Bug 216466

Summary: ext4: dir corruption when ext4_dx_add_entry() fails
Product: File System Reporter: Zhihao Cheng (chengzhihao1)
Component: ext4Assignee: fs_ext4 (fs_ext4)
Status: NEW ---    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 6.0.0-rc4 Subsystem:
Regression: No Bisected commit-id:
Attachments: diff
test.sh

Description Zhihao Cheng 2022-09-09 02:21:36 UTC 
Following process may lead to fs corruption:
    1. ext4_create(dir/foo)
     ext4_add_nondir
      ext4_add_entry
       ext4_dx_add_entry
         a. add_dirent_to_buf
          ext4_mark_inode_dirty
          ext4_handle_dirty_metadata   // dir inode bh is recorded into journal
         b. ext4_append    // dx_get_count(entries) == dx_get_limit(entries)
           ext4_bread(EXT4_GET_BLOCKS_CREATE)
            ext4_getblk
             ext4_map_blocks
              ext4_ext_map_blocks
                ext4_mb_new_blocks
                 dquot_alloc_block
                  dquot_alloc_space_nodirty
                   inode_add_bytes    // update dir's i_blocks
                ext4_ext_insert_extent
                 ext4_ext_dirty  // record extent bh into journal
                  ext4_handle_dirty_metadata(bh)   // record new block into journal
           inode->i_size += inode->i_sb->s_blocksize   // new size(in mem)
         c. ext4_handle_dirty_dx_node(bh2)  // record dir's new block(dx_node) into journal
         d. ext4_handle_dirty_dx_node((frame - 1)->bh)
         e. ext4_handle_dirty_dx_node(frame->bh)
         f. do_split    // ret err!
         g. add_dirent_to_buf
             ext4_mark_inode_dirty(dir)  // udpate raw_inode on disk(skipped)
    2. fsck -a /dev/sdb
     drop last block(dx_node) which beyonds dir's i_size.
      /dev/sdb: recovering journal
      /dev/sdb contains a file system with errors, check forced.
      /dev/sdb: Inode 12, end of extent exceeds allowed value
            (logical block 128, physical block 3938, len 1)
    3. fsck -fn /dev/sdb
    dx_node->entry[i].blk > dir->i_size
      Pass 2: Checking directory structure
      Problem in HTREE directory inode 12 (/dir): bad block number 128.
      Clear HTree index? no
      Problem in HTREE directory inode 12: block #3 has invalid depth (2)
      Problem in HTREE directory inode 12: block #3 has bad max hash
      Problem in HTREE directory inode 12: block #3 not referenced
Comment 1 Zhihao Cheng 2022-09-09 02:34:01 UTC 
Reproducer:
1. Apply diff and compile kernel
2. ./test.sh,Stop machine after seeing kernel message "wait shutdown"
3. reboot,fsck -fa /dev/sdb
fsck from util-linux 2.38
/dev/sdb: recovering journal
/dev/sdb: Inode 12, end of extent exceeds allowed value
	(logical block 128, physical block 3819, len 1)


/dev/sdb: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.
	(i.e., without -a or -p options)
4. fsck -fn /dev/sdb
fsck from util-linux 2.38
e2fsck 1.43.4 (31-Jan-2017)
Pass 1: Checking inodes, blocks, and sizes
Inode 12, end of extent exceeds allowed value
	(logical block 128, physical block 3819, len 1)
Clear? no

Inode 12, i_blocks is 262, should be 260.  Fix? no

Pass 2: Checking directory structure
Problem in HTREE directory inode 12 (/dir): bad block number 128.
Clear HTree index? no

Problem in HTREE directory inode 12: block #2 has invalid depth (2)
Problem in HTREE directory inode 12: block #2 has bad max hash
Problem in HTREE directory inode 12: block #2 not referenced
Comment 2 Zhihao Cheng 2022-09-09 02:34:20 UTC 
Created attachment 301777 [details]
diff
Comment 3 Zhihao Cheng 2022-09-09 02:34:44 UTC 
Created attachment 301778 [details]
test.sh