Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, 2014-02-13 (목), 17:48 +0800, Gu Zheng: > Hi, > On 02/13/2014 05:40 PM, Andrey Tsyvarev wrote: > > > Hi, > > > >> BTW, have you tested the case that added remove_dirty_dir_inode() into the > >> fail path > >> of init_inode_metadata? > >> diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c > >> index e095a4f..d5a2c9e 100644 > >> --- a/fs/f2fs/dir.c > >> +++ b/fs/f2fs/dir.c > >> @@ -375,6 +375,7 @@ put_error: > >> /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ > >> truncate_inode_pages(>i_data, 0); > >> truncate_blocks(inode, 0); > >> + remove_dirty_dir_inode(inode); > >> error: > >> remove_inode_page(inode); > >> return ERR_PTR(err); > > Yes, i have tested that case. Fail in init_inode_metadata has been > > processed correctly. Thanks. > > If no other regressions, maybe you can send out the fix patch about this > issue.:) The original patch can treat this too. Thank you. :) > > Thanks, > Gu > > > > > -- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, Sorry for the late response. I suffered from flu during last a couple of days. :( 2014-02-11 (화), 12:29 +0400, Andrey Tsyvarev: > Hi, > > > It turns out that make_bad_inode prior to iput sets i_mode to a regular > > file, so that f2fs_evict_inode -> truncate_inode_pages -> > > f2fs_invalidate_data_page doesn't decrement dirty_dents. > > > It seems that remove_dirty_dir_inode() call should also be added to the > error-path of > init_inode_metadata, because its functionality is also based on > inode->i_mode field > which is changed by make_bad_inode(). Agreed. I'll update the patch with this. Thanks, -- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, On 02/13/2014 05:40 PM, Andrey Tsyvarev wrote: > Hi, > >> BTW, have you tested the case that added remove_dirty_dir_inode() into the >> fail path >> of init_inode_metadata? >> diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c >> index e095a4f..d5a2c9e 100644 >> --- a/fs/f2fs/dir.c >> +++ b/fs/f2fs/dir.c >> @@ -375,6 +375,7 @@ put_error: >> /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ >> truncate_inode_pages(>i_data, 0); >> truncate_blocks(inode, 0); >> + remove_dirty_dir_inode(inode); >> error: >> remove_inode_page(inode); >> return ERR_PTR(err); > Yes, i have tested that case. Fail in init_inode_metadata has been processed > correctly. Thanks. If no other regressions, maybe you can send out the fix patch about this issue.:) Thanks, Gu > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, BTW, have you tested the case that added remove_dirty_dir_inode() into the fail path of init_inode_metadata? diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index e095a4f..d5a2c9e 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -375,6 +375,7 @@ put_error: /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ truncate_inode_pages(>i_data, 0); truncate_blocks(inode, 0); + remove_dirty_dir_inode(inode); error: remove_inode_page(inode); return ERR_PTR(err); Yes, i have tested that case. Fail in init_inode_metadata has been processed correctly. Thanks. -- Best regards, Andrey Tsyvarev Linux Verification Center, ISPRAS web:http://linuxtesting.