mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-03 07:38:10 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/btrfs
History
xiaoshoukui 7c93b89cd4 btrfs: fix BUG_ON condition in btrfs_cancel_balance 
commit 29eefa6d0d upstream.

Pausing and canceling balance can race to interrupt balance lead to BUG_ON
panic in btrfs_cancel_balance. The BUG_ON condition in btrfs_cancel_balance
does not take this race scenario into account.

However, the race condition has no other side effects. We can fix that.

Reproducing it with panic trace like this:

  kernel BUG at fs/btrfs/volumes.c:4618!
  RIP: 0010:btrfs_cancel_balance+0x5cf/0x6a0
  Call Trace:
   <TASK>
   ? do_nanosleep+0x60/0x120
   ? hrtimer_nanosleep+0xb7/0x1a0
   ? sched_core_clone_cookie+0x70/0x70
   btrfs_ioctl_balance_ctl+0x55/0x70
   btrfs_ioctl+0xa46/0xd20
   __x64_sys_ioctl+0x7d/0xa0
   do_syscall_64+0x38/0x80
   entry_SYSCALL_64_after_hwframe+0x63/0xcd

  Race scenario as follows:
  > mutex_unlock(&fs_info->balance_mutex);
  > --------------------
  > .......issue pause and cancel req in another thread
  > --------------------
  > ret = __btrfs_balance(fs_info);
  >
  > mutex_lock(&fs_info->balance_mutex);
  > if (ret == -ECANCELED && atomic_read(&fs_info->balance_pause_req)) {
  >         btrfs_info(fs_info, "balance: paused");
  >         btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE_PAUSED);
  > }

