Hi Hugh, On Sunday 27 July 2008 08:28:32 Hugh Dickins wrote: > On Sat, 26 Jul 2008, Kel Modderman wrote: > > > > I am able to reproduce the triggering of BUG_ON() in shmem_delete_inode > > function of mm/shmem.c, line 814, while testing the insserv program in a dir > > on a tmpfs mount point with Linux 2.6.25.x and 2.6.26. > > Outstanding bug report and steps to reproduce: thank you so much. > You should find this fixes it; though we may have some more work to > do, maybe other filesystems are surprised by readahead on directories. Ack, confirmed. Thanks for such a prompt fix. > > > [PATCH] tmpfs: fix kernel BUG in shmem_delete_inode > > SuSE's insserve initscript ordering program hits kernel BUG at mm/shmem.c:814 > on 2.6.26. It's using posix_fadvise on directories, and the shmem_readpage > method added in 2.6.23 is letting POSIX_FADV_WILLNEED allocate useless pages > to a tmpfs directory, incrementing i_blocks count but never decrementing it. > > Fix this by assigning shmem_aops (pointing to readpage and writepage and > set_page_dirty) only when it's needed, on a regular file or a long symlink. > > Many thanks to Kel for outstanding bugreport and steps to reproduce it. > > Reported-by: Kel Modderman <kel@xxxxxxxxxx> > Signed-off-by: Hugh Dickins <hugh@xxxxxxxxxxx> > Cc: stable@xxxxxxxxxx > --- > Other filesystems... ramfs looks as if it would allocate useless pages too, > but should free them, and wouldn't BUG; are there other filesystems to be > surprised by readahead on directories? I have not looked through yet. > > mm/shmem.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > --- 2.6.26-git/mm/shmem.c 2008-07-26 12:33:28.000000000 +0100 > +++ linux/mm/shmem.c 2008-07-26 22:46:28.000000000 +0100 > @@ -1513,7 +1513,6 @@ shmem_get_inode(struct super_block *sb, > inode->i_uid = current->fsuid; > inode->i_gid = current->fsgid; > inode->i_blocks = 0; > - inode->i_mapping->a_ops = &shmem_aops; > inode->i_mapping->backing_dev_info = &shmem_backing_dev_info; > inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; > inode->i_generation = get_seconds(); > @@ -1528,6 +1527,7 @@ shmem_get_inode(struct super_block *sb, > init_special_inode(inode, mode, dev); > break; > case S_IFREG: > + inode->i_mapping->a_ops = &shmem_aops; > inode->i_op = &shmem_inode_operations; > inode->i_fop = &shmem_file_operations; > mpol_shared_policy_init(&info->policy, > @@ -1929,6 +1929,7 @@ static int shmem_symlink(struct inode *d > return error; > } > unlock_page(page); > + inode->i_mapping->a_ops = &shmem_aops; > inode->i_op = &shmem_symlink_inode_operations; > kaddr = kmap_atomic(page, KM_USER0); > memcpy(kaddr, symname, len); > -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
