From nobody Thu Jan 30 17:24:40 2025 Received: from outboundhk.mxmail.xiaomi.com (outboundhk.mxmail.xiaomi.com [118.143.206.90]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 32DDD13AC1 for ; Fri, 24 Jan 2025 01:51:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=118.143.206.90 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737683517; cv=none; b=gfljVX+lozOu4uqWs+uHuaXnkqSn+/4Vw7VcwA5I1mBtxuZVNdzjfgFpq+vgaC6PR0ps1Dy1+ArRu893VpTuDq1POnUB6oAzQ4+nxxBW3JdFflncGjwd5V5+dX6hj3jH2LiCmKcwrNipsD41Z269nRvhqaGcVc4nIj9wUsqsaLY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737683517; c=relaxed/simple; bh=ixj8ZnDEx7jq4hMJPvgzT47OA0v9ncDPl61ktgG50pA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=QE+HnrmbHUGUFvL/gryQlOPtJ7z228fmLPynLmgQQZpipXeeOqzS4S5Zxj+b1ZD9FWf1mluyc4uHNaHdGNhtxxj4NiHN/VgOcUo7pmDX3yaHSE0OOdUOxsuQTzFyip+wk3hQOXo7iapiXLLBtXUq8CdC4eOBGhCEbfnw4Sq8lu0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=xiaomi.com; spf=pass smtp.mailfrom=xiaomi.com; arc=none smtp.client-ip=118.143.206.90 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=xiaomi.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=xiaomi.com X-CSE-ConnectionGUID: +XGi83OURX2nxzAvB4559g== X-CSE-MsgGUID: TCzjyxepQMerjUPpXHWznA== X-IronPort-AV: E=Sophos;i="6.13,230,1732550400"; d="scan'208";a="105591608" From: Jianan Huang To: , , CC: , , , , , , Jianan Huang Subject: [PATCH v2] f2fs: fix inconsistent dirty state of atomic file Date: Fri, 24 Jan 2025 09:50:42 +0800 Message-ID: <20250124015042.273336-1-huangjianan@xiaomi.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250123071417.253019-1-huangjianan@xiaomi.com> References: <20250123071417.253019-1-huangjianan@xiaomi.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: bj-mbx09.mioffice.cn (10.237.8.129) To YZ-MBX05.mioffice.cn (10.237.88.125) Content-Type: text/plain; charset="utf-8" When testing the atomic write fix patches, the f2fs_bug_on was triggered as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/inode.c:935! Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 3 UID: 0 PID: 257 Comm: bash Not tainted 6.13.0-rc1-00033-gc283a70d349= 7 #5 RIP: 0010:f2fs_evict_inode+0x50f/0x520 Call Trace: ? __die_body+0x65/0xb0 ? die+0x9f/0xc0 ? do_trap+0xa1/0x170 ? f2fs_evict_inode+0x50f/0x520 ? f2fs_evict_inode+0x50f/0x520 ? handle_invalid_op+0x65/0x80 ? f2fs_evict_inode+0x50f/0x520 ? exc_invalid_op+0x39/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? __pfx_f2fs_get_dquots+0x10/0x10 ? f2fs_evict_inode+0x50f/0x520 ? f2fs_evict_inode+0x2e5/0x520 evict+0x186/0x2f0 prune_icache_sb+0x75/0xb0 super_cache_scan+0x1a8/0x200 do_shrink_slab+0x163/0x320 shrink_slab+0x2fc/0x470 drop_slab+0x82/0xf0 drop_caches_sysctl_handler+0x4e/0xb0 proc_sys_call_handler+0x183/0x280 vfs_write+0x36d/0x450 ksys_write+0x68/0xd0 do_syscall_64+0xc8/0x1a0 ? arch_exit_to_user_mode_prepare+0x11/0x60 ? irqentry_exit_to_user_mode+0x7e/0xa0 The root cause is: f2fs uses FI_ATOMIC_DIRTIED to indicate dirty atomic files during commit. If the inode is dirtied during commit, such as by f2fs_i_pino_write, the vfs inode keeps clean and the f2fs inode is set to FI_DIRTY_INODE. The FI_DIRTY_INODE flag cann't be cleared by write_inode later due to the clean vfs inode. Finally, f2fs_bug_on is triggered due to this inconsistent state when evict. To reproduce this situation: - fd =3D open("/mnt/test.db", O_WRONLY) - ioctl(fd, F2FS_IOC_START_ATOMIC_WRITE) - mv /mnt/test.db /mnt/test1.db - ioctl(fd, F2FS_IOC_COMMIT_ATOMIC_WRITE) - echo 3 > /proc/sys/vm/drop_caches To fix this problem, clear FI_DIRTY_INODE after commit, then f2fs_mark_inode_dirty_sync will ensure a consistent dirty state. Fixes: fccaa81de87e ("f2fs: prevent atomic file from being dirtied before c= ommit") Signed-off-by: Yunlei He Signed-off-by: Jianan Huang --- Changes since v1: - Add comments suggested by Chao. - Add missing stat reduction. fs/f2fs/segment.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c index dc1b47f9269a..de1597110f76 100644 --- a/fs/f2fs/segment.c +++ b/fs/f2fs/segment.c @@ -201,6 +201,15 @@ void f2fs_abort_atomic_write(struct inode *inode, bool= clean) clear_inode_flag(inode, FI_ATOMIC_FILE); if (is_inode_flag_set(inode, FI_ATOMIC_DIRTIED)) { clear_inode_flag(inode, FI_ATOMIC_DIRTIED); + /* + * The vfs inode keeps clean during commit, but the f2fs inode + * doesn't. So clear the dirty state after commit and let + * f2fs_mark_inode_dirty_sync ensure a consistent dirty state. + */ + if (is_inode_flag_set(inode, FI_DIRTY_INODE)) { + clear_inode_flag(inode, FI_DIRTY_INODE); + stat_dec_dirty_inode(F2FS_I_SB(inode), DIRTY_META); + } f2fs_mark_inode_dirty_sync(inode, true); } stat_dec_atomic_inode(inode); --=20 2.43.0