linux/fs/gfs2
Bob Peterson 728a756b8f GFS2: rename causes kernel Oops
This patch fixes a kernel Oops in the GFS2 rename code.

The problem was in the way the gfs2 directory code was trying
to re-use sentinel directory entries.

In the failing case, gfs2's rename function was renaming a
file to another name that had the same non-trivial length.
The file being renamed happened to be the first directory
entry on the leaf block.

First, the rename code (gfs2_rename in ops_inode.c) found the
original directory entry and decided it could do its job by
simply replacing the directory entry with another.  Therefore
it determined correctly that no block allocations were needed.

Next, the rename code deleted the old directory entry prior to
replacing it with the new name.  Therefore, the soon-to-be
replaced directory entry was temporarily made into a directory
entry "sentinel" or a place holder at the start of a leaf block.

Lastly, it went to re-add the replacement directory entry in
that leaf block.  However, when gfs2_dirent_find_space was
looking for space in the leaf block, it used the wrong value
for the sentinel.  That threw off its calculations so later
it decides it can't really re-use the sentinel and therefore
must allocate a new leaf block.  But because it previously decided
to re-use the directory entry, it didn't waste the time to
grab a new block allocation for the inode.  Therefore, the
inode's i_alloc pointer was still NULL and it crashes trying to
reference it.

In the case of sentinel directory entries, the entire dirent is
reused, not just the "free space" portion of it, and therefore
the function gfs2_dirent_find_space should use the value 0
rather than GFS2_DIRENT_SIZE(0) for the actual dirent size.

Fixing this calculation enables the reproducer programs to work
properly.

Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2010-07-15 09:07:56 +01:00
..
acl.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-fixes 2010-05-25 08:17:51 -07:00
acl.h gfs: constify xattr_handler 2010-05-21 18:31:20 -04:00
aops.c kill spurious reference to vmtruncate 2010-05-27 22:15:42 -04:00
bmap.c GFS2: O_TRUNC not working on stuffed files across cluster 2010-07-15 09:05:17 +01:00
bmap.h GFS2: Streamline alloc calculations for writes 2009-01-05 07:39:17 +00:00
dentry.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
dir.c GFS2: rename causes kernel Oops 2010-07-15 09:07:56 +01:00
dir.h GFS2: Fix bug in gfs2_lock_fs_check_clean() 2009-01-05 07:39:11 +00:00
export.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-nmw 2010-05-21 07:29:15 -07:00
file.c drop unused dentry argument to ->fsync 2010-05-27 22:05:02 -04:00
gfs2.h [GFS2] Remove remote lock dropping code 2008-06-27 09:39:44 +01:00
glock.c GFS2: recovery stuck on transaction lock 2010-07-15 09:05:57 +01:00
glock.h GFS2: Metadata address space clean up 2010-03-01 14:07:37 +00:00
glops.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
glops.h GFS2: Add a "demote a glock" interface to sysfs 2009-03-24 11:21:22 +00:00
incore.h GFS2: Add some useful messages 2010-05-06 11:03:29 +01:00
inode.c GFS2: Fix kernel NULL pointer dereference by dlm_astd 2010-07-15 09:06:25 +01:00
inode.h GFS2: Rework reclaiming unlinked dinodes 2010-05-21 16:11:36 +01:00
Kconfig GFS2: do not select QUOTA 2010-03-09 10:08:36 +00:00
lock_dlm.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
log.c GFS2: Rework reclaiming unlinked dinodes 2010-05-21 16:11:36 +01:00
log.h GFS2: Rework reclaiming unlinked dinodes 2010-05-21 16:11:36 +01:00
lops.c GFS2: Various gfs2_logd improvements 2010-05-05 09:39:18 +01:00
lops.h
main.c GFS2: Remove space from slab cache name 2010-03-29 14:26:49 +01:00
Makefile GFS2: Rename eattr.[ch] as xattr.[ch] 2009-08-26 18:51:04 +01:00
meta_io.c GFS2: Eliminate useless err variable 2010-05-12 09:52:50 +01:00
meta_io.h GFS2: Metadata address space clean up 2010-03-01 14:07:37 +00:00
ops_fstype.c GFS2: Various gfs2_logd improvements 2010-05-05 09:39:18 +01:00
ops_inode.c kill spurious reference to vmtruncate 2010-05-27 22:15:42 -04:00
quota.c GFS2: BUG in gfs2_adjust_quota 2010-07-15 09:07:16 +01:00
quota.h quota: move code from sync_quota_sb into vfs_quota_sync 2010-03-05 00:20:24 +01:00
recovery.c GFS2: Tag all metadata with jid 2009-12-03 11:58:47 +00:00
recovery.h GFS2: Umount recovery race fix 2009-05-19 10:01:18 +01:00
rgrp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-fixes 2010-05-25 08:17:51 -07:00
rgrp.h include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
super.c GFS2: Add some useful messages 2010-05-06 11:03:29 +01:00
super.h gfs: constify xattr_handler 2010-05-21 18:31:20 -04:00
sys.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-nmw 2010-05-21 07:29:15 -07:00
sys.h GFS2: Remove ancient, unused code 2009-01-05 07:39:13 +00:00
trace_gfs2.h tracing/events: Move TRACE_SYSTEM outside of include guard 2009-07-13 10:59:55 +02:00
trans.c GFS2: Various gfs2_logd improvements 2010-05-05 09:39:18 +01:00
trans.h
util.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
util.h GFS2: Metadata address space clean up 2010-03-01 14:07:37 +00:00
xattr.c gfs: constify xattr_handler 2010-05-21 18:31:20 -04:00
xattr.h sanitize xattr handler prototypes 2009-12-16 12:16:49 -05:00