On Mon, Feb 05, 2018 at 12:45:58PM -0500, Brian Foster wrote: > The ->t_blk_res_used field tracks how many blocks have been used in > the current transaction. This should never exceed the block > reservation (->t_blk_res) for a particular transaction. We currently > assert this condition in the transaction block accounting code, but > otherwise take no additional action should this situation occur. > > The overrun generally has no effect if space ends up being available > and the associated transaction commits. If the transaction is > duplicated, however, the current block usage is used to determine > the remaining block reservation to be transferred to the new > transaction. If usage exceeds reservation, this calculation > underflows and creates a transaction with an invalid and excessive > reservation. When the second transaction commits, the release of > unused blocks corrupts the in-core free space counters. With lazy > superblock accounting enabled, this inconsistency eventually > trickles to the on-disk superblock and corrupts the filesystem. > > Replace the transaction block usage accounting assert with an > explicit overrun check. If the transaction overruns the reservation, > shutdown the filesystem immediately to prevent corruption. Add a new > assert to xfs_trans_dup() to catch any callers that might induce > this invalid state in the future. > > Signed-off-by: Brian Foster <bfoster@xxxxxxxxxx> Looks ok, Reviewed-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx> --D -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
