From: Wengang Wang <wen.gang.wang@xxxxxxxxxx>
commit 58f880711f2ba53fd5e959875aff5b3bf6d5c32e upstream.
A user with a completely full filesystem experienced an unexpected
shutdown when the filesystem tried to write the superblock during
runtime.
kernel shows the following dmesg:
[ 8.176281] XFS (dm-4): Metadata corruption detected at xfs_sb_write_verify+0x60/0x120 [xfs], xfs_sb block 0x0
[ 8.177417] XFS (dm-4): Unmount and run xfs_repair
[ 8.178016] XFS (dm-4): First 128 bytes of corrupted metadata buffer:
[ 8.178703] 00000000: 58 46 53 42 00 00 10 00 00 00 00 00 01 90 00 00 XFSB............
[ 8.179487] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 8.180312] 00000020: cf 12 dc 89 ca 26 45 29 92 e6 e3 8d 3b b8 a2 c3 .....&E)....;...
[ 8.181150] 00000030: 00 00 00 00 01 00 00 06 00 00 00 00 00 00 00 80 ................
[ 8.182003] 00000040: 00 00 00 00 00 00 00 81 00 00 00 00 00 00 00 82 ................
[ 8.182004] 00000050: 00 00 00 01 00 64 00 00 00 00 00 04 00 00 00 00 .....d..........
[ 8.182004] 00000060: 00 00 64 00 b4 a5 02 00 02 00 00 08 00 00 00 00 ..d.............
[ 8.182005] 00000070: 00 00 00 00 00 00 00 00 0c 09 09 03 17 00 00 19 ................
[ 8.182008] XFS (dm-4): Corruption of in-memory data detected. Shutting down filesystem
[ 8.182010] XFS (dm-4): Please unmount the filesystem and rectify the problem(s)
When xfs_log_sb writes super block to disk, b_fdblocks is fetched from
m_fdblocks without any lock. As m_fdblocks can experience a positive ->
negative -> positive changing when the FS reaches fullness (see
xfs_mod_fdblocks). So there is a chance that sb_fdblocks is negative, and
because sb_fdblocks is type of unsigned long long, it reads super big.
And sb_fdblocks being bigger than sb_dblocks is a problem during log
recovery, xfs_validate_sb_write() complains.
Fix:
As sb_fdblocks will be re-calculated during mount when lazysbcount is
enabled, We just need to make xfs_validate_sb_write() happy -- make sure
sb_fdblocks is not nenative. This patch also takes care of other percpu
counters in xfs_log_sb.
Signed-off-by: Wengang Wang <wen.gang.wang@xxxxxxxxxx>
Reviewed-by: Darrick J. Wong <djwong@xxxxxxxxxx>
Signed-off-by: Chandan Babu R <chandanbabu@xxxxxxxxxx>
Signed-off-by: Catherine Hoang <catherine.hoang@xxxxxxxxxx>
Acked-by: Darrick J. Wong <djwong@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/xfs/libxfs/xfs_sb.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
--- a/fs/xfs/libxfs/xfs_sb.c
+++ b/fs/xfs/libxfs/xfs_sb.c
@@ -1031,11 +1031,12 @@ xfs_log_sb(
* and hence we don't need have to update it here.
*/
if (xfs_has_lazysbcount(mp)) {
- mp->m_sb.sb_icount = percpu_counter_sum(&mp->m_icount);
+ mp->m_sb.sb_icount = percpu_counter_sum_positive(&mp->m_icount);
mp->m_sb.sb_ifree = min_t(uint64_t,
- percpu_counter_sum(&mp->m_ifree),
+ percpu_counter_sum_positive(&mp->m_ifree),
mp->m_sb.sb_icount);
- mp->m_sb.sb_fdblocks = percpu_counter_sum(&mp->m_fdblocks);
+ mp->m_sb.sb_fdblocks =
+ percpu_counter_sum_positive(&mp->m_fdblocks);
}
xfs_sb_to_disk(bp->b_addr, &mp->m_sb);
Patches currently in stable-queue which might be from catherine.hoang@xxxxxxxxxx are
queue-6.6/xfs-enforce-one-namespace-per-attribute.patch
queue-6.6/xfs-use-dontcache-for-grabbing-inodes-during-scrub.patch
queue-6.6/xfs-revert-commit-44af6c7e59b12.patch
queue-6.6/xfs-check-shortform-attr-entry-flags-specifically.patch
queue-6.6/xfs-make-the-seq-argument-to-xfs_bmapi_convert_delalloc-optional.patch
queue-6.6/xfs-check-opcode-and-iovec-count-match-in-xlog_recover_attri_commit_pass2.patch
queue-6.6/xfs-allow-symlinks-with-short-remote-targets.patch
queue-6.6/xfs-match-lock-mode-in-xfs_buffered_write_iomap_begin.patch
queue-6.6/xfs-require-xfs_sb_feat_incompat_log_xattrs-for-attr-log-intent-item-recovery.patch
queue-6.6/xfs-allow-unlinked-symlinks-and-dirs-with-zero-size.patch
queue-6.6/xfs-restrict-when-we-try-to-align-cow-fork-delalloc-to-cowextsz-hints.patch
queue-6.6/xfs-fix-xfs_bmap_add_extent_delay_real-for-partial-conversions.patch
queue-6.6/xfs-fix-missing-check-for-invalid-attr-flags.patch
queue-6.6/xfs-validate-recovered-name-buffers-when-recovering-xattr-items.patch
queue-6.6/xfs-make-xfs_bmapi_convert_delalloc-to-allocate-the-target-offset.patch
queue-6.6/xfs-convert-delayed-extents-to-unwritten-when-zeroing-post-eof-blocks.patch
queue-6.6/xfs-fix-freeing-speculative-preallocations-for-preallocated-files.patch
queue-6.6/xfs-fix-unlink-vs-cluster-buffer-instantiation-race.patch
queue-6.6/xfs-make-sure-sb_fdblocks-is-non-negative.patch
queue-6.6/xfs-remove-a-racy-if_bytes-check-in-xfs_reflink_end_cow_extent.patch
queue-6.6/xfs-fix-error-returns-from-xfs_bmapi_write.patch
