Bug 9363 - BFS: filesystem driver ignores the block device size.
Summary: BFS: filesystem driver ignores the block device size.
Status: RESOLVED CODE_FIX
Alias: None
Product: File System
Classification: Unclassified
Component: Other (show other bugs)
Hardware: All Linux
: P1 high
Assignee: Dmitri Vorobiev
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-13 06:34 UTC by Dmitri Vorobiev
Modified: 2007-11-13 11:53 UTC (History)
1 user (show)

See Also:
Kernel Version: 2.6.24-rc2
Subsystem:
Regression: ---
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Dmitri Vorobiev 2007-11-13 06:34:33 UTC 
Most recent kernel where this bug did not occur: N/A
Distribution: this bug does not depend on distribution.
Hardware Environment: x86
Software Environment:

>>>

# lsmod
Module                  Size  Used by
bfs                    14008  1
#

<<<

Problem Description:

When creating new files or extending existing files, the BFS filesystem driver does not take into account the size of the underlying block device. As a result, if a big enough file is created on a BFS partition, the bio layer reports the "attempt to access beyond end of device" error. Besides, the filesystem statistical information gets corrupted.

Steps to reproduce:

1. Mount an empty BFS partition. In the example below, the filesystem resides on the loopback device `/dev/loop0' and is mounted to `/mnt'.

2. Try to create a big file on this partition. This file needs to be bigger than the amount of free space on the BFS partition.

Here we create a file, which is one block bigger than the number of free blocks available on the BFS partition:

>>>

root@codedot:/mnt# mount | grep mnt
/dev/loop0 on /mnt type bfs (rw)
root@codedot:/mnt# df -B 512 | grep loop
/dev/loop0               65536        81     65455   1% /mnt
root@codedot:/mnt# dd if=/dev/zero of=/mnt/1 bs=512 count=65456
65456+0 records in
65456+0 records out
33513472 bytes (34 MB) copied, 2.81289 seconds, 11.9 MB/s
root@codedot:/mnt# df -B 512 | grep loop
/dev/loop0               65536 -4294901759 4294967295   -  /mnt

<<<

3. Look at the kernel log and see the attempts to write beyond the end of the loop0 block device:

>>>

root@codedot:/mnt# dmesg | tail
[ 9099.861883] attempt to access beyond end of device
[ 9099.862029] loop0: rw=1, want=65537, limit=65536
[ 9099.862119] Buffer I/O error on device loop0, logical block 65536
[ 9099.862199] lost page write due to I/O error on loop0
root@codedot:/mnt# 

<<<
Comment 1 Dmitri Vorobiev 2007-11-13 06:35:54 UTC 
The bfs_get_block() function located in `fs/bfs/file.c' does not compare the number of the physical block, which it tries to access when extending the file, against the size of the block device. Checks against the block device size need to be introduced into the filesystem driver, and -ENOSPC error should be returned every time the partition runs out of free space when writing a growing file.

The patch, which fixes this problem will soon be submitted, I am working on that.
Comment 2 Dmitri Vorobiev 2007-11-13 08:46:01 UTC 
The patch proposed in the following LKML message

http://lkml.org/lkml/2007/11/13/185

fixes the error reported in the context of this bug. What follows is a console session, which proves that the error is gone:

>>>

debian:~# mount -t bfs /dev/loop0 /mnt
debian:~# cd /mnt
debian:/mnt# mount | grep mnt
/dev/loop0 on /mnt type bfs (rw)
debian:/mnt# df -B 512 | grep loop
/dev/loop0               65536        81     65455   1% /mnt
debian:/mnt# dd if=/dev/zero of=/mnt/1 bs=512 count=65456
dd: writing `/mnt/1': No space left on device
65456+0 records in
65455+0 records out
33512960 bytes (34 MB) copied, 7.07956 seconds, 4.7 MB/s
debian:/mnt# df -B 512 | grep loop
/dev/loop0               65536     65536         0 100% /mnt
debian:/mnt#

<<<
Comment 3 Andrew Morton 2007-11-13 11:53:10 UTC 
I merged Dmitri's fix.
Note You need to log in before you can comment on or make changes to this bug.