From patchwork Sat Mar 27 19:16:15 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: bugzilla-daemon@bugzilla.kernel.org X-Patchwork-Id: 48751 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 4FC40B7CF1 for ; Sun, 28 Mar 2010 06:16:20 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753842Ab0C0TQS (ORCPT ); Sat, 27 Mar 2010 15:16:18 -0400 Received: from demeter.kernel.org ([140.211.167.39]:50605 "EHLO demeter.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753841Ab0C0TQS (ORCPT ); Sat, 27 Mar 2010 15:16:18 -0400 Received: from demeter.kernel.org (localhost.localdomain [127.0.0.1]) by demeter.kernel.org (8.14.3/8.14.3) with ESMTP id o2RJGGg0019754 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 27 Mar 2010 19:16:17 GMT Received: (from apache@localhost) by demeter.kernel.org (8.14.3/8.14.3/Submit) id o2RJGFvn019746; Sat, 27 Mar 2010 19:16:15 GMT Date: Sat, 27 Mar 2010 19:16:15 GMT Message-Id: <201003271916.o2RJGFvn019746@demeter.kernel.org> From: bugzilla-daemon@bugzilla.kernel.org To: linux-ext4@vger.kernel.org Subject: [Bug 13549] Kernel oops while online resizing of an ext4 filesystem X-Bugzilla-Reason: None X-Bugzilla-Type: newchanged X-Bugzilla-Watch-Reason: AssignedTo fs_ext4@kernel-bugs.osdl.org X-Bugzilla-Product: File System X-Bugzilla-Component: ext4 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: sandeen@redhat.com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P1 X-Bugzilla-Assigned-To: fs_ext4@kernel-bugs.osdl.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: In-Reply-To: References: Auto-Submitted: auto-generated MIME-Version: 1.0 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (demeter.kernel.org [127.0.0.1]); Sat, 27 Mar 2010 19:16:17 +0000 (UTC) Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org https://bugzilla.kernel.org/show_bug.cgi?id=13549 --- Comment #18 from Eric Sandeen 2010-03-27 19:16:09 --- Reproducer works perfectly, thanks. So here's the issue; sbi->flex_groups[] doesn't get filled out in ext4_fill_flex_info() because: if (groups_per_flex < 2) { sbi->s_log_groups_per_flex = 0; return 1; } but resize is unconditionally doing this in ext4_group_add as long as the FLEX_BG feature is set: atomic_add(input->free_blocks_count, &sbi->s_flex_groups[flex_group].free_blocks); so for a NULL s_flex groups it went boom. Every other access to ->s_flex_groups checks s_log_groups_per_flex first, so this should be the proper fix: This fixes the reproducer, need to double check it on Alessandro's image. -Eric Index: linux-2.6/fs/ext4/resize.c =================================================================== --- linux-2.6.orig/fs/ext4/resize.c +++ linux-2.6/fs/ext4/resize.c @@ -930,7 +930,8 @@ int ext4_group_add(struct super_block *s percpu_counter_add(&sbi->s_freeinodes_counter, EXT4_INODES_PER_GROUP(sb)); - if (EXT4_HAS_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_FLEX_BG)) { + if (EXT4_HAS_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_FLEX_BG) && + sbi->s_log_groups_per_flex) { ext4_group_t flex_group; flex_group = ext4_flex_group(sbi, input->group); atomic_add(input->free_blocks_count,