From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anton Altaparmakov <aia21@cam.ac.uk>
Subject: Re: Bug in error recovery in fs/buffer.c::__block_prepare_write()
Date: Fri, 10 Jun 2005 15:15:06 +0100
Message-ID: <1118412906.31710.74.camel@imp.csi.cam.ac.uk>
References: <1118408464.31710.54.camel@imp.csi.cam.ac.uk>
	 <1118408715.31710.62.camel@imp.csi.cam.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Cc: Linus Torvalds <torvalds@osdl.org>, Andrew Morton <akpm@osdl.org>,
	fsdevel <linux-fsdevel@vger.kernel.org>,
	lkml <linux-kernel@vger.kernel.org>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from ppsw-0.csi.cam.ac.uk ([131.111.8.130]:26755 "EHLO
	ppsw-0.csi.cam.ac.uk") by vger.kernel.org with ESMTP
	id S262522AbVFJOPS (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Fri, 10 Jun 2005 10:15:18 -0400
To: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
In-Reply-To: <1118408715.31710.62.camel@imp.csi.cam.ac.uk>
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Fri, 2005-06-10 at 14:05 +0100, Anton Altaparmakov wrote:
> Here is the second patch (patch B).
> 
> On Fri, 2005-06-10 at 14:01 +0100, Anton Altaparmakov wrote:
> [snip]
> > B) If we cannot safely allow buffer_new buffers to "leak out" of
> > __block_prepare_write(), then we simply would need to run a quick loop
> > over the buffers clearing buffer_new on each of them if it is set just
> > before returning "success" to the caller of __block_prepare_write().
> [snip]
> 
> The patch for this is simple, too (it is below).
> 
> > Andrew/Linus, I would suggest that you apply at least A and perhaps B if
> > you deem it necessary or want to be on the safe side.
> > 
> > Having had a look at the code it would seem perfectly safe to leave
> > buffer_new() set and ignore patch B but I may be wrong which is why I
> > did both.

I have changed my mind having had a look at the code some more.  Patch B
is definitely needed.

Otherwise you can get a situation where an allocating write followed by
an erring write to the same location would cause uptodate and already
written out buffers to be zeroed & written out thus overwritting
existing data with zero.

This could be worked around differently (e.g. by being more picky which
buffer_new buffers get zeroed&written in the error handling) it is
definitely safest to just apply patch B.

Best regards,

        Anton
-- 
Anton Altaparmakov <aia21 at cam.ac.uk> (replace at with @)
Unix Support, Computing Service, University of Cambridge, CB2 3QH, UK
Linux NTFS maintainer / IRC: #ntfs on irc.freenode.net
WWW: http://linux-ntfs.sf.net/ & http://www-stu.christs.cam.ac.uk/~aia21/