From: Adam Buchbinder <abuchbinder@google.com>
To: linux-btrfs@vger.kernel.org
Subject: Re: [PATCH] Properly size the leafsize field in the mdrestore_struct struct.
Date: Fri, 13 Jun 2014 16:58:59 -0700 [thread overview]
Message-ID: <CALb+jKoLOWVfMiBC9rPoNKi-y03d+=b1UcfDGwT4HALD7p5hLQ@mail.gmail.com> (raw)
In-Reply-To: <CALb+jKqYiQYsHdfOBbOhd4bkR1Y_+Qjv4mvyqq8ZBuLoJkyeag@mail.gmail.com>
I'd like to follow up on this a bit, because the way I found it was *weird*.
MSan found an uninitialized write. Reproducing the issue through GDB
showed that there's a struct mdrestore_struct type with a member of
type u64 called 'leafsize' which was... half-initialized? Four bytes
were uninitialized, four were initialized. Looking further, it was
being set by a call to a getter function defined in ctree.h, which
pulls a particular member from a superblock struct... which is of type
u32. Aha! So the struct member was missized. Easy enough to fix.
Except that the mdrestore_struct is initialized using calloc, so the
part that wasn't getting written to was
actually initialized, and the part that *was* was showing up as
uninitialized. And actually contained a sane value, reliably. What was
going on?
Turns out that btrfs's use of zlib, which was the uninstrumented
system version, caused anything allocated by uncompress() to show up
as uninitialized. (Trying to use __msan_unpoison did not work, as I
have an iffy install of the
sanitizer in the first place (it's whatever happened to come with
clang-3.3), and MSanDR (the dynamic-instrumentation tool which marks
all uninstrumented libraries as good) is apparently not trivial to
install. I may just build zlib.) But the point is, it would have been
annoying and sad if this had been a false positive through and
through, but I *did* find an actual issue here using MSan, even though
MSan was pointing in the exact wrong place.
Adam Buchbinder
next prev parent reply other threads:[~2014-06-13 23:59 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-12 22:57 [PATCH] Properly size the leafsize field in the mdrestore_struct struct Adam Buchbinder
[not found] ` <CALb+jKqYiQYsHdfOBbOhd4bkR1Y_+Qjv4mvyqq8ZBuLoJkyeag@mail.gmail.com>
2014-06-13 23:58 ` Adam Buchbinder [this message]
2014-06-18 6:01 ` Satoru Takeuchi
2014-06-23 13:44 ` David Sterba
2014-06-23 23:12 ` Satoru Takeuchi
2014-06-24 8:50 ` David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALb+jKoLOWVfMiBC9rPoNKi-y03d+=b1UcfDGwT4HALD7p5hLQ@mail.gmail.com' \
--to=abuchbinder@google.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).