[Home]

Issue of the Implementation # F0009

Brief

ext4: Destruction of ext4_groupinfo_caches during one mount causes BUG_ON for other mounted ext4 filesystems

Detailed Description

Ext4 driver uses ext4_groupinfo_caches as array of global caches with different object' sizes.

Initially all caches are not created. When ext4_mb_init(), called during mount process, found that cache for sb->sb_blocksize object's size is not created, it creates that cache. The cache may be used for mounted filesystem freely after that.

If ext4_mb_init() fails for some reason, it destroys all caches, which has been created by that moment.

This is OK when mount, which performs that call, is the only mount of ext4 filesystem. In that case mount call itself is failed, and there is no possible users of the the caches after that.

But when already mounted filesystem exists at the time ext4_mb_init() fails in another mount, destroying of all caches leads to destroying the cache, which is currently used by the already mounted filesystem. This leads to BUG_ON() in futher call of get_groupinfo_cache() by that filesystem.

Reproducing

1. Mount one ext4 filesystem.
2. While mounting another ext4 filesystem, simulate fault during ext4_mb_init(). This fails mount process.
3. Do something with the first filesystem (e.g., unmount it).
4. This leads to crash (BUG_ON in get_groupinfo_cache()).

Component

linux-kernel 3.14

Accepted

https://lkml.org/lkml/2014/5/12/147
commit

Status

Fixed in kernel 3.16-rc1

[Home]