Dmitry Vyukov | 5 Feb 22:11 2016

fs: NULL deref in atime_needs_update


I've hit the following GPF while running syzkaller fuzzer:

general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN
Modules linked in:
CPU: 1 PID: 5178 Comm: syz-executor Not tainted 4.5.0-rc2+ #65
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
task: ffff880064768000 ti: ffff8800622c0000 task.ti: ffff8800622c0000
RIP: 0010:[<ffffffff8181aa5d>]  [<ffffffff8181aa5d>]
RSP: 0018:ffff8800622c7a30  EFLAGS: 00010203
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: dffffc0000000000
RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000c
RBP: ffff8800622c7a58 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: ffff8800622c7c08
R13: ffff8800622c7c08 R14: ffff8800301ca322 R15: ffff8800622c7bb0
FS:  00007fd1c9f8b700(0000) GS:ffff88003ed00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000020f31000 CR3: 0000000062274000 CR4: 00000000000006e0
 ffff8800622c7bf4 0000000000000000 ffff8800622c7c08 ffff8800301ca322
 ffff8800622c7bb0 ffff8800622c7b38 ffffffff817ecd91 ffff880030bf5200
 ffff8800622c7bb8 1ffff1000c458f56 ffff8800622c7c00 ffff8800622c7be0
Call Trace:
 [<     inline     >] get_link fs/namei.c:1006
 [<ffffffff817ecd91>] link_path_walk+0xaf1/0x1030 fs/namei.c:1968
 [<ffffffff817ed311>] path_parentat+0x41/0x150 fs/namei.c:2176
 [<ffffffff817f4c5c>] filename_parentat+0x17c/0x3c0 fs/namei.c:2198
 [<     inline     >] user_path_parent fs/namei.c:2412
(Continue reading)

Wouter van Kesteren | 5 Feb 17:08 2016

[PATCH] fs: allow no_seek_end_llseek to actually seek

'~0ULL' is a 'unsigned long long' that when converted to a loff_t,
which is signed, gets turned into -1. later in vfs_setpos we have
'if (offset > maxsize)', which makes it always return EINVAL.
 fs/read_write.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index 324ec27..0c8782a 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
 <at>  <at>  -17,6 +17,7  <at>  <at> 
 #include <linux/splice.h>
 #include <linux/compat.h>
 #include <linux/mount.h>
+#include <linux/fs.h>
 #include "internal.h"

 #include <asm/uaccess.h>
 <at>  <at>  -183,7 +184,7  <at>  <at>  loff_t no_seek_end_llseek(struct file *file, loff_t offset, int whence)
 	switch (whence) {
 	case SEEK_SET: case SEEK_CUR:
 		return generic_file_llseek_size(file, offset, whence,
-						~0ULL, 0);
+						OFFSET_MAX, 0);
 		return -EINVAL;

(Continue reading)

weiyj_lk | 5 Feb 14:50 2016

[PATCH] vfs: fix missing unlock on error in simple_xattr_list()

From: Wei Yongjun <yongjun_wei <at>>

Add the missing unlock before return from function simple_xattr_list()
in the error handling case.

Fixes: 786534b92f3c (tmpfs: listxattr should include POSIX ACL xattrs)
Signed-off-by: Wei Yongjun <yongjun_wei <at>>
 fs/xattr.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/fs/xattr.c b/fs/xattr.c
index 07d0e47..d4f8487 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
 <at>  <at>  -964,8 +964,10  <at>  <at>  ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,

 		err = xattr_list_one(&buffer, &remaining_size, xattr->name);
-		if (err)
+		if (err) {
+			spin_unlock(&xattrs->lock);
 			return err;
+		}

To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo <at>
(Continue reading)

Matthew Wilcox | 5 Feb 04:40 2016

[PATCH 0/2] Radix tree retry bug fix & test case

Konstantin pointed out my braino when using radix_tree_iter_retry(),
and then pointed out a second braino.  I think we can fix both brainos
with one simple test (the advantage of having your braino pointed out
to you is that you know what you were expecting to happen, so you can
sometimes propose simlpy making happen what you expected to happen.
Konstantin doesn't have access to my though tprocesses.)

Kontantin wrote a really great test ... and then didn't add it to the
test suite.  That made me sad, so I added it.

Andrew, can you drop radix-tree-fix-oops-after-radix_tree_iter_retry.patch
from your tree and add these two patches instead?  If you prefer
Konstantin's fix to this one, I'll send you another patch to fix the
second problem Konstantin pointed out.

I was a bit unsure about the proper attribution here.  The essentials
of the test-suite change from Konstantin are unchanged, but he didn't
have his own sign-off on it.  So I made him 'From' and only added my
own sign-off.

Konstantin Khlebnikov (1):
  radix-tree tests: Add regression3 test

Matthew Wilcox (1):
  radix-tree: fix oops after radix_tree_iter_retry

 include/linux/radix-tree.h              |  3 ++
 tools/testing/radix-tree/Makefile       |  2 +-
 tools/testing/radix-tree/linux/kernel.h |  1 +
 tools/testing/radix-tree/main.c         |  1 +
(Continue reading)

Filipe Manana | 4 Feb 20:10 2016

[LSF/MM ATTEND] filesystems, Btrfs and persistent memory

I would like to attend this year's LSF/MM.

I am interested in the following topics:

- persistent memory (error handling, filesystem support);

- anything Btrfs related, since this is the subsystem I contribute to
and have been working on full time. Meeting other
contributors/developers would help discussing many Btrfs issues and
the roadmap;

- improved discard support;

- MM topics regarding memory allocations and the impact/interaction
on/with filesystems.

