From patchwork Tue Apr 14 02:28:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Theodore Ts'o X-Patchwork-Id: 1270018 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=linux-ext4-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=mit.edu Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 491Tx474tWz9sTn for ; Tue, 14 Apr 2020 12:30:32 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2404103AbgDNC2v (ORCPT ); Mon, 13 Apr 2020 22:28:51 -0400 Received: from outgoing-auth-1.mit.edu ([18.9.28.11]:46436 "EHLO outgoing.mit.edu" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728787AbgDNC2u (ORCPT ); Mon, 13 Apr 2020 22:28:50 -0400 Received: from callcc.thunk.org (pool-72-93-95-157.bstnma.fios.verizon.net [72.93.95.157]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 03E2SlQs007239 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 13 Apr 2020 22:28:47 -0400 Received: by callcc.thunk.org (Postfix, from userid 15806) id E2ABD42013D; Mon, 13 Apr 2020 22:28:46 -0400 (EDT) From: "Theodore Ts'o" To: Ext4 Developers List Cc: "Theodore Ts'o" Subject: [PATCH] ext4: fix BUG_ON in fs/ext4/page_io.c:ext4_release_io_end() Date: Mon, 13 Apr 2020 22:28:42 -0400 Message-Id: <20200414022842.272657-1-tytso@mit.edu> X-Mailer: git-send-email 2.24.1 MIME-Version: 1.0 Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org The function ext4_release_io_end() can be called by ext4_put_io_end_defer() with the EXT4_IO_UNWRITTEN flag set and io_end->size is 0. In that case, it's safe to release the io_end structure, since if io_end->size is zero, there is no unwritten region to release. This can be reproduced using generic/300, although not very reliably, and almost never using a freshly rebooted kernel. Google-Bug-Id: 15054006 Signed-off-by: "Theodore Ts'o" Reported-by: kbuild test robot --- fs/ext4/page-io.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c index de6fe969f773..15125e5b4827 100644 --- a/fs/ext4/page-io.c +++ b/fs/ext4/page-io.c @@ -153,7 +153,7 @@ static void ext4_release_io_end(ext4_io_end_t *io_end) struct bio *bio, *next_bio; BUG_ON(!list_empty(&io_end->list)); - BUG_ON(io_end->flag & EXT4_IO_END_UNWRITTEN); + BUG_ON((io_end->flag & EXT4_IO_END_UNWRITTEN) && io_end->size); WARN_ON(io_end->handle); for (bio = io_end->bio; bio; bio = next_bio) {