[Top] [All Lists]

Re: [PATCH] xfs: fix buffer use after free on IO error

To: Dave Chinner <david@xxxxxxxxxxxxx>
Subject: Re: [PATCH] xfs: fix buffer use after free on IO error
From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Date: Tue, 25 Mar 2014 11:13:55 -0700
Cc: Christoph Hellwig <hch@xxxxxxxxxxxxx>, Brian Foster <bfoster@xxxxxxxxxx>, Eric Sandeen <sandeen@xxxxxxxxxx>, xfs-oss <xfs@xxxxxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20140325180814.GF18572@destitution>
References: <532CFA12.4040104@xxxxxxxxxx> <20140325125754.GA18691@xxxxxxxxxxxxxxx> <20140325131705.GB25392@xxxxxxxxxxxxx> <20140325180814.GF18572@destitution>
User-agent: Mutt/1.5.21 (2010-09-15)
On Wed, Mar 26, 2014 at 05:08:14AM +1100, Dave Chinner wrote:
> > I think this should unconditionally avoid the schedule, and while we're
> > at it we should kill _xfs_buf_ioend and opencode it here and at the
> > other callsite.
> I thought we schduled here because we can issue IO from IO
> completion and so we need to requeue the IO completion rather than
> run it inline in the current IO completion that hasn't fully
> completed it's processing yet..

Actually we get a recursive callchain there from the I/O error handling.
I switched from always 0 to always 1 here in:

commit 08023d6dbe840dc4271805a9ea376fcbdee9f744
Author: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Date:   Mon Jul 2 06:00:04 2012 -0400

    xfs: prevent recursion in xfs_buf_iorequest

but I never got around fixing the root cause by cleaning up the way we
handle buffer I/O completions on a shut down filesystem.

So I guess Eric's fix is the best we can do for now.

<Prev in Thread] Current Thread [Next in Thread>