<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/fs/jbd2, branch linux-3.10.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>jbd2: don't leak modified metadata buffers on an aborted journal</title>
<updated>2017-06-20T06:02:35+00:00</updated>
<author>
<name>Theodore Ts'o</name>
<email>tytso@mit.edu</email>
</author>
<published>2017-02-05T04:14:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=45f1a95e8e169b8fc67d77b603ed2615301626f3'/>
<id>45f1a95e8e169b8fc67d77b603ed2615301626f3</id>
<content type='text'>
commit e112666b4959b25a8552d63bc564e1059be703e8 upstream.

If the journal has been aborted, we shouldn't mark the underlying
buffer head as dirty, since that will cause the metadata block to get
modified.  And if the journal has been aborted, we shouldn't allow
this since it will almost certainly lead to a corrupted file system.

Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Willy Tarreau &lt;w@1wt.eu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit e112666b4959b25a8552d63bc564e1059be703e8 upstream.

If the journal has been aborted, we shouldn't mark the underlying
buffer head as dirty, since that will cause the metadata block to get
modified.  And if the journal has been aborted, we shouldn't allow
this since it will almost certainly lead to a corrupted file system.

Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Willy Tarreau &lt;w@1wt.eu&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: fix FS corruption possibility in jbd2_journal_destroy() on umount path</title>
<updated>2016-06-07T08:42:46+00:00</updated>
<author>
<name>OGAWA Hirofumi</name>
<email>hirofumi@mail.parknet.co.jp</email>
</author>
<published>2016-03-10T04:47:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7493d128722687a2f43c3cf6feef04f3b81e5bcb'/>
<id>7493d128722687a2f43c3cf6feef04f3b81e5bcb</id>
<content type='text'>
commit c0a2ad9b50dd80eeccd73d9ff962234590d5ec93 upstream.

On umount path, jbd2_journal_destroy() writes latest transaction ID
(-&gt;j_tail_sequence) to be used at next mount.

The bug is that -&gt;j_tail_sequence is not holding latest transaction ID
in some cases. So, at next mount, there is chance to conflict with
remaining (not overwritten yet) transactions.

	mount (id=10)
	write transaction (id=11)
	write transaction (id=12)
	umount (id=10) &lt;= the bug doesn't write latest ID

	mount (id=10)
	write transaction (id=11)
	crash

	mount
	[recovery process]
		transaction (id=11)
		transaction (id=12) &lt;= valid transaction ID, but old commit
                                       must not replay

Like above, this bug become the cause of recovery failure, or FS
corruption.

So why -&gt;j_tail_sequence doesn't point latest ID?

Because if checkpoint transactions was reclaimed by memory pressure
(i.e. bdev_try_to_free_page()), then -&gt;j_tail_sequence is not updated.
(And another case is, __jbd2_journal_clean_checkpoint_list() is called
with empty transaction.)

So in above cases, -&gt;j_tail_sequence is not pointing latest
transaction ID at umount path. Plus, REQ_FLUSH for checkpoint is not
done too.

So, to fix this problem with minimum changes, this patch updates
-&gt;j_tail_sequence, and issue REQ_FLUSH.  (With more complex changes,
some optimizations would be possible to avoid unnecessary REQ_FLUSH
for example though.)

BTW,

	journal-&gt;j_tail_sequence =
		++journal-&gt;j_transaction_sequence;

Increment of -&gt;j_transaction_sequence seems to be unnecessary, but
ext3 does this.

Signed-off-by: OGAWA Hirofumi &lt;hirofumi@mail.parknet.co.jp&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Willy Tarreau &lt;w@1wt.eu&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit c0a2ad9b50dd80eeccd73d9ff962234590d5ec93 upstream.

On umount path, jbd2_journal_destroy() writes latest transaction ID
(-&gt;j_tail_sequence) to be used at next mount.

The bug is that -&gt;j_tail_sequence is not holding latest transaction ID
in some cases. So, at next mount, there is chance to conflict with
remaining (not overwritten yet) transactions.

	mount (id=10)
	write transaction (id=11)
	write transaction (id=12)
	umount (id=10) &lt;= the bug doesn't write latest ID

	mount (id=10)
	write transaction (id=11)
	crash

	mount
	[recovery process]
		transaction (id=11)
		transaction (id=12) &lt;= valid transaction ID, but old commit
                                       must not replay

Like above, this bug become the cause of recovery failure, or FS
corruption.

