In __blockdev_direct_IO, ocfs2_dio_wr_get_block is called to add unwritten
extents to a list. extents are also inserted into extent tree in
ocfs2_write_begin_nolock. Then another thread call fallocate to puch a
hole at one of the unwritten extent. The extent at cpos was removed by
ocfs2_remove_extent(). At end io worker thread, ocfs2_search_extent_list
found there is no such extent at the cpos.
T1 T2 T3
inode lock
…
insert extents
…
inode unlock
ocfs2_fallocate
__ocfs2_change_file_space
inode lock
lock ip_alloc_sem
ocfs2_remove_inode_range inode
ocfs2_remove_btree_range
ocfs2_remove_extent
^—remove the extent at cpos 78723
…
unlock ip_alloc_sem
inode unlock
ocfs2_dio_end_io
ocfs2_dio_end_io_write
lock ip_alloc_sem
ocfs2_mark_extent_written
ocfs2_change_extent_flag
ocfs2_search_extent_list
^—failed to find extent
…
unlock ip_alloc_sem
In most filesystems, fallocate is not compatible with racing with AIO+DIO,
so fix it by adding to wait for all dio before fallocate/punch_hole like
ext4.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
git.kernel.org/linus/952b023f06a24b2ad6ba67304c4c84d45bea2f18 (6.10-rc1)
git.kernel.org/stable/c/050ce8af6838c71e872e982b50d3f1bec21da40e
git.kernel.org/stable/c/117b9c009b72a6c2ebfd23484354dfee2d9570d2
git.kernel.org/stable/c/38825ff9da91d2854dcf6d9ac320a7e641e10f25
git.kernel.org/stable/c/3c26b5d21b1239e9c7fd31ba7d9b2d7bdbaa68d9
git.kernel.org/stable/c/3c361f313d696df72f9bccf058510e9ec737b9b1
git.kernel.org/stable/c/952b023f06a24b2ad6ba67304c4c84d45bea2f18
git.kernel.org/stable/c/e8e2db1adac47970a6a9225f3858e9aa0e86287f
git.kernel.org/stable/c/ea042dc2bea19d72e37c298bf65a9c341ef3fff3
launchpad.net/bugs/cve/CVE-2024-40943
nvd.nist.gov/vuln/detail/CVE-2024-40943
security-tracker.debian.org/tracker/CVE-2024-40943
www.cve.org/CVERecord?id=CVE-2024-40943