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi Andrey, On 02/11/2014 04:29 PM, Andrey Tsyvarev wrote: > Hi, > >> It turns out that make_bad_inode prior to iput sets i_mode to a regular >> file, so that f2fs_evict_inode -> truncate_inode_pages -> >> f2fs_invalidate_data_page doesn't decrement dirty_dents. >> > It seems that remove_dirty_dir_inode() call should also be added to the > error-path of > init_inode_metadata, because its functionality is also based on inode->i_mode > field > which is changed by make_bad_inode(). It seems that your opinion is correct. remove_dirty_dir_inode() will not clean up the dir_inode_entry because make_bad_inode() sets i_mode to S_IFREG in the fail path of init_inode_metadata, and it leads to the following "memory leak". BTW, have you tested the case that added remove_dirty_dir_inode() into the fail path of init_inode_metadata? diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index e095a4f..d5a2c9e 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -375,6 +375,7 @@ put_error: /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ truncate_inode_pages(>i_data, 0); truncate_blocks(inode, 0); + remove_dirty_dir_inode(inode); error: remove_inode_page(inode); return ERR_PTR(err); Regards, Gu > > Otherwise memory leak is reported when f2fs module is unloaded: > > [ 231.378192] BUG f2fs_dirty_dir_entry (Tainted: GF O): Objects > remaining in f2fs_dirty_dir_entry on kmem_cache_close() > [ 231.378193] > - > > [ 231.378194] Disabling lock debugging due to kernel taint > [ 231.378195] INFO: Slab 0xea437200 objects=102 used=1 > fp=0x880010dc8fc8 flags=0x3fffc00080 > [ 231.378197] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O > 3.14.0-rc1fs #4 > [ 231.378198] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS > VirtualBox 12/01/2006 > [ 231.378199] 88000e5e3200 88000cc9bd40 8166fd7e > ea437200 > [ 231.378202] 88000cc9be28 811c3fdf 88003fc10066 > 0cc9bda0 > [ 231.378203] 0020 88000cc9be38 88000cc9bde0 > 656a624f0296 > [ 231.378205] Call Trace: > [ 231.378210] [] dump_stack+0x45/0x56 > [ 231.378213] [] slab_err+0xaf/0xc0 > [ 231.378215] [] ? kmem_cache_close+0x133/0x340 > [ 231.378216] [] ? __kmalloc+0x1f5/0x250 > [ 231.378218] [] kmem_cache_close+0x153/0x340 > [ 231.378221] [] ? kmem_cache_destroy+0x27/0xf0 > [ 231.378223] [] __kmem_cache_shutdown+0x14/0x80 > [ 231.378224] [] kmem_cache_destroy+0x41/0xf0 > [ 231.378229] [] destroy_checkpoint_caches+0x21/0x30 > [f2fs] > [ 231.378232] [] exit_f2fs_fs+0x28/0x34e [f2fs] > [ 231.378235] [] SyS_delete_module+0x152/0x1f0 > [ 231.378237] [] ? __audit_syscall_entry+0x9c/0xf0 > [ 231.378239] [] system_call_fastpath+0x16/0x1b > [ 231.378242] INFO: Object 0x880010dc8000 @offset=0 > [ 231.378245] kmem_cache_destroy f2fs_dirty_dir_entry: Slab cache still has > objects > [ 231.378247] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O > 3.14.0-rc1fs #4 > [ 231.378247] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS > VirtualBox 12/01/2006 > [ 231.378248] 88000e5e3268 88000cc9beb8 8166fd7e > 88000e5e3200 > [ 231.378250] 88000cc9bed8 811934cf > a0204f60 > [ 231.378251] 88000cc9bee8 a01eab91 88000cc9bef8 > a01facda > [ 231.378253] Call Trace: > [ 231.378255] [] dump_stack+0x45/0x56 > [ 231.378256] [] kmem_cache_destroy+0xdf/0xf0 > [ 231.378259] [] destroy_checkpoint_caches+0x21/0x30 > [f2fs] > [ 231.378262] [] exit_f2fs_fs+0x28/0x34e [f2fs] > [ 231.378263] [] SyS_delete_module+0x152/0x1f0 > [ 231.378265] [] ? __audit_syscall_entry+0x9c/0xf0 > [ 231.378266] [] system_call_fastpath+0x16/0x1b > > > Stack of allocation (obtained with KEDR, which is also used for fault > simulation): > > [ 231.414875] [leak_check] Address: 0x880010dc8000, size: 24; stack > trace of the allocation: > [ 231.414886] [leak_check] [] set_dirty_dir_page+0x62/0xe0 > [f2fs] > [ 231.414893] [leak_check] [] > f2fs_set_data_page_dirty+0x4e/0x90 [f2fs] > [ 231.414898] [leak_check] [] set_page_dirty+0x3a/0x60 > [ 231.414904] [leak_check] [] __f2fs_add_link+0x732/0x7d0 > [f2fs] > [ 231.414909] [leak_check] [] f2fs_mkdir+0xbb/0x150 [f2fs] > [ 231.414914] [leak_check] [] vfs_mkdir+0xb7/0x160 > [ 231.414918] [leak_check] [] SyS_mkdir+0x5f/0xc0 > [ 231.414923] [leak_check] [] > system_call_fastpath+0x16/0x1b > [ 231.414931] [leak_check] [] 0x > > > P.S. It was required to add 'slub_debug' kernel options for make SLUB output > correct cache name, > otherwise cache "f2fs_dirty_dir_entry" was merged into "free_nid" one. It was > surprise for me, > that's why patch investigation took so long time. > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi Andrey, On 02/11/2014 04:29 PM, Andrey Tsyvarev wrote: Hi, It turns out that make_bad_inode prior to iput sets i_mode to a regular file, so that f2fs_evict_inode - truncate_inode_pages - f2fs_invalidate_data_page doesn't decrement dirty_dents. It seems that remove_dirty_dir_inode() call should also be added to the error-path of init_inode_metadata, because its functionality is also based on inode-i_mode field which is changed by make_bad_inode(). It seems that your opinion is correct. remove_dirty_dir_inode() will not clean up the dir_inode_entry because make_bad_inode() sets i_mode to S_IFREG in the fail path of init_inode_metadata, and it leads to the following memory leak. BTW, have you tested the case that added remove_dirty_dir_inode() into the fail path of init_inode_metadata? diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index e095a4f..d5a2c9e 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -375,6 +375,7 @@ put_error: /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ truncate_inode_pages(inode-i_data, 0); truncate_blocks(inode, 0); + remove_dirty_dir_inode(inode); error: remove_inode_page(inode); return ERR_PTR(err); Regards, Gu Otherwise memory leak is reported when f2fs module is unloaded: [ 231.378192] BUG f2fs_dirty_dir_entry (Tainted: GF O): Objects remaining in f2fs_dirty_dir_entry on kmem_cache_close() [ 231.378193] - [ 231.378194] Disabling lock debugging due to kernel taint [ 231.378195] INFO: Slab 0xea437200 objects=102 used=1 fp=0x880010dc8fc8 flags=0x3fffc00080 [ 231.378197] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O 3.14.0-rc1fs #4 [ 231.378198] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 231.378199] 88000e5e3200 88000cc9bd40 8166fd7e ea437200 [ 231.378202] 88000cc9be28 811c3fdf 88003fc10066 0cc9bda0 [ 231.378203] 0020 88000cc9be38 88000cc9bde0 656a624f0296 [ 231.378205] Call Trace: [ 231.378210] [8166fd7e] dump_stack+0x45/0x56 [ 231.378213] [811c3fdf] slab_err+0xaf/0xc0 [ 231.378215] [811c84a3] ? kmem_cache_close+0x133/0x340 [ 231.378216] [811c6b55] ? __kmalloc+0x1f5/0x250 [ 231.378218] [811c84c3] kmem_cache_close+0x153/0x340 [ 231.378221] [81193417] ? kmem_cache_destroy+0x27/0xf0 [ 231.378223] [811c86c4] __kmem_cache_shutdown+0x14/0x80 [ 231.378224] [81193431] kmem_cache_destroy+0x41/0xf0 [ 231.378229] [a01eab91] destroy_checkpoint_caches+0x21/0x30 [f2fs] [ 231.378232] [a01facda] exit_f2fs_fs+0x28/0x34e [f2fs] [ 231.378235] [810ffe32] SyS_delete_module+0x152/0x1f0 [ 231.378237] [8111d85c] ? __audit_syscall_entry+0x9c/0xf0 [ 231.378239] [81680729] system_call_fastpath+0x16/0x1b [ 231.378242] INFO: Object 0x880010dc8000 @offset=0 [ 231.378245] kmem_cache_destroy f2fs_dirty_dir_entry: Slab cache still has objects [ 231.378247] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O 3.14.0-rc1fs #4 [ 231.378247] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 231.378248] 88000e5e3268 88000cc9beb8 8166fd7e 88000e5e3200 [ 231.378250] 88000cc9bed8 811934cf a0204f60 [ 231.378251] 88000cc9bee8 a01eab91 88000cc9bef8 a01facda [ 231.378253] Call Trace: [ 231.378255] [8166fd7e] dump_stack+0x45/0x56 [ 231.378256] [811934cf] kmem_cache_destroy+0xdf/0xf0 [ 231.378259] [a01eab91] destroy_checkpoint_caches+0x21/0x30 [f2fs] [ 231.378262] [a01facda] exit_f2fs_fs+0x28/0x34e [f2fs] [ 231.378263] [810ffe32] SyS_delete_module+0x152/0x1f0 [ 231.378265] [8111d85c] ? __audit_syscall_entry+0x9c/0xf0 [ 231.378266] [81680729] system_call_fastpath+0x16/0x1b Stack of allocation (obtained with KEDR, which is also used for fault simulation): [ 231.414875] [leak_check] Address: 0x880010dc8000, size: 24; stack trace of the allocation: [ 231.414886] [leak_check] [a01e9d72] set_dirty_dir_page+0x62/0xe0 [f2fs] [ 231.414893] [leak_check] [a01ec9be] f2fs_set_data_page_dirty+0x4e/0x90 [f2fs] [ 231.414898] [leak_check] [8117b02a] set_page_dirty+0x3a/0x60 [ 231.414904] [leak_check] [a01dfeb2] __f2fs_add_link+0x732/0x7d0 [f2fs] [ 231.414909] [leak_check] [a01e2f1b] f2fs_mkdir+0xbb/0x150 [f2fs] [ 231.414914] [leak_check] [811f2a37] vfs_mkdir+0xb7/0x160 [ 231.414918] [leak_check] [811f367f] SyS_mkdir+0x5f/0xc0 [ 231.414923] [leak_check] [81680729] system_call_fastpath+0x16/0x1b [ 231.414931] [leak_check]
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, BTW, have you tested the case that added remove_dirty_dir_inode() into the fail path of init_inode_metadata? diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index e095a4f..d5a2c9e 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -375,6 +375,7 @@ put_error: /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ truncate_inode_pages(inode-i_data, 0); truncate_blocks(inode, 0); + remove_dirty_dir_inode(inode); error: remove_inode_page(inode); return ERR_PTR(err); Yes, i have tested that case. Fail in init_inode_metadata has been processed correctly. Thanks. -- Best regards, Andrey Tsyvarev Linux Verification Center, ISPRAS web:http://linuxtesting.org -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, On 02/13/2014 05:40 PM, Andrey Tsyvarev wrote: Hi, BTW, have you tested the case that added remove_dirty_dir_inode() into the fail path of init_inode_metadata? diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index e095a4f..d5a2c9e 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -375,6 +375,7 @@ put_error: /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ truncate_inode_pages(inode-i_data, 0); truncate_blocks(inode, 0); + remove_dirty_dir_inode(inode); error: remove_inode_page(inode); return ERR_PTR(err); Yes, i have tested that case. Fail in init_inode_metadata has been processed correctly. Thanks. If no other regressions, maybe you can send out the fix patch about this issue.:) Thanks, Gu -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, Sorry for the late response. I suffered from flu during last a couple of days. :( 2014-02-11 (화), 12:29 +0400, Andrey Tsyvarev: Hi, It turns out that make_bad_inode prior to iput sets i_mode to a regular file, so that f2fs_evict_inode - truncate_inode_pages - f2fs_invalidate_data_page doesn't decrement dirty_dents. It seems that remove_dirty_dir_inode() call should also be added to the error-path of init_inode_metadata, because its functionality is also based on inode-i_mode field which is changed by make_bad_inode(). Agreed. I'll update the patch with this. Thanks, -- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, 2014-02-13 (목), 17:48 +0800, Gu Zheng: Hi, On 02/13/2014 05:40 PM, Andrey Tsyvarev wrote: Hi, BTW, have you tested the case that added remove_dirty_dir_inode() into the fail path of init_inode_metadata? diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index e095a4f..d5a2c9e 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -375,6 +375,7 @@ put_error: /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ truncate_inode_pages(inode-i_data, 0); truncate_blocks(inode, 0); + remove_dirty_dir_inode(inode); error: remove_inode_page(inode); return ERR_PTR(err); Yes, i have tested that case. Fail in init_inode_metadata has been processed correctly. Thanks. If no other regressions, maybe you can send out the fix patch about this issue.:) The original patch can treat this too. Thank you. :) Thanks, Gu -- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, It turns out that make_bad_inode prior to iput sets i_mode to a regular file, so that f2fs_evict_inode -> truncate_inode_pages -> f2fs_invalidate_data_page doesn't decrement dirty_dents. It seems that remove_dirty_dir_inode() call should also be added to the error-path of init_inode_metadata, because its functionality is also based on inode->i_mode field which is changed by make_bad_inode(). Otherwise memory leak is reported when f2fs module is unloaded: [ 231.378192] BUG f2fs_dirty_dir_entry (Tainted: GF O): Objects remaining in f2fs_dirty_dir_entry on kmem_cache_close() [ 231.378193] - [ 231.378194] Disabling lock debugging due to kernel taint [ 231.378195] INFO: Slab 0xea437200 objects=102 used=1 fp=0x880010dc8fc8 flags=0x3fffc00080 [ 231.378197] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O 3.14.0-rc1fs #4 [ 231.378198] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 231.378199] 88000e5e3200 88000cc9bd40 8166fd7e ea437200 [ 231.378202] 88000cc9be28 811c3fdf 88003fc10066 0cc9bda0 [ 231.378203] 0020 88000cc9be38 88000cc9bde0 656a624f0296 [ 231.378205] Call Trace: [ 231.378210] [] dump_stack+0x45/0x56 [ 231.378213] [] slab_err+0xaf/0xc0 [ 231.378215] [] ? kmem_cache_close+0x133/0x340 [ 231.378216] [] ? __kmalloc+0x1f5/0x250 [ 231.378218] [] kmem_cache_close+0x153/0x340 [ 231.378221] [] ? kmem_cache_destroy+0x27/0xf0 [ 231.378223] [] __kmem_cache_shutdown+0x14/0x80 [ 231.378224] [] kmem_cache_destroy+0x41/0xf0 [ 231.378229] [] destroy_checkpoint_caches+0x21/0x30 [f2fs] [ 231.378232] [] exit_f2fs_fs+0x28/0x34e [f2fs] [ 231.378235] [] SyS_delete_module+0x152/0x1f0 [ 