From: Dave Chinner <david@fromorbit.com>
To: Eric Sandeen <sandeen@sandeen.net>
Cc: Eric Sandeen <sandeen@redhat.com>, xfs-oss <xfs@oss.sgi.com>
Subject: Re: [PATCH V2] xfs: add a few more verifier tests
Date: Tue, 9 Sep 2014 11:47:20 +1000 [thread overview]
Message-ID: <20140909014720.GU30012@dastard> (raw)
In-Reply-To: <53F3A726.8080305@sandeen.net>
On Tue, Aug 19, 2014 at 02:36:06PM -0500, Eric Sandeen wrote:
> These were exposed by fsfuzzer runs; without them we fail
> in various exciting and sometimes convoluted ways when we
> encounter disk corruption.
>
> Without the MAXLEVELS tests we tend to walk off the end of
> an array in a loop like this:
>
> for (i = 0; i < cur->bc_nlevels; i++) {
> if (cur->bc_bufs[i])
>
> Without the dirblklog test we try to allocate more memory
> than we could possibly hope for and loop forever:
>
> xfs_dabuf_map()
> nfsb = mp->m_dir_geo->fsbcount;
> irecs = kmem_zalloc(sizeof(irec) * nfsb, KM_SLEEP...
>
> As for the logbsize check, that's the convoluted one.
>
> If logbsize is specified at mount time, it's sanitized
> in xfs_parseargs; in particular it makes sure that it's
> not > XLOG_MAX_RECORD_BSIZE.
>
> If not specified at mount time, it comes from the superblock
> via sb_logsunit; this is limited to 256k at mkfs time as well;
> it's copied into m_logbsize in xfs_finish_flags().
>
> However, if for some reason the on-disk value is corrupt and
> too large, nothing catches it. It's a circuitous path, but
> that size eventually finds its way to places that make the kernel
> very unhappy, leading to oopses in xlog_pack_data() because we
> use the size as an index into iclog->ic_data, but the array
> is not necessarily that big.
>
> Anyway - bounds checking when we read from disk is a good thing!
>
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> --
Looks good.
Reviewed-by: Dave Chinner <dchinner@redhat.com>
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
prev parent reply other threads:[~2014-09-09 1:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-19 3:14 [PATCH] xfs: add a few more verifier tests Eric Sandeen
2014-08-19 18:15 ` Christoph Hellwig
2014-08-19 19:07 ` Eric Sandeen
2014-08-19 22:38 ` Dave Chinner
2014-08-19 19:36 ` [PATCH V2] " Eric Sandeen
2014-09-09 1:47 ` Dave Chinner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140909014720.GU30012@dastard \
--to=david@fromorbit.com \
--cc=sandeen@redhat.com \
--cc=sandeen@sandeen.net \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.