From: Al Viro <viro@ZenIV.linux.org.uk>
To: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Cc: Richard Weinberger <richard@nod.at>,
Sami Liedes <sami.liedes@iki.fi>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: Intentionally corrupted vfat fs causing BUG
Date: Thu, 23 Oct 2014 17:01:06 +0100 [thread overview]
Message-ID: <20141023160106.GB7996@ZenIV.linux.org.uk> (raw)
In-Reply-To: <87oat29551.fsf@devron.myhome.or.jp>
On Fri, Oct 24, 2014 at 12:28:58AM +0900, OGAWA Hirofumi wrote:
> > What about this one?
>
> Looks like strange. If we want to tackle this at per-FS. We should not
> return double linked dir at first. Since double linked breaks dir
> hierarchy, even if this one can avoid that Oops, double linked can be
> easily the cause of another Oops, deadlock, etc.
>
> Well, this patch is untested though. For example, somethings like
> following. But, again, this fixes only one of cases in double linked.
> (And to fix fully, my mind was already talked.)
Hmm... Why hadn't d_splice_alias() caught that, though? Look: in that
case we see that inode is non-NULL, a directory and has an alias
(namely, dentry->d_parent). So we hit this:
new = __d_find_any_alias(inode);
if (new) {
if (!IS_ROOT(new)) {
spin_unlock(&inode->i_lock);
dput(new);
return ERR_PTR(-EIO);
}
if (d_ancestor(new, dentry)) {
spin_unlock(&inode->i_lock);
dput(new);
return ERR_PTR(-EIO);
}
and depending on whether that ->d_parent had been the filesystem root,
we hit either the former or the latter. IOW, we should've done
exactly that...
FWIW, there *is* a bug in that path - we ought to have done iput(inode)
on both failure exits in order to follow the calling conventions. But that
doesn't look like it would oops right there...
Could somebody repost the oops stack trace? The bug in d_splice_alias()
is real (and fairly old), but I'd like to understand if there's anything
else in the game...
next prev parent reply other threads:[~2014-10-23 16:01 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-10 20:57 Intentionally corrupted vfat fs causing BUG Sami Liedes
2014-10-11 10:20 ` Richard Weinberger
2014-10-12 12:08 ` OGAWA Hirofumi
2014-10-12 19:04 ` Richard Weinberger
2014-10-12 20:40 ` Sami Liedes
2014-10-13 7:57 ` OGAWA Hirofumi
2014-10-13 8:22 ` Richard Weinberger
2014-10-13 8:35 ` OGAWA Hirofumi
2014-10-13 8:39 ` Richard Weinberger
2014-10-13 8:59 ` OGAWA Hirofumi
2014-10-13 14:36 ` Richard Weinberger
2014-10-19 16:36 ` Richard Weinberger
2014-10-23 15:28 ` OGAWA Hirofumi
2014-10-23 16:01 ` Al Viro [this message]
2014-10-23 16:16 ` Al Viro
2014-10-23 16:45 ` OGAWA Hirofumi
2014-10-23 16:50 ` OGAWA Hirofumi
2014-10-23 16:55 ` Richard Weinberger
2014-10-23 16:55 ` Al Viro
2014-10-23 17:21 ` Al Viro
2014-10-23 17:58 ` OGAWA Hirofumi
2014-10-23 20:46 ` Sami Liedes
2014-10-23 17:35 ` OGAWA Hirofumi
2014-10-23 17:54 ` J. Bruce Fields
2014-10-23 18:05 ` Al Viro
2014-10-23 18:16 ` J. Bruce Fields
2014-10-23 16:56 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141023160106.GB7996@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=hirofumi@mail.parknet.co.jp \
--cc=linux-fsdevel@vger.kernel.org \
--cc=richard@nod.at \
--cc=sami.liedes@iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).