xfs
[Top] [All Lists]

Re: [PATCH] xfs: Fix rounding in xfs_alloc_fix_len()

To: Brian Foster <bfoster@xxxxxxxxxx>
Subject: Re: [PATCH] xfs: Fix rounding in xfs_alloc_fix_len()
From: Jan Kara <jack@xxxxxxx>
Date: Wed, 4 Jun 2014 17:10:34 +0200
Cc: Jan Kara <jack@xxxxxxx>, xfs@xxxxxxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20140604133551.GA55624@xxxxxxxxxxxxxxx>
References: <1401875293-16227-1-git-send-email-jack@xxxxxxx> <20140604133551.GA55624@xxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
On Wed 04-06-14 09:35:51, Brian Foster wrote:
> On Wed, Jun 04, 2014 at 11:48:13AM +0200, Jan Kara wrote:
> > Rounding in xfs_alloc_fix_len() is wrong. As the comment states, the
> > result should be a number of a form (k*prod+mod) however due to sign
> > mistake the result is different. As a result allocations on raid arrays
> > could be misaligned in some cases.
> > 
> > This also seems to fix occasional assertion failure:
> >     XFS_WANT_CORRUPTED_GOTO(rlen <= flen, error0)
> > in xfs_alloc_ag_vextent_size().
> 
> Do you happen to have a reproducer for this?
  No, IBM triggered this during their testing on powerPC. I can ask them if
they can share the test if you are interested.

> The meaning of args->prod (the structure definition comment calls it the
> prod value) is not clear to me. I see that we set it to an extent
> size hint if one exists (in xfs_bmap_btalloc()), so I'll go with that.
> args->mod then becomes the modulo of the file offset against that
> alignment hint.
> 
> > Signed-off-by: Jan Kara <jack@xxxxxxx>
> > ---
> >  fs/xfs/xfs_alloc.c | 14 ++++++--------
> >  1 file changed, 6 insertions(+), 8 deletions(-)
> > 
> > diff --git a/fs/xfs/xfs_alloc.c b/fs/xfs/xfs_alloc.c
> > index c1cf6a336a72..6a0281b16451 100644
> > --- a/fs/xfs/xfs_alloc.c
> > +++ b/fs/xfs/xfs_alloc.c
> > @@ -257,14 +257,12 @@ xfs_alloc_fix_len(
> 
> We get here and take the extent length, mod against the alignment and
> compare to the mod of the offset. 
> 
> >     k = rlen % args->prod;
> >     if (k == args->mod)
> >             return;
> > -   if (k > args->mod) {
> > -           if ((int)(rlen = rlen - k - args->mod) < (int)args->minlen)
> > -                   return;
> > -   } else {
> > -           if ((int)(rlen = rlen - args->prod - (args->mod - k)) <
> > -               (int)args->minlen)
> > -                   return;
> > -   }
> > +   if (k > args->mod)
> > +           rlen = rlen - (k - args->mod);
> 
> If the length mod is greater than the offset mod, reduce the length by
> the delta of the mods.
> 
> > +   else
> > +           rlen = rlen - args->prod + (args->mod - k);
> 
> Otherwise (length mod is less than offset mod), reduce by a full
> alignment size and add back the difference to match the offset mod.
> 
> This seems correct to me.
> 
> > +   if ((int)rlen < (int)args->minlen)
> > +           return;
> >     ASSERT(rlen >= args->minlen);
> >     ASSERT(rlen <= args->maxlen);
> 
> The rlen >= minlen assert seems kind of pointless here, but what about
> changing both instances of these two asserts to the following:
  Well, rlen has been decreased so rlen >= minlen makes sense. rlen <=
maxlen seems to be the obvious one to me.

>       ASSERT(rlen >= args->minlen && rlen <= args->maxlen);
> 
> ... and add a new one after the length adjustment along the lines of:
> 
>       ASSERT((rlen % args->prod) == args->mod);
> 
> Thoughts? Would this have caught the problem you've found earlier?
  Yes, this would have caught the bug. Should I add this assertion an
resend?

                                                                Honza

-- 
Jan Kara <jack@xxxxxxx>
SUSE Labs, CR

<Prev in Thread] Current Thread [Next in Thread>