From patchwork Wed Feb 7 02:01:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhiguo Niu X-Patchwork-Id: 197699 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:168b:b0:106:860b:bbdd with SMTP id ma11csp1945736dyb; Tue, 6 Feb 2024 18:02:43 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVYF0l8zcDIGmkDU/3yAZ2x8Gfy6VOVMv5SxsOniUg5/7hGEhhK02z5KNFcbhlEA+wpeyYRbBwF4YpY+CPNKDT63Xnr6w== X-Google-Smtp-Source: AGHT+IECRc1/epYwacA74SZOZ6JJ8LTgGGHkU4hhINuNzThpP8EOiOTrdc68VHBuljTY24YRSWL0 X-Received: by 2002:a05:6214:e67:b0:68c:a542:f082 with SMTP id jz7-20020a0562140e6700b0068ca542f082mr8686844qvb.7.1707271363374; Tue, 06 Feb 2024 18:02:43 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707271363; cv=pass; d=google.com; s=arc-20160816; b=pY2z7EzOkptExs4QY83B6PgCuyuvr+laF8AhhwUZay3tZ12hHu8JXcyg9m/2l4I74/ 59HQUjtF+lMMYBxaoGYOqr49EPcUSQdxFif3JSZeI8KDt+XyoPU0oIGQn8k4rFo6czn1 /KuC3ZDvHRJXX/pM/JhpzVlj3iOEg3G9a/7axgGdatgfk5t5U7x++ro2Ajoiq1jT3Zar hdiC1U0TzSkuTDc5FOiqBvt+e1Is/ZYluS7yOF1jH3Zp/qIpiGFJy+xL0N9GU4uSP40k NWDWMvyfJOdoTEugAa8nunx6UlVUJ1N39NvDud/1bb1vyaLmI3Pk80TeZugxKmkCGV1m rvBw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:in-reply-to:message-id:date:subject:cc:to:from; bh=FOokTu0s+bVReKHVSYa0qE6gIQjcvqYd+nCqBdDRciw=; fh=2NxDZ6AnrPxeUl2wQhowBsEYXz9MtDkLSQH75zmN7+w=; b=ue7McaoZ/er6QdC2ZjvDc14wvZHTZM9SmYiPuOnRBKGVdrRVWz9kMlFwMOfwv/euyI z5/jE0nxttTsGM3UuAm980I1DYfhx5hY6o/nROiOB3x18lT01dMjGm6LwjolW39PRtc5 QAwS0+56/D96BlvW8UeENV0MC1O2IsVGJWl9m/1AC1s69JJGfoKgWYgKbgnY+gCia5ph dg1Ot+6TAlvLlQc8/JMv5wd7wPYaxmItyS2d5XmxDjcfpjGty5omnWWBNQw7627v7g6G AGSOB4/eQjGIuF3Z13OXiJuO7qbJaFvyCfpFWJA2BNoaWs+pmnY7Mwj0vrloLnQTSQEt 6iOA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=unisoc.com); spf=pass (google.com: domain of linux-kernel+bounces-55828-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-55828-ouuuleilei=gmail.com@vger.kernel.org" X-Forwarded-Encrypted: i=2; AJvYcCUfOVaRyIYKCzUArPv4Esu3oYqPB1oz1VY/Q6FSXz97wP5P3S39E3d0ZKWkZAvpcLqPtM71RToPSAXr5i0kmHyyqfo+gA== Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id u6-20020a0562140b0600b0068c6cc81ba8si214695qvj.392.2024.02.06.18.02.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Feb 2024 18:02:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-55828-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=unisoc.com); spf=pass (google.com: domain of linux-kernel+bounces-55828-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-55828-ouuuleilei=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 2D46F1C21920 for ; Wed, 7 Feb 2024 02:02:43 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 15CF210957; Wed, 7 Feb 2024 02:02:10 +0000 (UTC) Received: from SHSQR01.spreadtrum.com (unknown [222.66.158.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A24A9DDA9 for ; Wed, 7 Feb 2024 02:02:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=222.66.158.135 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707271328; cv=none; b=L+jSuuXok1adcbctc75blkogvYE5PA3uXvfjgAWpdV44G5aAeEui8nL92XFUkeT5cV1679aSDRsdROoIT1gNVsCWrU7Q0XE5cqWpdBxEnBDf4R9PczcqYFJ5VXnVV/g1G8lwk8oC5c7EDSuzxNRYnuTy7vPGpxUKyZu8XnekYfk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707271328; c=relaxed/simple; bh=6uQRtxfwHI6lbSKM3KACvgqQQaO9b8pFw4vx06rzZ/U=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=upWQCZrASqpFYISD65EBnTG3ElSNzkR/cOo3AVjPgLlrtu5puYVJqy3W2tJ/bs1yu0niPcNPsytbK8jBLMM1X6T60hFyDUBmCPOyzhXcHS0ERssZhqz/+XmOYSKfiY3C4YgdQpilB6Fp6shDnVS/Vno8YqFLKkwKiBBVYjvCZWE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=unisoc.com; spf=pass smtp.mailfrom=unisoc.com; arc=none smtp.client-ip=222.66.158.135 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=unisoc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=unisoc.com Received: from dlp.unisoc.com ([10.29.3.86]) by