From: "Ernesto A. Fernández" <ernesto.mnd.fernandez@gmail.com>
To: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
Cc: pavel@ucw.cz, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Subject: Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference
Date: Tue, 10 Jul 2018 15:38:41 -0300 [thread overview]
Message-ID: <20180710183839.abazeghy7he4v2ai@eaf> (raw)
In-Reply-To: <CAE5jQCd0dD2jcNLGXK0N1g6TOfNfruyTV-7R6Eh1v65bkoqi1g@mail.gmail.com>
On Tue, Jul 10, 2018 at 08:28:37PM +0300, Anatoly Trosinenko wrote:
> Thank you,
>
> When applied this single patch on v4.18-rc4 and performed "echo >
> /mnt/xyz" on hfsplus_16mb_hang image, I get about 14 pairs of lines
>
> hfsplus: unable to mark blocks free: error -5
> hfsplus: can't free extent
>
> Then `echo` exits with "No space left on device" error.
Truncation does not return error codes in hfsplus, hence this weird "No
space left" that comes from somewhere else. This should be fixed, but
it's not as big an issue as the deadlock. Filesystems usually don't need
to worry about protecting a crafted image from acting weird and causing
damage to itself.
>Then it
> permits to perform `rm /mnt/xyz` and on `echo > /mnt/1` it responds
> with no space left on device (but file *is* created and is cattable).
> I don't know what is safer, but now it doesn't deadlock. :) Maybe it
> is even worth to remount FS r/o, I don't know. (Please excuse me for
> speculations)
It's not strange that the /mnt/1 file could be created but not written
to, since the first operation doesn't usually require allocating blocks.
>
> Thanks,
> Anatoly
OK, I'll take a look at the truncation error codes as soon as I'm done
with the other deadlocks I found. It could take a while.
Thanks for the testing.
Ernest
> пн, 9 июл. 2018 г. в 23:35, Ernesto A. Fernández
> <ernesto.mnd.fernandez@gmail.com>:
> >
> > On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote:
> > > And when I mount hfsplus_16mb_hang and perform `echo > /mnt/xyz`, it hangs.
> >
> > I just sent you a patch for this final report. Let me know if it works
> > for you.
next prev parent reply other threads:[~2018-07-10 18:38 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-03 15:52 Mounting corrupted HFS+ causes kernel NULL pointer dereference Anatoly Trosinenko
2018-06-03 18:49 ` Ernesto A. Fernández
2018-06-03 19:06 ` Anatoly Trosinenko
2018-06-08 15:25 ` Pavel Machek
2018-06-12 18:43 ` Anatoly Trosinenko
2018-06-12 21:35 ` Ernesto A. Fernández
2018-06-16 9:58 ` Anatoly Trosinenko
2018-06-29 18:45 ` Ernesto A. Fernández
2018-06-30 2:38 ` Ernesto A. Fernández
2018-07-02 7:41 ` Anatoly Trosinenko
2018-07-09 20:34 ` Ernesto A. Fernández
2018-07-10 17:28 ` Anatoly Trosinenko
2018-07-10 18:38 ` Ernesto A. Fernández [this message]
2018-07-10 18:57 ` Anatoly Trosinenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180710183839.abazeghy7he4v2ai@eaf \
--to=ernesto.mnd.fernandez@gmail.com \
--cc=anatoly.trosinenko@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pavel@ucw.cz \
--cc=penguin-kernel@i-love.sakura.ne.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).