So why -&gt;j_tail_sequence doesn't point latest ID?

Because if checkpoint transactions was reclaimed by memory pressure
(i.e. bdev_try_to_free_page()), then -&gt;j_tail_sequence is not updated.
(And another case is, __jbd2_journal_clean_checkpoint_list() is called
with empty transaction.)

So in above cases, -&gt;j_tail_sequence is not pointing latest
transaction ID at umount path. Plus, REQ_FLUSH for checkpoint is not
done too.

So, to fix this problem with minimum changes, this patch updates
-&gt;j_tail_sequence, and issue REQ_FLUSH.  (With more complex changes,
some optimizations would be possible to avoid unnecessary REQ_FLUSH
for example though.)

BTW,

	journal-&gt;j_tail_sequence =
		++journal-&gt;j_transaction_sequence;

Increment of -&gt;j_transaction_sequence seems to be unnecessary, but
ext3 does this.

Signed-off-by: OGAWA Hirofumi &lt;hirofumi@mail.parknet.co.jp&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Willy Tarreau &lt;w@1wt.eu&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: Fix unreclaimed pages after truncate in data=journal mode</title>
<updated>2016-02-19T22:22:38+00:00</updated>
<author>
<name>Jan Kara</name>
<email>jack@suse.cz</email>
</author>
<published>2015-11-24T20:34:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=1174350e4dba0abb95f9f21154e333c54d97555d'/>
<id>1174350e4dba0abb95f9f21154e333c54d97555d</id>
<content type='text'>
commit bc23f0c8d7ccd8d924c4e70ce311288cb3e61ea8 upstream.

Ted and Namjae have reported that truncated pages don't get timely
reclaimed after being truncated in data=journal mode. The following test
triggers the issue easily:

for (i = 0; i &lt; 1000; i++) {
	pwrite(fd, buf, 1024*1024, 0);
	fsync(fd);
	fsync(fd);
	ftruncate(fd, 0);
}

The reason is that journal_unmap_buffer() finds that truncated buffers
are not journalled (jh-&gt;b_transaction == NULL), they are part of
checkpoint list of a transaction (jh-&gt;b_cp_transaction != NULL) and have
been already written out (!buffer_dirty(bh)). We clean such buffers but
we leave them in the checkpoint list. Since checkpoint transaction holds
a reference to the journal head, these buffers cannot be released until
the checkpoint transaction is cleaned up. And at that point we don't
call release_buffer_page() anymore so pages detached from mapping are
lingering in the system waiting for reclaim to find them and free them.

Fix the problem by removing buffers from transaction checkpoint lists
when journal_unmap_buffer() finds out they don't have to be there
anymore.

Reported-and-tested-by: Namjae Jeon &lt;namjae.jeon@samsung.com&gt;
Fixes: de1b794130b130e77ffa975bb58cb843744f9ae5
Signed-off-by: Jan Kara &lt;jack@suse.cz&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit bc23f0c8d7ccd8d924c4e70ce311288cb3e61ea8 upstream.

Ted and Namjae have reported that truncated pages don't get timely
reclaimed after being truncated in data=journal mode. The following test
triggers the issue easily:

for (i = 0; i &lt; 1000; i++) {
	pwrite(fd, buf, 1024*1024, 0);
	fsync(fd);
	fsync(fd);
	ftruncate(fd, 0);
}

The reason is that journal_unmap_buffer() finds that truncated buffers
are not journalled (jh-&gt;b_transaction == NULL), they are part of
checkpoint list of a transaction (jh-&gt;b_cp_transaction != NULL) and have
been already written out (!buffer_dirty(bh)). We clean such buffers but
we leave them in the checkpoint list. Since checkpoint transaction holds
a reference to the journal head, these buffers cannot be released until
the checkpoint transaction is cleaned up. And at that point we don't
call release_buffer_page() anymore so pages detached from mapping are
lingering in the system waiting for reclaim to find them and free them.

Fix the problem by removing buffers from transaction checkpoint lists
when journal_unmap_buffer() finds out they don't have to be there
anymore.