SHSQR01.spreadtrum.com with ESMTP id 41721Vt7075716; Wed, 7 Feb 2024 10:01:31 +0800 (+08) (envelope-from Zhiguo.Niu@unisoc.com) Received: from SHDLP.spreadtrum.com (bjmbx02.spreadtrum.com [10.0.64.8]) by dlp.unisoc.com (SkyGuard) with ESMTPS id 4TV3J40K0Dz2K4cHw; Wed, 7 Feb 2024 10:01:24 +0800 (CST) Received: from bj08434pcu.spreadtrum.com (10.0.73.87) by BJMBX02.spreadtrum.com (10.0.64.8) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Wed, 7 Feb 2024 10:01:29 +0800 From: Zhiguo Niu To: , CC: , , , , , Subject: [PATCH v2 2/4] f2fs: fix panic issue in update_sit_entry Date: Wed, 7 Feb 2024 10:01:02 +0800 Message-ID: <1707271264-5551-3-git-send-email-zhiguo.niu@unisoc.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1707271264-5551-1-git-send-email-zhiguo.niu@unisoc.com> References: <1707271264-5551-1-git-send-email-zhiguo.niu@unisoc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SHCAS03.spreadtrum.com (10.0.1.207) To BJMBX02.spreadtrum.com (10.0.64.8) X-MAIL: SHSQR01.spreadtrum.com 41721Vt7075716 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1790203776918093751 X-GMAIL-MSGID: 1790203776918093751 When CONFIG_F2FS_CHECK_FS is not enabled, f2fs_bug_on just printing warning, get_new_segment may get an out-of-bounds segment when there is no free segments. Then a block is allocated from this invalid segment, update_sit_entry will access the invalid bitmap address, cause system panic. Just as below call stack: f2fs_allocate_data_block get a block address with 0x4000 and partition size is 64MB [ 13.401997] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 13.402003] Mem abort info: [ 13.402006] ESR = 0x96000005 [ 13.402009] EC = 0x25: DABT (current EL), IL = 32 bits [ 13.402015] SET = 0, FnV = 0 [ 13.402018] EA = 0, S1PTW = 0 [ 13.402021] FSC = 0x05: level 1 translation fault [ 13.402025] Data abort info: [ 13.402027] ISV = 0, ISS = 0x00000005 [ 13.402030] CM = 0, WnR = 0 [ 13.402034] user pgtable: 4k pages, 39-bit VAs, pgdp=00000001066ab000 [ 13.402038] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000 [ 13.402052] Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 13.489854] pc : update_sit_entry+0x128/0x420 [ 13.490497] lr : f2fs_allocate_data_block+0x6b0/0xc2c [ 13.491218] sp : ffffffc00e023440 [ 13.501530] Call trace: [ 13.501930] update_sit_entry+0x128/0x420 [ 13.502523] f2fs_allocate_data_block+0x6b0/0xc2c [ 13.503203] do_write_page+0xf0/0x1d4 [ 13.503752] f2fs_outplace_write_data+0x68/0xfc [ 13.504408] f2fs_do_write_data_page+0x3a8/0x65c [ 13.505076] move_data_page+0x294/0x7a8 [ 13.505647] gc_data_segment+0x4b8/0x800 [ 13.506229] do_garbage_collect+0x354/0x674 [ 13.506843] f2fs_gc+0x280/0x68c [ 13.507340] f2fs_balance_fs+0x104/0x144 [ 13.507921] f2fs_create+0x310/0x3d8 [ 13.508458] path_openat+0x53c/0xc28 [ 13.508997] do_filp_open+0xbc/0x16c [ 13.509535] do_sys_openat2+0xa0/0x2a0 So sanity check should be add in update_sit_entry. Also remove some redundant judgment code. Signed-off-by: Zhiguo Niu --- fs/f2fs/segment.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c index ad6511f..f373ff7 100644 --- a/fs/f2fs/segment.c +++ b/fs/f2fs/segment.c @@ -2399,6 +2399,8 @@ static void update_sit_entry(struct f2fs_sb_info *sbi, block_t blkaddr, int del) #endif segno = GET_SEGNO(sbi, blkaddr); + if (segno == NULL_SEGNO) + return; se = get_seg_entry(sbi, segno); new_vblocks = se->valid_blocks + del; @@ -3464,8 +3466,7 @@ void f2fs_allocate_data_block(struct f2fs_sb_info *sbi, struct page *page, * since SSR needs latest valid block information. */ update_sit_entry(sbi, *new_blkaddr, 1); - if (GET_SEGNO(sbi, old_blkaddr) != NULL_SEGNO) - update_sit_entry(sbi, old_blkaddr, -1); + update_sit_entry(sbi, old_blkaddr, -1); /* * If the current segment is full, flush it out and replace it with a