xfs_vm_releasepage() causing BUG at free_buffer_head()
Alex Lyakas
alex at zadarastorage.com
Wed Jul 20 04:42:54 CDT 2016
Hello Dave,
Grepping through my kernel source code, I see the following:
- direct users of b_assoc_buffers are nilfs2, reiserfs and jbd2. In my case,
jbd2 is used by ext4. Looking at jbd2 usage, however, it looks like it
handles this list correctly.
- the only other place where somebody can use the "b_assoc_buffers" link is
by calling mark_buffer_dirty_inode(), which puts the bufferhead on
"mapping->private_list" using the "b_assoc_buffers" link. There are several
users of this API, but for my case the only relevant being again jbd2.
Therefore, I will ask on the ext4 community.
Thanks,
Alex.
-----Original Message-----
From: Dave Chinner
Sent: Wednesday, July 20, 2016 2:11 AM
To: Alex Lyakas
Cc: xfs at oss.sgi.com
Subject: Re: xfs_vm_releasepage() causing BUG at free_buffer_head()
On Mon, Jul 18, 2016 at 09:00:41PM +0300, Alex Lyakas wrote:
> Greetings XFS community,
>
> We have hit the following BUG [1].
>
> This is in free_buffer_head():
> BUG_ON(!list_empty(&bh->b_assoc_buffers));
XFS doesn't use the bh->b_assoc_buffers field at all, so nothing in
XFS should ever corrupt it. Do you have any extN filesystems active,
or any other filesystems/block devices that use bufferheads than
might have a use after free bug? e.g. a long time ago (circa
~2.6.16, IIRC) we had a bufferhead corruption problem detected in
XFS that was actually caused by a reiserfs use after free.
Cheers,
Dave.
--
Dave Chinner
david at fromorbit.com
More information about the xfs
mailing list