diff options
| author | Dave Chinner <dchinner@redhat.com> | 2013-05-28 04:37:17 -0400 |
|---|---|---|
| committer | Ben Myers <bpm@sgi.com> | 2013-05-30 18:22:54 -0400 |
| commit | e400d27d1690d609f203f2d7d8efebc98cbc3089 (patch) | |
| tree | 6bb2cdbfb4e6d8ccb650d10e03683e291eeb6c10 /fs/xfs/xfs_dir2_node.c | |
| parent | 7c9950fd2ac97431230544142d5e652e1b948372 (diff) | |
xfs: fix dir3 freespace block corruption
When the directory freespace index grows to a second block (2017
4k data blocks in the directory), the initialisation of the second
new block header goes wrong. The write verifier fires a corruption
error indicating that the block number in the header is zero. This
was being tripped by xfs/110.
The problem is that the initialisation of the new block is done just
fine in xfs_dir3_free_get_buf(), but the caller then users a dirv2
structure to zero on-disk header fields that xfs_dir3_free_get_buf()
has already zeroed. These lined up with the block number in the dir
v3 header format.
While looking at this, I noticed that the struct xfs_dir3_free_hdr()
had 4 bytes of padding in it that wasn't defined as padding or being
zeroed by the initialisation. Add a pad field declaration and fully
zero the on disk and in-core headers in xfs_dir3_free_get_buf() so
that this is never an issue in the future. Note that this doesn't
change the on-disk layout, just makes the 32 bits of padding in the
layout explicit.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
(cherry picked from commit 5ae6e6a401957698f2bd8c9f4a86d86d02199fea)
Diffstat (limited to 'fs/xfs/xfs_dir2_node.c')
| -rw-r--r-- | fs/xfs/xfs_dir2_node.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/fs/xfs/xfs_dir2_node.c b/fs/xfs/xfs_dir2_node.c index 5246de4912d4..2226a00acd15 100644 --- a/fs/xfs/xfs_dir2_node.c +++ b/fs/xfs/xfs_dir2_node.c | |||
| @@ -263,18 +263,19 @@ xfs_dir3_free_get_buf( | |||
| 263 | * Initialize the new block to be empty, and remember | 263 | * Initialize the new block to be empty, and remember |
| 264 | * its first slot as our empty slot. | 264 | * its first slot as our empty slot. |
| 265 | */ | 265 | */ |
| 266 | hdr.magic = XFS_DIR2_FREE_MAGIC; | 266 | memset(bp->b_addr, 0, sizeof(struct xfs_dir3_free_hdr)); |
| 267 | hdr.firstdb = 0; | 267 | memset(&hdr, 0, sizeof(hdr)); |
| 268 | hdr.nused = 0; | 268 | |
| 269 | hdr.nvalid = 0; | ||
| 270 | if (xfs_sb_version_hascrc(&mp->m_sb)) { | 269 | if (xfs_sb_version_hascrc(&mp->m_sb)) { |
| 271 | struct xfs_dir3_free_hdr *hdr3 = bp->b_addr; | 270 | struct xfs_dir3_free_hdr *hdr3 = bp->b_addr; |
| 272 | 271 | ||
| 273 | hdr.magic = XFS_DIR3_FREE_MAGIC; | 272 | hdr.magic = XFS_DIR3_FREE_MAGIC; |
| 273 | |||
| 274 | hdr3->hdr.blkno = cpu_to_be64(bp->b_bn); | 274 | hdr3->hdr.blkno = cpu_to_be64(bp->b_bn); |
| 275 | hdr3->hdr.owner = cpu_to_be64(dp->i_ino); | 275 | hdr3->hdr.owner = cpu_to_be64(dp->i_ino); |
| 276 | uuid_copy(&hdr3->hdr.uuid, &mp->m_sb.sb_uuid); | 276 | uuid_copy(&hdr3->hdr.uuid, &mp->m_sb.sb_uuid); |
| 277 | } | 277 | } else |
| 278 | hdr.magic = XFS_DIR2_FREE_MAGIC; | ||
| 278 | xfs_dir3_free_hdr_to_disk(bp->b_addr, &hdr); | 279 | xfs_dir3_free_hdr_to_disk(bp->b_addr, &hdr); |
| 279 | *bpp = bp; | 280 | *bpp = bp; |
| 280 | return 0; | 281 | return 0; |
| @@ -1921,8 +1922,6 @@ xfs_dir2_node_addname_int( | |||
| 1921 | */ | 1922 | */ |
| 1922 | freehdr.firstdb = (fbno - XFS_DIR2_FREE_FIRSTDB(mp)) * | 1923 | freehdr.firstdb = (fbno - XFS_DIR2_FREE_FIRSTDB(mp)) * |
| 1923 | xfs_dir3_free_max_bests(mp); | 1924 | xfs_dir3_free_max_bests(mp); |
| 1924 | free->hdr.nvalid = 0; | ||
| 1925 | free->hdr.nused = 0; | ||
| 1926 | } else { | 1925 | } else { |
| 1927 | free = fbp->b_addr; | 1926 | free = fbp->b_addr; |
| 1928 | bests = xfs_dir3_free_bests_p(mp, free); | 1927 | bests = xfs_dir3_free_bests_p(mp, free); |