231.378237] [] ? __audit_syscall_entry+0x9c/0xf0 [ 231.378239] [] system_call_fastpath+0x16/0x1b [ 231.378242] INFO: Object 0x880010dc8000 @offset=0 [ 231.378245] kmem_cache_destroy f2fs_dirty_dir_entry: Slab cache still has objects [ 231.378247] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O 3.14.0-rc1fs #4 [ 231.378247] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 231.378248] 88000e5e3268 88000cc9beb8 8166fd7e 88000e5e3200 [ 231.378250] 88000cc9bed8 811934cf a0204f60 [ 231.378251] 88000cc9bee8 a01eab91 88000cc9bef8 a01facda [ 231.378253] Call Trace: [ 231.378255] [] dump_stack+0x45/0x56 [ 231.378256] [] kmem_cache_destroy+0xdf/0xf0 [ 231.378259] [] destroy_checkpoint_caches+0x21/0x30 [f2fs] [ 231.378262] [] exit_f2fs_fs+0x28/0x34e [f2fs] [ 231.378263] [] SyS_delete_module+0x152/0x1f0 [ 231.378265] [] ? __audit_syscall_entry+0x9c/0xf0 [ 231.378266] [] system_call_fastpath+0x16/0x1b Stack of allocation (obtained with KEDR, which is also used for fault simulation): [ 231.414875] [leak_check] Address: 0x880010dc8000, size: 24; stack trace of the allocation: [ 231.414886] [leak_check] [] set_dirty_dir_page+0x62/0xe0 [f2fs] [ 231.414893] [leak_check] [] f2fs_set_data_page_dirty+0x4e/0x90 [f2fs] [ 231.414898] [leak_check] [] set_page_dirty+0x3a/0x60 [ 231.414904] [leak_check] [] __f2fs_add_link+0x732/0x7d0 [f2fs] [ 231.414909] [leak_check] [] f2fs_mkdir+0xbb/0x150 [f2fs] [ 231.414914] [leak_check] [] vfs_mkdir+0xb7/0x160 [ 231.414918] [leak_check] [] SyS_mkdir+0x5f/0xc0 [ 231.414923] [leak_check] [] system_call_fastpath+0x16/0x1b [ 231.414931] [leak_check] [] 0x P.S. It was required to add 'slub_debug' kernel options for make SLUB output correct cache name, otherwise cache "f2fs_dirty_dir_entry" was merged into "free_nid" one. It was surprise for me, that's why patch investigation took so long time. -- Best regards, Andrey Tsyvarev Linux Verification Center, ISPRAS web:http://linuxtesting.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, It turns out that make_bad_inode prior to iput sets i_mode to a regular file, so that f2fs_evict_inode - truncate_inode_pages - f2fs_invalidate_data_page doesn't decrement dirty_dents. It seems that remove_dirty_dir_inode() call should also be added to the error-path of init_inode_metadata, because its functionality is also based on inode-i_mode field which is changed by make_bad_inode(). Otherwise memory leak is reported when f2fs module is unloaded: [ 231.378192] BUG f2fs_dirty_dir_entry (Tainted: GF O): Objects remaining in f2fs_dirty_dir_entry on kmem_cache_close() [ 231.378193] - [ 231.378194] Disabling lock debugging due to kernel taint [ 231.378195] INFO: Slab 0xea437200 objects=102 used=1 fp=0x880010dc8fc8 flags=0x3fffc00080 [ 231.378197] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O 3.14.0-rc1fs #4 [ 231.378198] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 231.378199] 88000e5e3200 88000cc9bd40 8166fd7e ea437200 [ 231.378202] 88000cc9be28 811c3fdf 88003fc10066 0cc9bda0 [ 231.378203] 0020 88000cc9be38 88000cc9bde0 656a624f0296 [ 231.378205] Call Trace: [ 231.378210] [8166fd7e] dump_stack+0x45/0x56 [ 231.378213] [811c3fdf] slab_err+0xaf/0xc0 [ 231.378215] [811c84a3] ? kmem_cache_close+0x133/0x340 [ 231.378216] [811c6b55] ? __kmalloc+0x1f5/0x250 [ 231.378218] [811c84c3] kmem_cache_close+0x153/0x340 [ 231.378221] [81193417] ? kmem_cache_destroy+0x27/0xf0 [ 231.378223] [811c86c4] __kmem_cache_shutdown+0x14/0x80 [ 231.378224] [81193431] kmem_cache_destroy+0x41/0xf0 [ 231.378229] [a01eab91] destroy_checkpoint_caches+0x21/0x30 [f2fs] [ 231.378232] [a01facda] exit_f2fs_fs+0x28/0x34e [f2fs] [ 231.378235] [810ffe32] SyS_delete_module+0x152/0x1f0 [ 231.378237] [8111d85c] ? __audit_syscall_entry+0x9c/0xf0 [ 231.378239] [81680729] system_call_fastpath+0x16/0x1b [ 231.378242] INFO: Object 0x880010dc8000 @offset=0 [ 231.378245] kmem_cache_destroy f2fs_dirty_dir_entry: Slab cache still has objects [ 231.378247] CPU: 0 PID: 2605 Comm: rmmod Tainted: GF B O 3.14.0-rc1fs #4 [ 231.378247] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 231.378248] 88000e5e3268 88000cc9beb8 8166fd7e 88000e5e3200 [ 231.378250] 88000cc9bed8 811934cf a0204f60 [ 231.378251] 88000cc9bee8 a01eab91 88000cc9bef8 a01facda [ 231.378253] Call Trace: [ 231.378255] [8166fd7e] dump_stack+0x45/0x56 [ 231.378256] [811934cf] kmem_cache_destroy+0xdf/0xf0 [ 231.378259] [a01eab91] destroy_checkpoint_caches+0x21/0x30 [f2fs] [ 231.378262] [a01facda] exit_f2fs_fs+0x28/0x34e [f2fs] [ 231.378263] [810ffe32] SyS_delete_module+0x152/0x1f0 [ 231.378265] [8111d85c] ? __audit_syscall_entry+0x9c/0xf0 [ 231.378266] [81680729] system_call_fastpath+0x16/0x1b Stack of allocation (obtained with KEDR, which is also used for fault simulation): [ 231.414875] [leak_check] Address: 0x880010dc8000, size: 24; stack trace of the allocation: [ 231.414886] [leak_check] [a01e9d72] set_dirty_dir_page+0x62/0xe0 [f2fs] [ 231.414893] [leak_check] [a01ec9be] f2fs_set_data_page_dirty+0x4e/0x90 [f2fs] [ 231.414898] [leak_check] [8117b02a] set_page_dirty+0x3a/0x60 [ 231.414904] [leak_check] [a01dfeb2] __f2fs_add_link+0x732/0x7d0 [f2fs] [ 231.414909] [leak_check] [a01e2f1b] f2fs_mkdir+0xbb/0x150 [f2fs] [ 231.414914] [leak_check] [811f2a37] vfs_mkdir+0xb7/0x160 [ 231.414918] [leak_check] [811f367f] SyS_mkdir+0x5f/0xc0 [ 231.414923] [leak_check] [81680729] system_call_fastpath+0x16/0x1b [ 231.414931] [leak_check] [] 0x P.S. It was required to add 'slub_debug' kernel options for make SLUB output correct cache name, otherwise cache f2fs_dirty_dir_entry was merged into free_nid one. It was surprise for me, that's why patch investigation took so long time. -- Best regards, Andrey Tsyvarev Linux Verification Center, ISPRAS web:http://linuxtesting.org -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, It turns out that make_bad_inode prior to iput sets i_mode to a regular file, so that f2fs_evict_inode -> truncate_inode_pages -> f2fs_invalidate_data_page doesn't decrement dirty_dents. This patch should resolve the bug. Thank you :) When a new directory is allocated, if an error is occurred, we should truncate preallocated dentry pages too. This bug was reported by Andrey Tsyvarev after a while as follows. mkdir()-> f2fs_add_link()-> init_inode_metadata()-> f2fs_init_acl()-> f2fs_get_acl()-> f2fs_getxattr()-> read_all_xattrs() fails. Also there was a BUG_ON triggered after the fault in mkdir()-> f2fs_add_link()-> init_inode_metadata()-> remove_inode_page() -> f2fs_bug_on(inode->i_blocks != 0 && inode->i_blocks != 1); But, previous patch wasn't perfect to resolve that bug, so the following bug report was also submitted. kernel BUG at fs/f2fs/inode.c:274! Call