Reported-and-tested-by: Namjae Jeon &lt;namjae.jeon@samsung.com&gt;
Fixes: de1b794130b130e77ffa975bb58cb843744f9ae5
Signed-off-by: Jan Kara &lt;jack@suse.cz&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>ext4, jbd2: ensure entering into panic after recording an error in superblock</title>
<updated>2016-01-23T03:47:52+00:00</updated>
<author>
<name>Daeho Jeong</name>
<email>daeho.jeong@samsung.com</email>
</author>
<published>2015-10-18T21:02:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=fe4b6c2682109967c21ff28a47adfb5cb7d361aa'/>
<id>fe4b6c2682109967c21ff28a47adfb5cb7d361aa</id>
<content type='text'>
commit 4327ba52afd03fc4b5afa0ee1d774c9c5b0e85c5 upstream.

If a EXT4 filesystem utilizes JBD2 journaling and an error occurs, the
journaling will be aborted first and the error number will be recorded
into JBD2 superblock and, finally, the system will enter into the
panic state in "errors=panic" option.  But, in the rare case, this
sequence is little twisted like the below figure and it will happen
that the system enters into panic state, which means the system reset
in mobile environment, before completion of recording an error in the
journal superblock. In this case, e2fsck cannot recognize that the
filesystem failure occurred in the previous run and the corruption
wouldn't be fixed.

Task A                        Task B
ext4_handle_error()
-&gt; jbd2_journal_abort()
  -&gt; __journal_abort_soft()
    -&gt; __jbd2_journal_abort_hard()
    | -&gt; journal-&gt;j_flags |= JBD2_ABORT;
    |
    |                         __ext4_abort()
    |                         -&gt; jbd2_journal_abort()
    |                         | -&gt; __journal_abort_soft()
    |                         |   -&gt; if (journal-&gt;j_flags &amp; JBD2_ABORT)
    |                         |           return;
    |                         -&gt; panic()
    |
    -&gt; jbd2_journal_update_sb_errno()

Tested-by: Hobin Woo &lt;hobin.woo@samsung.com&gt;
Signed-off-by: Daeho Jeong &lt;daeho.jeong@samsung.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 4327ba52afd03fc4b5afa0ee1d774c9c5b0e85c5 upstream.

If a EXT4 filesystem utilizes JBD2 journaling and an error occurs, the
journaling will be aborted first and the error number will be recorded
into JBD2 superblock and, finally, the system will enter into the
panic state in "errors=panic" option.  But, in the rare case, this
sequence is little twisted like the below figure and it will happen
that the system enters into panic state, which means the system reset
in mobile environment, before completion of recording an error in the
journal superblock. In this case, e2fsck cannot recognize that the
filesystem failure occurred in the previous run and the corruption
wouldn't be fixed.

Task A                        Task B
ext4_handle_error()
-&gt; jbd2_journal_abort()
  -&gt; __journal_abort_soft()
    -&gt; __jbd2_journal_abort_hard()
    | -&gt; journal-&gt;j_flags |= JBD2_ABORT;
    |
    |                         __ext4_abort()
    |                         -&gt; jbd2_journal_abort()
    |                         | -&gt; __journal_abort_soft()
    |                         |   -&gt; if (journal-&gt;j_flags &amp; JBD2_ABORT)
    |                         |           return;
    |                         -&gt; panic()
    |
    -&gt; jbd2_journal_update_sb_errno()

Tested-by: Hobin Woo &lt;hobin.woo@samsung.com&gt;
Signed-off-by: Daeho Jeong &lt;daeho.jeong@samsung.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: fix ocfs2 corrupt when updating journal superblock fails</title>
<updated>2015-08-03T16:29:43+00:00</updated>
<author>
<name>Joseph Qi</name>
<email>joseph.qi@huawei.com</email>
</author>
<published>2015-06-15T18:36:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=c507ecae237f37b992b1e4e4a7c8abb373197de5'/>
<id>c507ecae237f37b992b1e4e4a7c8abb373197de5</id>
<content type='text'>
commit 6f6a6fda294506dfe0e3e0a253bb2d2923f28f0a upstream.

If updating journal superblock fails after journal data has been
flushed, the error is omitted and this will mislead the caller as a
normal case.  In ocfs2, the checkpoint will be treated successfully
and the other node can get the lock to update. Since the sb_start is
still pointing to the old log block, it will rewrite the journal data
during journal recovery by the other node. Thus the new updates will
be overwritten and ocfs2 corrupts.  So in above case we have to return
the error, and ocfs2_commit_cache will take care of the error and
prevent the other node to do update first.  And only after recovering
journal it can do the new updates.

