panic ffs_truncate3 (maybe fuse being evil)
Bruce Evans
brde at optusnet.com.au
Sun Jan 17 08:01:28 UTC 2016
On Sun, 17 Jan 2016, Bruce Evans wrote:
> IO_UNIT shouldn't exist. Its only use is to create bugs by omitting it
> in callers or not supporting it in callees. These bugs are rare because
> ...
> Layering makes it a bit hard to see if IO_UNIT is set. E.g., it must
> be set in callers of vn_rdwr_inchunks(). core_write() does this
> for imgact_elf.c. core_write() also passes IO_DIRECT, which I think
> ...
> vn_rdwr_inchunks() is easy to analyze since it has no other callers.
> It used to be used for aout core dumps but those are broken
> (unsupported) now.
vn_rdwr_inchunks() has additional design and implementation errors:
- it can't possibly be atomic (except sort of, using an exclusive lock).
Only each chunk can be written atomically.
- it could honor IO_UNIT to the extent of backing out of the whole
write, but it doesn't just passes this flag on
- callers make multiple calls to it (once per segment for elf), so
backing out in it alone is neither necessary nor sufficient.
So IO_UNIT for each chunk is even less necessary and less sufficient.
The core_write() caller has sloppy error handling and doesn't back out.
Its normal error handling for ENOSPACE caused by itself is to print a
message and leave a huge truncated file and ENOSPACE for everything.
Bruce
More information about the freebsd-fs
mailing list