lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 28 Oct 2017 23:58:28 +0800
From:   Yunlong Song <yunlong.song@...wei.com>
To:     Chao Yu <chao@...nel.org>, <yunlong.song@...oud.com>
CC:     Chao Yu <yuchao0@...wei.com>, <jaegeuk@...nel.org>,
        <linux-fsdevel@...r.kernel.org>, <miaoxie@...wei.com>,
        <linux-kernel@...r.kernel.org>,
        <linux-f2fs-devel@...ts.sourceforge.net>
Subject: Re: [f2fs-dev] [PATCH v2] f2fs: update dirty status for CURSEG as
 well

Hi Chao,
     Thanks for your work. I send a v2 patch, which changes 
refresh_sit_entry to static.

On 2017/10/28 20:02, Chao Yu wrote:
> Hi Yunlong,
>
> I think you're so busy, I just help to refactor your patch, and send it out
> authored with you, please check that patch, if you have different opinion, let
> me know.
>
> Thanks,
>
> On 2017/10/16 11:43, Chao Yu wrote:
>> On 2017/10/14 20:53, Yunlong Song wrote:
>>> Oh, yes it is. I found that problem in a kernel tree which does not have
>>> commit
>>> c6f82fe90d7458e5fa190a6820bfc24f96b0de4e (Revert "f2fs: put allocate_segment
>>> after refresh_sit_entry"). In that kernel, the allocate_segment is still
>>> behind
>>> refresh_sit_entry. Now I understand the commit message:
>>> "This makes a leak to register dirty segments. I reproduced the issue by
>>>       modified postmark which injects a lot of file create/delete/update and
>>>       finally triggers huge number of SSR allocations."
>>>
>>> The reason is that if refresh_sit_entry is before allocate_segment, then the
>>> dirty status of CURSEG is not updated, as a result, the count of dirty
>>> segments
>>> is wrong, which is much smaller than its real value. Then the f2fs_gc
>>> can not
>>> do its work since it can not even get one victim, then the free segments are
>>> used up and then triggers much SSR. So Jay reverts the patch.
>>>
>>> It seems there are two options:
>>> (1) keep this patch ([PATCH v2] f2fs: update dirty status for CURSEG as
>>> well)
>>> and we can recover commit 3436c4bdb30de421d46f58c9174669fbcfd40ce0
>>> (f2fs: put allocate_segment after refresh_sit_entry)
>>> (2) remove this patch at all
>>>
>>> It seems (1) is robust, but (2) avoids unnecessary check.
>> What about reverting 5e443818fa0b ("f2fs: handle dirty segments inside
>> refresh_sit_entry") to keep the original order:
>>
>> 1. update sit info
>> 2. allocate new segment
>> 3. update dirty status of segment
>>
>> Thanks,
>>
>>> On 2017/10/14 8:14, Chao Yu wrote:
>>>> On 2017/10/13 21:21, Yunlong Song wrote:
>>>>> Without this patch, it will cause all the free segments using up in some
>>>>> corner case. For example, there are 100 segments, and 20 of them are
>>>>> reserved for ovp. If 79 segments are full of data, segment 80 becomes
>>>>> CURSEG segment, write 512 blocks and then delete 511 blocks. Since it is
>>>>> CURSEG segment, the __locate_dirty_segment will not update its dirty
>>>>> status. Then the dirty_segments(sbi) is 0, f2fs_gc will fail to
>>>>> get_victim, and f2fs_balance_fs will fail to trigger gc action. After
>>>>> f2fs_balance_fs returns, f2fs can continue to write data to segment 81.
>>>>> Again, segment 81 becomes CURSEG segment, write 512 blocks and delete
>>>>> 511 blocks, the dirty_segments(sbi) is 0 and f2fs_gc fail again. This
>>>>> can finally use up all the free segments and cause panic.
>>>> Look into this patch again, I found refresh_sit_entry is called after
>>>> ->allocate_segment, so if all 512 blocks were allocated, log header should
>>>> have been moved to another segment, so locate_dirty_segment in
>>>> refresh_sit_entry should update dirty status of previous segment correctly,
>>>> anything I'm missing?
>>>>
>>>> Thanks,
>>>>
>>>>> Signed-off-by: Yunlong Song <yunlong.song@...wei.com>
>>>>> ---
>>>>>    fs/f2fs/segment.c | 4 ++--
>>>>>    1 file changed, 2 insertions(+), 2 deletions(-)
>>>>>
>>>>> diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
>>>>> index bfbcff8..0fce076 100644
>>>>> --- a/fs/f2fs/segment.c
>>>>> +++ b/fs/f2fs/segment.c
>>>>> @@ -687,7 +687,7 @@ static void __locate_dirty_segment(struct f2fs_sb_info *sbi, unsigned int segno,
>>>>>    	struct dirty_seglist_info *dirty_i = DIRTY_I(sbi);
>>>>>    
>>>>>    	/* need not be added */
>>>>> -	if (IS_CURSEG(sbi, segno))
>>>>> +	if (IS_CURSEG(sbi, segno) && dirty_type == PRE)
>>>>>    		return;
>>>>>    
>>>>>    	if (!test_and_set_bit(segno, dirty_i->dirty_segmap[dirty_type]))
>>>>> @@ -737,7 +737,7 @@ static void locate_dirty_segment(struct f2fs_sb_info *sbi, unsigned int segno)
>>>>>    	struct dirty_seglist_info *dirty_i = DIRTY_I(sbi);
>>>>>    	unsigned short valid_blocks;
>>>>>    
>>>>> -	if (segno == NULL_SEGNO || IS_CURSEG(sbi, segno))
>>>>> +	if (segno == NULL_SEGNO)
>>>>>    		return;
>>>>>    
>>>>>    	mutex_lock(&dirty_i->seglist_lock);
>>>>>
>>>> .
>>>>
> .
>

-- 
Thanks,
Yunlong Song


Powered by blists - more mailing lists