The issue discussion mail can be found at:
https://oss.oracle.com/pipermail/ocfs2-devel/2015-June/010856.html
http://comments.gmane.org/gmane.comp.file-systems.ext4/48841

[ Fixed bug in patch which allowed a non-negative error return from
  jbd2_cleanup_journal_tail() to leak out of jbd2_fjournal_flush(); this
  was causing xfstests ext4/306 to fail. -- Ted ]

Reported-by: Yiwen Jiang &lt;jiangyiwen@huawei.com&gt;
Signed-off-by: Joseph Qi &lt;joseph.qi@huawei.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Tested-by: Yiwen Jiang &lt;jiangyiwen@huawei.com&gt;
Cc: Junxiao Bi &lt;junxiao.bi@oracle.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 6f6a6fda294506dfe0e3e0a253bb2d2923f28f0a upstream.

If updating journal superblock fails after journal data has been
flushed, the error is omitted and this will mislead the caller as a
normal case.  In ocfs2, the checkpoint will be treated successfully
and the other node can get the lock to update. Since the sb_start is
still pointing to the old log block, it will rewrite the journal data
during journal recovery by the other node. Thus the new updates will
be overwritten and ocfs2 corrupts.  So in above case we have to return
the error, and ocfs2_commit_cache will take care of the error and
prevent the other node to do update first.  And only after recovering
journal it can do the new updates.

The issue discussion mail can be found at:
https://oss.oracle.com/pipermail/ocfs2-devel/2015-June/010856.html
http://comments.gmane.org/gmane.comp.file-systems.ext4/48841

[ Fixed bug in patch which allowed a non-negative error return from
  jbd2_cleanup_journal_tail() to leak out of jbd2_fjournal_flush(); this
  was causing xfstests ext4/306 to fail. -- Ted ]

Reported-by: Yiwen Jiang &lt;jiangyiwen@huawei.com&gt;
Signed-off-by: Joseph Qi &lt;joseph.qi@huawei.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Tested-by: Yiwen Jiang &lt;jiangyiwen@huawei.com&gt;
Cc: Junxiao Bi &lt;junxiao.bi@oracle.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: use GFP_NOFS in jbd2_cleanup_journal_tail()</title>
<updated>2015-08-03T16:29:43+00:00</updated>
<author>
<name>Dmitry Monakhov</name>
<email>dmonakhov@openvz.org</email>
</author>
<published>2015-06-15T04:18:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=cab5d7026d869b7daa06a5e897b751f8bb07be74'/>
<id>cab5d7026d869b7daa06a5e897b751f8bb07be74</id>
<content type='text'>
commit b4f1afcd068f6e533230dfed00782cd8a907f96b upstream.

jbd2_cleanup_journal_tail() can be invoked by jbd2__journal_start()
So allocations should be done with GFP_NOFS