To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo <at>
More majordomo info at

Chris Mason | 4 Feb 19:24 2016

[LSF/MM ATTEND] Btrfs, storage, MM

I'd like to attend to talk about all things SF/MM, especially
Btrfs development and general performance work we've been doing in
production here at Facebook.

To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo <at>
More majordomo info at

David Sterba | 4 Feb 19:09 2016

[LSF/MM ATTEND] Btrfs, GFP flags

I'd like to attend LSF/MM this year. I'm involved in btrfs development
for 5 years and one of the maintainers since early 2015.

* Filesystems

There are topics I'd like to discuss with other btrfs developers as this
would be more interactive than the mail discussions. Hopefully this will
cover things that never make it to the mails. As an example, the direction
of the development, taming the patch flow and other maintainer pleasures.


I'd like to participate in the discussions about refining the GFP flags
and memory error handling in btrfs in general. It's not a secret that
the current implementation is not robust. I've started with the low-hanging
fruit for 4.5, getting rid of GFP_NOFS in the easy cases. The core work
is still left untouched as this requires identifying all the paths/contexts
that might recurse back to the filesystem.

So far I was able to narrow down a few classes based on the expected
object lifetime and possible IO involved. Namely for the short-lived
allocations (eg. btrfs_path that's used for search & modify the metadata
in the b-tree) it's crucial in many places not to fail. Here I'm thinking
about some emergency reserves that would kick in if the slab/kmalloc
allocation fails. That would be even after a GFP_HIGH fails so it's
expected to be very rare and used at limited number of call sites. This
could be potentially made a more generic part of the allocator.

* MM, debugging helpers

(Continue reading)

Jan Kara | 4 Feb 15:28 2016

[PATCH 0/3 v2] Q_GETNEXTQUOTA support


the patch set below adds support for VFS quotas for Q_GETNEXTQUOTA quotactl
and thus repquota(8) doesn't have to iterate over /etc/passwd or LDAP database
to report all quota limits. ext2, ext4, reiserfs, jfs, and ocfs2 support this
quotactl (and Q_XGETNEXTQUOTA as well) after applying this patch set. XFS
bits will likely get merged independently through XFS tree. If nobody objects,
I'll push these patches to my tree in a few days.

Changes since v2:
* Added get_next_id() operation to dquot_operations to allow for cleaner
  support in OCFS2
* Added OCFS2 support

To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo <at>
More majordomo info at

akpm | 4 Feb 01:37 2016

mmotm 2016-02-03-16-36 uploaded

The mm-of-the-moment snapshot 2016-02-03-16-36 has been uploaded to

mmotm-readme.txt says

README for mm-of-the-moment:

This is a snapshot of my -mm patch queue.  Uploaded at random hopefully
more than once a week.

You will need quilt to apply these patches to the latest Linus release (4.x
or 4.x-rcY).  The series file is in broken-out.tar.gz and is duplicated in

The file broken-out.tar.gz contains two datestamp files: .DATE and
.DATE-yyyy-mm-dd-hh-mm-ss.  Both contain the string yyyy-mm-dd-hh-mm-ss,
followed by the base kernel version against which this patch series is to
be applied.

This tree is partially included in linux-next.  To see which patches are
included in linux-next, consult the `series' file.  Only the patches
within the #NEXT_PATCHES_START/#NEXT_PATCHES_END markers are included in

A git tree which contains the memory management portion of this tree is
maintained at git://
by Michal Hocko.  It contains the patches which are between the
(Continue reading)

Vishal Verma | 2 Feb 09:24 2016

LSF/MM ATTEND (resend)] Persistent Memory Error Handling

[ Resending because my original email was caught in spam filters ]


I'd like to attend LSF/MM. My primary topic of interest is the above as
proposed by Jeff Moyer:

I wrote the initial enabling for error handling that was merged for 4.5
(Building a poison list in the libnvdimm subsystem, exposing it as
'badblocks'), and am working on subsequent improvements in this areaa.
These would include making the initial poison gathering asynchronous,
and finer grained DAX control instead of turning DAX off entirely in
the presence of poison which we currently do.

Another topic of discussion I'd like to propose within this session is
to explore if there are use cases that the now-generic badblocks
implementation can fit. There is at least one opportunity of
consolidation between md-raid's sysfs representation of badblocks, and
the generically available one in gendisk.

To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo <at>
More majordomo info at

(Continue reading)

Nikhilesh Reddy | 1 Feb 19:56 2016

[PATCH v5] fuse: Add support for passthrough read/write

Add support for filesystem passthrough read/write of files
when enabled in userspace through the option FUSE_PASSTHROUGH.

There are many FUSE based filesystems that perform checks or
enforce policy or perform some kind of decision making in certain
functions like the "open" call but simply act as a "passthrough"
when performing operations such as read or write.

When FUSE_PASSTHROUGH is enabled all the reads and writes
to the fuse mount point go directly to the passthrough filesystem
i.e a native filesystem that actually hosts the files rather than
through the fuse daemon. All requests that aren't read/write still
go thought the userspace code.

This allows for significantly better performance on read and writes.
The difference in performance between fuse and the native lower
filesystem is negligible.

There is also a significant cpu/power savings that is achieved which
is really important on embedded systems that use fuse for I/O.

Change log:

Fix the check when setting the passthrough file
[Found when testing by Mike Shal]

v3 and v4:
Use the fs_stack_depth to prevent further stacking and a minor fix
[Suggested by Jann Horn]
(Continue reading)