Hi Linus, Please pull this second branch containing more bug fixes for XFS for 5.18-rc1. This branch fixes multiple problems in the reserve pool sizing functions: an incorrect free space calculation, a pointless infinite loop, and even more braindamage that could result in the pool being overfilled. The pile of patches from Dave fix myriad races and UAF bugs in the log recovery code that much to our mutual surprise nobody's tripped over. Dave also fixed a performance optimization that had turned into a regression. Dave Chinner is taking over as XFS maintainer starting Sunday and lasting until 5.19-rc1 is tagged so that I can focus on starting a massive design review for the (feature complete after five years) online repair feature. From then on, he and I will be moving XFS to a co-maintainership model by trading duties every other release. NOTE: I hope very strongly that the other pieces of the (X)FS ecosystem (fstests and xfsprogs) will make similar changes to spread their maintenance load. As usual, I did a test-merge with upstream master as of a few minutes ago. Stephen Rothwell reported a merge conflict[1] with the "drop async cache flushes" patch, which I think you can resolve by deleting xfs_flush_bdev_async_endio and xfs_flush_bdev_async no matter what their contents. At least, it worked for me. Please let me know if you encounter any problems. At worst, we can rebase the branch against -rc1 and resubmit. --D [1] https://lore.kernel.org/linux-xfs/20220331090047.7c6f2e1e@xxxxxxxxxxxxxxxx/T/#u The following changes since commit 01728b44ef1b714756607be0210fbcf60c78efce: xfs: xfs_is_shutdown vs xlog_is_shutdown cage fight (2022-03-20 08:59:50 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git tags/xfs-5.18-merge-4 for you to fetch changes up to 919edbadebe17a67193533f531c2920c03e40fa4: xfs: drop async cache flushes from CIL commits. (2022-03-29 18:22:02 -0700) ---------------------------------------------------------------- Bug fixes for 5.18: - Fix an incorrect free space calculation in xfs_reserve_blocks that could lead to a request for free blocks that will never succeed. - Fix a hang in xfs_reserve_blocks caused by an infinite loop and the incorrect free space calculation. - Fix yet a third problem in xfs_reserve_blocks where multiple racing threads can overfill the reserve pool. - Fix an accounting error that lead to us reporting reserved space as "available". - Fix a race condition during abnormal fs shutdown that could cause UAF problems when memory reclaim and log shutdown try to clean up inodes. - Fix a bug where log shutdown can race with unmount to tear down the log, thereby causing UAF errors. - Disentangle log and filesystem shutdown to reduce confusion. - Fix some confusion in xfs_trans_commit such that a race between transaction commit and filesystem shutdown can cause unlogged dirty inode metadata to be committed, thereby corrupting the filesystem. - Remove a performance optimization in the log as it was discovered that certain storage hardware handle async log flushes so poorly as to cause serious performance regressions. Recent restructuring of other parts of the logging code mean that no performance benefit is seen on hardware that handle it well. ---------------------------------------------------------------- Darrick J. Wong (6): xfs: document the XFS_ALLOC_AGFL_RESERVE constant xfs: don't include bnobt blocks when reserving free block pool xfs: remove infinite loop when reserving free block pool xfs: always succeed at setting the reserve pool size xfs: fix overfilling of reserve pool xfs: don't report reserved bnobt space as available Dave Chinner (8): xfs: aborting inodes on shutdown may need buffer lock xfs: shutdown in intent recovery has non-intent items in the AIL xfs: run callbacks before waking waiters in xlog_state_shutdown_callbacks xfs: log shutdown triggers should only shut down the log xfs: xfs_do_force_shutdown needs to block racing shutdowns xfs: xfs_trans_commit() path must check for log shutdown xfs: shutdown during log recovery needs to mark the log shutdown xfs: drop async cache flushes from CIL commits. fs/xfs/libxfs/xfs_alloc.c | 28 ++++++-- fs/xfs/libxfs/xfs_alloc.h | 1 - fs/xfs/xfs_bio_io.c | 35 ---------- fs/xfs/xfs_fsops.c | 60 ++++++++--------- fs/xfs/xfs_icache.c | 2 +- fs/xfs/xfs_inode.c | 2 +- fs/xfs/xfs_inode_item.c | 164 +++++++++++++++++++++++++++++++++++++--------- fs/xfs/xfs_inode_item.h | 1 + fs/xfs/xfs_linux.h | 2 - fs/xfs/xfs_log.c | 109 ++++++++++++++++-------------- fs/xfs/xfs_log_cil.c | 46 +++++-------- fs/xfs/xfs_log_priv.h | 14 +++- fs/xfs/xfs_log_recover.c | 56 ++++++---------- fs/xfs/xfs_mount.c | 3 +- fs/xfs/xfs_mount.h | 15 +++++ fs/xfs/xfs_super.c | 3 +- fs/xfs/xfs_trans.c | 48 +++++++++----- fs/xfs/xfs_trans_ail.c | 8 +-- 18 files changed, 348 insertions(+), 249 deletions(-)