[Full stack trace snipped from 3.10-rh7]
[&lt;ffffffff815c4bd4&gt;] dump_stack+0x19/0x1b
[&lt;ffffffff8105dba1&gt;] warn_slowpath_common+0x61/0x80
[&lt;ffffffff8105dcca&gt;] warn_slowpath_null+0x1a/0x20
[&lt;ffffffff815c2142&gt;] slab_pre_alloc_hook.isra.31.part.32+0x15/0x17
[&lt;ffffffff8119c045&gt;] kmem_cache_alloc+0x55/0x210
[&lt;ffffffff811477f5&gt;] ? mempool_alloc_slab+0x15/0x20
[&lt;ffffffff811477f5&gt;] mempool_alloc_slab+0x15/0x20
[&lt;ffffffff81147939&gt;] mempool_alloc+0x69/0x170
[&lt;ffffffff815cb69e&gt;] ? _raw_spin_unlock_irq+0xe/0x20
[&lt;ffffffff8109160d&gt;] ? finish_task_switch+0x5d/0x150
[&lt;ffffffff811f1a8e&gt;] bio_alloc_bioset+0x1be/0x2e0
[&lt;ffffffff8127ee49&gt;] blkdev_issue_flush+0x99/0x120
[&lt;ffffffffa019a733&gt;] jbd2_cleanup_journal_tail+0x93/0xa0 [jbd2] --&gt;GFP_KERNEL
[&lt;ffffffffa019aca1&gt;] jbd2_log_do_checkpoint+0x221/0x4a0 [jbd2]
[&lt;ffffffffa019afc7&gt;] __jbd2_log_wait_for_space+0xa7/0x1e0 [jbd2]
[&lt;ffffffffa01952d8&gt;] start_this_handle+0x2d8/0x550 [jbd2]
[&lt;ffffffff811b02a9&gt;] ? __memcg_kmem_put_cache+0x29/0x30
[&lt;ffffffff8119c120&gt;] ? kmem_cache_alloc+0x130/0x210
[&lt;ffffffffa019573a&gt;] jbd2__journal_start+0xba/0x190 [jbd2]
[&lt;ffffffff811532ce&gt;] ? lru_cache_add+0xe/0x10
[&lt;ffffffffa01c9549&gt;] ? ext4_da_write_begin+0xf9/0x330 [ext4]
[&lt;ffffffffa01f2c77&gt;] __ext4_journal_start_sb+0x77/0x160 [ext4]
[&lt;ffffffffa01c9549&gt;] ext4_da_write_begin+0xf9/0x330 [ext4]
[&lt;ffffffff811446ec&gt;] generic_file_buffered_write_iter+0x10c/0x270
[&lt;ffffffff81146918&gt;] __generic_file_write_iter+0x178/0x390
[&lt;ffffffff81146c6b&gt;] __generic_file_aio_write+0x8b/0xb0
[&lt;ffffffff81146ced&gt;] generic_file_aio_write+0x5d/0xc0
[&lt;ffffffffa01bf289&gt;] ext4_file_write+0xa9/0x450 [ext4]
[&lt;ffffffff811c31d9&gt;] ? pipe_read+0x379/0x4f0
[&lt;ffffffff811b93f0&gt;] do_sync_write+0x90/0xe0
[&lt;ffffffff811b9b6d&gt;] vfs_write+0xbd/0x1e0
[&lt;ffffffff811ba5b8&gt;] SyS_write+0x58/0xb0
[&lt;ffffffff815d4799&gt;] system_call_fastpath+0x16/0x1b

Signed-off-by: Dmitry Monakhov &lt;dmonakhov@openvz.org&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit b4f1afcd068f6e533230dfed00782cd8a907f96b upstream.

jbd2_cleanup_journal_tail() can be invoked by jbd2__journal_start()
So allocations should be done with GFP_NOFS

