On Mon, Nov 16, 2009 at 12:57:02PM +0100, Jan Rekorajski wrote:
> Hi,
> I was hit by a bug in linux 2.6.31 when XFS is not able to recover the
> log after a crash if fs was mounted with quotas. Gory details in XFS
> bugzilla: http://oss.sgi.com/bugzilla/show_bug.cgi?id=855.
>
> It looks like wrong struct is used in buffer length check, and the following
> patch should fix the problem.
>
> xfs_dqblk_t has a size of 104+32 bytes, while xfs_disk_dquot_t is 104 bytes
> long, and this is exactly what I see in system logs - "XFS: dquot too small
> (104) in xlog_recover_do_dquot_trans."
Yikes, great brown paperbag bug. Indeed, as per
xfs_qm_dquot_logitem_format() we only log the xfs_disk_dquot_t and not
the full xfs_dqblk_t.
Felix, can you try to get this to Linus before .32 as this is clearly a
regression.
I'll also put the writing of more quota testcases including testing the
log recovery even higher on my todo list.
Reviewed-by: Christoph Hellwig <hch@xxxxxx>
> --- linux-2.6.31.5/fs/xfs/xfs_log_recover.c.orig 2009-11-01
> 23:59:52.194846209 +0100
> +++ linux-2.6.31.5/fs/xfs/xfs_log_recover.c 2009-11-16 12:47:11.601490963
> +0100
> @@ -1980,7 +1980,7 @@
> "XFS: NULL dquot in %s.", __func__);
> goto next;
> }
> - if (item->ri_buf[i].i_len < sizeof(xfs_dqblk_t)) {
> + if (item->ri_buf[i].i_len < sizeof(xfs_disk_dquot_t)) {
> cmn_err(CE_ALERT,
> "XFS: dquot too small (%d) in %s.",
> item->ri_buf[i].i_len, __func__);
> @@ -2636,7 +2636,7 @@
> "XFS: NULL dquot in %s.", __func__);
> return XFS_ERROR(EIO);
> }
> - if (item->ri_buf[1].i_len < sizeof(xfs_dqblk_t)) {
> + if (item->ri_buf[1].i_len < sizeof(xfs_disk_dquot_t)) {
> cmn_err(CE_ALERT,
> "XFS: dquot too small (%d) in %s.",
> item->ri_buf[1].i_len, __func__);
>
> --
> Jan Rekorajski | ALL SUSPECTS ARE GUILTY. PERIOD!
> baggins<at>mimuw.edu.pl | OTHERWISE THEY WOULDN'T BE SUSPECTS, WOULD THEY?
> BOFH, MANIAC | -- TROOPS by Kevin Rubio
---end quoted text---
|