aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorTheodore Ts'o <tytso@mit.edu>2010-10-27 21:30:13 -0400
committerTheodore Ts'o <tytso@mit.edu>2010-10-27 21:30:13 -0400
commit7f93cff90fa9be6ed45f6189e136153d1d8631b0 (patch)
treee48cbf01bc646e63df2fea10a2208015e028b95b /fs
parent72f84e6560d18d60a091df27edf81409be6641cb (diff)
ext4: fix kernel oops if the journal superblock has a non-zero j_errno
Commit 84061e0 fixed an accounting bug only to introduce the possibility of a kernel OOPS if the journal has a non-zero j_errno field indicating that the file system had detected a fs inconsistency. After the journal replay, if the journal superblock indicates that the file system has an error, this indication is transfered to the file system and then ext4_commit_super() is called to write this to the disk. But since the percpu counters are now initialized after the journal replay, the call to ext4_commit_super() will cause a kernel oops since it needs to use the percpu counters the ext4 superblock structure. The fix is to skip setting the ext4 free block and free inode fields if the percpu counter has not been set. Thanks to Ken Sumrall for reporting and analyzing the root causes of this bug. Addresses-Google-Bug: #3054080 Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Diffstat (limited to 'fs')
-rw-r--r--fs/ext4/super.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 9ce3b67b7269..c9e06c647ce8 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -3964,9 +3964,12 @@ static int ext4_commit_super(struct super_block *sb, int sync)
3964 else 3964 else
3965 es->s_kbytes_written = 3965 es->s_kbytes_written =
3966 cpu_to_le64(EXT4_SB(sb)->s_kbytes_written); 3966 cpu_to_le64(EXT4_SB(sb)->s_kbytes_written);
3967 ext4_free_blocks_count_set(es, percpu_counter_sum_positive( 3967 if (percpu_counter_initialized(&EXT4_SB(sb)->s_freeblocks_counter))
3968 ext4_free_blocks_count_set(es, percpu_counter_sum_positive(
3968 &EXT4_SB(sb)->s_freeblocks_counter)); 3969 &EXT4_SB(sb)->s_freeblocks_counter));
3969 es->s_free_inodes_count = cpu_to_le32(percpu_counter_sum_positive( 3970 if (percpu_counter_initialized(&EXT4_SB(sb)->s_freeinodes_counter))
3971 es->s_free_inodes_count =
3972 cpu_to_le32(percpu_counter_sum_positive(
3970 &EXT4_SB(sb)->s_freeinodes_counter)); 3973 &EXT4_SB(sb)->s_freeinodes_counter));
3971 sb->s_dirt = 0; 3974 sb->s_dirt = 0;
3972 BUFFER_TRACE(sbh, "marking dirty"); 3975 BUFFER_TRACE(sbh, "marking dirty");