Commit 8c38ab03 authored by David Chinner's avatar David Chinner Committed by Lachlan McIlroy

[XFS] Prevent looping in xfs_sync_inodes_ag

If the last block of the AG has inodes in it and the AG is an exactly
power-of-2 size then the last inode in the AG points to the last block in
the AG. If we try to find the next inode in the AG by adding one to the
inode number, we increment the inode number past the size of the AG. The
result is that the macro XFS_INO_TO_AGINO() will strip the AG portion of
the inode number and return an inode number of zero.

That is, instead of terminating the lookup loop because we hit the inode
number went outside the valid range for the AG, the search index returns
to zero and we start traversing the radix tree from the start again. This
results in an endless loop in xfs_sync_inodes_ag().

Fix it be detecting if the new search index decreases as a result of
incrementing the current inode number. That indicate an overflow and hence
that we have finished processing the AG so we can terminate the loop.

SGI-PV: 988142

SGI-Modid: xfs-linux-melb:xfs-kern:32335a
Signed-off-by: default avatarDavid Chinner <david@fromorbit.com>
Signed-off-by: default avatarLachlan McIlroy <lachlan@sgi.com>
Signed-off-by: default avatarChristoph Hellwig <hch@infradead.org>
parent 11654513
...@@ -59,7 +59,7 @@ xfs_sync_inodes_ag( ...@@ -59,7 +59,7 @@ xfs_sync_inodes_ag(
{ {
xfs_perag_t *pag = &mp->m_perag[ag]; xfs_perag_t *pag = &mp->m_perag[ag];
int nr_found; int nr_found;
int first_index = 0; uint32_t first_index = 0;
int error = 0; int error = 0;
int last_error = 0; int last_error = 0;
int fflag = XFS_B_ASYNC; int fflag = XFS_B_ASYNC;
...@@ -97,8 +97,17 @@ xfs_sync_inodes_ag( ...@@ -97,8 +97,17 @@ xfs_sync_inodes_ag(
break; break;
} }
/* update the index for the next lookup */ /*
* Update the index for the next lookup. Catch overflows
* into the next AG range which can occur if we have inodes
* in the last block of the AG and we are currently
* pointing to the last inode.
*/
first_index = XFS_INO_TO_AGINO(mp, ip->i_ino + 1); first_index = XFS_INO_TO_AGINO(mp, ip->i_ino + 1);
if (first_index < XFS_INO_TO_AGINO(mp, ip->i_ino)) {
read_unlock(&pag->pag_ici_lock);
break;
}
/* /*
* skip inodes in reclaim. Let xfs_syncsub do that for * skip inodes in reclaim. Let xfs_syncsub do that for
...@@ -702,7 +711,7 @@ xfs_reclaim_inodes_ag( ...@@ -702,7 +711,7 @@ xfs_reclaim_inodes_ag(
xfs_inode_t *ip = NULL; xfs_inode_t *ip = NULL;
xfs_perag_t *pag = &mp->m_perag[ag]; xfs_perag_t *pag = &mp->m_perag[ag];
int nr_found; int nr_found;
int first_index; uint32_t first_index;
int skipped; int skipped;
restart: restart:
...@@ -724,8 +733,17 @@ xfs_reclaim_inodes_ag( ...@@ -724,8 +733,17 @@ xfs_reclaim_inodes_ag(
break; break;
} }
/* update the index for the next lookup */ /*
* Update the index for the next lookup. Catch overflows
* into the next AG range which can occur if we have inodes
* in the last block of the AG and we are currently
* pointing to the last inode.
*/
first_index = XFS_INO_TO_AGINO(mp, ip->i_ino + 1); first_index = XFS_INO_TO_AGINO(mp, ip->i_ino + 1);
if (first_index < XFS_INO_TO_AGINO(mp, ip->i_ino)) {
read_unlock(&pag->pag_ici_lock);
break;
}
ASSERT(xfs_iflags_test(ip, (XFS_IRECLAIMABLE|XFS_IRECLAIM))); ASSERT(xfs_iflags_test(ip, (XFS_IRECLAIMABLE|XFS_IRECLAIM)));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment