linux-stable/fs/xfs
Darrick J. Wong ea78d80866 xfs: track log done items directly in the deferred pending work item
Christoph reports slab corruption when a deferred refcount update
aborts during _defer_finish().  The cause of this was broken log item
state tracking in xfs_defer_pending -- upon an abort,
_defer_trans_abort() will call abort_intent on all intent items,
including the ones that have already had a done item attached.

This is incorrect because each intent item has 2 refcount: the first
is released when the intent item is committed to the log; and the
second is released when the _done_ item is committed to the log, or
by the intent creator if there is no done item.  In other words, once
we log the done item, responsibility for releasing the intent item's
second refcount is transferred to the done item and /must not/ be
performed by anything else.

The dfp_committed flag should have been tracking whether or not we had
a done item so that _defer_trans_abort could decide if it needs to
abort the intent item, but due to a thinko this was not the case.  Rip
it out and track the done item directly so that we do the right thing
w.r.t. intent item freeing.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reported-by: Christoph Hellwig <hch@infradead.org>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2016-08-30 13:51:39 +10:00
..
libxfs xfs: track log done items directly in the deferred pending work item 2016-08-30 13:51:39 +10:00
Kconfig xfs: implement iomap based buffered write path 2016-06-21 09:53:44 +10:00
kmem.c xfs: improve kmem_realloc 2016-04-06 09:47:01 +10:00
kmem.h xfs: improve kmem_realloc 2016-04-06 09:47:01 +10:00
Makefile xfs: reverse block mapping support for 4.8-rc1 2016-08-06 09:50:36 -04:00
mrlock.h
uuid.c
uuid.h
xfs.h
xfs_acl.c posix_acl: Inode acl caching fixes 2016-03-31 00:30:15 -04:00
xfs_acl.h
xfs_aops.c xfs: update for 4.8-rc1 2016-07-27 09:53:35 -07:00
xfs_aops.h xfs: direct calls in the direct I/O path 2016-07-20 11:38:01 +10:00
xfs_attr.h xfs: remove put_value from attr ->put_listent context 2016-04-06 07:57:45 +10:00
xfs_attr_inactive.c xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_attr_list.c xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_bmap_util.c xfs: disable XFS_IOC_SWAPEXT when rmap btree is enabled 2016-08-03 12:18:07 +10:00
xfs_bmap_util.h xfs: change xfs_bmap_{finish,cancel,init,free} -> xfs_defer_* 2016-08-03 11:18:10 +10:00
xfs_buf.c xfs: prevent dropping ioend completions during buftarg wait 2016-08-26 16:01:59 +10:00
xfs_buf.h xfs: track and serialize in-flight async buffers against unmount 2016-07-20 11:15:28 +10:00
xfs_buf_item.c Merge branch 'xfs-4.8-misc-fixes-4' into for-next 2016-07-22 14:10:56 +10:00
xfs_buf_item.h
xfs_dir2_readdir.c xfs: concurrent readdir hangs on data buffer locks 2016-05-18 13:20:21 -04:00
xfs_discard.c xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_discard.h
xfs_dquot.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_dquot.h
xfs_dquot_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_dquot_item.h
xfs_error.c Merge branch 'xfs-4.8-misc-fixes-3' into for-next 2016-07-20 11:51:08 +10:00
xfs_error.h xfs: propagate bmap updates to rmapbt 2016-08-03 12:16:05 +10:00
xfs_export.c xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_export.h
xfs_extent_busy.c
xfs_extent_busy.h
xfs_extfree_item.c xfs: remove unnecessary parentheses from log redo item recovery functions 2016-08-03 12:29:32 +10:00
xfs_extfree_item.h xfs: refactor redo intent item processing 2016-08-03 11:23:49 +10:00
xfs_file.c xfs: don't invalidate whole file on DAX read/write 2016-08-17 08:31:33 +10:00
xfs_filestream.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_filestream.h
