Re: [PATCH 2/2] xfs/051: test buffer use after free race on I/O failure

To:	Brian Foster <bfoster@xxxxxxxxxx>
Subject:	Re: [PATCH 2/2] xfs/051: test buffer use after free race on I/O failure in XFS log recovery
From:	Dave Chinner <david@xxxxxxxxxxxxx>
Date:	Mon, 8 Sep 2014 20:47:49 +1000
Cc:	fstests@xxxxxxxxxxxxxxx, xfs@xxxxxxxxxxx
Delivered-to:	xfs@xxxxxxxxxxx
In-reply-to:	<1409667761-50248-3-git-send-email-bfoster@xxxxxxxxxx>
References:	<1409667761-50248-1-git-send-email-bfoster@xxxxxxxxxx> <1409667761-50248-3-git-send-email-bfoster@xxxxxxxxxx>
User-agent:	Mutt/1.5.21 (2010-09-15)

On Tue, Sep 02, 2014 at 10:22:41AM -0400, Brian Foster wrote:
> A buffer use after free race was discovered in the XFS log recovery
> codepath if I/O failures occur during recovery. The I/O submission path
> can abort the mount and release the only reference held on some buffers
> before I/O completion processing (e.g., async workqueue processing)
> might have completed. Badness ensues if the I/O completion path
> subsequently attempts to access said buffers.
.....
> 
> case goes to Alex Lyakas.
> index 4d35df5..9784dea 100644
> --- a/tests/xfs/group
> +++ b/tests/xfs/group
> @@ -47,6 +47,7 @@
>  048 other auto quick
>  049 rw auto quick
>  050 quota auto quick
> +051 dangerous

I'm going to consider this auto/log/metadata rather than dangerous.
Once the bug is fixed, we want to continue running this test as a
regression test, and nobody does that with the dangerous group....

Cheers,

Dave.
-- 
Dave Chinner
david@xxxxxxxxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH 0/2] xfs buf I/O error race test, Brian Foster [PATCH 1/2] xfstests/common: don't assume sysfs attrs all reside under test dev, Brian Foster [PATCH 2/2] xfs/051: test buffer use after free race on I/O failure in XFS log recovery, Brian Foster Re: [PATCH 2/2] xfs/051: test buffer use after free race on I/O failure in XFS log recovery, Dave Chinner <=

Previous by Date:	Re: Is XFS suitable for 350 million files on 20TB storage?, Stefan Priebe - Profihost AG
Next by Date:	Re: [PATCH] xfs: don't ASSERT on corrupt ftype, Brian Foster
Previous by Thread:	[PATCH 2/2] xfs/051: test buffer use after free race on I/O failure in XFS log recovery, Brian Foster
Next by Thread:	Re: [RFC PATCH 0/4] clean up collapse range and handle post-eof delalloc, Brian Foster
Indexes:	[Date] [Thread] [Top] [All Lists]