Btrfs: hunting slab corruption

Signed-off-by: Chris Mason <chris.mason@oracle.com>
This commit is contained in:
Chris Mason 2007-03-30 08:47:31 -04:00 committed by David Woodhouse
parent f254e52c1c
commit 22b0ebda6c
5 changed files with 27 additions and 6 deletions

View file

@ -457,6 +457,8 @@ int btrfs_search_slot(struct btrfs_trans_handle *trans, struct btrfs_root
int ret;
int level;
WARN_ON(p->nodes[0] != NULL);
WARN_ON(!mutex_is_locked(&root->fs_info->fs_mutex));
again:
b = root->node;
get_bh(b);

View file

@ -35,6 +35,8 @@ int btrfs_insert_dir_item(struct btrfs_trans_handle *trans, struct btrfs_root
btrfs_set_dir_name_len(dir_item, name_len);
name_ptr = (char *)(dir_item + 1);
memcpy(name_ptr, name, name_len);
if (name_ptr + name_len > path.nodes[0]->b_data + 4096)
WARN_ON(1);
mark_buffer_dirty(path.nodes[0]);
out:
btrfs_release_path(root, &path);

View file

@ -3,6 +3,7 @@
#include <linux/blkdev.h>
#include <linux/crypto.h>
#include <linux/scatterlist.h>
#include <linux/swap.h>
#include "ctree.h"
#include "disk-io.h"
#include "transaction.h"
@ -50,6 +51,8 @@ struct buffer_head *btrfs_find_tree_block(struct btrfs_root *root, u64 blocknr)
} while (bh != head);
out_unlock:
unlock_page(page);
if (ret)
touch_buffer(ret);
page_cache_release(page);
return ret;
}
@ -65,6 +68,7 @@ struct buffer_head *btrfs_find_create_tree_block(struct btrfs_root *root,
struct buffer_head *head;
struct buffer_head *ret = NULL;
u64 first_block = index << (PAGE_CACHE_SHIFT - blockbits);
page = grab_cache_page(mapping, index);
if (!page)
return NULL;
@ -89,6 +93,8 @@ struct buffer_head *btrfs_find_create_tree_block(struct btrfs_root *root,
} while (bh != head);
out_unlock:
unlock_page(page);
if (ret)
touch_buffer(ret);
page_cache_release(page);
return ret;
}
@ -139,7 +145,7 @@ int btrfs_csum_data(struct btrfs_root * root, char *data, size_t len,
desc.flags = 0;
sg_init_one(&sg, data, len);
spin_lock(&root->fs_info->hash_lock);
ret = crypto_hash_digest(&desc, &sg, len, result);
ret = crypto_hash_digest(&desc, &sg, 1, result);
spin_unlock(&root->fs_info->hash_lock);
if (ret) {
printk("sha256 digest failed\n");
@ -153,6 +159,7 @@ static int csum_tree_block(struct btrfs_root *root, struct buffer_head *bh,
int ret;
struct btrfs_node *node;
return 0;
ret = btrfs_csum_data(root, bh->b_data + BTRFS_CSUM_SIZE,
bh->b_size - BTRFS_CSUM_SIZE, result);
if (ret)
@ -165,17 +172,17 @@ static int csum_tree_block(struct btrfs_root *root, struct buffer_head *bh,
}
} else {
node = btrfs_buffer_node(bh);
memcpy(&node->header.csum, result, BTRFS_CSUM_SIZE);
memcpy(node->header.csum, result, BTRFS_CSUM_SIZE);
}
return 0;
}
static int btree_writepage(struct page *page, struct writeback_control *wbc)
{
#if 0
struct buffer_head *bh;
struct btrfs_root *root = btrfs_sb(page->mapping->host->i_sb);
struct buffer_head *head;
if (!page_has_buffers(page)) {
create_empty_buffers(page, root->fs_info->sb->s_blocksize,
(1 << BH_Dirty)|(1 << BH_Uptodate));
@ -187,6 +194,7 @@ static int btree_writepage(struct page *page, struct writeback_control *wbc)
csum_tree_block(root, bh, 0);
bh = bh->b_this_page;
} while (bh != head);
#endif
return block_write_full_page(page, btree_get_block, wbc);
}
@ -312,6 +320,8 @@ struct btrfs_root *open_ctree(struct super_block *sb,
fs_info->btree_inode->i_ino = 1;
fs_info->btree_inode->i_size = sb->s_bdev->bd_inode->i_size;
fs_info->btree_inode->i_mapping->a_ops = &btree_aops;
insert_inode_hash(fs_info->btree_inode);
mapping_set_gfp_mask(fs_info->btree_inode->i_mapping, GFP_NOFS);
fs_info->hash_tfm = crypto_alloc_hash("sha256", 0, CRYPTO_ALG_ASYNC);
spin_lock_init(&fs_info->hash_lock);

View file

@ -361,13 +361,16 @@ static struct dentry *btrfs_lookup(struct inode *dir, struct dentry *dentry,
struct nameidata *nd)
{
struct inode * inode;
struct btrfs_root *root = btrfs_sb(dir->i_sb);
ino_t ino;
int ret;
if (dentry->d_name.len > BTRFS_NAME_LEN)
return ERR_PTR(-ENAMETOOLONG);
mutex_lock(&root->fs_info->fs_mutex);
ret = btrfs_inode_by_name(dir, dentry, &ino);
mutex_unlock(&root->fs_info->fs_mutex);
if (ret < 0)
return ERR_PTR(ret);
inode = NULL;
@ -395,6 +398,7 @@ static int btrfs_readdir(struct file *filp, void *dirent, filldir_t filldir)
unsigned char d_type = DT_UNKNOWN;
int over = 0;
mutex_lock(&root->fs_info->fs_mutex);
key.objectid = inode->i_ino;
key.flags = 0;
btrfs_set_key_type(&key, BTRFS_DIR_ITEM_KEY);
@ -446,6 +450,7 @@ static int btrfs_readdir(struct file *filp, void *dirent, filldir_t filldir)
ret = 0;
err:
btrfs_release_path(root, &path);
mutex_unlock(&root->fs_info->fs_mutex);
return ret;
}
@ -667,8 +672,8 @@ static int btrfs_create(struct inode *dir, struct dentry *dentry,
inode->i_op = &btrfs_file_inode_operations;
}
dir->i_sb->s_dirt = 1;
btrfs_end_transaction(trans, root);
out_unlock:
btrfs_end_transaction(trans, root);
mutex_unlock(&root->fs_info->fs_mutex);
if (drop_inode) {
inode_dec_link_count(inode);

View file

@ -197,8 +197,10 @@ int btrfs_commit_transaction(struct btrfs_trans_handle *trans,
ret = btrfs_del_root(trans, root->fs_info->tree_root,
&snap_key);
BUG_ON(ret); root->fs_info->generation = root->root_key.offset + 1; ret = btrfs_end_transaction(trans, root); BUG_ON(ret);
printk("at free, total trans %d\n", total_trans);
BUG_ON(ret);
root->fs_info->generation = root->root_key.offset + 1;
ret = btrfs_end_transaction(trans, root);
BUG_ON(ret);
}
return ret;