Date: Sun, 17 Jan 2016 19:01:23 +1100 (EST) From: Bruce Evans <brde@optusnet.com.au> To: Bruce Evans <brde@optusnet.com.au> Cc: Konstantin Belousov <kostikbel@gmail.com>, Rick Macklem <rmacklem@uoguelph.ca>, FreeBSD Filesystems <freebsd-fs@freebsd.org>, Kirk McKusick <mckusick@mckusick.com> Subject: Re: panic ffs_truncate3 (maybe fuse being evil) Message-ID: <20160117184105.B11529@besplex.bde.org> In-Reply-To: <20160117172549.C11309@besplex.bde.org> References: <1696608910.154845456.1452438117036.JavaMail.zimbra@uoguelph.ca> <1773157955.158922767.1452698181137.JavaMail.zimbra@uoguelph.ca> <1351730674.159022044.1452699617235.JavaMail.zimbra@uoguelph.ca> <20160114092934.GL72455@kib.kiev.ua> <964333498.161527381.1452827658163.JavaMail.zimbra@uoguelph.ca> <20160115095749.GC3942@kib.kiev.ua> <1817287612.162823118.1452909605928.JavaMail.zimbra@uoguelph.ca> <20160116191116.GI3942@kib.kiev.ua> <853868666.163292727.1452986431921.JavaMail.zimbra@uoguelph.ca> <20160117035858.GO3942@kib.kiev.ua> <20160117172549.C11309@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 17 Jan 2016, Bruce Evans wrote: > IO_UNIT shouldn't exist. Its only use is to create bugs by omitting it > in callers or not supporting it in callees. These bugs are rare because > ... > Layering makes it a bit hard to see if IO_UNIT is set. E.g., it must > be set in callers of vn_rdwr_inchunks(). core_write() does this > for imgact_elf.c. core_write() also passes IO_DIRECT, which I think > ... > vn_rdwr_inchunks() is easy to analyze since it has no other callers. > It used to be used for aout core dumps but those are broken > (unsupported) now. vn_rdwr_inchunks() has additional design and implementation errors: - it can't possibly be atomic (except sort of, using an exclusive lock). Only each chunk can be written atomically. - it could honor IO_UNIT to the extent of backing out of the whole write, but it doesn't just passes this flag on - callers make multiple calls to it (once per segment for elf), so backing out in it alone is neither necessary nor sufficient. So IO_UNIT for each chunk is even less necessary and less sufficient. The core_write() caller has sloppy error handling and doesn't back out. Its normal error handling for ENOSPACE caused by itself is to print a message and leave a huge truncated file and ENOSPACE for everything. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160117184105.B11529>