summaryrefslogtreecommitdiff
path: root/fs
diff options
context:
space:
mode:
authorChao Yu <yuchao0@huawei.com>2016-05-05 19:13:03 +0800
committerJaegeuk Kim <jaegeuk@kernel.org>2016-05-07 10:32:33 -0700
commit09210c973af30320edc03a6325422cdd0f03b580 (patch)
tree3f945a5ace010c73fa9055ba5f204dcc19c2212f /fs
parent43473f96453f0b075c480a26ec4fc846d5fb3bd4 (diff)
f2fs: avoid panic when truncating to max filesize
The following panic occurs when truncating inode which has inline xattr to max filesize. [<ffffffffa013d3be>] get_dnode_of_data+0x4e/0x580 [f2fs] [<ffffffffa013aca1>] ? read_node_page+0x51/0x90 [f2fs] [<ffffffffa013ad99>] ? get_node_page.part.34+0xb9/0x170 [f2fs] [<ffffffffa01235b1>] truncate_blocks+0x131/0x3f0 [f2fs] [<ffffffffa01238e3>] f2fs_truncate+0x73/0x100 [f2fs] [<ffffffffa01239d2>] f2fs_setattr+0x62/0x2a0 [f2fs] [<ffffffff811a72c8>] notify_change+0x158/0x300 [<ffffffff8118a42b>] do_truncate+0x6b/0xa0 [<ffffffff8118e539>] ? __sb_start_write+0x49/0x100 [<ffffffff8118a798>] do_sys_ftruncate.constprop.12+0x118/0x170 [<ffffffff8118a82e>] SyS_ftruncate+0xe/0x10 [<ffffffff8169efcf>] tracesys+0xe1/0xe6 [<ffffffffa0139ae0>] get_node_path+0x210/0x220 [f2fs] <ffff880206a89ce8> --[ end trace 5fea664dfbcc6625 ]--- The reason is truncate_blocks tries to truncate all node and data blocks start from specified block offset with value of (max filesize / block size), but actually, our valid max block offset is (max filesize / block size) - 1, so f2fs detects such invalid block offset with BUG_ON in truncation path. This patch lets f2fs skip truncating data which is exceeding max filesize. Signed-off-by: Chao Yu <yuchao0@huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Diffstat (limited to 'fs')
-rw-r--r--fs/f2fs/file.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index dc47d5c7b882..dd50f30a2f57 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -563,6 +563,9 @@ int truncate_blocks(struct inode *inode, u64 from, bool lock)
free_from = (pgoff_t)F2FS_BYTES_TO_BLK(from + blocksize - 1);
+ if (free_from >= sbi->max_file_blocks)
+ goto free_partial;
+
if (lock)
f2fs_lock_op(sbi);
@@ -604,7 +607,7 @@ free_next:
out:
if (lock)
f2fs_unlock_op(sbi);
-
+free_partial:
/* lastly zero out the first data page */
if (!err)
err = truncate_partial_data_page(inode, from, truncate_page);