate_item.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_icreate_item.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_inode.c xfs: don't ever put nlink > 0 inodes on the unlinked list 2019-07-26 09:14:28 +02:00
xfs_inode.h xfs: fold dfops into the transaction 2018-08-02 23:05:14 -07:00
xfs_inode_item.c xfs: remove if_real_bytes 2018-07-30 07:57:48 -07:00
xfs_inode_item.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_ioctl.c xfs: Fix error code in 'xfs_ioc_getbmap()' 2019-02-12 19:47:20 +01:00
xfs_ioctl.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_ioctl32.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_ioctl32.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_iomap.c Merge branch 'iomap-4.19-merge' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux 2018-08-13 22:29:03 -07:00
xfs_iomap.h xfs: avoid COW fork extent lookups in writeback if the fork didn't change 2018-07-31 13:18:09 -07:00
xfs_iops.c xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT 2019-08-29 08:28:57 +02:00
xfs_iops.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_itable.c xfs: clean up IRELE/iput callsites 2018-07-26 10:15:16 -07:00
xfs_itable.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_linux.h xfs: replace do_mod with native operations 2018-06-08 10:07:52 -07:00
xfs_log.c xfs: fix a comment in xfs_log_reserve 2018-08-03 08:17:54 -07:00
xfs_log.h xfs: refactor log recovery check 2018-08-01 07:40:48 -07:00
xfs_log_cil.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_log_priv.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_log_recover.c xfs: remove invalid log recovery first/last cycle check 2018-09-29 13:50:41 +10:00
xfs_message.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_message.h
xfs_mount.c xfs: recalculate summary counters at mount time if icount is bad 2018-08-13 07:58:27 -07:00
xfs_mount.h xfs: rename m_inotbt_nores to m_finobt_nores 2019-07-26 09:14:28 +02:00
xfs_mru_cache.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_mru_cache.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_ondisk.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_pnfs.c xfs: prepare xfs_break_layouts() for another layout type 2018-05-22 07:19:08 -07:00
xfs_pnfs.h xfs: prepare xfs_break_layouts() for another layout type 2018-05-22 07:19:08 -07:00
xfs_qm.c xfs: clean up IRELE/iput callsites 2018-07-26 10:15:16 -07:00
xfs_qm.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_qm_bhv.c fs/xfs: fix f_ffree value for statfs when project quota is set 2019-02-12 19:47:21 +01:00
xfs_qm_syscalls.c xfs: clean up IRELE/iput callsites 2018-07-26 10:15:16 -07:00
xfs_quota.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_quotaops.c xfs: clean up IRELE/iput callsites 2018-07-26 10:15:16 -07:00
xfs_refcount_item.c xfs: pass transaction to xfs_defer_add() 2018-08-02 23:05:14 -07:00
xfs_refcount_item.h xfs: use transaction for intent recovery instead of raw dfops 2018-08-02 23:05:13 -07:00
xfs_reflink.c xfs: flush removing page cache in xfs_reflink_remap_prep 2019-07-26 09:14:28 +02:00
xfs_reflink.h xfs: remove xfs_reflink_find_cow_mapping 2018-07-11 22:26:01 -07:00
xfs_rmap_item.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_rmap_item.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_rtalloc.c xfs: clean up IRELE/iput callsites 2018-07-26 10:15:16 -07:00
xfs_rtalloc.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_stats.c xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat 2019-02-12 19:47:20 +01:00
xfs_stats.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_super.c xfs: reserve blocks for ifree transaction during log recovery 2019-07-26 09:14:28 +02:00
xfs_super.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_symlink.c xfs: automatic dfops inode relogging 2018-08-02 23:05:14 -07:00
xfs_symlink.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_sysctl.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_sysctl.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_sysfs.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_sysfs.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_trace.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_trace.h xfs: don't unlock invalidated buf on aborted tx commit 2018-09-29 13:44:40 +10:00
xfs_trans.c xfs: avoid lockdep false positives in xfs_trans_alloc 2018-09-29 13:46:21 +10:00
xfs_trans.h xfs: fold dfops into the transaction 2018-08-02 23:05:14 -07:00
xfs_trans_ail.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_trans_bmap.c xfs: drop dop param from xfs_defer_op_type ->finish_item() callback 2018-08-02 23:05:14 -07:00
xfs_trans_buf.c xfs: refactor xfs_buf_log_item reference count handling 2018-09-29 13:45:26 +10:00
xfs_trans_dquot.c xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_trans_extfree.c xfs: drop dop param from xfs_defer_op_type ->finish_item() callback 2018-08-02 23:05:14 -07:00
xfs_trans_inode.c vfs/y2038: inode timestamps conversion to timespec64 2018-06-15 07:31:07 +09:00
xfs_trans_priv.h xfs: convert to SPDX license tags 2018-06-06 14:17:53 -07:00
xfs_trans_refcount.c xfs: drop dop param from xfs_defer_op_type ->finish_item() callback 2018-08-02 23:05:14 -07:00
xfs_trans_rmap.c xfs: drop dop param from xfs_defer_op_type ->finish_item() callback 2018-08-02 23:05:14 -07:00
xfs_xattr.c xfs: don't overflow xattr listent buffer 2019-07-26 09:14:28 +02:00