xfs_fsops.c xfs: store rmapbt block count in the AGF 2016-08-17 08:31:49 +10:00
xfs_fsops.h
xfs_globals.c
xfs_icache.c xfs: cancel eofblocks background trimming on remount read-only 2016-06-21 11:53:28 +10:00
xfs_icache.h xfs: cancel eofblocks background trimming on remount read-only 2016-06-21 11:53:28 +10:00
xfs_icreate_item.c
xfs_icreate_item.h
xfs_inode.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_inode.h xfs: change xfs_bmap_{finish,cancel,init,free} -> xfs_defer_* 2016-08-03 11:18:10 +10:00
xfs_inode_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_inode_item.h
xfs_ioctl.c fs: return EPERM on immutable inode 2016-08-07 10:03:31 -04:00
xfs_ioctl.h xfs: don't pass ioflags around in the ioctl path 2016-07-20 11:29:35 +10:00
xfs_ioctl32.c xfs: don't pass ioflags around in the ioctl path 2016-07-20 11:29:35 +10:00
xfs_ioctl32.h
xfs_iomap.c Merge branch 'iomap-fixes-4.8-rc3' into for-next 2016-08-17 11:13:37 +10:00
xfs_iomap.h xfs: (re-)implement FIEMAP_FLAG_XATTR 2016-08-17 08:45:30 +10:00
xfs_iops.c xfs: (re-)implement FIEMAP_FLAG_XATTR 2016-08-17 08:45:30 +10:00
xfs_iops.h
xfs_itable.c
xfs_itable.h
xfs_linux.h xfs: remove __arch_pack 2016-07-20 11:48:46 +10:00
xfs_log.c Merge branch 'xfs-4.8-buf-fixes' into for-next 2016-07-20 11:53:35 +10:00
xfs_log.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_log_cil.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_log_priv.h xfs: remove transaction types 2016-04-06 09:20:36 +10:00
xfs_log_recover.c xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_message.c
xfs_message.h
xfs_mount.c xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_mount.h xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_mru_cache.c
xfs_mru_cache.h
xfs_ondisk.h xfs: define the on-disk rmap btree format 2016-08-03 11:36:07 +10:00
xfs_pnfs.c xfs: make xfs_bmbt_to_iomap available outside of xfs_pnfs.c 2016-06-21 09:52:47 +10:00
xfs_pnfs.h xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_qm.c xfs: better xfs_trans_alloc interface 2016-04-06 09:19:55 +10:00
xfs_qm.h
xfs_qm_bhv.c
xfs_qm_syscalls.c xfs: better xfs_trans_alloc interface 2016-04-06 09:19:55 +10:00
xfs_quota.h
xfs_quotaops.c
xfs_rmap_item.c xfs: remove unnecessary parentheses from log redo item recovery functions 2016-08-03 12:29:32 +10:00
xfs_rmap_item.h xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_rtalloc.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_rtalloc.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_stats.c xfs: reverse block mapping support for 4.8-rc1 2016-08-06 09:50:36 -04:00
xfs_stats.h xfs: add rmap btree stats infrastructure 2016-08-03 11:31:11 +10:00
xfs_super.c xfs: disallow mounting of realtime + rmap filesystems 2016-08-26 15:59:19 +10:00
xfs_super.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_symlink.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_symlink.h
xfs_sysctl.c
xfs_sysctl.h
xfs_sysfs.c xfs: fix xfs_error_get_cfg for negative errnos 2016-07-20 10:48:51 +10:00
xfs_sysfs.h xfs: configurable error behavior via sysfs 2016-05-18 10:58:51 +10:00
xfs_trace.c xfs: rework xfs_bmap_free callers to use xfs_defer_ops 2016-08-03 11:15:38 +10:00
xfs_trace.h xfs: track log done items directly in the deferred pending work item 2016-08-30 13:51:39 +10:00
xfs_trans.c xfs: remove transaction types 2016-04-06 09:20:36 +10:00
xfs_trans.h xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_trans_ail.c
xfs_trans_buf.c
xfs_trans_dquot.c
xfs_trans_extfree.c xfs: move (and rename) the deferred bmap-free tracepoints 2016-08-03 12:31:07 +10:00
xfs_trans_inode.c
xfs_trans_priv.h
xfs_trans_rmap.c xfs: collapse single use static functions 2016-08-03 12:30:31 +10:00
xfs_xattr.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-05-27 17:14:05 -07:00