[Full stack trace snipped from 3.10-rh7]
[&lt;ffffffff815c4bd4&gt;] dump_stack+0x19/0x1b
[&lt;ffffffff8105dba1&gt;] warn_slowpath_common+0x61/0x80
[&lt;ffffffff8105dcca&gt;] warn_slowpath_null+0x1a/0x20
[&lt;ffffffff815c2142&gt;] slab_pre_alloc_hook.isra.31.part.32+0x15/0x17
[&lt;ffffffff8119c045&gt;] kmem_cache_alloc+0x55/0x210
[&lt;ffffffff811477f5&gt;] ? mempool_alloc_slab+0x15/0x20
[&lt;ffffffff811477f5&gt;] mempool_alloc_slab+0x15/0x20
[&lt;ffffffff81147939&gt;] mempool_alloc+0x69/0x170
[&lt;ffffffff815cb69e&gt;] ? _raw_spin_unlock_irq+0xe/0x20
[&lt;ffffffff8109160d&gt;] ? finish_task_switch+0x5d/0x150
[&lt;ffffffff811f1a8e&gt;] bio_alloc_bioset+0x1be/0x2e0
[&lt;ffffffff8127ee49&gt;] blkdev_issue_flush+0x99/0x120
[&lt;ffffffffa019a733&gt;] jbd2_cleanup_journal_tail+0x93/0xa0 [jbd2] --&gt;GFP_KERNEL
[&lt;ffffffffa019aca1&gt;] jbd2_log_do_checkpoint+0x221/0x4a0 [jbd2]
[&lt;ffffffffa019afc7&gt;] __jbd2_log_wait_for_space+0xa7/0x1e0 [jbd2]
[&lt;ffffffffa01952d8&gt;] start_this_handle+0x2d8/0x550 [jbd2]
[&lt;ffffffff811b02a9&gt;] ? __memcg_kmem_put_cache+0x29/0x30
[&lt;ffffffff8119c120&gt;] ? kmem_cache_alloc+0x130/0x210
[&lt;ffffffffa019573a&gt;] jbd2__journal_start+0xba/0x190 [jbd2]
[&lt;ffffffff811532ce&gt;] ? lru_cache_add+0xe/0x10
[&lt;ffffffffa01c9549&gt;] ? ext4_da_write_begin+0xf9/0x330 [ext4]
[&lt;ffffffffa01f2c77&gt;] __ext4_journal_start_sb+0x77/0x160 [ext4]
[&lt;ffffffffa01c9549&gt;] ext4_da_write_begin+0xf9/0x330 [ext4]
[&lt;ffffffff811446ec&gt;] generic_file_buffered_write_iter+0x10c/0x270
[&lt;ffffffff81146918&gt;] __generic_file_write_iter+0x178/0x390
[&lt;ffffffff81146c6b&gt;] __generic_file_aio_write+0x8b/0xb0
[&lt;ffffffff81146ced&gt;] generic_file_aio_write+0x5d/0xc0
[&lt;ffffffffa01bf289&gt;] ext4_file_write+0xa9/0x450 [ext4]
[&lt;ffffffff811c31d9&gt;] ? pipe_read+0x379/0x4f0
[&lt;ffffffff811b93f0&gt;] do_sync_write+0x90/0xe0
[&lt;ffffffff811b9b6d&gt;] vfs_write+0xbd/0x1e0
[&lt;ffffffff811ba5b8&gt;] SyS_write+0x58/0xb0
[&lt;ffffffff815d4799&gt;] system_call_fastpath+0x16/0x1b

Signed-off-by: Dmitry Monakhov &lt;dmonakhov@openvz.org&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: free bh when descriptor block checksum fails</title>
<updated>2014-11-14T16:47:57+00:00</updated>
<author>
<name>Darrick J. Wong</name>
<email>darrick.wong@oracle.com</email>
</author>
<published>2014-09-16T18:43:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=c38e36f1966284360a229c7c6e9f2ba601869c2f'/>
<id>c38e36f1966284360a229c7c6e9f2ba601869c2f</id>
<content type='text'>
commit 064d83892e9ba547f7d4eae22cbca066d95210ce upstream.

Free the buffer head if the journal descriptor block fails checksum
verification.

This is the jbd2 port of the e2fsprogs patch "e2fsck: free bh on csum
verify error in do_one_pass".

Signed-off-by: Darrick J. Wong &lt;darrick.wong@oracle.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Reviewed-by: Eric Sandeen &lt;sandeen@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 064d83892e9ba547f7d4eae22cbca066d95210ce upstream.

Free the buffer head if the journal descriptor block fails checksum
verification.

This is the jbd2 port of the e2fsprogs patch "e2fsck: free bh on csum
verify error in do_one_pass".

Signed-off-by: Darrick J. Wong &lt;darrick.wong@oracle.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Reviewed-by: Eric Sandeen &lt;sandeen@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: fix infinite loop when recovering corrupt journal blocks</title>
<updated>2014-09-05T23:28:36+00:00</updated>
<author>
<name>Darrick J. Wong</name>
<email>darrick.wong@oracle.com</email>
</author>
<published>2014-08-27T22:40:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=666cec8db793a67bf9071b9f0fd96c8af424a9b9'/>
<id>666cec8db793a67bf9071b9f0fd96c8af424a9b9</id>
<content type='text'>
commit 022eaa7517017efe4f6538750c2b59a804dc7df7 upstream.

When recovering the journal, don't fall into an infinite loop if we
encounter a corrupt journal block.  Instead, just skip the block and
return an error, which fails the mount and thus forces the user to run
a full filesystem fsck.

Signed-off-by: Darrick J. Wong &lt;darrick.wong@oracle.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 022eaa7517017efe4f6538750c2b59a804dc7df7 upstream.

When recovering the journal, don't fall into an infinite loop if we
encounter a corrupt journal block.  Instead, just skip the block and
return an error, which fails the mount and thus forces the user to run
a full filesystem fsck.

