From: Dave Chinner <david@fromorbit.com>
To: Eric Sandeen <sandeen@sandeen.net>
Cc: Eric Sandeen <sandeen@redhat.com>, xfs-oss <xfs@oss.sgi.com>
Subject: Re: [PATCH V2] xfs: add a few more verifier tests
Date: Tue, 9 Sep 2014 11:47:20 +1000 [thread overview]
Message-ID: <20140909014720.GU30012@dastard> (raw)
In-Reply-To: <53F3A726.8080305@sandeen.net>
On Tue, Aug 19, 2014 at 02:36:06PM -0500, Eric Sandeen wrote:
> These were exposed by fsfuzzer runs; without them we fail
> in various exciting and sometimes convoluted ways when we
> encounter disk corruption.
>
> Without the MAXLEVELS tests we tend to walk off the end of
> an array in a loop like this:
>
> for (i = 0; i < cur->bc_nlevels; i++) {
> if (cur->bc_bufs[i])
>
> Without the dirblklog test we try to allocate more memory
> than we could possibly hope for and loop forever:
>
> xfs_dabuf_map()
> nfsb = mp->m_dir_geo->fsbcount;
> irecs = kmem_zalloc(sizeof(irec) * nfsb, KM_SLEEP...
>
> As for the logbsize check, that's the convoluted one.
>
> If logbsize is specified at mount time, it's sanitized
> in xfs_parseargs; in particular it makes sure that it's
> not > XLOG_MAX_RECORD_BSIZE.
>
> If not specified at mount time, it comes from the superblock
> via sb_logsunit; this is limited to 256k at mkfs time as well;
> it's copied into m_logbsize in xfs_finish_flags().
>
> However, if for some reason the on-disk value is corrupt and
> too large, nothing catches it. It's a circuitous path, but
> that size eventually finds its way to places that make the kernel
> very unhappy, leading to oopses in xlog_pack_data() because we
> use the size as an index into iclog->ic_data, but the array
> is not necessarily that big.
>
> Anyway - bounds checking when we read from disk is a good thing!
>
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> --
Looks good.
Reviewed-by: Dave Chinner <dchinner@redhat.com>
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
prev parent reply other threads:[~2014-09-09 1:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-19 3:14 [PATCH] xfs: add a few more verifier tests Eric Sandeen
2014-08-19 18:15 ` Christoph Hellwig
2014-08-19 19:07 ` Eric Sandeen
2014-08-19 22:38 ` Dave Chinner
2014-08-19 19:36 ` [PATCH V2] " Eric Sandeen
2014-09-09 1:47 ` Dave Chinner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140909014720.GU30012@dastard \
--to=david@fromorbit.com \
--cc=sandeen@redhat.com \
--cc=sandeen@sandeen.net \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox