• Andreas Rohner's avatar
    nilfs2: fix data loss with mmap() · 1ba8582b
    Andreas Rohner authored
    commit 56d7acc7 upstream.
    
    This bug leads to reproducible silent data loss, despite the use of
    msync(), sync() and a clean unmount of the file system.  It is easily
    reproducible with the following script:
    
      ----------------[BEGIN SCRIPT]--------------------
      mkfs.nilfs2 -f /dev/sdb
      mount /dev/sdb /mnt
    
      dd if=/dev/zero bs=1M count=30 of=/mnt/testfile
    
      umount /mnt
      mount /dev/sdb /mnt
      CHECKSUM_BEFORE="$(md5sum /mnt/testfile)"
    
      /root/mmaptest/mmaptest /mnt/testfile 30 10 5
    
      sync
      CHECKSUM_AFTER="$(md5sum /mnt/testfile)"
      umount /mnt
      mount /dev/sdb /mnt
      CHECKSUM_AFTER_REMOUNT="$(md5sum /mnt/testfile)"
      umount /mnt
    
      echo "BEFORE MMAP:\t$CHECKSUM_BEFORE"
      echo "AFTER MMAP:\t$CHECKSUM_AFTER"
      echo "AFTER REMOUNT:\t$CHECKSUM_AFTER_REMOUNT"
      ----------------[END SCRIPT]--------------------
    
    The mmaptest tool looks something like this (very simplified, with
    error checking removed):
    
      ----------------[BEGIN mmaptest]--------------------
      data = mmap(NULL, file_size - file_offset, PROT_READ | PROT_WRITE,
                  MAP_SHARED, fd, file_offset);
    
      for (i = 0; i < write_count; ++i) {
            memcpy(data + i * 4096, buf, sizeof(buf));
            msync(data, file_size - file_offset, MS_SYNC))
      }
      ----------------[END mmaptest]--------------------
    
    The output of the script looks something like this:
    
      BEFORE MMAP:    281ed1d5ae50e8419f9b978aab16de83  /mnt/testfile
      AFTER MMAP:     6604a1c31f10780331a6850371b3a313  /mnt/testfile
      AFTER REMOUNT:  281ed1d5ae50e8419f9b978aab16de83  /mnt/testfile
    
    So it is clear, that the changes done using mmap() do not survive a
    remount.  This can be reproduced a 100% of the time.  The problem was
    introduced in commit 136e8770 ("nilfs2: fix issue of
    nilfs_set_page_dirty() for page at EOF boundary").
    
    If the page was read with mpage_readpage() or mpage_readpages() for
    example, then it has no buffers attached to it.  In that case
    page_has_buffers(page) in nilfs_set_page_dirty() will be false.
    Therefore nilfs_set_file_dirty() is never called and the pages are never
    collected and never written to disk.
    
    This patch fixes the problem by also calling nilfs_set_file_dirty() if the
    page has no buffers attached to it.
    
    [akpm@linux-foundation.org: s/PAGE_SHIFT/PAGE_CACHE_SHIFT/]
    Signed-off-by: default avatarAndreas Rohner <andreas.rohner@gmx.net>
    Tested-by: default avatarAndreas Rohner <andreas.rohner@gmx.net>
    Signed-off-by: default avatarRyusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    1ba8582b
inode.c 29.5 KB