Signed-off-by: Darrick J. Wong &lt;darrick.wong@oracle.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>ext4: disable synchronous transaction batching if max_batch_time==0</title>
<updated>2014-07-17T22:58:03+00:00</updated>
<author>
<name>Eric Sandeen</name>
<email>sandeen@redhat.com</email>
</author>
<published>2014-07-05T23:18:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=39f9c0e3dd12d559da1ad14a3082b02683285c8d'/>
<id>39f9c0e3dd12d559da1ad14a3082b02683285c8d</id>
<content type='text'>
commit 5dd214248f94d430d70e9230bda72f2654ac88a8 upstream.

The mount manpage says of the max_batch_time option,

	This optimization can be turned off entirely
	by setting max_batch_time to 0.

But the code doesn't do that.  So fix the code to do
that.

Signed-off-by: Eric Sandeen &lt;sandeen@redhat.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 5dd214248f94d430d70e9230bda72f2654ac88a8 upstream.

The mount manpage says of the max_batch_time option,

	This optimization can be turned off entirely
	by setting max_batch_time to 0.

But the code doesn't do that.  So fix the code to do
that.

Signed-off-by: Eric Sandeen &lt;sandeen@redhat.com&gt;
Signed-off-by: Theodore Ts'o &lt;tytso@mit.edu&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>jbd2: don't BUG but return ENOSPC if a handle runs out of space</title>
<updated>2014-01-09T20:24:24+00:00</updated>
<author>
<name>Theodore Ts'o</name>
<email>tytso@mit.edu</email>
</author>
<published>2013-12-09T02:12:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ceed0859339443bc4fa22b9e0a825028ba8cd330'/>
<id>ceed0859339443bc4fa22b9e0a825028ba8cd330</id>
<content type='text'>
commit f6c07cad081ba222d63623d913aafba5586c1d2c upstream.

If a handle runs out of space, we currently stop the kernel with a BUG
in jbd2_journal_dirty_metadata().  This makes it hard to figure out
what might be going on.  So return an error of ENOSPC, so we can let
the file system layer figure out what is going on, to make it more
likely we can get useful debugging information).  This should make it
easier to debug problems such as the one which was reported by:

    https://bugzilla.kernel.org/show_bug.cgi?id=44731

The only two callers of this function are ext4_handle_dirty_metadata()
and ocfs2_journal_dirty().  The ocfs2 function will trigger a
BUG_ON(), which means there will be no change in behavior.  The ext4
function will call ext4_error_inode() which will print the useful
debugging information and then handle the situation using ext4's error
handling mechanisms (i.e., which might mean halting the kernel or
remounting the file system read-only).

Also, since both file systems already call WARN_ON(), drop the WARN_ON
from jbd2_journal_dirty_metadata() to avoid two stack traces from
being displayed.

Signed-off-by: "Theodore Ts'o" &lt;tytso@mit.edu&gt;
Cc: ocfs2-devel@oss.oracle.com
Acked-by: Joel Becker &lt;jlbec@evilplan.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit f6c07cad081ba222d63623d913aafba5586c1d2c upstream.

If a handle runs out of space, we currently stop the kernel with a BUG
in jbd2_journal_dirty_metadata().  This makes it hard to figure out
what might be going on.  So return an error of ENOSPC, so we can let
the file system layer figure out what is going on, to make it more
likely we can get useful debugging information).  This should make it
easier to debug problems such as the one which was reported by:

    https://bugzilla.kernel.org/show_bug.cgi?id=44731

The only two callers of this function are ext4_handle_dirty_metadata()
and ocfs2_journal_dirty().  The ocfs2 function will trigger a
BUG_ON(), which means there will be no change in behavior.  The ext4
function will call ext4_error_inode() which will print the useful
debugging information and then handle the situation using ext4's error
handling mechanisms (i.e., which might mean halting the kernel or
remounting the file system read-only).

Also, since both file systems already call WARN_ON(), drop the WARN_ON
from jbd2_journal_dirty_metadata() to avoid two stack traces from
being displayed.

Signed-off-by: "Theodore Ts'o" &lt;tytso@mit.edu&gt;
Cc: ocfs2-devel@oss.oracle.com
Acked-by: Joel Becker &lt;jlbec@evilplan.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
</feed>