Trace: [] evict+0xa3/0x1a0 [] iput+0xf5/0x180 [] f2fs_mkdir+0xf3/0x150 [f2fs] [] vfs_mkdir+0xb7/0x160 [] SyS_mkdir+0x5f/0xc0 [] system_call_fastpath+0x16/0x1b Finally, this patch resolves all the issues like below. If an error is occurred after make_empty_dir(), 1. truncate_inode_pages() The make_bad_inode() prior to iput() will change i_mode to S_IFREG, which means that f2fs will not decrement fi->dirty_dents during f2fs_evict_inode. But, by calling it here, we can do that. 2. truncate_blocks() Preallocated dentry pages are trucated here to sync i_blocks. Reported-by: Andrey Tsyvarev Signed-off-by: Jaegeuk Kim --- fs/f2fs/dir.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index bfcb4ae..92ce1db 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -372,6 +372,9 @@ static struct page *init_inode_metadata(struct inode *inode, put_error: f2fs_put_page(page, 1); + /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ + truncate_inode_pages(>i_data, 0); + truncate_blocks(inode, 0); error: remove_inode_page(inode); return ERR_PTR(err); -- 1.8.4.474.g128a96c -- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [f2fs-dev] f2fs: f2fs unmount hangs if f2fs_init_acl() fails during mkdir syscall
Hi, It turns out that make_bad_inode prior to iput sets i_mode to a regular file, so that f2fs_evict_inode - truncate_inode_pages - f2fs_invalidate_data_page doesn't decrement dirty_dents. This patch should resolve the bug. Thank you :) When a new directory is allocated, if an error is occurred, we should truncate preallocated dentry pages too. This bug was reported by Andrey Tsyvarev after a while as follows. mkdir()- f2fs_add_link()- init_inode_metadata()- f2fs_init_acl()- f2fs_get_acl()- f2fs_getxattr()- read_all_xattrs() fails. Also there was a BUG_ON triggered after the fault in mkdir()- f2fs_add_link()- init_inode_metadata()- remove_inode_page() - f2fs_bug_on(inode-i_blocks != 0 inode-i_blocks != 1); But, previous patch wasn't perfect to resolve that bug, so the following bug report was also submitted. kernel BUG at fs/f2fs/inode.c:274! Call Trace: [811fde03] evict+0xa3/0x1a0 [811fe615] iput+0xf5/0x180 [a01c7f63] f2fs_mkdir+0xf3/0x150 [f2fs] [811f2a77] vfs_mkdir+0xb7/0x160 [811f36bf] SyS_mkdir+0x5f/0xc0 [81680769] system_call_fastpath+0x16/0x1b Finally, this patch resolves all the issues like below. If an error is occurred after make_empty_dir(), 1. truncate_inode_pages() The make_bad_inode() prior to iput() will change i_mode to S_IFREG, which means that f2fs will not decrement fi-dirty_dents during f2fs_evict_inode. But, by calling it here, we can do that. 2. truncate_blocks() Preallocated dentry pages are trucated here to sync i_blocks. Reported-by: Andrey Tsyvarev tsyva...@ispras.ru Signed-off-by: Jaegeuk Kim jaegeuk@samsung.com --- fs/f2fs/dir.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index bfcb4ae..92ce1db 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -372,6 +372,9 @@ static struct page *init_inode_metadata(struct inode *inode, put_error: f2fs_put_page(page, 1); + /* once the failed inode becomes a bad inode, i_mode is S_IFREG */ + truncate_inode_pages(inode-i_data, 0); + truncate_blocks(inode, 0); error: remove_inode_page(inode); return ERR_PTR(err); -- 1.8.4.474.g128a96c -- Jaegeuk Kim Samsung -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/