CC: stable@vger.kernel.org # 4.19+
Signed-off-by: xiaoshoukui <xiaoshoukui@ruijie.com.cn>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-08-30 16:31:47 +02:00
..
tests btrfs: remove pointless and double ulist frees in error paths of qgroup tests 2022-11-25 17:40:22 +01:00
acl.c Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl 2019-03-23 20:10:00 +01:00
async-thread.c btrfs: fix memory ordering between normal and ordered work functions 2021-11-26 11:36:23 +01:00
async-thread.h Btrfs: fix crash during unmount due to race with delayed inode workers 2020-04-17 10:48:49 +02:00
backref.c btrfs: fix inode list leak during backref walking at resolve_indirect_refs() 2022-11-10 17:46:52 +01:00
backref.h
btrfs_inode.h
check-integrity.c btrfs: fix possible NULL-pointer dereference in integrity checks 2020-02-24 08:34:49 +01:00
check-integrity.h
compression.c btrfs: mark compressed range uptodate only if all bio succeed 2021-08-08 08:54:28 +02:00
compression.h btrfs: correctly validate compression type 2019-09-16 08:22:19 +02:00
ctree.c btrfs: fix extent buffer leak after tree mod log failure at split_node() 2023-08-11 11:45:28 +02:00
ctree.h btrfs: tree-checker: Verify inode item 2020-11-10 12:35:56 +01:00
dedupe.h
delayed-inode.c btrfs: abort transaction if we fail to update the delayed inode 2021-07-20 16:15:45 +02:00
delayed-inode.h
delayed-ref.c Btrfs: fix race between adding and putting tree mod seq elements and nodes 2020-02-11 04:34:06 -08:00
delayed-ref.h
dev-replace.c btrfs: dev-replace: fail mount if we don't have replace item with target device 2020-11-18 19:18:48 +01:00
dev-replace.h
dir-item.c
disk-io.c btrfs: use nofs when cleaning up aborted transactions 2023-05-30 12:42:13 +01:00
disk-io.h btrfs: Check the first key and level for cached extent buffer 2019-05-22 07:37:42 +02:00
export.c btrfs: fix type of parameter generation in btrfs_get_dentry 2022-11-10 17:46:54 +01:00
export.h btrfs: fix type of parameter generation in btrfs_get_dentry 2022-11-10 17:46:54 +01:00
extent-tree.c btrfs: unlock newly allocated extent buffer after error 2022-03-16 13:20:28 +01:00
extent_io.c btrfs: don't stop integrity writeback too early 2023-08-16 18:13:01 +02:00
extent_io.h btrfs: fix qgroup reserve overflow the qgroup limit 2022-04-15 14:15:06 +02:00
extent_map.c Btrfs: fix race between using extent maps and merging them 2020-02-19 19:51:56 +01:00
extent_map.h
file-item.c btrfs: fix error handling in btrfs_del_csums 2021-06-10 13:24:07 +02:00
file.c btrfs: return value from btrfs_mark_extent_written() in case of error 2021-06-16 11:54:59 +02:00
free-space-cache.c btrfs: fix space cache inconsistency after error loading it from disk 2023-05-30 12:42:10 +01:00
free-space-cache.h
free-space-tree.c
free-space-tree.h
inode-item.c
inode-map.c Btrfs: fix inode cache waiters hanging on path allocation failure 2020-01-27 14:51:12 +01:00
inode-map.h
inode.c btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid 2023-05-30 12:42:10 +01:00
ioctl.c btrfs: scrub: reject unsupported scrub flags 2023-05-17 11:13:21 +02:00
Kconfig btrfs: disable build on platforms having page size 256K 2021-07-20 16:15:45 +02:00
locking.c
locking.h
lzo.c
Makefile
math.h
ordered-data.c Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents 2020-02-28 16:38:58 +01:00
ordered-data.h
orphan.c
print-tree.c btrfs: print-tree: parent bytenr must be aligned to sector size 2023-05-17 11:13:25 +02:00
print-tree.h
props.c btrfs: correctly validate compression type 2019-09-16 08:22:19 +02:00
props.h
qgroup.c btrfs: fix race when deleting quota root from the dirty cow roots list 2023-08-11 11:45:15 +02:00
qgroup.h
raid56.c btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() 2022-08-25 11:15:48 +02:00
raid56.h
rcu-string.h btrfs: replace strncpy() with strscpy() 2023-01-18 11:30:46 +01:00
reada.c btrfs: fix use-after-free on readahead extent after failure to create it 2020-11-05 11:08:48 +01:00
ref-verify.c btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod 2020-11-18 19:18:48 +01:00
ref-verify.h
relocation.c btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() 2023-06-14 10:57:14 +02:00
root-tree.c btrfs: do not delete mismatched root refs 2020-01-23 08:21:31 +01:00
scrub.c btrfs: merge btrfs_find_device and find_device 2020-06-22 09:04:59 +02:00
send.c btrfs: send: limit number of clones and allocated memory size 2023-03-03 11:40:07 +01:00
send.h
struct-funcs.c
super.c btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan 2021-01-19 18:22:36 +01:00
sysfs.c btrfs: sysfs: use NOFS for device creation 2020-08-26 10:30:59 +02:00
sysfs.h
transaction.c btrfs: check for commit error at btrfs_attach_transaction_barrier() 2023-08-11 11:45:34 +02:00
transaction.h Btrfs: fix deadlock between fiemap and transaction commits 2019-08-25 10:47:54 +02:00
tree-checker.c btrfs: tree-checker: fix the error message for transid error 2020-11-10 12:35:57 +01:00
tree-checker.h btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it 2020-11-10 12:35:56 +01:00
tree-defrag.c
tree-log.c btrfs: fix lost error handling when looking up extended ref on log replay 2022-08-25 11:15:34 +02:00
tree-log.h
ulist.c
ulist.h
uuid-tree.c btrfs: handle ENOENT in btrfs_uuid_tree_iterate 2019-12-31 16:34:44 +01:00
volumes.c btrfs: fix BUG_ON condition in btrfs_cancel_balance 2023-08-30 16:31:47 +02:00
volumes.h btrfs: tree-checker: Verify dev item 2020-11-10 12:35:56 +01:00
xattr.c btrfs: check if root is readonly while setting security xattr 2022-09-05 10:26:31 +02:00
xattr.h
zlib.c
zstd.c