Re: XFS assertion from truncate. (3.10-rc2)

From: Dave Jones
Date: Wed May 22 2013 - 00:15:34 EST

On Wed, May 22, 2013 at 02:03:18PM +1000, Dave Chinner wrote:

> That doesn't make a whole lot of sense to me. What am I missing?
> Are you seeing this fire at all from notify_change()?
>
> WARN_ON_ONCE(!mutex_is_locked(&inode->i_mutex));

No.

> <Light Bulb>
>
> What's wrong with this code in do_truncate()?
>
> /* Remove suid/sgid on truncate too */
> ret = should_remove_suid(dentry);
> if (ret)
> newattrs.ia_valid |= ret | ATTR_FORCE;
>
> mutex_lock(&dentry->d_inode->i_mutex);
> ret = notify_change(dentry, &newattrs);
> mutex_unlock(&dentry->d_inode->i_mutex);
>
> Patch below to fix this.
>
> However, it probably doesn't fix the fact that truncate can change
> the size and kill suid/sgid bits at the same time and XFS doesn't
> appear to handle that sanely right now. Can you run the patch below
> just so when it fails we can see that the mask is actually sane?

[ 36.339105] XFS (sda2): xfs_setattr_size: mask 0xa068 mismatch on file 0\xffffffb8\xffffffd3-\xffffff88\xffffffff\xffffffff

[ 36.350823] XFS: Assertion failed: 0, file: fs/xfs/xfs_iops.c, line: 730
[ 36.359459] ------------[ cut here ]------------
[ 36.365247] kernel BUG at fs/xfs/xfs_message.c:108!
[ 36.371360] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 36.379091] Modules linked in: xfs libcrc32c snd_hda_codec_realtek snd_hda_codec_hdmi microcode(+) pcspkr snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm e1000e snd_page_alloc snd_timer ptp snd soundcore pps_core
[ 36.405431] CPU: 1 PID: 2887 Comm: cc1 Not tainted 3.10.0-rc2+ #4
[ 36.432814] task: ffff880233e24980 ti: ffff88022dd3a000 task.ti: ffff88022dd3a000
[ 36.442191] RIP: 0010:[<ffffffffa01be182>] [<ffffffffa01be182>] assfail+0x22/0x30 [xfs]
[ 36.452369] RSP: 0018:ffff88022dd3b7d8 EFLAGS: 00010292
[ 36.459027] RAX: 000000000000003c RBX: ffff88022d8198c0 RCX: 0000000000000006
[ 36.467968] RDX: 0000000000004040 RSI: ffff880233e250d8 RDI: ffff880233e24980
[ 36.476909] RBP: ffff88022dd3b7d8 R08: 0000000000000000 R09: 0000000000000000
[ 36.485851] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88022dd3bca8
[ 36.494793] R13: ffff880241158948 R14: 0000000000000000 R15: 0000000000000000
[ 36.503729] FS: 00007f1f4f9c3800(0000) GS:ffff880244a00000(0000) knlGS:0000000000000000
[ 36.513858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 36.521053] CR2: 00000000007c0360 CR3: 000000022dfb2000 CR4: 00000000001407e0
[ 36.529986] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 36.538918] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 36.547851] Stack:
[ 36.550373] ffff88022dd3bc48 ffffffffa01bc3ef 0000000000000046 0000a06881c94d18
[ 36.559738] ffff88022d819b80 ffff88022dadf2e0 00007fff0000a068 0000000000000000
[ 36.569091] ffff88022dd3b830 ffffffff824fc100 00007fff2cd12300 ffff88022dd3b848
[ 36.578436] Call Trace:
[ 36.581514] [<ffffffffa01bc3ef>] xfs_setattr_size+0x48f/0x630 [xfs]
[ 36.589475] [<ffffffff810c86ef>] ? is_module_text_address+0x2f/0x60
[ 36.597433] [<ffffffff810774a8>] ? __kernel_text_address+0x58/0x80
[ 36.605279] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.612801] [<ffffffff810916a5>] ? sched_clock_cpu+0xb5/0x100
[ 36.620103] [<ffffffff810b69c5>] ? __lock_acquire+0x2e5/0x1af0
[ 36.627548] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.635069] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.642591] [<ffffffff810916a5>] ? sched_clock_cpu+0xb5/0x100
[ 36.649895] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.657417] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.664947] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.672468] [<ffffffff810916a5>] ? sched_clock_cpu+0xb5/0x100
[ 36.679765] [<ffffffff810916a5>] ? sched_clock_cpu+0xb5/0x100
[ 36.687068] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.694590] [<ffffffff810916a5>] ? sched_clock_cpu+0xb5/0x100
[ 36.701894] [<ffffffff8100a394>] ? native_sched_clock+0x24/0x80
[ 36.709417] [<ffffffff810916a5>] ? sched_clock_cpu+0xb5/0x100
[ 36.716722] [<ffffffff810b61ab>] ? mark_held_locks+0xbb/0x140
[ 36.724027] [<ffffffff816e634a>] ? mutex_lock_nested+0x32a/0x430
[ 36.731659] [<ffffffff8108c05d>] ? get_parent_ip+0xd/0x50
[ 36.738533] [<ffffffffa01bc5c6>] xfs_vn_setattr+0x36/0x40 [xfs]
[ 36.746047] [<ffffffff811c8e2c>] notify_change+0x1dc/0x360
[ 36.753024] [<ffffffff811a9d9d>] do_truncate+0x6d/0xa0
[ 36.759574] [<ffffffffa01ae0a0>] ? xfs_extent_busy_ag_cmp+0x20/0x20 [xfs]
[ 36.768182] [<ffffffff811bb4af>] do_last+0x54f/0xe40
[ 36.775319] [<ffffffff811bbe53>] path_openat+0xb3/0x530
[ 36.782780] [<ffffffff810b3951>] ? lock_release_holdtime.part.30+0xa1/0x170
[ 36.792408] [<ffffffff811bc958>] do_filp_open+0x38/0x80
[ 36.799870] [<ffffffff816ea961>] ? _raw_spin_unlock+0x31/0x60
[ 36.807981] [<ffffffff811cb49f>] ? __alloc_fd+0xaf/0x200
[ 36.815544] [<ffffffff811aae19>] do_sys_open+0xe9/0x1c0
[ 36.822989] [<ffffffff811aaf0e>] SyS_open+0x1e/0x20


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/